Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 2254210 (CVE-2023-48795) - CVE-2023-48795 ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
Summary: CVE-2023-48795 ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
Keywords:
Status: NEW
Alias: CVE-2023-48795
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2254764 2254765 2254766 2254767 2254768 2254770 2255041 2255042 2255046 2255048 2255049 2255055 2255057 2255060 2255061 2255065 2255067 2255068 2255069 2255071 2255075 2255082 2255086 2255087 2255089 2255091 2255092 2255093 2255094 2255096 2255097 2255098 2255099 2255100 2255101 2255102 2255106 2255107 2255862 2255863 2255911 2255912 2257947 2254752 2254753 2254754 2254755 2254756 2254757 2254758 2254759 2254760 2254761 2254762 2254763 2255043 2255044 2255045 2255047 2255050 2255051 2255052 2255053 2255054 2255056 2255058 2255059 2255062 2255063 2255064 2255066 2255070 2255072 2255073 2255074 2255076 2255077 2255078 2255080 2255081 2255083 2255084 2255085 2255090 2255095 2255103 2255104 2255105 2255108 2255109 2255125 2255864 2255865 2255866 2255907 2255908 2255909 2255910 2255913
Blocks:
TreeView+ depends on / blocked
 
Reported: 2023-12-12 16:59 UTC by Patrick Del Bello
Modified: 2024-07-20 08:28 UTC (History)
195 users (show)

Fixed In Version: PuTTY 0.80, AsyncSSH 2.14.1, libssh 0.9.8, libssh 0.10.6, golang.org/x/crypto/ssh 0.17.0
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2024:0545 0 None None None 2024-01-29 14:35:35 UTC
Red Hat Product Errata RHBA-2024:0639 0 None None None 2024-02-01 07:56:18 UTC
Red Hat Product Errata RHBA-2024:0931 0 None None None 2024-02-21 01:00:58 UTC
Red Hat Product Errata RHBA-2024:0932 0 None None None 2024-02-21 01:01:16 UTC
Red Hat Product Errata RHBA-2024:0933 0 None None None 2024-02-21 01:01:29 UTC
Red Hat Product Errata RHBA-2024:1009 0 None None None 2024-02-27 19:49:34 UTC
Red Hat Product Errata RHBA-2024:1010 0 None None None 2024-02-27 20:48:14 UTC
Red Hat Product Errata RHBA-2024:1011 0 None None None 2024-02-27 21:40:28 UTC
Red Hat Product Errata RHSA-2023:7197 0 None None None 2024-02-27 19:48:05 UTC
Red Hat Product Errata RHSA-2023:7198 0 None None None 2024-02-27 20:50:10 UTC
Red Hat Product Errata RHSA-2023:7201 0 None None None 2024-02-27 22:29:10 UTC
Red Hat Product Errata RHSA-2024:0429 0 None None None 2024-01-24 16:49:29 UTC
Red Hat Product Errata RHSA-2024:0455 0 None None None 2024-01-24 16:40:30 UTC
Red Hat Product Errata RHSA-2024:0499 0 None None None 2024-01-25 15:31:37 UTC
Red Hat Product Errata RHSA-2024:0538 0 None None None 2024-01-29 08:20:17 UTC
Red Hat Product Errata RHSA-2024:0594 0 None None None 2024-01-30 14:08:09 UTC
Red Hat Product Errata RHSA-2024:0606 0 None None None 2024-01-30 14:53:45 UTC
Red Hat Product Errata RHSA-2024:0625 0 None None None 2024-01-31 08:29:53 UTC
Red Hat Product Errata RHSA-2024:0628 0 None None None 2024-01-31 08:40:29 UTC
Red Hat Product Errata RHSA-2024:0722 0 None None None 2024-02-12 15:24:54 UTC
Red Hat Product Errata RHSA-2024:0766 0 None None None 2024-02-28 08:11:17 UTC
Red Hat Product Errata RHSA-2024:0789 0 None None None 2024-02-12 16:02:21 UTC
Red Hat Product Errata RHSA-2024:0843 0 None None None 2024-02-15 12:55:45 UTC
Red Hat Product Errata RHSA-2024:0880 0 None None None 2024-02-20 11:03:47 UTC
Red Hat Product Errata RHSA-2024:0954 0 None None None 2024-02-27 15:17:02 UTC
Red Hat Product Errata RHSA-2024:1130 0 None None None 2024-03-05 18:12:05 UTC
Red Hat Product Errata RHSA-2024:1150 0 None None None 2024-03-05 18:13:40 UTC
Red Hat Product Errata RHSA-2024:1192 0 None None None 2024-03-06 15:30:30 UTC
Red Hat Product Errata RHSA-2024:1193 0 None None None 2024-03-06 15:29:57 UTC
Red Hat Product Errata RHSA-2024:1194 0 None None None 2024-03-06 15:38:41 UTC
Red Hat Product Errata RHSA-2024:1196 0 None None None 2024-03-06 17:55:04 UTC
Red Hat Product Errata RHSA-2024:1197 0 None None None 2024-03-06 17:52:38 UTC
Red Hat Product Errata RHSA-2024:1210 0 None None None 2024-03-13 15:32:11 UTC
Red Hat Product Errata RHSA-2024:1557 0 None None None 2024-03-28 05:31:29 UTC
Red Hat Product Errata RHSA-2024:1674 0 None None None 2024-04-04 15:21:17 UTC
Red Hat Product Errata RHSA-2024:1675 0 None None None 2024-04-04 15:20:48 UTC
Red Hat Product Errata RHSA-2024:1676 0 None None None 2024-04-04 15:20:14 UTC
Red Hat Product Errata RHSA-2024:1677 0 None None None 2024-04-04 15:23:05 UTC
Red Hat Product Errata RHSA-2024:1859 0 None None None 2024-04-16 17:26:24 UTC

Description Patrick Del Bello 2023-12-12 16:59:59 UTC
Prefix truncation attack on BPP: By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure 
channel without causing a MAC failure. The vulnerable cipher modes are ChaCha20-Poly1305 (chacha20-poly1305) and Encrypt-then-MAC (-etm MAC algorithms).

Comment 7 Sandipan Roy 2023-12-18 17:44:27 UTC
Created age tracking bugs for this issue:

Affects: fedora-all [bug 2255071]


Created ansible-collection-ansible-netcommon tracking bugs for this issue:

Affects: fedora-all [bug 2255055]
Affects: openstack-rdo [bug 2255059]


Created apptainer tracking bugs for this issue:

Affects: epel-all [bug 2255062]
Affects: fedora-all [bug 2255072]


Created buildah tracking bugs for this issue:

Affects: fedora-all [bug 2255073]


Created caddy tracking bugs for this issue:

Affects: epel-all [bug 2255063]
Affects: fedora-all [bug 2255074]


Created cri-o tracking bugs for this issue:

Affects: fedora-all [bug 2255075]


Created cri-o:1.21/cri-o tracking bugs for this issue:

Affects: epel-all [bug 2255064]


Created cri-o:1.22/cri-o tracking bugs for this issue:

Affects: fedora-all [bug 2255076]


Created cri-o:1.23/cri-o tracking bugs for this issue:

Affects: fedora-all [bug 2255077]


Created cri-o:1.24/cri-o tracking bugs for this issue:

Affects: fedora-all [bug 2255078]


Created cri-o:1.25/cri-o tracking bugs for this issue:

Affects: fedora-all [bug 2255080]


Created cri-o:1.26/cri-o tracking bugs for this issue:

Affects: fedora-all [bug 2255081]


Created cri-o:1.27/cri-o tracking bugs for this issue:

Affects: fedora-all [bug 2255082]


Created docker-compose tracking bugs for this issue:

Affects: fedora-all [bug 2255056]


Created doctl tracking bugs for this issue:

Affects: fedora-all [bug 2255083]


Created dropbear tracking bugs for this issue:

Affects: epel-all [bug 2255041]
Affects: fedora-all [bug 2255042]


Created duplicity tracking bugs for this issue:

Affects: fedora-all [bug 2255057]


Created gh tracking bugs for this issue:

Affects: fedora-all [bug 2255084]


Created golang-github-cloudflare-cfssl tracking bugs for this issue:

Affects: fedora-all [bug 2255085]


