Security Bulletin: A security vulnerability has been identified in openssl shipped with PowerAI Vision

Summary Multiple Vulnerabilities CVE-2019-1547, CVE-2019-1549 and CVE-2019-1563 in openssl package Vulnerability Details CVEID: CVE-2019-1547 DESCRIPTION: Normally in OpenSSL, EC groups always have a cofactor that is used in side channel resistant code paths. However, it is possible to construct ...

Security Bulletin: A security vulnerability has been identified in nginx shipped with PowerAI Vision

Summary Multiple vulnerabilities CVE-2019-9516, CVE-2019-9515, CVE-2019-9517, CVE-2019-9518, CVE-2019-9511, CVE-2019-9513 in nginx Vulnerability Details CVEID: CVE-2019-9516 DESCRIPTION: Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The...

Security Bulletin: A security vulnerability has been identified in Kubernetes shipped with PowerAI Vision

Summary Multiple vulnerabilities CVE-2019-11251, CVE-2019-11253 in Kubernetes package. Vulnerability Details CVEID: CVE-2019-11251 DESCRIPTION: Kubernetes could allow a remote attacker to gain unauthorized access to the system, caused by an error in kubectl cp that allows a combination of two...

Security Bulletin: A security vulnerability has been identified in SQLite shipped with PowerAI Vision

Summary Vulnerability CVE-2019-8457 in SQLite package. Vulnerability Details CVEID: CVE-2019-8457 DESCRIPTION: SQLite3 version 3.6.0 - 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode function when handling invalid rtree tables. CVSS Base score: 5.3 CVSS Temporal Score: See:...

Security Bulletin: A security vulnerability has been identified in nginx shipped with PowerAI Vision

Summary Vulnerability CVE-2019-9512, CVE-2019-9514 in nginx Vulnerability Details CVEID: CVE-2019-9512 DESCRIPTION: Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to buil...

Security Bulletin: A security vulnerability has been identified in Kubernetes shipped with PowerAI Vision

Summary Multiple vulnerabilities CVE-2019-11249, CVE-2019-11247 found in Kubernetes package. Vulnerability Details CVEID: CVE-2019-11249 DESCRIPTION: The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the...

Security Bulletin: A security vulnerability has been identified in Kubernetes shipped with PowerAI Vision

Summary Vulnerability CVE-2019-11246 in Kubernetes package. Vulnerability Details CVEID: CVE-2019-11246 DESCRIPTION: The kubectl cp command allows copying files between containers and the user's machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar...