-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: Red Hat build of Eclipse Vert.x 4.2.5 security update Advisory ID: RHSA-2022:0737-01 Product: Red Hat OpenShift Application Runtimes Advisory URL: https://access.redhat.com/errata/RHSA-2022:0737 Issue date: 2022-03-31 CVE Names: CVE-2021-38153 ===================================================================== 1. Summary: An update is now available for Red Hat build of Eclipse Vert.x. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE pages listed in the References section. 2. Description: This release of Red Hat build of Eclipse Vert.x 4.2.5 GA includes security updates. For more information, see the release notes listed in the References section. Security Fix(es): * kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients (CVE-2021-38153) For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section. 3. Solution: Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on. The References section of this erratum contains a download link for the update. You must be logged in to download the update. 4. Bugs fixed (https://bugzilla.redhat.com/): 2009041 - CVE-2021-38153 Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients 5. References: https://access.redhat.com/security/cve/CVE-2021-38153 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=catRhoar.eclipse.vertx&version=4.2.5 https://access.redhat.com/documentation/en-us/red_hat_build_of_eclipse_vert.x/4.2/html/release_notes_for_eclipse_vert.x_4.2/index 6. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYpn+htzjgjWX9erEAQgSQQ/+IzltyAmn7JQchguOJ5hNdGLJ7tuKLkje E1aBr+9T+HyQDciFSfIpZTBDR2nC8TG/BENI12TkrXGMaQT36JjPqonhhmXu+pEL 5YJiX0GWIza4grI4RdRMKOwgmm1fbUYgrZmeOdF1ivawBQVzc1V97RLTFcKdfXLO 6zUyO5KyNvugYeb9bKdPXKd9NtvBLmXjSqSkRvnIhf+mCwO4h30WPzinExV/cjlU Li4awRUaia614lXM/srcPHh64RUCXgUc7QJH5tAbAMB3+80HgfHA2vgvTDEMvP4b 1HkhSpN5qfZ4sRCzb/XJNpWFQpeEE0ECtDAUzaugNBOSa2EeWxzu7jLRu/43JDI9 82dyrkR3ZJtJDcFcroYlkeTsgrSi1S2/Ja+ccHsm3XaowhxyezjRYjQlf8tkzLaz jw8l0vktB0Inj8TwHmHitI6ogynHulUILTDk1fUo6GHJed2MRec2wA7b5N6CUtXp 1za7tVB9F25cnzdtMwJRf030IL9pjnH+xOWTpSsNFP+LeAi0YVbV2s7Pq55HQbqk SoL9WuFqSSsVDWgXWr3Q3NCUrdYmKRqsKfeWwuQmJ3xTsRR+hh8PH66Rgnp/mZQ7 SFi1yjxp4H6gINPiK3uMGdQPtYWfn8xFovo9MHHrF4Y80RXg4rH7GVnEAMmMokMO cYipht8eZkA= =RO6T -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce