Red Hat: RHSA-2023:5446-01 Important: OptaPlanner HTTP Policy Bypass
red hat
October 4, 2023
Red Hat build of OptaPlanner 8.38.0 for Quarkus 2.13.8 release and security update is now available
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
Summary
Release of Red Hat build of OptaPlanner 8.38.0 SP1
This release includes security fixes.
Security Fix(es):
* org.kie.kogito-kogito-apps: quarkus: HTTP security policy bypass
(CVE-2023-4853)
Topics Covered
References
https://access.redhat.com/security/cve/CVE-2023-4853 https://access.redhat.com/security/updates/classification/#important
Package List
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Advisory ID: RHSA-2023:5446-01
Product: Red Hat build of OptaPlanner
Advisory URL: https://access.redhat.com/errata/RHSA-2023:5446
Issue date: 2023-10-04
Topic
Red Hat build of OptaPlanner 8.38.0 for Quarkus 2.13.8 release and securityupdate is now available. The purpose of this text-only errata is to informyou about the security issues fixed.Red Hat Product Security has rated this update as having an impact ofImportant.A Common Vulnerability Scoring System (CVSS) base score, which gives adetailed severity rating, is available for each vulnerability from the CVElinks in the References section.
Topics Covered
Relevant Releases Architectures
Bugs Fixed
2238034 - CVE-2023-4853 quarkus: HTTP security policy bypass
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!