Moderate: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.7 for OpenShift image security update

A new image is available for Red Hat Single Sign-On 7.6.7, running on OpenShift Container Platform 3.10 and 3.11, and 4.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

edk2 security update

20220126gitbb1bba3d77-6.el89.3 - edk2-Bumped-openssl-submodule-version-to-cf317b2bb227.patch RHEL-7560 - Resolves: RHEL-7560 CVE-2023-3446 edk2: openssl: Excessive time spent checking DH keys and parameters rhel-8...

glibc security update

2.28-225.0.4.6 - CVE-2023-4527: Stack read overflow in getaddrinfo in no-aaa mode. - CVE-2023-4806: potential use-after-free in getaddrinfo. - CVE-2023-4813: potential use-after-free in gaihinet RHEL-2435. - CVE-2023-4813: work around RHEL-8 limitation in test RHEL-2435. Reviewed by: Jose E...

CVE-2023-48795

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

openssl security update

1:1.1.1k-12 - Backport implicit rejection mechanism for RSA PKCS1 v1.5 to RHEL-8 series a proper fix for CVE-2020-25659 Resolves: RHEL-17696 1:1.1.1k-11 - Fix CVE-2023-5678: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow Resolve...

grafana security and enhancement update

9.2.10-7 - resolve RHEL-12649 - resolve CVE-2023-39325 CVE-2023-44487 rapid stream resets can cause excessive work - testing is turned off due to test failures caused by testing date mismatch 9.2.10-6 - Add /usr/share/grafana to systemd-sysusers --replace 9.2.10-5 - resolve CVE-2023-3128 grafana:...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as...

RLSA-2023:4176 Moderate: java-1.8.0-openjdk security and bug fix update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: improper handling of slash characters in URI-to-path conversion 8305312 CVE-2023-22049 OpenJDK: array indexing integer overflow issue 8304468...

Moderate: Red Hat Security Advisory: openvswitch2.15 security update

An update for openvswitch2.15 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Moderate: Red Hat Security Advisory: openvswitch2.13 security update

An update for openvswitch2.13 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Moderate: Red Hat Security Advisory: openvswitch2.17 security update

An update for openvswitch2.17 is now available in Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: OpenShift Virtualization 4.12.0 Images security update

Red Hat OpenShift Virtualization release 4.12 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which give...

Moderate: Red Hat Security Advisory: nodejs:16 security, bug fix, and enhancement update

An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: updated rh-sso-7/sso76-openshift-rhel8 container and operator related images

Updated rh-sso-7/sso76-openshift-rhel8 container image and rh-sso-7/sso7-rhel8-operator-bundle image is now available for RHEL-8 based Middleware Containers. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base...

mod_auth_mellon security update

0.14.0-12.1 - Resolves: rhbz1986805 - CVE-2021-3639 modauthmellon: Open Redirect vulnerability in logout URLs rhel-8...

pki-core:10.6 security and bug fix update

jss 4.9.3-1 - Rebase to JSS 4.9.3 - Bug 2046022 - CVE-2021-4213 pki-core:10.6/jss: memory leak in TLS connection leads to OOM rhel-8 4.9.2-1 - Rebase to JSS 4.9.2 ldapjdk 4.23.0-1 - Rebase to LDAP SDK 4.23.0 4.23.0-0.1 - Rebase to LDAP SDK 4.23.0-alpha1 pki-core 10.12.0-2.0.1 - Remove upstream...

c-ares security update

1.13.0-6 - Resolves: rhbz1989425 - CVE-2021-3672 c-ares: missing input validation of host names may lead to Domain Hijacking rhel-8...

Important: Red Hat Security Advisory: Cryostat security update

Updated RHEL-8 based Cryostat container images are now available Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Moderate: Red Hat Security Advisory: Cryostat security update

Updated RHEL-8 based Cryostat container images are now available Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Moderate: Red Hat Security Advisory: OpenShift Virtualization 2.6.0 security and bug fix update

An update is now available for RHEL-8-CNV-2.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...