红帽产品勘误 RHSA-2025:7326 - Security Advisory
发布:
2025-05-13
已更新:
2025-05-13

RHSA-2025:7326 - Security Advisory

概述

Moderate: rhc security update

类型/严重性

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

识别并修复受此公告影响的系统。

查看受影响的系统

标题

An update for rhc is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

描述

rhc is a client tool and daemon that connects the system to Red Hat hosted services enabling system and subscription management.

Security Fix(es):

  • golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect (CVE-2024-45336)
  • crypto/internal/nistec: golang: Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec (CVE-2025-22866)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 9 Release Notes linked from the References section.

解决方案

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

受影响的产品

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.6 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
  • Red Hat CodeReady Linux Builder for x86_64 9 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
  • Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
  • Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x
  • Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.6 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.6 ppc64le
  • Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.6 s390x
  • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.6 aarch64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x

修复

  • BZ - 2341751 - CVE-2024-45336 golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect
  • BZ - 2344219 - CVE-2025-22866 crypto/internal/nistec: golang: Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec
  • RHEL-53958 - There are "--server" as rhc connect option in man page[rhel95]
  • RHEL-59506 - rhcd disconnects after a "long time"

Red Hat Enterprise Linux for x86_64 9

SRPM
rhc-0.2.6-3.el9_6.src.rpm SHA-256: 1ae60176370e2548f219cbdbe93c7ef954f97ff5b31cf406511b0b310fecb925
x86_64
rhc-0.2.6-3.el9_6.x86_64.rpm SHA-256: 6c36feec300410e3e12558a27c9905e33179535119ae39340f99384b21bf9803
rhc-debuginfo-0.2.6-3.el9_6.x86_64.rpm SHA-256: d0837dd7e8489cdeaac9af7999b7936ef20dafc6d7c5061c084761a5f423f06b
rhc-debugsource-0.2.6-3.el9_6.x86_64.rpm SHA-256: 94d7b2e667c21e97bdbb7fe4690cf2e4f77ccf9daa2bd5f36d48cd839ade2a55

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6

SRPM
rhc-0.2.6-3.el9_6.src.rpm SHA-256: 1ae60176370e2548f219cbdbe93c7ef954f97ff5b31cf406511b0b310fecb925
x86_64
rhc-0.2.6-3.el9_6.x86_64.rpm SHA-256: 6c36feec300410e3e12558a27c9905e33179535119ae39340f99384b21bf9803
rhc-debuginfo-0.2.6-3.el9_6.x86_64.rpm SHA-256: d0837dd7e8489cdeaac9af7999b7936ef20dafc6d7c5061c084761a5f423f06b
rhc-debugsource-0.2.6-3.el9_6.x86_64.rpm SHA-256: 94d7b2e667c21e97bdbb7fe4690cf2e4f77ccf9daa2bd5f36d48cd839ade2a55

Red Hat Enterprise Linux Server - AUS 9.6

SRPM
rhc-0.2.6-3.el9_6.src.rpm SHA-256: 1ae60176370e2548f219cbdbe93c7ef954f97ff5b31cf406511b0b310fecb925
x86_64
rhc-0.2.6-3.el9_6.x86_64.rpm SHA-256: 6c36feec300410e3e12558a27c9905e33179535119ae39340f99384b21bf9803
rhc-debuginfo-0.2.6-3.el9_6.x86_64.rpm SHA-256: d0837dd7e8489cdeaac9af7999b7936ef20dafc6d7c5061c084761a5f423f06b
rhc-debugsource-0.2.6-3.el9_6.x86_64.rpm SHA-256: 94d7b2e667c21e97bdbb7fe4690cf2e4f77ccf9daa2bd5f36d48cd839ade2a55

Red Hat Enterprise Linux for IBM z Systems 9

SRPM
rhc-0.2.6-3.el9_6.src.rpm SHA-256: 1ae60176370e2548f219cbdbe93c7ef954f97ff5b31cf406511b0b310fecb925
s390x
rhc-0.2.6-3.el9_6.s390x.rpm SHA-256: a33f64241836ebce8f7d794b65a92df11c8b2f4802457238b93da12722920062
rhc-debuginfo-0.2.6-3.el9_6.s390x.rpm SHA-256: 1a24ae0f037c744da6c5d93f0958cd7d9b1e0856752ea44ca85f0a45a695a87c
rhc-debugsource-0.2.6-3.el9_6.s390x.rpm SHA-256: 27851a0b2a038a6a29b94cbbaf5075b8246b8aaa475a7445204909fd883d514c

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6

SRPM
rhc-0.2.6-3.el9_6.src.rpm SHA-256: 1ae60176370e2548f219cbdbe93c7ef954f97ff5b31cf406511b0b310fecb925
s390x
rhc-0.2.6-3.el9_6.s390x.rpm SHA-256: a33f64241836ebce8f7d794b65a92df11c8b2f4802457238b93da12722920062
rhc-debuginfo-0.2.6-3.el9_6.s390x.rpm SHA-256: 1a24ae0f037c744da6c5d93f0958cd7d9b1e0856752ea44ca85f0a45a695a87c
rhc-debugsource-0.2.6-3.el9_6.s390x.rpm SHA-256: 27851a0b2a038a6a29b94cbbaf5075b8246b8aaa475a7445204909fd883d514c

Red Hat Enterprise Linux for Power, little endian 9

SRPM
rhc-0.2.6-3.el9_6.src.rpm SHA-256: 1ae60176370e2548f219cbdbe93c7ef954f97ff5b31cf406511b0b310fecb925
ppc64le
rhc-0.2.6-3.el9_6.ppc64le.rpm SHA-256: 6bfa1b6f902cefba06a864f1ea0dbceac45097cff1f9a323002b2f0d799435c6
rhc-debuginfo-0.2.6-3.el9_6.ppc64le.rpm SHA-256: 85fd23d6694fef5276d97004a2fd76ce3b36121a881b460572d93825cb20fab5
rhc-debugsource-0.2.6-3.el9_6.ppc64le.rpm SHA-256: f4358a6f7da3af58c9cbcd54afab60e7954e9c56fce7465eba49fa1bcaa7f9af

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6

SRPM
rhc-0.2.6-3.el9_6.src.rpm SHA-256: 1ae60176370e2548f219cbdbe93c7ef954f97ff5b31cf406511b0b310fecb925
ppc64le
rhc-0.2.6-3.el9_6.ppc64le.rpm SHA-256: 6bfa1b6f902cefba06a864f1ea0dbceac45097cff1f9a323002b2f0d799435c6
rhc-debuginfo-0.2.6-3.el9_6.ppc64le.rpm SHA-256: 85fd23d6694fef5276d97004a2fd76ce3b36121a881b460572d93825cb20fab5
rhc-debugsource-0.2.6-3.el9_6.ppc64le.rpm SHA-256: f4358a6f7da3af58c9cbcd54afab60e7954e9c56fce7465eba49fa1bcaa7f9af

Red Hat Enterprise Linux for ARM 64 9

SRPM
rhc-0.2.6-3.el9_6.src.rpm SHA-256: 1ae60176370e2548f219cbdbe93c7ef954f97ff5b31cf406511b0b310fecb925
aarch64
rhc-0.2.6-3.el9_6.aarch64.rpm SHA-256: 1c1b47f7c4cbe546758ed4354dd1b5a031ab166b45bddd427cad5bee03ca0c75
rhc-debuginfo-0.2.6-3.el9_6.aarch64.rpm SHA-256: 061c13bdca13270202d74904783904ee9b05d3f7472cd24a7182d76b6395ff90
rhc-debugsource-0.2.6-3.el9_6.aarch64.rpm SHA-256: 19df6e6de6b65ce42e83455dda211c45813688e21b3ebff79b84bf00fcdd42ae

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6

SRPM
rhc-0.2.6-3.el9_6.src.rpm SHA-256: 1ae60176370e2548f219cbdbe93c7ef954f97ff5b31cf406511b0b310fecb925
aarch64
rhc-0.2.6-3.el9_6.aarch64.rpm SHA-256: 1c1b47f7c4cbe546758ed4354dd1b5a031ab166b45bddd427cad5bee03ca0c75
rhc-debuginfo-0.2.6-3.el9_6.aarch64.rpm SHA-256: 061c13bdca13270202d74904783904ee9b05d3f7472cd24a7182d76b6395ff90
rhc-debugsource-0.2.6-3.el9_6.aarch64.rpm SHA-256: 19df6e6de6b65ce42e83455dda211c45813688e21b3ebff79b84bf00fcdd42ae