Created golang-github-cloudflare-redoctober tracking bugs for this issue:

Affects: fedora-all [bug 2255086]


Created golang-github-facebookincubator-go2chef tracking bugs for this issue:

Affects: fedora-all [bug 2255087]


Created golang-github-francoispqt-gojay tracking bugs for this issue:

Affects: fedora-all [bug 2255089]


Created golang-github-git-5 tracking bugs for this issue:

Affects: fedora-all [bug 2255090]


Created golang-github-hashicorp-hc-install tracking bugs for this issue:

Affects: fedora-all [bug 2255091]


Created golang-github-in-toto tracking bugs for this issue:

Affects: fedora-all [bug 2255092]


Created golang-github-moby-buildkit tracking bugs for this issue:

Affects: fedora-all [bug 2255093]


Created golang-github-theoapp-theo-agent tracking bugs for this issue:

Affects: fedora-all [bug 2255094]


Created golang-googlecode-go-crypto tracking bugs for this issue:

Affects: epel-all [bug 2255065]


Created golang-x-crypto tracking bugs for this issue:

Affects: epel-all [bug 2255066]
Affects: fedora-all [bug 2255095]


Created gomtree tracking bugs for this issue:

Affects: fedora-all [bug 2255096]


Created gopass tracking bugs for this issue:

Affects: fedora-all [bug 2255097]


Created gopass-hibp tracking bugs for this issue:

Affects: fedora-all [bug 2255098]


Created gopass-jsonapi tracking bugs for this issue:

Affects: fedora-all [bug 2255099]


Created gvisor-tap-vsock tracking bugs for this issue:

Affects: fedora-all [bug 2255100]


Created libssh tracking bugs for this issue:

Affects: epel-all [bug 2255045]
Affects: fedora-all [bug 2255047]


Created libssh2 tracking bugs for this issue:

Affects: epel-all [bug 2255046]
Affects: fedora-all [bug 2255048]


Created mingw-libssh2 tracking bugs for this issue:

Affects: fedora-all [bug 2255049]


Created nebula tracking bugs for this issue:

Affects: fedora-all [bug 2255101]


Created pack tracking bugs for this issue:

Affects: epel-all [bug 2255067]
Affects: fedora-all [bug 2255102]


Created podman tracking bugs for this issue:

Affects: fedora-all [bug 2255103]


Created podman-tui tracking bugs for this issue:

Affects: fedora-all [bug 2255104]


Created proftpd tracking bugs for this issue:

Affects: epel-all [bug 2255052]
Affects: fedora-all [bug 2255053]


Created prometheus-podman-exporter tracking bugs for this issue:

Affects: fedora-all [bug 2255105]


Created putty tracking bugs for this issue:

Affects: epel-all [bug 2255050]
Affects: fedora-all [bug 2255051]


Created python-asyncssh tracking bugs for this issue:

Affects: epel-all [bug 2255043]
Affects: fedora-all [bug 2255044]


Created python-docker tracking bugs for this issue:

Affects: epel-all [bug 2255054]
Affects: openstack-rdo [bug 2255060]


Created python-network-runner tracking bugs for this issue:

Affects: fedora-all [bug 2255058]
Affects: openstack-rdo [bug 2255061]


Created rclone tracking bugs for this issue:

Affects: epel-all [bug 2255068]
Affects: fedora-all [bug 2255106]


Created restic tracking bugs for this issue:

Affects: epel-all [bug 2255069]
Affects: fedora-all [bug 2255107]


Created singularity-ce tracking bugs for this issue:

Affects: epel-all [bug 2255070]
Affects: fedora-all [bug 2255108]


Created vagrant tracking bugs for this issue:

Affects: fedora-all [bug 2255109]

Comment 8 Sandipan Roy 2023-12-18 19:22:50 UTC
Created openssh tracking bugs for this issue:

Affects: fedora-all [bug 2255125]

Comment 9 Sandipan Roy 2023-12-18 19:29:44 UTC
Mitigation:

You can disable the following ciphers and HMACs as a workaround  on RHEL-8 and RHEL-9:
 1. chacha20-poly1305
 2. hmac-sha2-512-etm
 3. hmac-sha2-256-etm
 4. hmac-sha1-etm
 5. hmac-md5-etm

To do that through crypto-policies, one can apply a subpolicy with the following content:
```
cipher@SSH = -CHACHA20-POLY1305
ssh_etm = 0
```
e.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.

