Issued:: 2024-08-27
Updated:: 2024-08-27

RHSA-2024:5882 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: orc:0.4.28 security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for the orc:0.4.28 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Orc is a library and set of tools for compiling and executing very simple programs that operate on arrays of data. The "language" is a generic assembly language that represents many of the features available in SIMD architectures, including saturated addition and subtraction, and many arithmetic operations.

Security Fix(es):

orc: Stack-based buffer overflow vulnerability in ORC (CVE-2024-40897)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server - AUS 8.2 x86_64

Fixes

BZ - 2300010 - CVE-2024-40897 orc: Stack-based buffer overflow vulnerability in ORC

CVEs

CVE-2024-40897

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 8.2

SRPM
orc-0.4.28-4.el8_2.src.rpm	SHA-256: 23c387361b567ce0d88bb3fd031df80054b030c65649000b2a13335ed157bd42
x86_64
orc-0.4.28-4.el8_2.i686.rpm	SHA-256: 2e266de5ddc6c0693a742378d272e99623142c62442cff95c0c554ada2314c2f
orc-0.4.28-4.el8_2.x86_64.rpm	SHA-256: 05f4b1c938884e9746a839c2fa92c3abfa06c420c8aef950818cb83596833d02
orc-compiler-0.4.28-4.el8_2.x86_64.rpm	SHA-256: eef67099b5a1c10facaf0fd55ade9d9329710fa64685292130c1fa9d7e54d6a9
orc-compiler-debuginfo-0.4.28-4.el8_2.i686.rpm	SHA-256: 3a44fe14328b194c177afe02f2675642c51c8c71a910450e33ff7732255007ad
orc-compiler-debuginfo-0.4.28-4.el8_2.x86_64.rpm	SHA-256: a2b1837388b9748d0d79f80252aa930e84b697c696602ef0871f1cf75e81052d
orc-debuginfo-0.4.28-4.el8_2.i686.rpm	SHA-256: 522b7027205b528f01fc354b6b4de64c7fca5689592d2c767937f405050b011b
orc-debuginfo-0.4.28-4.el8_2.x86_64.rpm	SHA-256: 0925b2f37cd046e121770cb51a89f41b8559da0c9ea2cd68c1e7b6f03c665d89
orc-debugsource-0.4.28-4.el8_2.i686.rpm	SHA-256: 8f48bc86b21c58101bff3f76f3f23deaabc06291efb37bb1e0432789bc2a60a1
orc-debugsource-0.4.28-4.el8_2.x86_64.rpm	SHA-256: c47f827c229cea5beed8b753fd0824df4603341b6e37a7ed9ac05acfd3d4ebe1
orc-devel-0.4.28-4.el8_2.i686.rpm	SHA-256: 1d1952552368776370b87610e38904f4c3c159d1511cf0ad0163a52b0383c545
orc-devel-0.4.28-4.el8_2.x86_64.rpm	SHA-256: 272186b4fb4f3a0d88c1022c14e747634088acb6fb68075cf2a5b9616f39214d

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation