RedHat: RHSA-2022-0737:01 Moderate: Red Hat build of Eclipse Vert.x...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: Red Hat build of Eclipse Vert.x 4.2.5 security update
Advisory ID:       RHSA-2022:0737-01
Product:           Red Hat OpenShift Application Runtimes
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:0737
Issue date:        2022-03-31
CVE Names:         CVE-2021-38153 
=====================================================================

1. Summary:

An update is now available for Red Hat build of Eclipse Vert.x.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability. For
more information, see the CVE pages listed in the References section.

2. Description:

This release of Red Hat build of Eclipse Vert.x 4.2.5 GA includes security
updates. For more information, see the release notes listed in the
References section.

Security Fix(es):

* kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients
(CVE-2021-38153)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgements, and other related information, refer to the CVE
page(s) listed in the References section.

3. Solution:

Before applying the update, back up your existing installation, including
all applications, configuration files, databases and database settings, and
so on.

The References section of this erratum contains a download link for the
update. You must be logged in to download the update.

4. Bugs fixed (https://bugzilla.redhat.com/):

2009041 - CVE-2021-38153 Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients

5. References:

https://access.redhat.com/security/cve/CVE-2021-38153
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=catRhoar.eclipse.vertx&version=4.2.5
https://access.redhat.com/documentation/en-us/red_hat_build_of_eclipse_vert.x/4.2/html/release_notes_for_eclipse_vert.x_4.2/index

6. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYpn+htzjgjWX9erEAQgSQQ/+IzltyAmn7JQchguOJ5hNdGLJ7tuKLkje
E1aBr+9T+HyQDciFSfIpZTBDR2nC8TG/BENI12TkrXGMaQT36JjPqonhhmXu+pEL
5YJiX0GWIza4grI4RdRMKOwgmm1fbUYgrZmeOdF1ivawBQVzc1V97RLTFcKdfXLO
6zUyO5KyNvugYeb9bKdPXKd9NtvBLmXjSqSkRvnIhf+mCwO4h30WPzinExV/cjlU
Li4awRUaia614lXM/srcPHh64RUCXgUc7QJH5tAbAMB3+80HgfHA2vgvTDEMvP4b
1HkhSpN5qfZ4sRCzb/XJNpWFQpeEE0ECtDAUzaugNBOSa2EeWxzu7jLRu/43JDI9
82dyrkR3ZJtJDcFcroYlkeTsgrSi1S2/Ja+ccHsm3XaowhxyezjRYjQlf8tkzLaz
jw8l0vktB0Inj8TwHmHitI6ogynHulUILTDk1fUo6GHJed2MRec2wA7b5N6CUtXp
1za7tVB9F25cnzdtMwJRf030IL9pjnH+xOWTpSsNFP+LeAi0YVbV2s7Pq55HQbqk
SoL9WuFqSSsVDWgXWr3Q3NCUrdYmKRqsKfeWwuQmJ3xTsRR+hh8PH66Rgnp/mZQ7
SFi1yjxp4H6gINPiK3uMGdQPtYWfn8xFovo9MHHrF4Y80RXg4rH7GVnEAMmMokMO
cYipht8eZkA=
=RO6T
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
[email protected]
https://listman.redhat.com/mailman/listinfo/rhsa-announce

RedHat: RHSA-2022-0737:01 Moderate: Red Hat build of Eclipse Vert.x 4.2.5

An update is now available for Red Hat build of Eclipse Vert.x

Summary

This release of Red Hat build of Eclipse Vert.x 4.2.5 GA includes security updates. For more information, see the release notes listed in the References section.
Security Fix(es):
* kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients (CVE-2021-38153)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.

Solution

Before applying the update, back up your existing installation, includingall applications, configuration files, databases and database settings, andso on.The References section of this erratum contains a download link for theupdate. You must be logged in to download the update.

References

https://access.redhat.com/security/cve/CVE-2021-38153 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=catRhoar.eclipse.vertx&version=4.2.5 https://access.redhat.com/documentation/en-us/red_hat_build_of_eclipse_vert.x/4.2/html/release_notes_for_eclipse_vert.x_4.2/index

Package List

Severity
Advisory ID: RHSA-2022:0737-01
Product: Red Hat OpenShift Application Runtimes
Advisory URL: https://access.redhat.com/errata/RHSA-2022:0737
Issued Date: : 2022-03-31
CVE Names: CVE-2021-38153

Topic

An update is now available for Red Hat build of Eclipse Vert.x.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability. Formore information, see the CVE pages listed in the References section.

Relevant Releases Architectures

Bugs Fixed

2009041 - CVE-2021-38153 Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.