RHSA-2023:4919: Important: Red Hat Single Sign-On 7.6.5 security update on RHEL 8
Important: Red Hat Single Sign-On 7.6.5 security update on RHEL 8
Other sources
Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.This release of Red Hat Single Sign-On 7.6.5 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.6.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.Security Fix(es): undertow: OutOfMemoryError due to @MultipartConfig handling (CVE-2023-3223) jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode (CVE-2021-46877) jettison: Uncontrolled Recursion in JSONArray (CVE-2023-1436) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
— Red Hat
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2023:4919?
The severity of RHSA-2023:4919 is high with a severity value of 7.
What is the affected software for RHSA-2023:4919?
The affected software for RHSA-2023:4919 is Red Hat Single Sign-On 7.6.5 on RHEL 8.
How do I fix RHSA-2023:4919?
To fix RHSA-2023:4919, update Red Hat Single Sign-On to version 18.0.9-1.redhat_00001.1.el8.
Where can I find more information about RHSA-2023:4919?
You can find more information about RHSA-2023:4919 in the Red Hat bugzilla links: https://bugzilla.redhat.com/show_bug.cgi?id=2182788, https://bugzilla.redhat.com/show_bug.cgi?id=2185707, https://bugzilla.redhat.com/show_bug.cgi?id=2209689