ALSA-2022:4991

[ALSA-2022:4991] Important: xz security update

Type:

security

Severity:

important

Release date:

2023-03-07

Description:

XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm (LZMA), which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short.
Security Fix(es):
* gzip: arbitrary-file-write vulnerability (CVE-2022-1271)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	xz-lzma-compat-5.2.4-4.el8_6.aarch64.rpm	0825579af8d2b66ac200a3b9f4088107f2ceef91bc7685e55c97b01f04c94a56
aarch64	xz-5.2.4-4.el8_6.aarch64.rpm	16a8d07cf3c15d94d0ba9a1a7403461075d59ea25038265db70bb71253d7c486
aarch64	xz-devel-5.2.4-4.el8_6.aarch64.rpm	a209ebbcd675792de4caa214073c326f8f5adaf96a94a4ea7ceb0201abc39a83
aarch64	xz-libs-5.2.4-4.el8_6.aarch64.rpm	eb1bf61e0b1635d73c0f8abda8a892d3facb8112fa5dbeb0865a7bdfacb4298a
i686	xz-libs-5.2.4-4.el8_6.i686.rpm	576ae76bc15af9ddbe98a066ed272e22a175c992a2c678df8440c33197f45daf
i686	xz-devel-5.2.4-4.el8_6.i686.rpm	ac23b22995aa188dd98e08d8a9552fcf940bcaac66995739e8d9abd9817a06bd
ppc64le	xz-lzma-compat-5.2.4-4.el8_6.ppc64le.rpm	2cea51500e791f8c380491cc0965d83a85e9fc69496a6a6835d304bfa356c6a6
ppc64le	xz-devel-5.2.4-4.el8_6.ppc64le.rpm	2ebfe9aad1157b9b48d00ce8630d4fe52c2c44450be196309f4a8b4291d8e69d
ppc64le	xz-5.2.4-4.el8_6.ppc64le.rpm	49f484e81b0f67235f6a797a92c6f9158a1e381394fa76b0460f1973458712fb
ppc64le	xz-libs-5.2.4-4.el8_6.ppc64le.rpm	bcfe368a68e172f9b4b7850160f8dc6109188055fd88257283486068d8c02f90
s390x	xz-devel-5.2.4-4.el8_6.s390x.rpm	41df743d523981a354661d6f6f2c98b5f8a8c3d3ef660c833c0cac5284d10d6c
s390x	xz-lzma-compat-5.2.4-4.el8_6.s390x.rpm	969a0d589c6855b7f4da1a9ad40efbfd6f5480e0390bf50ae77ee47adf404f20
s390x	xz-libs-5.2.4-4.el8_6.s390x.rpm	b50f37656097c9c58ce9073fa5eb0815450463e26cd72aeb4468f5abfe76ef3e
s390x	xz-5.2.4-4.el8_6.s390x.rpm	c1cadbf7e74ccbf1d469ff2fe4c55790bb510825ec4c44b15d7b621bb808389b
x86_64	xz-devel-5.2.4-4.el8_6.x86_64.rpm	609dff705f5eb3f00aa157396adb3edf76c57562640a37ec7512ee9b8f35b360
x86_64	xz-5.2.4-4.el8_6.x86_64.rpm	660d66d1a96f4d7bf21486883272dcea33bdbff49bf83dc4296ba6b948552d55
x86_64	xz-lzma-compat-5.2.4-4.el8_6.x86_64.rpm	bc2cd3adfd82ecfc1efda8aa75e566ca7ab7d0e10cda91d9e68e8bd37f310844
x86_64	xz-libs-5.2.4-4.el8_6.x86_64.rpm	eab633cd7e81de007792509bfbea6cbd48dec90e4c0f18a4c1c337cb9c06ee51

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.