Ubuntu Security Notice 6038-2 - USN-6038-1 fixed several vulnerabilities in Go 1.18. This update provides the corresponding updates for Go 1.13 and Go 1.16. CVE-2022-29526 and CVE-2022-30630 only affected Go 1.16. It was discovered that the Go net/http module incorrectly handled Transfer-Encoding headers in the HTTP/1 client. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack.
96428fafe2ad31ad48b8e46a45e50a86a01fb944d7fa801a9d326ac37683dc05Red Hat Security Advisory 2023-3642-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. This new container image is based on Red Hat Ceph Storage 6.1 and Red Hat Enterprise Linux 9. Issues addressed include bypass, cross site scripting, denial of service, information leakage, spoofing, and traversal vulnerabilities.
299c64208e7b0372bf38a7af4b78ae479c755f82d2b80c7932c562b81810811aRed Hat Security Advisory 2023-2802-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include denial of service and information leakage vulnerabilities.
e47c4f8b21275ef5c2cc58d0d337046d3976f3de650141265c4f04536b01624eRed Hat Security Advisory 2023-2758-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include a denial of service vulnerability.
d2e741f4926f71e10875fbefad5ecd7d9f531fe7fce7097fb834dc510678f357Ubuntu Security Notice 6038-1 - It was discovered that the Go net/http module incorrectly handled Transfer-Encoding headers in the HTTP/1 client. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. It was discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting into a denial of service.
d693c7af1fb087931225b61859ba4862bde511f2a7551346eb8eb6777bf0309dRed Hat Security Advisory 2023-1042-01 - Custom Metrics Autoscaler Operator for Red Hat OpenShift including security updates.
f399dcb2538382b0da653070530d24a988f6311382debb5d7ef4ab333944715bRed Hat Security Advisory 2023-0407-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.12.0 RPMs. Issues addressed include denial of service and out of bounds read vulnerabilities.
317fa3eb9235d943a4cc6374542abc73ed837646f1e28fee7e0ca8baeefb135fRed Hat Security Advisory 2022-8057-01 - Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Issues addressed include cross site request forgery, cross site scripting, denial of service, information leakage, and privilege escalation vulnerabilities.
3ee16e49a8baf9378c63381be5115444e228ecd6a3b4ae465fcf1331c83fb783Red Hat Security Advisory 2022-7529-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include denial of service and memory exhaustion vulnerabilities.
86d402cba3309d240b303fd054f614420e400a922614407e5d24ebed38d6c057Red Hat Security Advisory 2022-7519-01 - Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Issues addressed include cross site request forgery, cross site scripting, denial of service, information leakage, and privilege escalation vulnerabilities.
3e15d8d2daf7a09f7541e03f3086b2da3507f9323e80ae6e10ec506f6426e5c7Red Hat Security Advisory 2022-6370-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.0 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix security issues and several bugs. Issues addressed include a denial of service vulnerability.
777679cec736f94ae1f91650c8132afe0be4445086f9d7ed52509ab3707b3edcRed Hat Security Advisory 2022-6345-01 - Multicluster engine for Kubernetes 2.1 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy. Issues addressed include a denial of service vulnerability.
067e9a9058c8e804a43cdc37f32da13c181243e7f27bcb77c8e67261c1b42d57Red Hat Security Advisory 2022-6347-01 - VolSync is a Kubernetes operator that enables asynchronous replication of persistent volumes within a cluster, or across clusters. Version 0.5 has been released with security fixes and updates.
582fc8547a6932af0146216233e0ca731975cb105f43a3407fabeddebd4a872eRed Hat Security Advisory 2022-6348-01 - Gatekeeper is an open source project that applies the OPA Constraint Framework to enforce policies on your Kubernetes clusters. This advisory contains the container images for Gatekeeper that include bug fixes and container upgrades.
5bc612b2b1c850feaf8080d573aa0bdb3393cf6bfdc0979a42590fc3475743d1Red Hat Security Advisory 2022-6346-01 - Submariner enables direct networking between pods and services on different Kubernetes clusters that are either on-premises or in the cloud. Issues addressed include denial of service and out of bounds read vulnerabilities.
2ba5392bcd1c1bff9cb613e8012f9b1ea5a622aad244b9476377398cc6e342c9Red Hat Security Advisory 2022-6152-01 - Secondary Scheduler Operator for Red Hat OpenShift 1.1.0.
0721ad4e3e42e6bff7397b370925c6fdb8b84e19708067b2aa7011e40d8240f8Red Hat Security Advisory 2022-6283-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation. This advisory covers the RPM packages for the release.
f247d2124bf95c99ae591613529a152a81665459bc9059d0cc6cc2d3bf4d35a2Red Hat Security Advisory 2022-6188-01 - This is an updated release of the Node Maintenance Operator. The Node Maintenance Operator cordons off nodes from the rest of the cluster and drains all the pods from the nodes. By placing nodes under maintenance, administrators can proactively power down nodes, move workloads to other parts of the cluster, and ensure that workloads do not get interrupted.
8f2aa8b81657dc6b4634729c008fff6204973bf554d196175f117636caf6ff15Red Hat Security Advisory 2022-6113-01 - Red Hat Application Interconnect 1.0 introduces a service network, linking TCP and HTTP services across the hybrid cloud. A service network enables communication between services running in different network locations or sites. It allows geographically distributed services to connect as if they were all running in the same site. This is an update to the rpms for Red Hat Application Interconnect 1.0 to fix some security issues in the golang compiler.
14d75cd74fc05fac87aeb8e57d4ed7beac8aec1b434b94e728ca5caac92c6b8eRed Hat Security Advisory 2022-6042-01 - Red Hat OpenShift Serverless Client kn 1.24.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.24.0. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms. Issues addressed include bypass and denial of service vulnerabilities.
a0fb90802eb4af19bdbeb9ff04bf6db0048a42b54fb373556a4d125e2aecf5cbRed Hat Security Advisory 2022-5866-01 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
d8e14c0325b3460f88290f237b3f309e1f1ce362900ab28cbcd7d24bc1247894Red Hat Security Advisory 2022-5799-01 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The golang packages provide the Go programming language compiler.
5eaaa52b6a77309b91e4584c0f4943ba7794082f905fb2754a4ea2f649f020c7Red Hat Security Advisory 2022-5775-01 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
c819ab704d5acdaf62996bd21e4d50b2ef6c3bf13ff168c2ecc3fe710d182e36
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed