Red Hat Product Errata RHSA-2025:9514 - Security Advisory
Issued:
2025-06-24
Updated:
2025-06-24

RHSA-2025:9514 - Security Advisory

Synopsis

Moderate: rhc security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for rhc is now available for Red Hat Enterprise Linux 10.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

rhc is a client tool and daemon that connects the system to Red Hat hosted services enabling system and subscription management.

Security Fix(es):

  • golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect (CVE-2024-45336)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 10 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 10 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 s390x
  • Red Hat Enterprise Linux for Power, little endian 10 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 ppc64le
  • Red Hat Enterprise Linux for ARM 64 10 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 aarch64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0 s390x
  • Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0 ppc64le
  • Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0 x86_64

Fixes

  • BZ - 2341751 - CVE-2024-45336 golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect

Red Hat Enterprise Linux for x86_64 10

SRPM
rhc-0.3.2-1.el10_0.src.rpm SHA-256: acd694790c2e87d0b6d07084b5d1c8eff4316e4e8351a86eb0113c5efc7c0384
x86_64
rhc-0.3.2-1.el10_0.x86_64.rpm SHA-256: 6da10853930ae611644b83e1e55b9a7a172e7bc1aec35b79be50ddb9b0576a6e
rhc-debuginfo-0.3.2-1.el10_0.x86_64.rpm SHA-256: 178ca586e67e538e8db25f09e8101dd0791588bea915ed93798bbbfc8a25f9b3
rhc-debugsource-0.3.2-1.el10_0.x86_64.rpm SHA-256: f18f1bcfed509add615d02dd681cd6af1d7598c2ed6cd9969cda969a4740ebdb

Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0

SRPM
rhc-0.3.2-1.el10_0.src.rpm SHA-256: acd694790c2e87d0b6d07084b5d1c8eff4316e4e8351a86eb0113c5efc7c0384
x86_64
rhc-0.3.2-1.el10_0.x86_64.rpm SHA-256: 6da10853930ae611644b83e1e55b9a7a172e7bc1aec35b79be50ddb9b0576a6e
rhc-debuginfo-0.3.2-1.el10_0.x86_64.rpm SHA-256: 178ca586e67e538e8db25f09e8101dd0791588bea915ed93798bbbfc8a25f9b3
rhc-debugsource-0.3.2-1.el10_0.x86_64.rpm SHA-256: f18f1bcfed509add615d02dd681cd6af1d7598c2ed6cd9969cda969a4740ebdb

Red Hat Enterprise Linux for IBM z Systems 10

SRPM
rhc-0.3.2-1.el10_0.src.rpm SHA-256: acd694790c2e87d0b6d07084b5d1c8eff4316e4e8351a86eb0113c5efc7c0384
s390x
rhc-0.3.2-1.el10_0.s390x.rpm SHA-256: eaa197adea11f80dc638bf4cd16fb49e2d60ccfef238b2f3d0affdb5d60d56b3
rhc-debuginfo-0.3.2-1.el10_0.s390x.rpm SHA-256: 9ab332bfb5a82c06ee0a242870d3e905cff7d3cb2310f622dd05992557de1a44
rhc-debugsource-0.3.2-1.el10_0.s390x.rpm SHA-256: f75316fe1d0415ee6578b8ced2849d4673367397f021ec12da8e4f25571bd8ad

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0

SRPM
rhc-0.3.2-1.el10_0.src.rpm SHA-256: acd694790c2e87d0b6d07084b5d1c8eff4316e4e8351a86eb0113c5efc7c0384
s390x
rhc-0.3.2-1.el10_0.s390x.rpm SHA-256: eaa197adea11f80dc638bf4cd16fb49e2d60ccfef238b2f3d0affdb5d60d56b3
rhc-debuginfo-0.3.2-1.el10_0.s390x.rpm SHA-256: 9ab332bfb5a82c06ee0a242870d3e905cff7d3cb2310f622dd05992557de1a44
rhc-debugsource-0.3.2-1.el10_0.s390x.rpm SHA-256: f75316fe1d0415ee6578b8ced2849d4673367397f021ec12da8e4f25571bd8ad

Red Hat Enterprise Linux for Power, little endian 10

SRPM
rhc-0.3.2-1.el10_0.src.rpm SHA-256: acd694790c2e87d0b6d07084b5d1c8eff4316e4e8351a86eb0113c5efc7c0384
ppc64le
rhc-0.3.2-1.el10_0.ppc64le.rpm SHA-256: 73f5deef7607f8959fdde432ef062f1b2ebda7b03d87bc3fa4214dde728dd013
rhc-debuginfo-0.3.2-1.el10_0.ppc64le.rpm SHA-256: 28ff1cce01bd23da5f21d8b9de5e5e3c2a2236b25680c41b216f5bd746065c30
rhc-debugsource-0.3.2-1.el10_0.ppc64le.rpm SHA-256: 07153699dca580b6e75c173b3122725d8c7f36d66adc12f2cd63a428270da5f4

