Stay Connected:

ELSA-2023-5080

ELSA-2023-5080 - keylime security update

Type:SECURITY
Severity:MODERATE
Release Date:2023-09-13

Description


[6.5.2-6]
- Fix registrar is subject to a DoS against SSL (CVE-2023-38200)
Resolves: rhbz#2222694
- Fix challenge-protocol bypass during agent registration (CVE-2023-38201)
Resolves: rhbz#2222695


Related CVEs


CVE-2023-38201
CVE-2023-38200

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) keylime-6.5.2-6.el9_2.src.rpm3317ca1fe94cd71b380193e9f98f5841-ol9_aarch64_appstream
keylime-6.5.2-6.el9_2.aarch64.rpm64a9dfb9261c00d2c5809a58ab5841d1-ol9_aarch64_appstream
keylime-base-6.5.2-6.el9_2.aarch64.rpm99e3ff0549cf86c198c7d233ba01bfc5-ol9_aarch64_appstream
keylime-registrar-6.5.2-6.el9_2.aarch64.rpm314f93a75907fd5250f69befc6284755-ol9_aarch64_appstream
keylime-selinux-6.5.2-6.el9_2.noarch.rpm0dcd1094836cdf587926528744f6d221-ol9_aarch64_appstream
keylime-tenant-6.5.2-6.el9_2.aarch64.rpm389db780e1cc859a368b80e3a6502869-ol9_aarch64_appstream
keylime-verifier-6.5.2-6.el9_2.aarch64.rpm7e53f4342fe2d767b3c1c8272be63f65-ol9_aarch64_appstream
python3-keylime-6.5.2-6.el9_2.aarch64.rpma05010a2f7c6516bd2f114c0d5f56b24-ol9_aarch64_appstream
Oracle Linux 9 (x86_64) keylime-6.5.2-6.el9_2.src.rpm3317ca1fe94cd71b380193e9f98f5841-ol9_x86_64_appstream
keylime-6.5.2-6.el9_2.x86_64.rpm2bae67d5234781c8d77ce3e47a6e80da-ol9_x86_64_appstream
keylime-base-6.5.2-6.el9_2.x86_64.rpma1d89c1a58df250438259d55b44fe3f1-ol9_x86_64_appstream
keylime-registrar-6.5.2-6.el9_2.x86_64.rpmabd11f6c32de09ac8a73bf9d4b704a05-ol9_x86_64_appstream
keylime-selinux-6.5.2-6.el9_2.noarch.rpm0dcd1094836cdf587926528744f6d221-ol9_x86_64_appstream
keylime-tenant-6.5.2-6.el9_2.x86_64.rpm3b311e73e6e0c4466e2f471c4dae95fd-ol9_x86_64_appstream
keylime-verifier-6.5.2-6.el9_2.x86_64.rpm449858f20e452e6bd48f2790e846ca65-ol9_x86_64_appstream
python3-keylime-6.5.2-6.el9_2.x86_64.rpmb779060e62f0f094cda6f6c4fe9e0bbf-ol9_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights