-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================                   Red Hat Security Advisory

Synopsis:          Important: Red Hat Integration Camel Extensions for Quarkus 2.7.1-1 security update
Advisory ID:       RHSA-2023:3193-01
Product:           Red Hat Integration
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:3193
Issue date:        2023-05-17
CVE Names:         CVE-2023-1370 
====================================================================
1. Summary:

Red Hat Integration Camel Extensions for Quarkus 2.7.1-1 release and
security update is now available. The purpose of this text-only errata is
to inform you about the security issues fixed.

Red Hat Product Security has rated this update as having an impact of
Important.
A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.

2. Description:

A security update for Camel Extensions for Quarkus 2.7.1 is now available.
The purpose of this text-only errata is to inform you about the security
issues fixed.
Red Hat Product Security has rated this update as having an impact of
Important.

A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.

 Security Fix(es):

* CVE-2023-1370 json-smart: Uncontrolled Resource Consumption
vulnerability in json-smart (Resource Exhaustion)

3. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

4. Bugs fixed (https://bugzilla.redhat.com/):

2188542 - CVE-2023-1370 json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

5. References:

https://access.redhat.com/security/cve/CVE-2023-1370
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/cve/cve-2023-1370

6. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBZGUUm9zjgjWX9erEAQjHWRAAp3vq3sMbVVGvNYOVdWD0LwaU1K2FQu5M
L9nsY2/SA/BXg6ytHGrjzlyJcxz0OuWi4P1G5TKVV8bwIQ7cojeUyasYC/DJbN91
W1sPbFiUxbhaTBPV5Xg6Gn14qHcK0yajacZw00989ZQ5/8IPwPKXzWtNOGpkNJEE
zUrVVJCPiPVdJNi72PBAFdyjGYhYDCwboNeDxM7EfwnlnTFlYsAYxrf/R2N/yLvT
mJQhfrulLR8i8S5YS5u5hcspIu28nt7YBa9iC6yjLDyASiwm7y+lpN1SqKPOcPxJ
9RFUssnEiZ1aUKT5gbbQlsKnQDWhuBrKwv1tbY1IEe8WYi90upyizefpzIBsulP0
5O8d/BnBMspMKj1SSHb9cQ7Qs6ehmZhNCevGTPtxNAoh7ydWIwQc59yFgo7fFw2f
stFnFwkbZZ3AemX3MXD4dTzaXDKZxYs0x6aE2PZCxTQsuoOQu16Zfp7d/PZ6ubZ7
4mizFwJLifhFnUMFVkZPB4YmuUY1VcmSeCa5ku8grmBPr9IRjLkW2R4qWd5AS1Ws
XfxgrbTOa5CFa/fd2PI1f43SGwnZi+X2IrNmrDjuh6g+jXxt7fd29EzyJIlVe6Ze
J5jw/eWGxOeNeMPHC3ttXv4Krlouk77dh/8Z6bBkHyM1fjo1Cb1UyPWc2c/aaSvB
ufwc+d6k+r8=qfaW
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce

RedHat: RHSA-2023-3193:01 Important: Red Hat Integration Camel Extensions

Red Hat Integration Camel Extensions for Quarkus 2.7.1-1 release and security update is now available

Summary

A security update for Camel Extensions for Quarkus 2.7.1 is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Red Hat Product Security has rated this update as having an impact of Important.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Security Fix(es):
* CVE-2023-1370 json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)



Summary


Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258

References

https://access.redhat.com/security/cve/CVE-2023-1370 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/cve/cve-2023-1370

Package List


Severity
Advisory ID: RHSA-2023:3193-01
Product: Red Hat Integration
Advisory URL: https://access.redhat.com/errata/RHSA-2023:3193
Issued Date: : 2023-05-17
CVE Names: CVE-2023-1370

Topic

Red Hat Integration Camel Extensions for Quarkus 2.7.1-1 release andsecurity update is now available. The purpose of this text-only errata isto inform you about the security issues fixed.Red Hat Product Security has rated this update as having an impact ofImportant.A Common Vulnerability Scoring System (CVSS) base score, which gives adetailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.


Topic


 

Relevant Releases Architectures


Bugs Fixed

2188542 - CVE-2023-1370 json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)


Related News

4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved