Ubuntu Security Notice 7060-1 - It was discovered that EDK II did not check the buffer length in XHCI, which could lead to a stack overflow. A local attacker could potentially use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Laszlo Ersek discovered that EDK II incorrectly handled recursion. A remote attacker could possibly use this issue to cause EDK II to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
4da85379bce0bd996f69858bb941555e77ae2c4f4a4eeb00ea9f355b115bb3edUbuntu Security Notice 7018-1 - Robert Merget, Marcus Brinkmann, Nimrod Aviram, and Juraj Somorovsky discovered that certain Diffie-Hellman ciphersuites in the TLS specification and implemented by OpenSSL contained a flaw. A remote attacker could possibly use this issue to eavesdrop on encrypted communications. This was fixed in this update by removing the insecure ciphersuites from OpenSSL. Paul Kehrer discovered that OpenSSL incorrectly handled certain input lengths in EVP functions. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service.
587acc1f444243f9ef3c25e4d1de8aecbfcae8208b00502e26bf42e93ab7624cUbuntu Security Notice 6457-1 - Tavis Ormandy discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. Elison Niven discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code.
cfa0613c1b1aa4b7c7b951a0118420adfd35eec31549e3b6fef5812395731cf2Red Hat Security Advisory 2023-5982-01 - An update for foreman_ygg_worker, puppet-agent, qpid-proton, and yggdrasil is now available for Satellite Client 6 for RHEL 6, Satellite Client 6 for RHEL 7, Satellite Client 6 for RHEL 8, and Satellite Client 6 for RHEL 9. Issues addressed include code execution and denial of service vulnerabilities.
59f5f75c5f027ac4a3b1108f1e6b7d4c247d5f560ca39db930a3346693817543Red Hat Security Advisory 2023-5980-01 - Updated Satellite 6.11 packages that fix several bugs are now available for Red Hat Satellite. Issues addressed include code execution and denial of service vulnerabilities.
ac4cc3b416268007867f897890eb40a34f7c25e483817810ed2ab7b3a5fad653Red Hat Security Advisory 2023-5979-01 - Updated Satellite 6.12 packages that fixes important security bugs and several regular bugs are now available for Red Hat Satellite. Issues addressed include a code execution vulnerability.
04437e5d04f9755060bb1e602a03cb63b00a4f1f1dee9685fe4b6ae2b1be63eaRed Hat Security Advisory 2023-5931-01 - Updated Satellite 6.13 packages that fixes Important security bugs and several regular bugs are now available for Red Hat Satellite. Issues addressed include code execution and denial of service vulnerabilities.
92f4ba8a374ccf4b8c54f463befe80a48c5c8417db88d5c1ad07c56aeb1db74bRed Hat Security Advisory 2023-0408-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. Issues addressed include denial of service and out of bounds read vulnerabilities.
a788fdd2f39eb6291b7f48a9b6b53ac1c6cbe483a246d32258dd131e3bb8e8d1Red Hat Security Advisory 2022-8917-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.7.1 serves as a replacement for Red Hat JBoss Web Server 5.7.0. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a code execution vulnerability.
e2ebdbaf4c79d3de91c8c304faa329eba295ed6a073effe53a962cd2f1ed5044Red Hat Security Advisory 2022-8913-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.7.1 serves as a replacement for Red Hat JBoss Web Server 5.7.0. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a code execution vulnerability.
3e504f38beac3d1906cd48f6f34212f6eeba7ec47f89bcdde4c10f1dd05640deRed Hat Security Advisory 2022-8840-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 1 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.51, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include buffer overflow, bypass, code execution, denial of service, double free, and out of bounds read vulnerabilities.
5b7994ef1ac893da1796d6f141c46df2497e2f625c087c27f1b69c902e826051Red Hat Security Advisory 2022-8841-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 1 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.51, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include buffer over-read, buffer overflow, bypass, code execution, denial of service, double free, integer overflow, out of bounds read, and use-after-free vulnerabilities.
222fd306b69d048e15681a3ca9c45ddbb178b2c60ccd178af9bd088b1604a60bRed Hat Security Advisory 2022-8750-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. Issues addressed include denial of service and out of bounds read vulnerabilities.
97a1315b0fbee0ce3f4d325b64ba96eef25047860270e8353a13efa3ba7cf84aRed Hat Security Advisory 2022-7058-01 - OpenShift sandboxed containers support for OpenShift Container Platform provides users with built-in support for running Kata containers as an additional, optional runtime. This advisory contains an update for OpenShift sandboxed containers with security fixes and a bug fix. Space precludes documenting all of the updates to OpenShift sandboxed containers in this advisory. Issues addressed include a null pointer vulnerability.
952618897141c2bcf07e60e877ff3c20659f892e7d4f3e17083ce9ccf958ffc0Red Hat Security Advisory 2022-7055-01 - An update is now available for Red Hat Openshift distributed tracing 2.6.0. Issues addressed include denial of service and traversal vulnerabilities.
5fff960e2fde02a4f151b249992ebb605527410d45341b4ecb9b0c5b43db1262Gentoo Linux Security Advisory 202210-2 - Multiple vulnerabilities have been discovered in OpenSSL, the worst of which could result in denial of service. Versions less than 1.1.1q are affected.
e8a24ea6bd3d06d9f7c4b981793ddc01bf27c0b5de50f88e95ea9d23d62c2456Red Hat Security Advisory 2022-6696-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.6 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. Issues addressed include crlf injection and denial of service vulnerabilities.
93b0f967c0fc17f3ba55a522337de68e746328883ab6a3bcc0a9d9569b072751Red Hat Security Advisory 2022-6714-01 - Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes new features and bug fixes.
69050ff141090bf4e5efd74a234911043d10d39b379930b9257258af6d9efab7Red Hat Security Advisory 2022-6517-01 - Red Hat OpenStack Platform 16.2 (Train) director operator containers, with several Important security fixes, are available for technology preview.
b046051be521435dc2d81989e337f0d1c09861509d836b3721653fc8eab9ffc5Red Hat Security Advisory 2022-6507-01 - Red Hat Advanced Cluster Management for Kubernetes 2.5.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include a denial of service vulnerability.
75e089711468232e4bcdf04ef4e769e7d5a865f427fde9d59fd2c9c9691dd6f8Red Hat Security Advisory 2022-6430-01 - OpenShift API for Data Protection enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes. Issues addressed include a denial of service vulnerability.
4f2de101a63895ce93b93d579c8522dbea6333fada1258ba314335efd601e058Red Hat Security Advisory 2022-6422-01 - Multicluster Engine for Kubernetes 2.0.2 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy. Issues addressed include a denial of service vulnerability.
f9f497cd32f3eec88a2d2917982db7ed736ec611fb5beef51d8ac5bf18b4848eRed Hat Security Advisory 2022-6182-01 - Openshift Logging Bug Fix Release. Issue addressed include a stack exhaustion vulnerability.
4099c4aee454dfe06715c49e580c20892cb9106441a44fb59f068ac2c01cd719Red Hat Security Advisory 2022-6370-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.0 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix security issues and several bugs. Issues addressed include a denial of service vulnerability.
777679cec736f94ae1f91650c8132afe0be4445086f9d7ed52509ab3707b3edcRed Hat Security Advisory 2022-6183-01 - Logging Subsystem 5.4.5 for Red Hat OpenShift has been released. Issue addressed include a stack exhaustion vulnerability.
deb14193a53634d9562af8ba160cd856b0498c98c238f89208e101f38e1c3aec
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed