What is the severity of RHSA-2022:4993?

The severity of RHSA-2022:4993 is classified as important.

How do I fix RHSA-2022:4993?

To fix RHSA-2022:4993, upgrade the affected xz packages to version 5.2.4-4.el8_4 or later.

What software is affected by RHSA-2022:4993?

RHSA-2022:4993 affects various packages including xz, xz-debuginfo, and xz-libs.

Is RHSA-2022:4993 a critical vulnerability?

RHSA-2022:4993 is not classified as critical, but it is important and should be addressed promptly.

When was RHSA-2022:4993 released?

RHSA-2022:4993 was released on December 14, 2022.

Vulnerability/
RHSA-2022:4993

13/6/2022

9/4/2024

RHSA-2022:4993: Important: xz security update

First published: Mon Jun 13 2022(Updated: )

XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm (LZMA), which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short.<br>Security Fix(es):<br><li> gzip: arbitrary-file-write vulnerability (CVE-2022-1271)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Software	Affected Version	How to fix
redhat/xz	<5.2.4-4.el8_4	5.2.4-4.el8_4
redhat/xz	<5.2.4-4.el8_4	5.2.4-4.el8_4
redhat/xz-debuginfo	<5.2.4-4.el8_4	5.2.4-4.el8_4
redhat/xz-debuginfo	<5.2.4-4.el8_4	5.2.4-4.el8_4
redhat/xz-debugsource	<5.2.4-4.el8_4	5.2.4-4.el8_4
redhat/xz-debugsource	<5.2.4-4.el8_4	5.2.4-4.el8_4
redhat/xz-devel	<5.2.4-4.el8_4	5.2.4-4.el8_4
redhat/xz-devel	<5.2.4-4.el8_4	5.2.4-4.el8_4
redhat/xz-libs	<5.2.4-4.el8_4	5.2.4-4.el8_4
redhat/xz-libs	<5.2.4-4.el8_4	5.2.4-4.el8_4
redhat/xz-libs-debuginfo	<5.2.4-4.el8_4	5.2.4-4.el8_4
redhat/xz-libs-debuginfo	<5.2.4-4.el8_4	5.2.4-4.el8_4
redhat/xz-lzma-compat-debuginfo	<5.2.4-4.el8_4	5.2.4-4.el8_4
redhat/xz-lzma-compat-debuginfo	<5.2.4-4.el8_4	5.2.4-4.el8_4
redhat/xz	<5.2.4-4.el8_4	5.2.4-4.el8_4
redhat/xz-debuginfo	<5.2.4-4.el8_4	5.2.4-4.el8_4
redhat/xz-debugsource	<5.2.4-4.el8_4	5.2.4-4.el8_4
redhat/xz-devel	<5.2.4-4.el8_4	5.2.4-4.el8_4
redhat/xz-libs	<5.2.4-4.el8_4	5.2.4-4.el8_4
redhat/xz-libs-debuginfo	<5.2.4-4.el8_4	5.2.4-4.el8_4
redhat/xz-lzma-compat-debuginfo	<5.2.4-4.el8_4	5.2.4-4.el8_4
redhat/xz	<5.2.4-4.el8_4.aa	5.2.4-4.el8_4.aa
redhat/xz-debuginfo	<5.2.4-4.el8_4.aa	5.2.4-4.el8_4.aa
redhat/xz-debugsource	<5.2.4-4.el8_4.aa	5.2.4-4.el8_4.aa
redhat/xz-devel	<5.2.4-4.el8_4.aa	5.2.4-4.el8_4.aa
redhat/xz-libs	<5.2.4-4.el8_4.aa	5.2.4-4.el8_4.aa
redhat/xz-libs-debuginfo	<5.2.4-4.el8_4.aa	5.2.4-4.el8_4.aa
redhat/xz-lzma-compat-debuginfo	<5.2.4-4.el8_4.aa	5.2.4-4.el8_4.aa
redhat/xz-lzma-compat	<5.2.4-4.el8_4	5.2.4-4.el8_4
redhat/xz-lzma-compat	<5.2.4-4.el8_4	5.2.4-4.el8_4
redhat/xz-lzma-compat	<5.2.4-4.el8_4	5.2.4-4.el8_4
redhat/xz-lzma-compat	<5.2.4-4.el8_4.aa	5.2.4-4.el8_4.aa

Never miss a vulnerability like this again

Reference Links

https://access.redhat.com/errata/RHSA-2022:4993 (Advisory)

Frequently Asked Questions

What is the severity of RHSA-2022:4993?
The severity of RHSA-2022:4993 is classified as important.
How do I fix RHSA-2022:4993?
To fix RHSA-2022:4993, upgrade the affected xz packages to version 5.2.4-4.el8_4 or later.
What software is affected by RHSA-2022:4993?
RHSA-2022:4993 affects various packages including xz, xz-debuginfo, and xz-libs.
Is RHSA-2022:4993 a critical vulnerability?
RHSA-2022:4993 is not classified as critical, but it is important and should be addressed promptly.
When was RHSA-2022:4993 released?
RHSA-2022:4993 was released on December 14, 2022.

agent/severity
agent/type
agent/first-publish-date
agent/softwarecombine
agent/last-modified-date
agent/remedy
agent/references
agent/title
agent/tags
agent/description
agent/event
collector/redhat-errata
source/Red Hat
anchor-id/RHSA-2022:4993
agent/software-canonical-lookup
package-manager/redhat

Frequently Asked Questions

What is the severity of RHSA-2022:4993?
The severity of RHSA-2022:4993 is classified as important.
How do I fix RHSA-2022:4993?
To fix RHSA-2022:4993, upgrade the affected xz packages to version 5.2.4-4.el8_4 or later.
What software is affected by RHSA-2022:4993?
RHSA-2022:4993 affects various packages including xz, xz-debuginfo, and xz-libs.
Is RHSA-2022:4993 a critical vulnerability?
RHSA-2022:4993 is not classified as critical, but it is important and should be addressed promptly.
When was RHSA-2022:4993 released?
RHSA-2022:4993 was released on December 14, 2022.

RHSA-2022:4993: Important: xz security update

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2022:4993?

How do I fix RHSA-2022:4993?

What software is affected by RHSA-2022:4993?

Is RHSA-2022:4993 a critical vulnerability?

When was RHSA-2022:4993 released?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of RHSA-2022:4993?

How do I fix RHSA-2022:4993?

What software is affected by RHSA-2022:4993?

Is RHSA-2022:4993 a critical vulnerability?

When was RHSA-2022:4993 released?