Red Hat Security Advisory 2021-2438-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include bypass, code execution, denial of service, open redirection, resource exhaustion, and remote shell upload vulnerabilities.
44f1588b77c38919a903c4dffe0b5b58cf96f91a447694471f228851a5f89f6d
Red Hat Security Advisory 2021-0308-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.6.16. Issues addressed include memory leak and privilege escalation vulnerabilities.
dca033969dbad57e5b0b2d3a6a1dad57f3f1a39cd52810fbcbaa5225da1fd411
Red Hat Security Advisory 2020-3842-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
56a30f99d0a7116668054648ca24d0b115dc937c74d74c4219d5d7d58fb5e3be
Red Hat Security Advisory 2020-0451-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. A TLS/SSL Birthday attack vulnerability from 2016 was addressed.
291865ffa3d8906d6d382894ce0bccbded17d9c8121ae91b54e3bd1b6d94ac4e
Red Hat Security Advisory 2019-2859-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a man-in-the-middle vulnerability.
40451a3e91f8c375ed9756916a89ddfa51c0db004cc015909e67489a6c9aad88
Red Hat Security Advisory 2019-1245-01 - An update is now available for Red Hat Quay 3. Issues addressed include a man-in-the-middle vulnerability.
6a3ad047041bafc7aec7a00f709ef5bb136a7c52c4e176c7c02217045a47b31a
Micro Focus Security Bulletin MFSBGN03831 - A potential vulnerability has been identified in Micro Focus Service Management Automation. The vulnerability could be exploited to remote disclosure of information. Revision 1 of this advisory.
4e5c1669c7d98b3695c06dd31de33d789391c943aeeaaa94fcea01960f28bb0c
Red Hat Security Advisory 2018-2123-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a man-in-the-middle vulnerability.
7ad86fc17a31d32e3179b469bb0ec5013bd778f541951c2833227c01ebf828cc
Micro Focus Security Bulletin MFSBGN03805 1 - A potential security vulnerability has been identified in Service Manager. This vulnerability may allow an exploit against a long-duration encrypted session known as the Sweet32 attack, and which may be exploited remotely. Revision 1 of this advisory.
41ec0d7db7666fd59ab21f30c1de4c0a04bd291007704f5d42e7fca89ca44d2d
Red Hat Security Advisory 2017-3240-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release provides an update to httpd and OpenSSL. The updates are documented in the Release Notes document linked to in the References. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.
9ece2803c2591e72b00995bee6a9207f1fc1a788275558bc426859472b8646ba
Red Hat Security Advisory 2017-3239-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release provides an update to httpd and OpenSSL. The updates are documented in the Release Notes document linked to in the References. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.
8c237943c4ac9a76f526c8ffc99d75cff7c3ccc83117866ca934cb993d17f871
Red Hat Security Advisory 2017-3113-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. This release provides an update to httpd, OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2.1.2. The updates are documented in the Release Notes document linked to in the References.
e80b0fcbb38aa711afd94164c46a4d66836309940cad5bd3b018175cafbed643
Red Hat Security Advisory 2017-3114-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. This release provides an update to httpd, OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2. The updates are documented in the Release Notes document linked to in the References.
8f2eec1450923a924fac99bd469b6cfb955af68e4eb0c7360e7582feb701dd46
Red Hat Security Advisory 2017-2709-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 2 serves as an update for Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.
2ac64c19d1282e8e4757edfb228e6d060ab5b7c725aa50c650b9389e6a8d12de
Red Hat Security Advisory 2017-2710-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 2 serves as an update for Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.
f2fe37f0306236a787af5128425d4e437d5540a95b02a9f907fb8336199a0a34
Red Hat Security Advisory 2017-2708-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 2 serves as an update for Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.
66e84ee5fd498fe4ddec7d8e290d18e7f6622bf5cca3405b49e82ae2ead7feae
HPE Security Bulletin HPESBGN03765 2 - A security vulnerability in the DES/3DES block ciphers used in the TLS protocol could potentially impact HPE LoadRunner and HPE Performance Center resulting in remote disclosure of information. This is also known as the SWEET32 attack. Revision 2 of this advisory.
948d29ad7d087b66e32a4c02373d48f779582beea0bda6a1bd420ce52660e466
Ubuntu Security Notice 3372-1 - It was discovered that NSS incorrectly handled certain empty SSLv2 messages. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service. Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update causes NSS to limit use of the same symmetric key. Various other issues were also addressed.
e388acc86dcf59e73c62e313ac038fabb06265810beaf16fd3db321a90afdfb4
Gentoo Linux Security Advisory 201707-1 - Multiple vulnerabilities have been found in IcedTea, the worst of which may allow execution of arbitrary code. Versions less than 3.4.0 are affected.
0623e4d3abca09377537db725ce4ff922ab591a92df4341620aa94a4e2072b3c
IBM Informix Dynamic Server suffers from dll injection, PHP code injection, and heap buffer overflow vulnerabilities.
ac5d0ef0f10cad9d7b9a1524abc605c6815ee7dc5254833cf12c5cdbb411f95b
Red Hat Security Advisory 2017-1216-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP1. Security Fix: This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
84dd0e9308948c7a415adab659e14d620e0b251a8ae7e925fb16b9d7d3d57359
Ubuntu Security Notice 3270-1 - Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update causes NSS to limit use of the same symmetric key. It was discovered that NSS incorrectly handled Base64 decoding. A remote attacker could use this flaw to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
44be071f187a0942450fff54f9c82abbf62b4771273b8f124a15a42e6b7d3d03
HPE Security Bulletin HPESBUX03725 1 - Potential security vulnerabilities have been identified with HP-UX Web Server Suite running Apache on HP-UX 11iv3. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS), Unauthorized Read Access to Data and other impacts including: * Padding Oracle attack in Apache mod_session_crypto * Apache HTTP Request Parsing Whitespace Defects. Revision 1 of this advisory.
5df1b537a3a2899886f0263d940c4193b758bfc583dd96021c5e940a90f029a8
Red Hat Security Advisory 2017-0462-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR4-FP1. Security Fix: This update fixes a vulnerability in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
a9ede31c21d3d69ec42ea4b1dfcf623badf9ec565e1a5678bbc35646c568d82a
Red Hat Security Advisory 2017-0337-01 - IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7 SR10-FP1. Security Fix: This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
80816e5e06d1db1e4705f1cf3b21b2fa3078e663cae98366b11473550ceaafb6