One can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.

For more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening

Note that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.

Comment 12 Vít Ondruch 2023-12-19 09:00:30 UTC
(In reply to Sandipan Roy from comment #7)
> Created vagrant tracking bugs for this issue:
> 
> Affects: fedora-all [bug 2255109]

@saroy Would you mind elaborate how Vagrant got on the list? I think that Vagrant uses rubygem-net-ssh for the SSH. So is it vulnerable? Should the ciphers be disabled there? Is the upstream aware?

This report unfortunately does not provide too much information.

Comment 13 Sandipan Roy 2023-12-19 09:07:58 UTC
In reply to comment #12:
> (In reply to Sandipan Roy from comment #7)
> > Created vagrant tracking bugs for this issue:
> > 
> > Affects: fedora-all [bug 2255109]
> 
> @saroy Would you mind elaborate how Vagrant got on the list? I
> think that Vagrant uses rubygem-net-ssh for the SSH. So is it vulnerable?
> Should the ciphers be disabled there? Is the upstream aware?
> 
> This report unfortunately does not provide too much information.

vagrant is listed becuase of this below golang dependency:

$ depcli -svv golang.org/x/crypto/ssh -e golang | grep vagrant 
fedora-39	vagrant-2.3.4-3.fc39	(golang.org/x/crypto/ssh.0-20201002170205-7f63de1d35b0, golang)

Comment 14 Vít Ondruch 2023-12-19 10:19:24 UTC
(In reply to Sandipan Roy from comment #13)
> In reply to comment #12:
> > (In reply to Sandipan Roy from comment #7)
> > > Created vagrant tracking bugs for this issue:
> > > 
> > > Affects: fedora-all [bug 2255109]
> > 
> > @saroy Would you mind elaborate how Vagrant got on the list? I
> > think that Vagrant uses rubygem-net-ssh for the SSH. So is it vulnerable?
> > Should the ciphers be disabled there? Is the upstream aware?
> > 
> > This report unfortunately does not provide too much information.
> 
> vagrant is listed becuase of this below golang dependency:
> 
> $ depcli -svv golang.org/x/crypto/ssh -e golang | grep vagrant 
> fedora-39	vagrant-2.3.4-3.fc39
> (golang.org/x/crypto/ssh.0-20201002170205-7f63de1d35b0, golang)

Thx for elaborating. Is it possible to provide this level of detail in the future? As you can see, something like this never came to my mind.

Comment 17 Peter Ajamian 2023-12-21 01:55:28 UTC
Looking for a mitigation for RHEL 7, does this appear to be correct?

/etc/ssh/ssh_config:
```
Ciphers 3des-cbc,blowfish-cbc,cast128-cbc,arcfour,arcfour128,arcfour256,aes128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc.se,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm,aes256-gcm
MACs hmac-sha1,hmac-sha1-96,hmac-sha2-256,hmac-sha2-512,hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd160,umac-64,umac-128
```

/etc/ssh/sshd_config:
```
Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm,aes256-gcm,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc
MACs umac-64,umac-128,hmac-sha2-256,hmac-sha2-512,hmac-sha1
```

...or basically to remove the chacha cipher and etm macs from both configs.  To get a list of the current ciphers and macs:
```
ssh -Q cipher
ssh -Q mac
sshd -T | grep -e '^ciphers ' -e '^macs '
```

Comment 18 ybuenos 2023-12-25 20:33:50 UTC
Created erlang tracking bugs for this issue:

Affects: epel-all [bug 2255862]
Affects: fedora-all [bug 2255863]

Comment 20 Patrick Del Bello 2023-12-26 15:50:45 UTC
Created python-paramiko tracking bugs for this issue:

Affects: epel-all [bug 2255907]
Affects: fedora-all [bug 2255908]
Affects: openstack-rdo [bug 2255912]

Comment 22 Ravindra Patil 2024-01-03 15:48:59 UTC
Hello Peter

You did remove chacha cipher and etm macs, but the ciphers you referred continue to use weak ciphers like CBC, which will continue report cbc related vulnerabilities.

To mitigate the CVE-2023-48795 and avoid other vulnerabilities to be reported, we can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.

Below strict set of Ciphers and MACs can be used as mitigation for RHEL 7.

```
Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm,aes256-gcm
MACs umac-64,umac-128,hmac-sha2-256,hmac-sha2-512
```

OR

Remove the chacha cipher and etm macs from both config options which are currently configured.
```
ssh -Q cipher
ssh -Q mac
sshd -T | grep -e '^ciphers ' -e '^macs '
```

Regards
Ravindra

Comment 24 Fedora Update System 2024-01-11 00:39:59 UTC
FEDORA-EPEL-2024-b45b6eada5 has been pushed to the Fedora EPEL 9 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 31 errata-xmlrpc 2024-01-24 16:40:20 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2024:0455 https://access.redhat.com/errata/RHSA-2024:0455

Comment 32 errata-xmlrpc 2024-01-24 16:49:17 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2024:0429 https://access.redhat.com/errata/RHSA-2024:0429

Comment 33 errata-xmlrpc 2024-01-25 15:31:26 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2024:0499 https://access.redhat.com/errata/RHSA-2024:0499

Comment 34 errata-xmlrpc 2024-01-29 08:20:03 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2024:0538 https://access.redhat.com/errata/RHSA-2024:0538

Comment 35 errata-xmlrpc 2024-01-30 14:07:55 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Extended Update Support

Via RHSA-2024:0594 https://access.redhat.com/errata/RHSA-2024:0594

Comment 36 errata-xmlrpc 2024-01-30 14:53:32 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:0606 https://access.redhat.com/errata/RHSA-2024:0606

Comment 37 errata-xmlrpc 2024-01-31 08:29:40 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Extended Update Support

Via RHSA-2024:0625 https://access.redhat.com/errata/RHSA-2024:0625

Comment 38 errata-xmlrpc 2024-01-31 08:40:18 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:0628 https://access.redhat.com/errata/RHSA-2024:0628

Comment 39 Alexander Peslyak 2024-02-05 00:52:29 UTC
Giving the timing, the problem report here may indicate there's an issue with the RHEL8 fix - https://superuser.com/questions/1828501/how-to-solve-ssh-connection-corrupted-error - or it could be unrelated. Just a heads up.

Comment 40 ketan kothari 2024-02-05 23:07:37 UTC
There is a known issue with this version : https://github.com/oracle/oracle-linux/issues/125 and Oracle has pulled back this patch for now from their repos. So running below will restore access.

sudo dnf downgrade openssh-server
sudo dnf clean all

This will update the packages openssh , openssh-clients , openssh-server back to openssh-server-8.0p1-19.el8_8.x86_64 from current openssh-server-8.0p1-19.el8_8.x86_64

Comment 41 ketan kothari 2024-02-05 23:08:20 UTC
There is a known issue with this version : https://github.com/oracle/oracle-linux/issues/125 and Oracle has pulled back this patch for now from their repos. So running below will restore access.

sudo dnf downgrade openssh-server
sudo dnf clean all

This will update the packages openssh , openssh-clients , openssh-server back to openssh-server-8.0p1-19.el8_8.x86_64 from current openssh-server-8.0p1-19.el8_8.x86_64

Comment 42 errata-xmlrpc 2024-02-12 15:24:43 UTC
This issue has been addressed in the following products:

  Red Hat build of Quarkus 3.2.10

Via RHSA-2024:0722 https://access.redhat.com/errata/RHSA-2024:0722

Comment 43 errata-xmlrpc 2024-02-12 16:02:09 UTC
This issue has been addressed in the following products:

  RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)

Via RHSA-2024:0789 https://access.redhat.com/errata/RHSA-2024:0789

Comment 44 errata-xmlrpc 2024-02-15 12:55:33 UTC
This issue has been addressed in the following products:

  RHOSS-1.31-RHEL-8

Via RHSA-2024:0843 https://access.redhat.com/errata/RHSA-2024:0843

Comment 45 errata-xmlrpc 2024-02-20 11:03:37 UTC
This issue has been addressed in the following products:

