4 matches found
Security Bulletin: IBM Storage Protect Server is susceptible to a vulnerability due to Golang glog library
Summary Golang glog library is used by the IBM Storage Protect Server OSSM component. Golang glog is vulnerable to improper handling of log file existence, This bulletin identifies the steps to address the vulnerabilities. CVE-2024-45339. Vulnerability Details CVEID:CVE-2024-45339 DESCRIPTION: Wh...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.17.38 bug fix and security update
Red Hat OpenShift Container Platform release 4.17.38 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.19.9 security and extras update
Red Hat OpenShift Container Platform release 4.19.9 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.19. Red Hat Product Security has rated this update as having a security impact of...
AZL-56402 CVE-2024-45339 affecting package glog for versions less than 0.3.5-16
When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...