What is the severity of RHSA-2023:2592?

The severity of RHSA-2023:2592 is determined by the impact of the vulnerability related to limited memory usage in regex parsing.

How do I fix RHSA-2023:2592?

To fix RHSA-2023:2592, update the affected packages to version 2.0.2-4.el9 or later.

What is the affected software for RHSA-2023:2592?

RHSA-2023:2592 affects the golang-github-cpuguy83-md2man package and its associated debuginfo and debugsource packages.

What is CVE-2022-41715 related to RHSA-2023:2592?

CVE-2022-41715 addresses a vulnerability in golang's regexp/syntax that can lead to excessive memory usage during regex parsing.

Is RHSA-2023:2592 applicable to all operating systems?

RHSA-2023:2592 is specifically applicable to systems running Red Hat Enterprise Linux version 9.

Vulnerability/
RHSA-2023:2592

9/5/2023

RHSA-2023:2592: Moderate: golang-github-cpuguy83-md2man security, bug fix, and enhancement update

First published: Tue May 09 2023(Updated: )

go-md2man converts markdown into roff (man pages).<br>Security Fix(es):<br><li> golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.<br>Additional Changes:<br>For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.2 Release Notes linked from the References section.

Affected Software	Affected Version	How to fix
redhat/golang-github-cpuguy83-md2man	<2.0.2-4.el9	2.0.2-4.el9
redhat/golang-github-cpuguy83-md2man	<2.0.2-4.el9	2.0.2-4.el9
redhat/golang-github-cpuguy83-md2man-debuginfo	<2.0.2-4.el9	2.0.2-4.el9
redhat/golang-github-cpuguy83-md2man-debugsource	<2.0.2-4.el9	2.0.2-4.el9
redhat/golang-github-cpuguy83-md2man	<2.0.2-4.el9	2.0.2-4.el9
redhat/golang-github-cpuguy83-md2man-debuginfo	<2.0.2-4.el9	2.0.2-4.el9
redhat/golang-github-cpuguy83-md2man-debugsource	<2.0.2-4.el9	2.0.2-4.el9
redhat/golang-github-cpuguy83-md2man	<2.0.2-4.el9.aa	2.0.2-4.el9.aa
redhat/golang-github-cpuguy83-md2man-debuginfo	<2.0.2-4.el9.aa	2.0.2-4.el9.aa
redhat/golang-github-cpuguy83-md2man-debugsource	<2.0.2-4.el9.aa	2.0.2-4.el9.aa
redhat/golang-github-cpuguy83-md2man-debuginfo	<2.0.2-4.el9	2.0.2-4.el9
redhat/golang-github-cpuguy83-md2man-debugsource	<2.0.2-4.el9	2.0.2-4.el9

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2023:2592?
The severity of RHSA-2023:2592 is determined by the impact of the vulnerability related to limited memory usage in regex parsing.
How do I fix RHSA-2023:2592?
To fix RHSA-2023:2592, update the affected packages to version 2.0.2-4.el9 or later.
What is the affected software for RHSA-2023:2592?
RHSA-2023:2592 affects the golang-github-cpuguy83-md2man package and its associated debuginfo and debugsource packages.
What is CVE-2022-41715 related to RHSA-2023:2592?
CVE-2022-41715 addresses a vulnerability in golang's regexp/syntax that can lead to excessive memory usage during regex parsing.
Is RHSA-2023:2592 applicable to all operating systems?
RHSA-2023:2592 is specifically applicable to systems running Red Hat Enterprise Linux version 9.

agent/description
agent/event
agent/first-publish-date
agent/last-modified-date
agent/references
agent/remedy
agent/severity
agent/softwarecombine
agent/tags
agent/title
agent/type
collector/redhat-errata
source/Red Hat
anchor-id/RHSA-2023:2592
agent/software-canonical-lookup
package-manager/redhat

Frequently Asked Questions

What is the severity of RHSA-2023:2592?
The severity of RHSA-2023:2592 is determined by the impact of the vulnerability related to limited memory usage in regex parsing.
How do I fix RHSA-2023:2592?
To fix RHSA-2023:2592, update the affected packages to version 2.0.2-4.el9 or later.
What is the affected software for RHSA-2023:2592?
RHSA-2023:2592 affects the golang-github-cpuguy83-md2man package and its associated debuginfo and debugsource packages.
What is CVE-2022-41715 related to RHSA-2023:2592?
CVE-2022-41715 addresses a vulnerability in golang's regexp/syntax that can lead to excessive memory usage during regex parsing.
Is RHSA-2023:2592 applicable to all operating systems?
RHSA-2023:2592 is specifically applicable to systems running Red Hat Enterprise Linux version 9.

RHSA-2023:2592: Moderate: golang-github-cpuguy83-md2man security, bug fix, and enhancement update

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2023:2592?

How do I fix RHSA-2023:2592?

What is the affected software for RHSA-2023:2592?

What is CVE-2022-41715 related to RHSA-2023:2592?

Is RHSA-2023:2592 applicable to all operating systems?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of RHSA-2023:2592?

How do I fix RHSA-2023:2592?

What is the affected software for RHSA-2023:2592?

What is CVE-2022-41715 related to RHSA-2023:2592?

Is RHSA-2023:2592 applicable to all operating systems?