RHCOS 3 : kubernetes (RHSA-2016:0351)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:0351 advisory. - server: patch operation should use patched object to check admission control CVE-2016-1905 - server: build config to a strategy th...

RHCOS 3 : Red Hat OpenShift Enterprise 3.2 (RHSA-2016:1853)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:1853 advisory. - libarchive: Archive Entry with type 1 hardlink, but has a non-zero data size file overwrite CVE-2016-5418 Note that Nessus has not tested f...

RHCOS 3 : openvswitch (RHSA-2016:0615)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:0615 advisory. - openvswitch: MPLS buffer overflow vulnerability CVE-2016-2074 Note that Nessus has not tested for this issue but has instead relied only on...

RHCOS 3 : atomic-openshift (RHSA-2016:2696)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:2696 advisory. - 3: Router sometimes selects new routes over old routes when determining claimed hostnames CVE-2016-8631 Note that Nessus has not tested for...

RHCOS 2 : Red Hat OpenShift Enterprise 2.2.9 (RHSA-2016:0489)

The remote Red Hat Enterprise Linux CoreOS 2 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:0489 advisory. - ObjectMessage: unsafe deserialization CVE-2015-5254 - jenkins: Project name disclosure via fingerprints SECURITY-153 CVE-2015-5317...

RHEL 7 : openstack-cinder, openstack-glance, and openstack-nova update (Moderate) (RHSA-2016:2991)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:2991 advisory. OpenStack Compute nova launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute...

RHEL 7 : qemu-kvm-rhev (RHSA-2016:1000)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:1000 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the...

SUSE CVE-2016-9597

It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service attack due to a Stack Overflow. This is a regression CVE for the same issue as CVE-2016-3705...

Remote Code Execution (RCE)

squid is vulnerable to remote code execution. It was found that the fix for CVE-2016-4051 released via RHSA-2016:1138 did not properly prevent the stack overflow in the mungeotherline function. A remote attacker could send specially crafted data to the Squid proxy, which would exploit the cachemg...

RHEL 7 : atomic-openshift (RHSA-2016:2915)

An update for atomic-openshift is now available for Red Hat OpenShift Container Platform 3.1, 3.2, and 3.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 7 : atomic-openshift (RHSA-2016:2696)

An update for atomic-openshift is now available for Red Hat OpenShift Container Platform 3.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

CVE-2016-9597

It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service attack due to a Stack Overflow. This is a regression CVE for the same issue as CVE-2016-3705...

CVE-2016-9597

CVE-2016-9597 is a regression for CVE-2016-3705 where Red Hat/JBoss RHSA-2016:2957 did not include the fix for libxml2, leaving a denial-of-service risk via a stack overflow. The connected records confirm libxml2 as the affected library and document multiple publisher advisories (RHSA-2016:1292, ...

Important: Red Hat Security Advisory: Red Hat Satellite 6 security, bug fix, and enhancement update

An update is now available for Red Hat Satellite 6.2 for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

Virtuozzo Linux Errata and Security Advisory 2016:2872 Moderate

Upstream security update. Follow RHSA-2016-2872 for details...

Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2017-835)

An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges. CVE-2017-3511 It was found that the JAXP component of...

CentOS 6 : java-1.8.0-openjdk (CESA-2017:1109)

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RedHat Update for thunderbird RHSA-2016:2973-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RedHat Update for vim RHSA-2016:2972-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 5 : xen (RHSA-2016:2963)

An update for xen is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...