[SECURITY] Fedora 31 Update: slurm-19.05.7-1.fc31

Slurm is an open source, fault-tolerant, and highly scalable cluster management and job scheduling system for Linux clusters. Components include machine status, partition management, job management, scheduling and accounting modules...

SchedMD Slurm Authentication Bypass Vulnerability

SchedMD Slurm is SchedMD's open source and highly scalable cluster management and job scheduling system for large and small Linux clusters. A security vulnerability exists in SchedMD Slurm versions 19.05.x prior to 19.05.7 and 20.02.x prior to 20.02.3. An attacker can exploit the vulnerability to...

Update Rollup 3 for System Center 2012 R2 Data Protection Manager

Update Rollup 3 for System Center 2012 R2 Data Protection Manager Introduction This article describes new features and issues that are fixed in Update Rollup 3 for Microsoft System Center 2012 R2 Data Protection Manager DPM. Additionally, this article contains the installation instructions for...

Insecure Default Password

github.com/argoproj/argo uses insecure default password. It sets argocd-server pod name as the default admin password, allowing a user with access the clusters or logs to manipulate the issue with privileged roles...

Product release: Virtuozzo Infrastructure Platform 3.5 Update 2 (3.5.2-34)

This update provides new features as well as bug fixes and improvements. Vulnerability id: VSTOR-31884, VSTOR-31885 Update from version 3.5.0 to 3.5.1 may get stuck in the "Updating" status. Vulnerability id: VSTOR-31860 The root partition on Kubernetes master nodes is not resized to the specifie...

Information Disclosure

github.com/hashicorp/vault is vulnerable to information disclosure. After mount filter creation on an upstream Performance secondary cluster, the Disaster Recovery secondary clusters do not remove the replicated secrets and remain replicated on it...

[SECURITY] Fedora 31 Update: slurm-19.05.5-1.fc31

Slurm is an open source, fault-tolerant, and highly scalable cluster management and job scheduling system for Linux clusters. Components include machine status, partition management, job management, scheduling and accounting modules...

[SECURITY] Fedora 30 Update: slurm-19.05.5-1.fc30

Slurm is an open source, fault-tolerant, and highly scalable cluster management and job scheduling system for Linux clusters. Components include machine status, partition management, job management, scheduling and accounting modules...

Fedora Update for slurm FEDORA-2019-a93d9cbe53

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security Bulletin: IBM API Connect is impacted by a vulnerability in Kubernetes(CVE-2019-11253)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-11253 DESCRIPTION: Improper input validation in the Kubernetes API server in versions v1.0-1.12 and versions prior to v1.13.12, v1.14.8, v1.15.5, and v1.16.2 allows authorized users to send...

F5 Networks BIG-IP : TMM vulnerability (K95117754)

Under certain conditions, a multi-bladed BIG-IP Virtual Clustered Multiprocessing vCMP may drop broadcast packets when they are rebroadcast to the vCMP guest secondary blades. An attacker can leverage the fragmented broadcast IP packets to perform any type of fragmentation-based attack...

How We Streamlined Infrastructure and Tooling as a Service for Development

At VMware Carbon Black, we’ve historically acquired a broad technology stack in our journey to build the premier security solution that understands cybercriminal behavior. Inheriting such a variety of tooling and storage solutions presented a challenge for us operationally. So, in order to reduce...

Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by Kubernetes API server security vulnerability (CVE-2019-11253)

Summary Red Hat OpenShift on IBM Cloud is affected by a security vulnerability in the Kubernetes API server that exposes it to a denial of service attack via malicious YAML or JSON payloads CVE-2019-11253. Vulnerability Details CVE-ID: CVE-2019-11253 Description: The Kubernetes API server is...

Moderate: Red Hat Security Advisory: heketi security, bug fix, and enhancement update

Updated heketi packages that fix one security issue, multiple bugs, and adds various enhancements is now available for OpenShift Container Storage 3.11 Batch 4 Update. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVS...

Security Bulletin: IBM Cloud Kubernetes Service is affected by a Kubernetes API server security vulnerability (CVE-2019-11253)

Summary IBM Cloud Kubernetes Service is affected by a security vulnerability in the Kubernetes API server that exposes it to a denial of service attack via malicious YAML or JSON payloads CVE-2019-11253 Vulnerability Details CVE-ID: CVE-2019-11253 Description: The Kubernetes API server is...

Security Bulletin: IBM Cloud Kubernetes Service is affected by a Python security vulnerability (CVE-2019-10160)

Summary IBM Cloud Kubernetes Service is vulnerable to CVE-2019-10160 Python security vulnerability which could allow a remote attacker to obtain sensitive information, caused by improper unicode encoding handling. Vulnerability Details CVE-ID: CVE-2019-10160 Description: Python...

CVE-2019-13209

Rancher 2 through 2.2.4 is vulnerable to a Cross-Site Websocket Hijacking attack that allows an exploiter to gain access to clusters managed by Rancher. The attack requires a victim to be logged into a Rancher server, and then to access a third-party site hosted by the exploiter. Once that is...

CVE-2019-13209

Rancher 2 through 2.2.4 is vulnerable to a Cross-Site Websocket Hijacking attack that allows an exploiter to gain access to clusters managed by Rancher. The attack requires a victim to be logged into a Rancher server, and then to access a third-party site hosted by the exploiter. Once that is...

Cross site scripting

Rancher 2 through 2.2.4 is vulnerable to a Cross-Site Websocket Hijacking attack that allows an exploiter to gain access to clusters managed by Rancher. The attack requires a victim to be logged into a Rancher server, and then to access a third-party site hosted by the exploiter. Once that is...

Security Bulletin: IBM Cloud Kubernetes Service is affected by Kubernetes security vulnerabilities (CVE-2019-9512, CVE-2019-9514)

Summary IBM Cloud Kubernetes Service is affected by security vulnerabilities in the net/http library of the Go language that affects all Kubernetes components. These vulnerabilities can result in a denial-of-service attack against a process with an HTTP or HTTPS listener CVE-2019-9512 and...