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6

SRPM
rhc-0.2.6-3.el9_6.src.rpm SHA-256: 1ae60176370e2548f219cbdbe93c7ef954f97ff5b31cf406511b0b310fecb925
ppc64le
rhc-0.2.6-3.el9_6.ppc64le.rpm SHA-256: 6bfa1b6f902cefba06a864f1ea0dbceac45097cff1f9a323002b2f0d799435c6
rhc-debuginfo-0.2.6-3.el9_6.ppc64le.rpm SHA-256: 85fd23d6694fef5276d97004a2fd76ce3b36121a881b460572d93825cb20fab5
rhc-debugsource-0.2.6-3.el9_6.ppc64le.rpm SHA-256: f4358a6f7da3af58c9cbcd54afab60e7954e9c56fce7465eba49fa1bcaa7f9af

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6

SRPM
rhc-0.2.6-3.el9_6.src.rpm SHA-256: 1ae60176370e2548f219cbdbe93c7ef954f97ff5b31cf406511b0b310fecb925
x86_64
rhc-0.2.6-3.el9_6.x86_64.rpm SHA-256: 6c36feec300410e3e12558a27c9905e33179535119ae39340f99384b21bf9803
rhc-debuginfo-0.2.6-3.el9_6.x86_64.rpm SHA-256: d0837dd7e8489cdeaac9af7999b7936ef20dafc6d7c5061c084761a5f423f06b
rhc-debugsource-0.2.6-3.el9_6.x86_64.rpm SHA-256: 94d7b2e667c21e97bdbb7fe4690cf2e4f77ccf9daa2bd5f36d48cd839ade2a55

Red Hat CodeReady Linux Builder for x86_64 9

SRPM
x86_64
rhc-debuginfo-0.2.6-3.el9_6.x86_64.rpm SHA-256: d0837dd7e8489cdeaac9af7999b7936ef20dafc6d7c5061c084761a5f423f06b
rhc-debugsource-0.2.6-3.el9_6.x86_64.rpm SHA-256: 94d7b2e667c21e97bdbb7fe4690cf2e4f77ccf9daa2bd5f36d48cd839ade2a55
rhc-devel-0.2.6-3.el9_6.x86_64.rpm SHA-256: 596b5d62f751cb941205145a51708271fb574785417540018978392f006a5dd1

Red Hat CodeReady Linux Builder for Power, little endian 9

SRPM
ppc64le
rhc-debuginfo-0.2.6-3.el9_6.ppc64le.rpm SHA-256: 85fd23d6694fef5276d97004a2fd76ce3b36121a881b460572d93825cb20fab5
rhc-debugsource-0.2.6-3.el9_6.ppc64le.rpm SHA-256: f4358a6f7da3af58c9cbcd54afab60e7954e9c56fce7465eba49fa1bcaa7f9af
rhc-devel-0.2.6-3.el9_6.ppc64le.rpm SHA-256: c807950c136964e06832f6fe200cfb96b05be88e0f3254375ae93fcc2e245401

Red Hat CodeReady Linux Builder for ARM 64 9

SRPM
aarch64
rhc-debuginfo-0.2.6-3.el9_6.aarch64.rpm SHA-256: 061c13bdca13270202d74904783904ee9b05d3f7472cd24a7182d76b6395ff90
rhc-debugsource-0.2.6-3.el9_6.aarch64.rpm SHA-256: 19df6e6de6b65ce42e83455dda211c45813688e21b3ebff79b84bf00fcdd42ae
rhc-devel-0.2.6-3.el9_6.aarch64.rpm SHA-256: 6c9b9646446d2f02043c4c55d13d512e9b6088c12115c8575240a7c587c01983

Red Hat CodeReady Linux Builder for IBM z Systems 9

SRPM
s390x
rhc-debuginfo-0.2.6-3.el9_6.s390x.rpm SHA-256: 1a24ae0f037c744da6c5d93f0958cd7d9b1e0856752ea44ca85f0a45a695a87c
rhc-debugsource-0.2.6-3.el9_6.s390x.rpm SHA-256: 27851a0b2a038a6a29b94cbbaf5075b8246b8aaa475a7445204909fd883d514c
rhc-devel-0.2.6-3.el9_6.s390x.rpm SHA-256: f1a60821a0e1cf86a21400ee9371527b83516abff697b10835397fbbbc3c3a9c

