Security Bulletin: IBM Operational Decision Manager for December 2023 - Multiple CVEs addressed

Summary IBM Operational Decision Manager is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-37920...

Security Bulletin: AIX is affected by multiple vulnerabilities due to Python (CVE-2023-43804, CVE-2023-37920)

Summary Vulnerabilities in Python could allow a remote authenticated attacker to obtain sensitive information CVE-2023-43804. AIX's Python packaging also includes Certifi, which is vulnerable to CVE-2023-37920. Python is used by AIX as part of Ansible node management automation. Vulnerability...

Oracle Linux 9 : fence-agents (ELSA-2023-7753)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7753 advisory. - python-certifi: Removal of e-Tugra root certificate CVE-2023-37920 Tenable has extracted the preceding description block directly from the Oracle Lin...

fence-agents security update

4.10.0-55.2 - python-certifi: Removal of e-Tugra root certificate CVE-2023-37920 - python-urllib3: Cookie request header isn't stripped during cross-origin redirects CVE-2023-43804...

AlmaLinux 9 : fence-agents (ALSA-2023:7753)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:7753 advisory. - Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts...

Moderate: Red Hat Security Advisory: fence-agents security update

An update for fence-agents is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

python-certifi: Removal of e-Tugra root certificate

A flaw was found in the python-certifi package. This issue occurs when the e-Tugra root certificate in Certifi is removed, resulting in an unspecified error that has an unknown impact and attack vector...

ALSA-2023:7753 Moderate: fence-agents security update

The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fixes: python-certifi: Removal of e-Tugra root certificate CVE-2023-37920...

RHEL 9 : fence-agents (RHSA-2023:7753)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7753 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or...

Security Bulletin: IBM Cinder plug-in is affected by a vulnerability in the Python certifi-2022.12.7 package [CVE-2023-37920]

Summary The Python certifi package, which is collection of root certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts, is used by IBM Cinder plug-in. certifi package is impacted by vulnerability CVE-2023-37920. Vulnerability Details...

python-certifi: Removal of e-Tugra root certificate

A flaw was found in the python-certifi package. This issue occurs when the e-Tugra root certificate in Certifi is removed, resulting in an unspecified error that has an unknown impact and attack vector...

Moderate: Red Hat Security Advisory: fence-agents security update

An update for fence-agents is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

python-certifi: Removal of e-Tugra root certificate

A flaw was found in the python-certifi package. This issue occurs when the e-Tugra root certificate in Certifi is removed, resulting in an unspecified error that has an unknown impact and attack vector...

RHEL 8 : fence-agents (RHSA-2023:7523)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7523 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or...

python-certifi: Removal of e-Tugra root certificate

A flaw was found in the python-certifi package. This issue occurs when the e-Tugra root certificate in Certifi is removed, resulting in an unspecified error that has an unknown impact and attack vector...

python-certifi: Removal of e-Tugra root certificate

A flaw was found in the python-certifi package. This issue occurs when the e-Tugra root certificate in Certifi is removed, resulting in an unspecified error that has an unknown impact and attack vector...

Moderate: Red Hat Security Advisory: fence-agents security update

An update for fence-agents is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

python-certifi: Removal of e-Tugra root certificate

A flaw was found in the python-certifi package. This issue occurs when the e-Tugra root certificate in Certifi is removed, resulting in an unspecified error that has an unknown impact and attack vector...

python-certifi: Removal of e-Tugra root certificate

A flaw was found in the python-certifi package. This issue occurs when the e-Tugra root certificate in Certifi is removed, resulting in an unspecified error that has an unknown impact and attack vector...

Moderate: Red Hat Security Advisory: fence-agents security update

An update for fence-agents is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...