[ALSA-2023:7022] Moderate: tang security and bug fix update
Type:
security
Severity:
moderate
Release date:
2023-11-23
Description:
Tang is a server for binding data to network presence. It includes a daemon which provides cryptographic operations for binding to a remote service. The tang package provides the server side of the Network Bound Disk Encryption (NBDE) project. Security Fix(es): * tang: Race condition exists in the key generation and rotation functionality (CVE-2023-1672) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 tang-7-8.el8.aarch64.rpm a50178563c77236178263d91fd92b63daace4284cce7590988969dbe13decf31
ppc64le tang-7-8.el8.ppc64le.rpm 8b5a57d4edd13722f58feab7278cd43c1c27ecf4b2f37bbac5dffd70beae0000
s390x tang-7-8.el8.s390x.rpm 2fae1965ac51f9e29730214f5456c17016b814d7f07eeeae5b4ce523f0b4d89b
x86_64 tang-7-8.el8.x86_64.rpm a83f90ad9a70348458ded694b9af4c655b2f10d516a570f894456a36d26b008a
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.