{"id":"RHSA-2024:3267","summary":"Red Hat Security Advisory: idm:DL1 and idm:client security update","modified":"2026-03-18T11:36:04.154398Z","published":"2024-10-10T15:03:27Z","upstream":["CVE-2023-6681","CVE-2024-28102"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2024:3267"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#moderate"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2260843"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2268758"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/RHEL-28842"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/RHEL-29908"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_3267.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-6681"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2023-6681"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-6681"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-28102"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2024-28102"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-28102"},{"type":"ARTICLE","url":"https://github.com/latchset/jwcrypto/commit/90477a3b6e73da69740e00b8161f53fea19b831f"},{"type":"ARTICLE","url":"https://github.com/latchset/jwcrypto/security/advisories/GHSA-j857-7rvv-vj97"}],"affected":[{"package":{"name":"bind-dyndb-ldap","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/bind-dyndb-ldap"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:11.6-5.module+el8.10.0+21691+df63127d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"bind-dyndb-ldap-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/bind-dyndb-ldap-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:11.6-5.module+el8.10.0+21691+df63127d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"bind-dyndb-ldap-debugsource","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/bind-dyndb-ldap-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:11.6-5.module+el8.10.0+21691+df63127d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"custodia","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/custodia"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.6.0-3.module+el8.9.0+18911+94941f82"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"ipa","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/ipa"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.13-9.module+el8.10.0+21692+c9b201bc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"ipa-client","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/ipa-client"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.13-9.module+el8.10.0+21692+c9b201bc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"ipa-client-common","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/ipa-client-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.13-9.module+el8.10.0+21692+c9b201bc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"ipa-client-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/ipa-client-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.13-9.module+el8.10.0+21692+c9b201bc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"ipa-client-epn","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/ipa-client-epn"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.13-9.module+el8.10.0+21692+c9b201bc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"ipa-client-samba","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/ipa-client-samba"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.13-9.module+el8.10.0+21692+c9b201bc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"ipa-common","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/ipa-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.13-9.module+el8.10.0+21692+c9b201bc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"ipa-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/ipa-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.13-9.module+el8.10.0+21692+c9b201bc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"ipa-debugsource","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/ipa-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.13-9.module+el8.10.0+21692+c9b201bc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"ipa-healthcheck","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/ipa-healthcheck"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.12-3.module+el8.9.0+19692+fac39a03"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"ipa-healthcheck-core","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/ipa-healthcheck-core"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.12-3.module+el8.9.0+19692+fac39a03"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"ipa-python-compat","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/ipa-python-compat"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.13-9.module+el8.10.0+21692+c9b201bc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"ipa-selinux","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/ipa-selinux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.13-9.module+el8.10.0+21692+c9b201bc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"ipa-server","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/ipa-server"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.13-9.module+el8.10.0+21691+df63127d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"ipa-server-common","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/ipa-server-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.13-9.module+el8.10.0+21691+df63127d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"ipa-server-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/ipa-server-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.13-9.module+el8.10.0+21691+df63127d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"ipa-server-dns","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/ipa-server-dns"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.13-9.module+el8.10.0+21691+df63127d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"ipa-server-trust-ad","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/ipa-server-trust-ad"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.13-9.module+el8.10.0+21691+df63127d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"ipa-server-trust-ad-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/ipa-server-trust-ad-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.13-9.module+el8.10.0+21691+df63127d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"opendnssec","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/opendnssec"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.1.7-1.module+el8.9.0+18911+94941f82"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"opendnssec-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/opendnssec-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.1.7-1.module+el8.9.0+18911+94941f82"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"opendnssec-debugsource","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/opendnssec-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.1.7-1.module+el8.9.0+18911+94941f82"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"python-jwcrypto","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python-jwcrypto"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.5.0-2.module+el8.10.0+21692+c9b201bc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"python-kdcproxy","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python-kdcproxy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.4-5.module+el8.9.0+18911+94941f82"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"python-qrcode","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python-qrcode"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.1-12.module+el8.9.0+18920+2223d05e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"python-yubico","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python-yubico"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.3.2-9.1.module+el8.9.0+18920+2223d05e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"python3-custodia","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python3-custodia"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.6.0-3.module+el8.9.0+18911+94941f82"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"python3-ipaclient","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python3-ipaclient"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.13-9.module+el8.10.0+21692+c9b201bc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"python3-ipalib","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python3-ipalib"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.13-9.module+el8.10.0+21692+c9b201bc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"python3-ipaserver","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python3-ipaserver"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.13-9.module+el8.10.0+21691+df63127d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"python3-ipatests","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python3-ipatests"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.13-9.module+el8.10.0+21691+df63127d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"python3-jwcrypto","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python3-jwcrypto"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.5.0-2.module+el8.10.0+21692+c9b201bc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"python3-kdcproxy","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python3-kdcproxy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.4-5.module+el8.9.0+18911+94941f82"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"python3-pyusb","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python3-pyusb"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.0-9.1.module+el8.9.0+18920+2223d05e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"python3-qrcode","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python3-qrcode"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.1-12.module+el8.9.0+18920+2223d05e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"python3-qrcode-core","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python3-qrcode-core"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.1-12.module+el8.9.0+18920+2223d05e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"python3-yubico","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python3-yubico"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.3.2-9.1.module+el8.9.0+18920+2223d05e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"pyusb","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/pyusb"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.0-9.1.module+el8.9.0+18920+2223d05e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"slapi-nis","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/slapi-nis"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.60.0-4.module+el8.10.0+20723+03062ebd"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"slapi-nis-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/slapi-nis-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.60.0-4.module+el8.10.0+20723+03062ebd"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"slapi-nis-debugsource","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/slapi-nis-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.60.0-4.module+el8.10.0+20723+03062ebd"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"softhsm","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/softhsm"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.6.0-5.module+el8.9.0+18911+94941f82"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"softhsm-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/softhsm-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.6.0-5.module+el8.9.0+18911+94941f82"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"softhsm-debugsource","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/softhsm-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.6.0-5.module+el8.9.0+18911+94941f82"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}},{"package":{"name":"softhsm-devel","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/softhsm-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.6.0-5.module+el8.9.0+18911+94941f82"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:3267.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"}]}