[ALSA-2024:5294] Moderate: jose security update
Type:
security
Severity:
moderate
Release date:
2024-08-21
Description:
Jose is a C-language implementation of the Javascript Object Signing and Encryption standards. The jose package is a dependency of the clevis and tang packages, together providing Network Bound Disk Encryption (NBDE) in AlmaLinux. Security Fix(es): * jose: resource exhaustion (CVE-2024-28176) * jose: Denial of service due to uncontrolled CPU consumption (CVE-2023-50967) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 libjose-devel-10-2.el8_10.3.aarch64.rpm 1fe3c59a97199173034ae5f34f874030f7f1fe9fa10eae6ea13f6334eae3345b
aarch64 libjose-10-2.el8_10.3.aarch64.rpm d263f1b50609ec56bdf10ec61539935eb5574846112215b7c4ae03e8eb4d3055
aarch64 jose-10-2.el8_10.3.aarch64.rpm d5f97581743e79423e580499b0a0fb7e954e593fafd92d5fde05dfc479a342fc
i686 libjose-10-2.el8_10.3.i686.rpm 0685ceae6bfb3147a0d27c94dd57c6b12a4f8cebab1a20a98b3d206268e938a8
i686 libjose-devel-10-2.el8_10.3.i686.rpm b80ed7143f664a536642bd3d2f941515bd058673c68c237012fe6c0bc0822fb9
ppc64le libjose-10-2.el8_10.3.ppc64le.rpm 33bea91860fce57e82d47d64b90316f8521a191bdc82869a85442110cea15189
ppc64le jose-10-2.el8_10.3.ppc64le.rpm 89cb2736778bb8f6431a89fa9cf5c02ccffa370c784ef68cbc004fc81a66e2fd
ppc64le libjose-devel-10-2.el8_10.3.ppc64le.rpm f5a751bf7984048ae59f4301283e897669309c184fb132e780a8613866c4fe52
s390x libjose-devel-10-2.el8_10.3.s390x.rpm 25e0de4844b70a9b2341ee2774ad0987e8166cdcb73d0a0441a492518316909f
s390x libjose-10-2.el8_10.3.s390x.rpm 695fbff857abf22161a8bd1987805865945dd6d1c015eed92c1ba50c053d4b4d
s390x jose-10-2.el8_10.3.s390x.rpm 8faa96d06cc9de8f63919103488712d715cc8b5300b885acfb8f2510b465c684
x86_64 libjose-10-2.el8_10.3.x86_64.rpm 06787b8cad9fb3c79c164a33d486092da863ca07d3eae9b1fccb99daecb97f20
x86_64 libjose-devel-10-2.el8_10.3.x86_64.rpm 4935b9284ba7837588232f417e4c0eb7471b86f95d8f6246d4741e9d71ee3cbf
x86_64 jose-10-2.el8_10.3.x86_64.rpm cbb0a23ce0342c989eb38e751b1e42147508174ad50fcfa5fd4b268a38731dcc
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.