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0

SRPM
rhc-0.3.2-1.el10_0.src.rpm SHA-256: acd694790c2e87d0b6d07084b5d1c8eff4316e4e8351a86eb0113c5efc7c0384
ppc64le
rhc-0.3.2-1.el10_0.ppc64le.rpm SHA-256: 73f5deef7607f8959fdde432ef062f1b2ebda7b03d87bc3fa4214dde728dd013
rhc-debuginfo-0.3.2-1.el10_0.ppc64le.rpm SHA-256: 28ff1cce01bd23da5f21d8b9de5e5e3c2a2236b25680c41b216f5bd746065c30
rhc-debugsource-0.3.2-1.el10_0.ppc64le.rpm SHA-256: 07153699dca580b6e75c173b3122725d8c7f36d66adc12f2cd63a428270da5f4

Red Hat Enterprise Linux for ARM 64 10

SRPM
rhc-0.3.2-1.el10_0.src.rpm SHA-256: acd694790c2e87d0b6d07084b5d1c8eff4316e4e8351a86eb0113c5efc7c0384
aarch64
rhc-0.3.2-1.el10_0.aarch64.rpm SHA-256: 435d873b87d251de01d4bb98e5a4c92c1b5fb946db454faeea5196c60c60cfbb
rhc-debuginfo-0.3.2-1.el10_0.aarch64.rpm SHA-256: 451c0776792f9728fe3ad6d2fe641c1e3c7656d626fb35cc4f5850c21c552702
rhc-debugsource-0.3.2-1.el10_0.aarch64.rpm SHA-256: a767230d0f801e97afb4539ad9409f57645f81d650988edf8656b559f21ed1f8

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0

SRPM
rhc-0.3.2-1.el10_0.src.rpm SHA-256: acd694790c2e87d0b6d07084b5d1c8eff4316e4e8351a86eb0113c5efc7c0384
aarch64
rhc-0.3.2-1.el10_0.aarch64.rpm SHA-256: 435d873b87d251de01d4bb98e5a4c92c1b5fb946db454faeea5196c60c60cfbb
rhc-debuginfo-0.3.2-1.el10_0.aarch64.rpm SHA-256: 451c0776792f9728fe3ad6d2fe641c1e3c7656d626fb35cc4f5850c21c552702
rhc-debugsource-0.3.2-1.el10_0.aarch64.rpm SHA-256: a767230d0f801e97afb4539ad9409f57645f81d650988edf8656b559f21ed1f8

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0

SRPM
rhc-0.3.2-1.el10_0.src.rpm SHA-256: acd694790c2e87d0b6d07084b5d1c8eff4316e4e8351a86eb0113c5efc7c0384
aarch64
rhc-0.3.2-1.el10_0.aarch64.rpm SHA-256: 435d873b87d251de01d4bb98e5a4c92c1b5fb946db454faeea5196c60c60cfbb
rhc-debuginfo-0.3.2-1.el10_0.aarch64.rpm SHA-256: 451c0776792f9728fe3ad6d2fe641c1e3c7656d626fb35cc4f5850c21c552702
rhc-debugsource-0.3.2-1.el10_0.aarch64.rpm SHA-256: a767230d0f801e97afb4539ad9409f57645f81d650988edf8656b559f21ed1f8

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0

SRPM
rhc-0.3.2-1.el10_0.src.rpm SHA-256: acd694790c2e87d0b6d07084b5d1c8eff4316e4e8351a86eb0113c5efc7c0384
s390x
rhc-0.3.2-1.el10_0.s390x.rpm SHA-256: eaa197adea11f80dc638bf4cd16fb49e2d60ccfef238b2f3d0affdb5d60d56b3
rhc-debuginfo-0.3.2-1.el10_0.s390x.rpm SHA-256: 9ab332bfb5a82c06ee0a242870d3e905cff7d3cb2310f622dd05992557de1a44
rhc-debugsource-0.3.2-1.el10_0.s390x.rpm SHA-256: f75316fe1d0415ee6578b8ced2849d4673367397f021ec12da8e4f25571bd8ad

Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0

SRPM
rhc-0.3.2-1.el10_0.src.rpm SHA-256: acd694790c2e87d0b6d07084b5d1c8eff4316e4e8351a86eb0113c5efc7c0384
ppc64le
rhc-0.3.2-1.el10_0.ppc64le.rpm SHA-256: 73f5deef7607f8959fdde432ef062f1b2ebda7b03d87bc3fa4214dde728dd013
rhc-debuginfo-0.3.2-1.el10_0.ppc64le.rpm SHA-256: 28ff1cce01bd23da5f21d8b9de5e5e3c2a2236b25680c41b216f5bd746065c30
rhc-debugsource-0.3.2-1.el10_0.ppc64le.rpm SHA-256: 07153699dca580b6e75c173b3122725d8c7f36d66adc12f2cd63a428270da5f4

Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0

SRPM
rhc-0.3.2-1.el10_0.src.rpm SHA-256: acd694790c2e87d0b6d07084b5d1c8eff4316e4e8351a86eb0113c5efc7c0384
x86_64
rhc-0.3.2-1.el10_0.x86_64.rpm SHA-256: 6da10853930ae611644b83e1e55b9a7a172e7bc1aec35b79be50ddb9b0576a6e
rhc-debuginfo-0.3.2-1.el10_0.x86_64.rpm SHA-256: 178ca586e67e538e8db25f09e8101dd0791588bea915ed93798bbbfc8a25f9b3
rhc-debugsource-0.3.2-1.el10_0.x86_64.rpm SHA-256: f18f1bcfed509add615d02dd681cd6af1d7598c2ed6cd9969cda969a4740ebdb

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.