ALSA-2023:5080

[ALSA-2023:5080] Moderate: keylime security update

Type:

security

Severity:

moderate

Release date:

2023-09-14

Description:

Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution.

Security Fix(es):

* keylime: registrar is subject to a DoS against SSL connections (CVE-2023-38200)
* Keylime: challenge-response protocol bypass during agent registration (CVE-2023-38201)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	python3-keylime-6.5.2-6.el9_2.alma.1.aarch64.rpm	8305df62b863d217af93c0bf2981e6f9df58c18f61f600bbaa43995e6b0df329
aarch64	keylime-base-6.5.2-6.el9_2.alma.1.aarch64.rpm	9206d06ea995efc2ca4abe8e710515c8a1acb8a30c4da571b36af56dc91c2c2c
aarch64	keylime-tenant-6.5.2-6.el9_2.alma.1.aarch64.rpm	a62082831017ced44a751760f4a25be7274335a6ebf640e2c372e1735f697672
aarch64	keylime-registrar-6.5.2-6.el9_2.alma.1.aarch64.rpm	bfdfc41ebdb2c6e05fafbc9fa628c472c2fbfc491d470e823413cfc8054f267c
aarch64	keylime-verifier-6.5.2-6.el9_2.alma.1.aarch64.rpm	dbbf800203264ddbd28d3c94605408c6d9a05bcca756167ea9b2f2cd9a1274a1
aarch64	keylime-6.5.2-6.el9_2.alma.1.aarch64.rpm	e90dc64fc6146da519a616f7192a79d7f900a7c68edd8fed580480d2796446a4
noarch	keylime-selinux-6.5.2-6.el9_2.alma.1.noarch.rpm	7d2cd2926a2a1055a094e35ace1481c09033033a86e78e656745ce16d58e4d61
ppc64le	keylime-verifier-6.5.2-6.el9_2.alma.1.ppc64le.rpm	13b0dedbd8eef50c3a6a1b9aa3717f4f24e51424426e0db0061112481981b254
ppc64le	keylime-6.5.2-6.el9_2.alma.1.ppc64le.rpm	7e75a78cccd9c18606f8e142efc8a1d158f96e8345b6f9e9e168fc0d703d4ee1
ppc64le	keylime-tenant-6.5.2-6.el9_2.alma.1.ppc64le.rpm	90c3af9ccb57935b4321a615c13b25e606a996e9203eb22a380a201c9eb31739
ppc64le	keylime-registrar-6.5.2-6.el9_2.alma.1.ppc64le.rpm	a346e3a234a5b20a491b91018c101382fecbf7d96c5c6f32a6ecff0203a18ba9
ppc64le	keylime-base-6.5.2-6.el9_2.alma.1.ppc64le.rpm	f4870e99cd4864d23a632abc97c923257d1240f228d474369fdbc8a50f615f62
ppc64le	python3-keylime-6.5.2-6.el9_2.alma.1.ppc64le.rpm	ff399249dddbed00ed0d61b678d544057f05a323e3d476ebe5dd887b5bfe3525
s390x	keylime-6.5.2-6.el9_2.alma.1.s390x.rpm	056c81ac24e863e064bab111e4f0e66c60e416570179d301aeb5687cc684e93b
s390x	keylime-registrar-6.5.2-6.el9_2.alma.1.s390x.rpm	0bd413d16ed62ed37a5099c9680f28f108f19b9161bdd37da47f95816b21779b
s390x	python3-keylime-6.5.2-6.el9_2.alma.1.s390x.rpm	39317cab012bb0296a117d0e21b838646fda45118a9f6e2895d2ba1a6af1399d
s390x	keylime-verifier-6.5.2-6.el9_2.alma.1.s390x.rpm	4dd03e7f0c50f1fde23e92f3c6483db4adf002f98a0e057a7b03446bb69c71f2
s390x	keylime-tenant-6.5.2-6.el9_2.alma.1.s390x.rpm	d4278f4e73efbf891c1a0f822c77f5676d7c7ea287ce7cb7256f63efd454b37a
s390x	keylime-base-6.5.2-6.el9_2.alma.1.s390x.rpm	e2d1dc3ad936b6b13a1e53bcdd2d861ce41f7cfd59c3146489bb01357a3dfb1a
x86_64	keylime-base-6.5.2-6.el9_2.alma.1.x86_64.rpm	310d09507febd1c3e7d8aded9ba6aa58e1336a3b700576d02e692ef5c3a87dfb
x86_64	keylime-registrar-6.5.2-6.el9_2.alma.1.x86_64.rpm	3e8c9261a9c9c1d4fcdd90e8067ea308057b5654e26f47c08634cddfbd125c90
x86_64	keylime-tenant-6.5.2-6.el9_2.alma.1.x86_64.rpm	50160b9df32c22c2a454debbdb50a0df8a8b8a7f400ed5596ffc3d6058d3f507
x86_64	python3-keylime-6.5.2-6.el9_2.alma.1.x86_64.rpm	7953eb33188434dc2b3ae9fcf3b903d4e2b0e1339bd2b79b0de7b9bd92368538
x86_64	keylime-6.5.2-6.el9_2.alma.1.x86_64.rpm	d43e8b63bff5890ac833f366f0fd90d36218f5464bd5e6742cb8c5c46206e966
x86_64	keylime-verifier-6.5.2-6.el9_2.alma.1.x86_64.rpm	dc6974bfb3cdf392d184412525cc5e9f3e57234343c9903a3b2c204dbbf84f1a

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.