RHSA-2021:1401: Moderate: Red Hat Fuse 7.8.1 patch release and security update
This release of Red Hat Fuse 7.8.1 serves as a patch to Red Hat Fuse on Karaf and Red Hat Fuse on Spring Boot 2 (7.8.0), and includes security fixes, which are documented in the Release Notes document linked to in the References.Security Fix(es): bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible - Karaf (CVE-2020-28052) bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible - Spring Boot 2 (CVE-2020-28052) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2021:1401?
The severity of RHSA-2021:1401 is classified as moderate.
How do I fix RHSA-2021:1401?
To fix RHSA-2021:1401, you need to update Red Hat Fuse to version 7.8.1 or apply the relevant patches.
What vulnerabilities are addressed in RHSA-2021:1401?
RHSA-2021:1401 addresses security issues related to Bouncy Castle and potential password exposure.
Is RHSA-2021:1401 applicable to all versions of Red Hat Fuse?
RHSA-2021:1401 is specifically applicable to Red Hat Fuse 7.8.0 and earlier versions.
When was RHSA-2021:1401 released?
RHSA-2021:1401 was released as an advisory on a specific date in 2021, aimed at patching earlier versions of the software.