Lucene search
RedHatRHSA-2024:0855HistoryFeb 19, 2024 - 12:59 a.m.
(RHSA-2024:0855) Moderate: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update
2024-02-1900:59:12
access.redhat.com
5
ansible automation platform
it automation
security fix
receptor
quic-go
memory exhaustion attack
cve
cvss score
update
bug fix
Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.
Security Fix(es):
- receptor: quic-go: memory exhaustion attack against QUIC’s path validation mechanism (CVE-2023-49295)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional changes:
- receptor has been updated to 1.4.4
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 8 | noarch | receptorctl | < 1.4.4-1.el8ap | receptorctl-1.4.4-1.el8ap.noarch.rpm |
| RedHat | 8 | aarch64 | receptor | < 1.4.4-1.el8ap | receptor-1.4.4-1.el8ap.aarch64.rpm |
| RedHat | 8 | ppc64le | receptor | < 1.4.4-1.el8ap | receptor-1.4.4-1.el8ap.ppc64le.rpm |
| RedHat | 9 | ppc64le | receptor | < 1.4.4-1.el9ap | receptor-1.4.4-1.el9ap.ppc64le.rpm |
| RedHat | 9 | aarch64 | receptor | < 1.4.4-1.el9ap | receptor-1.4.4-1.el9ap.aarch64.rpm |
| RedHat | 9 | x86_64 | receptor | < 1.4.4-1.el9ap | receptor-1.4.4-1.el9ap.x86_64.rpm |
| RedHat | 8 | x86_64 | receptor | < 1.4.4-1.el8ap | receptor-1.4.4-1.el8ap.x86_64.rpm |
| RedHat | 9 | s390x | receptor | < 1.4.4-1.el9ap | receptor-1.4.4-1.el9ap.s390x.rpm |
| RedHat | 9 | noarch | receptorctl | < 1.4.4-1.el9ap | receptorctl-1.4.4-1.el9ap.noarch.rpm |
| RedHat | 8 | s390x | receptor | < 1.4.4-1.el8ap | receptor-1.4.4-1.el8ap.s390x.rpm |
Related
openvas
openvas
Fedora: Security Advisory for syncthing (FEDORA-2024-c46536abe6)
2024-02-21 00:00:00
Fedora: Security Advisory for syncthing (FEDORA-2024-b93312a597)
2024-02-22 00:00:00
cvelist
cvelist
github
github
osv
osv
Denial of service via path validation in github.com/quic-go/quic-go
2024-01-23 17:04:50
CVE-2023-49295
2024-01-10 22:15:50
fedora
fedora
[SECURITY] Fedora 39 Update: syncthing-1.27.3-1.fc39
2024-02-21 01:33:35
[SECURITY] Fedora 38 Update: syncthing-1.27.3-1.fc38
2024-02-21 01:39:51
redhatcve
redhatcve
CVE-2023-49295
2024-01-11 07:30:33
cve
cve
CVE-2023-49295
2024-01-10 22:15:50
debiancve
debiancve
CVE-2023-49295
2024-01-10 22:15:50
nvd
nvd
CVE-2023-49295
2024-01-10 22:15:50
ubuntucve
ubuntucve
CVE-2023-49295
2024-01-10 00:00:00
prion
prion
Design/Logic Flaw
2024-01-10 22:15:00
nessus
nessus
Fedora 39 : syncthing (2024-c46536abe6)
2024-02-21 00:00:00
Fedora 38 : syncthing (2024-b93312a597)
2024-02-21 00:00:00
cgr
cgr
CVE-2023-49295 vulnerabilities
2024-05-19 03:07:16
cbl_mariner
cbl_mariner
CVE-2023-49295 affecting package coredns for versions less than 1.11.1-5
2024-02-25 03:00:06
veracode
veracode
Denial Of Service (DoS)
2024-01-11 06:59:11
wolfi
wolfi
CVE-2023-49295 vulnerabilities
2024-06-29 03:08:33
redhat
redhat