  Openshift Serverless 1 on RHEL 8

Via RHSA-2024:0880 https://access.redhat.com/errata/RHSA-2024:0880

Comment 46 errata-xmlrpc 2024-02-27 15:16:48 UTC
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.15

Via RHSA-2024:0954 https://access.redhat.com/errata/RHSA-2024:0954

Comment 47 errata-xmlrpc 2024-02-27 19:47:51 UTC
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.15

Via RHSA-2023:7197 https://access.redhat.com/errata/RHSA-2023:7197

Comment 53 errata-xmlrpc 2024-02-27 20:49:57 UTC
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.15

Via RHSA-2023:7198 https://access.redhat.com/errata/RHSA-2023:7198

Comment 54 errata-xmlrpc 2024-02-27 22:28:58 UTC
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.15

Via RHSA-2023:7201 https://access.redhat.com/errata/RHSA-2023:7201

Comment 56 errata-xmlrpc 2024-02-28 08:11:05 UTC
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.15

Via RHSA-2024:0766 https://access.redhat.com/errata/RHSA-2024:0766

Comment 57 errata-xmlrpc 2024-03-05 18:11:55 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:1130 https://access.redhat.com/errata/RHSA-2024:1130

Comment 58 errata-xmlrpc 2024-03-05 18:13:27 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:1150 https://access.redhat.com/errata/RHSA-2024:1150

Comment 59 errata-xmlrpc 2024-03-06 15:29:42 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9

Via RHSA-2024:1193 https://access.redhat.com/errata/RHSA-2024:1193

Comment 60 errata-xmlrpc 2024-03-06 15:30:15 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8

Via RHSA-2024:1192 https://access.redhat.com/errata/RHSA-2024:1192

Comment 61 errata-xmlrpc 2024-03-06 15:38:27 UTC
This issue has been addressed in the following products:

  EAP 8.0.1

Via RHSA-2024:1194 https://access.redhat.com/errata/RHSA-2024:1194

Comment 62 errata-xmlrpc 2024-03-06 17:52:26 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform

Via RHSA-2024:1197 https://access.redhat.com/errata/RHSA-2024:1197

Comment 63 errata-xmlrpc 2024-03-06 17:54:50 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7
  Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8
  Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9

Via RHSA-2024:1196 https://access.redhat.com/errata/RHSA-2024:1196

Comment 64 errata-xmlrpc 2024-03-13 15:31:59 UTC
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.15

Via RHSA-2024:1210 https://access.redhat.com/errata/RHSA-2024:1210

Comment 65 coldford@redhat.com 2024-03-15 12:45:00 UTC
Hello,

Are there plans to backport the fix to Red Hat OpenShift Container Platform 4.10 and Red Hat OpenShift Container Platform 4.12 ?

Cory Oldford

Comment 68 errata-xmlrpc 2024-03-28 05:31:18 UTC
This issue has been addressed in the following products:

  OPENSHIFT-BUILDS-1.0-RHEL-8

Via RHSA-2024:1557 https://access.redhat.com/errata/RHSA-2024:1557

Comment 69 errata-xmlrpc 2024-04-04 15:20:02 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9

Via RHSA-2024:1676 https://access.redhat.com/errata/RHSA-2024:1676

Comment 70 errata-xmlrpc 2024-04-04 15:20:35 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8

Via RHSA-2024:1675 https://access.redhat.com/errata/RHSA-2024:1675

Comment 71 errata-xmlrpc 2024-04-04 15:21:05 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7

Via RHSA-2024:1674 https://access.redhat.com/errata/RHSA-2024:1674

Comment 72 errata-xmlrpc 2024-04-04 15:22:52 UTC
This issue has been addressed in the following products:

  EAP 7.4.16

Via RHSA-2024:1677 https://access.redhat.com/errata/RHSA-2024:1677

Comment 73 errata-xmlrpc 2024-04-16 17:26:12 UTC
This issue has been addressed in the following products:

  OADP-1.3-RHEL-9

Via RHSA-2024:1859 https://access.redhat.com/errata/RHSA-2024:1859


Note You need to log in before you can comment on or make changes to this bug.