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.6

SRPM
x86_64
rhc-debuginfo-0.2.6-3.el9_6.x86_64.rpm SHA-256: d0837dd7e8489cdeaac9af7999b7936ef20dafc6d7c5061c084761a5f423f06b
rhc-debugsource-0.2.6-3.el9_6.x86_64.rpm SHA-256: 94d7b2e667c21e97bdbb7fe4690cf2e4f77ccf9daa2bd5f36d48cd839ade2a55
rhc-devel-0.2.6-3.el9_6.x86_64.rpm SHA-256: 596b5d62f751cb941205145a51708271fb574785417540018978392f006a5dd1

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.6

SRPM
ppc64le
rhc-debuginfo-0.2.6-3.el9_6.ppc64le.rpm SHA-256: 85fd23d6694fef5276d97004a2fd76ce3b36121a881b460572d93825cb20fab5
rhc-debugsource-0.2.6-3.el9_6.ppc64le.rpm SHA-256: f4358a6f7da3af58c9cbcd54afab60e7954e9c56fce7465eba49fa1bcaa7f9af
rhc-devel-0.2.6-3.el9_6.ppc64le.rpm SHA-256: c807950c136964e06832f6fe200cfb96b05be88e0f3254375ae93fcc2e245401

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.6

SRPM
s390x
rhc-debuginfo-0.2.6-3.el9_6.s390x.rpm SHA-256: 1a24ae0f037c744da6c5d93f0958cd7d9b1e0856752ea44ca85f0a45a695a87c
rhc-debugsource-0.2.6-3.el9_6.s390x.rpm SHA-256: 27851a0b2a038a6a29b94cbbaf5075b8246b8aaa475a7445204909fd883d514c
rhc-devel-0.2.6-3.el9_6.s390x.rpm SHA-256: f1a60821a0e1cf86a21400ee9371527b83516abff697b10835397fbbbc3c3a9c

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.6

SRPM
aarch64
rhc-debuginfo-0.2.6-3.el9_6.aarch64.rpm SHA-256: 061c13bdca13270202d74904783904ee9b05d3f7472cd24a7182d76b6395ff90
rhc-debugsource-0.2.6-3.el9_6.aarch64.rpm SHA-256: 19df6e6de6b65ce42e83455dda211c45813688e21b3ebff79b84bf00fcdd42ae
rhc-devel-0.2.6-3.el9_6.aarch64.rpm SHA-256: 6c9b9646446d2f02043c4c55d13d512e9b6088c12115c8575240a7c587c01983

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6

SRPM
rhc-0.2.6-3.el9_6.src.rpm SHA-256: 1ae60176370e2548f219cbdbe93c7ef954f97ff5b31cf406511b0b310fecb925
aarch64
rhc-0.2.6-3.el9_6.aarch64.rpm SHA-256: 1c1b47f7c4cbe546758ed4354dd1b5a031ab166b45bddd427cad5bee03ca0c75
rhc-debuginfo-0.2.6-3.el9_6.aarch64.rpm SHA-256: 061c13bdca13270202d74904783904ee9b05d3f7472cd24a7182d76b6395ff90
rhc-debugsource-0.2.6-3.el9_6.aarch64.rpm SHA-256: 19df6e6de6b65ce42e83455dda211c45813688e21b3ebff79b84bf00fcdd42ae

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6

SRPM
rhc-0.2.6-3.el9_6.src.rpm SHA-256: 1ae60176370e2548f219cbdbe93c7ef954f97ff5b31cf406511b0b310fecb925
s390x
rhc-0.2.6-3.el9_6.s390x.rpm SHA-256: a33f64241836ebce8f7d794b65a92df11c8b2f4802457238b93da12722920062
rhc-debuginfo-0.2.6-3.el9_6.s390x.rpm SHA-256: 1a24ae0f037c744da6c5d93f0958cd7d9b1e0856752ea44ca85f0a45a695a87c
rhc-debugsource-0.2.6-3.el9_6.s390x.rpm SHA-256: 27851a0b2a038a6a29b94cbbaf5075b8246b8aaa475a7445204909fd883d514c

Red Hat 安全团队联络方式为 secalert@redhat.com。 更多联络细节请参考 https://access.redhat.com/security/team/contact/