Red Hat Security Advisory 2021-1079-01 - Red Hat Ansible Automation Platform Resource Operator container images with security fixes. Ansible Automation Platform manages Ansible Platform jobs and workflows that can interface with any infrastructure on a Red Hat OpenShift Container Platform cluster, or on a traditional infrastructure that is running off-cluster. Data exposure issues have been addressed.
a0673c02c767215a0535af311644e98d31b6956c4e2cc33033d2203fa50abe65Red Hat Security Advisory 2021-1129-01 - Red Hat 3scale API Management delivers centralized API management features through a distributed, cloud-hosted layer. It includes built-in features to help in building a more successful API program, including access control, rate limits, payment gateway integration, and developer experience tools. This advisory is intended to use with container images for Red Hat 3scale API Management 2.10.0.
080546fe1bfc5e278c82d7414e75a36e9df9b89d827f78304ae6390c7b762f52Red Hat Security Advisory 2021-1026-01 - The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. Issues addressed include out of bounds read and use-after-free vulnerabilities.
26f63d2cdbc84bb2bfe397e8ffa86a3e4300fe8fc748347e54fb023646b44451Red Hat Security Advisory 2021-0949-01 - Red Hat OpenShift Do is a simple CLI tool for developers to create, build, and deploy applications on OpenShift. The odo tool is completely client-based and requires no server within the OpenShift cluster for deployment. It detects changes to local code and deploys it to the cluster automatically, giving instant feedback to validate changes in real-time. It supports multiple programming languages and frameworks. Red Hat OpenShift Do openshift/odo-init-image 1.1.3 is a container image that is used as part of the InitContainer setup that provisions odo components.
0f1e14fcd33ae341ac5a449e63f1c5aaf2d67016bb8f8bf52669a3ae8351010dRed Hat Security Advisory 2021-0876-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. Issues addressed include denial of service, out of bounds read, and use-after-free vulnerabilities.
76a35b97a80a61dc05be6f0c32e22511196b5b91c7563e8b103860cc491dcc56Red Hat Security Advisory 2021-0778-01 - Red Hat Ansible Tower 3.6.7-1 has a security and bug fix update. Issues addressed include HTTP request smuggling, code execution, cross site scripting, and privilege escalation vulnerabilities.
b36485939bcc96f4f05a1b61fcc6c6e3aefa7b635d0f1eb06d546cdccf61da2aRed Hat Security Advisory 2021-0758-01 - The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. Issues addressed include out of bounds read and use-after-free vulnerabilities.
9688ffeab3cce2f1d11ad411d3d167f435089eddaa5bae544cc5dd61710b36a4Red Hat Security Advisory 2021-0538-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Issues addressed include an out of bounds read vulnerability.
c262e1576a15286836eb793cba072f9d4ea3eaeb3112849368fb9d53ccd32197Red Hat Security Advisory 2020-4255-01 - Updated python-psutil version to 5.6.6 inside ansible-runner container. Issues addressed include a double free vulnerability.
5fa2b0edd19c548995fa81b56ae17dd75bbbcf0b7a9fd43d5777ad177066c16aRed Hat Security Advisory 2020-4254-01 - Updated python-psutil version to 5.6.6 inside ansible-runner container. Issues addressed include a double free vulnerability.
95b6f149ed6564a7dba27bae8b6b98f52d801a1eb8ced363663ee391a124f69cRed Hat Security Advisory 2020-4201-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. Issues addressed include a denial of service vulnerability.
3d8b1c7224e8a2deee960b7668ead051da2664d66a79b155eb862d4b51810393Red Hat Security Advisory 2020-4076-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. Issues addressed include bypass, memory leak, out of bounds read, and use-after-free vulnerabilities.
0bda8653bef3bd9a2dd6185671fa4606731fac389e51ba99d05bf92ae5304ba4Ubuntu Security Notice 4476-1 - It was discovered that NSS incorrectly handled some inputs. An attacker could possibly use this issue to expose sensitive information.
0cb861156c6c38c6bee4357a5840c4d3a167d2d9e2279055d791e5de14791c64Ubuntu Security Notice 4474-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, trick the user in to installing a malicious extension, spoof the URL bar, leak sensitive information between origins, or execute arbitrary code. It was discovered that NSS incorrectly handled certain signatures. An attacker could possibly use this issue to expose sensitive information. Various other issues were also addressed.
9c3f9b8a995f19fc2e46e69b42485c8da02e85dd0a8cc8530e25b865bb07d168Gentoo Linux Security Advisory 202008-8 - NSS has multiple information disclosure vulnerabilities when handling secret key material. Versions less than 3.55 are affected.
c5799ff9c9ac4536d22fedf39e8b495ead17a0bbbfaa825deeeba10016f08a9bUbuntu Security Notice 4455-1 - It was discovered that NSS incorrectly handled certain signatures. An attacker could possibly use this issue to expose sensitive information.
cfae90bde1032d5ad8537ed17322b2899520135a02709ba32e911a05eb073962Red Hat Security Advisory 2020-3280-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities.
13e2531f1f23cbe845bd068d494f2e5cb9ba0b6581896805e8207a8798fe4de4Debian Linux Security Advisory 4726-1 - Several vulnerabilities were discovered in NSS, a set of cryptographic libraries, which may result in side channel/timing attacks or denial of service.
f2cc1d54b85eb308f1b29e2cefa9d4fd5c0cd92ee2f46d7dd967404b92f9ed34Gentoo Linux Security Advisory 202007-10 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. Versions less than 68.10.0 are affected.
4ce536bdb972fdf2b3ae93e96480f4ec88105eb035b203f851db2e0a8a5c399bUbuntu Security Notice 4421-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. It was discovered that Thunderbird would continue an unencrypted connection when configured to use STARTTLS for IMAP if the server responded with PREAUTH. A remote attacker could potentially exploit this to perform a person-in-the-middle attack in order to obtain sensitive information. Various other issues were also addressed.
e29ba156301d1adef5ee70accc941815f87182af2911cd015ba0d303ce8a38ffUbuntu Security Notice 4417-2 - USN-4417-1 fixed a vulnerability in NSS. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Cesar Pereida, Billy Bob Brumley, Yuval Yarom, and Nicola Tuveri discovered that NSS incorrectly handled RSA key generation. A local attacker could possibly use this issue to perform a timing attack and recover RSA keys. Various other issues were also addressed.
8cc46dfd734fdf34a52d97e8b2f176253a381484125d0877cf205886992e0c63Ubuntu Security Notice 4417-1 - Cesar Pereida, Billy Bob Brumley, Yuval Yarom, and Nicola Tuveri discovered that NSS incorrectly handled RSA key generation. A local attacker could possibly use this issue to perform a timing attack and recover RSA keys.
b07d3665f6e61dc3a025ddaae562a72a3dcc898d1de9424f2cdc5635f505f6b2Debian Linux Security Advisory 4695-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or a timing attack on cryptographic keys.
b695facb6dd8cc0b879476ce552b9c195948f4bc518c27cb5f63cf8e335ff6e1Debian Linux Security Advisory 4702-1 - Multiple security issues have been found in Thunderbird which could result in the setup of a non-encrypted IMAP connection, denial of service or potentially the execution of arbitrary code.
d513edf1d7468e2dab27753b936d34950fbe909c5cde81e5cccba7e63432acc9Red Hat Security Advisory 2020-2615-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.9.0. Issues addressed include information leakage and use-after-free vulnerabilities.
c922476117829460740b9b3aad6039736614ea3543beb85a8354c734d2d87d24
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed