-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: Red Hat Integration Camel K 1.10.2 release security update Advisory ID: RHSA-2023:5337-01 Product: Red Hat Integration Advisory URL: https://access.redhat.com/errata/RHSA-2023:5337 Issue date: 2023-09-21 CVE Names: CVE-2023-4853 ===================================================================== 1. Summary: Red Hat Integration Camel K 1.10.2 release and security update is now available. Red Hat Product Security has rated this update as having an impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: A security update for Camel K 1.10.2 is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Security Fix(es): * quarkus-vertx-http: quarkus: HTTP security policy bypass(CVE-2023-4853) See the Red Hat Security Bulletin in the References section for more detail about CVE-2023-4853. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 3. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 4. Bugs fixed (https://bugzilla.redhat.com/): 2238034 - CVE-2023-4853 quarkus: HTTP security policy bypass 5. References: https://access.redhat.com/security/cve/CVE-2023-4853 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/RHSB-2023-002 https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=red.hat.integration&version=2023-Q3 6. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJlDLUMAAoJENzjgjWX9erE44oP/imZo8kOe2XeWCZ0hZs6wBDt KzDc6q+IkaqRf71UmWQ9h97jJmWiB41DcDQ2cwV04NplJXc6DIQVoJEZOY0sKQXb /WuWFwhxwPk/Rneio1LO5o1TsJrJKSiyT3z6Ocapd8KQrTErZGp+7yOi6hbV+sXD fGYtk7hhkOP4CVdOKzyTzt84XhkYSMYAF9LS1p0M4TLTIHlImPG97rPMWr9zYsqj 9iNpaXed3YE7UbJW771Awm2MZVuKyHYBakqGDirPxRjhQQ+HfUX/Cfsq8lIXEMTn /Cg14g/HjdbD051AnX8wXmYlCR3DINmvmvCjEeW7TrAtFHfCvUaLoKVoU25NRGEl I1ftbtCfNWY/m3Vi2FmYj2w5QC1QMQJNotDa/PY4AMuAOfNX8e5vM15G2BvAVRcJ uqSWGNLNShC9OjaT5qtWb7HOvwj95LAMPAdtFy06Kd5ZImslm5lfDqm0qUf4PMXS VuoyYliB2JfTAVYAH2+9WqSHfeVNvZAGNll689hy6/TRpcXzWzUizjDzCEqNYw84 +cU5HlJhZ+BbJ50eomfHTC2qxcV843g7O8H+1po5fBD+jZm2zaEYPoUsAKJj1cIP TbGkeVrlS7Bo+qiK/D9eUhtczgxEwMuL5xZdhzgZfcnxjzCk1TeSmYjlwG7yaKsG E/i8uAlxqnyYBu9xv13G =y/55 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce