Ubuntu Security Notice 6038-2 - USN-6038-1 fixed several vulnerabilities in Go 1.18. This update provides the corresponding updates for Go 1.13 and Go 1.16. CVE-2022-29526 and CVE-2022-30630 only affected Go 1.16. It was discovered that the Go net/http module incorrectly handled Transfer-Encoding headers in the HTTP/1 client. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack.
96428fafe2ad31ad48b8e46a45e50a86a01fb944d7fa801a9d326ac37683dc05Gentoo Linux Security Advisory 202311-9 - Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution. Versions greater than or equal to 1.20.10 are affected.
7cd3fdaa4650cc67226eaaa58c1a34f9f619b6ed9f3c06868a9c23ebed7861b0Red Hat Security Advisory 2023-4335-01 - The cert-manager Operator for Red Hat OpenShift builds on top of Kubernetes, introducing certificate authorities and certificates as first-class resource types in the Kubernetes API. This makes it possible to provide certificates-as-a-service to developers working within your Kubernetes cluster. Issues addressed include a denial of service vulnerability.
81b639b773dc9bc98d3be0e65210b5f630f2ddc9a2cc9d106f9c169b18da4f25Red Hat Security Advisory 2023-4290-01 - OpenShift sandboxed containers 1.4.1 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.
1e2b8ec0277e95d223b5e93c67cebd05ba8613dd04c6a60f215d9837febfb0b2Red Hat Security Advisory 2023-4003-01 - As a Kubernetes user, I cannot connect easily connect services from one cluster with services on another cluster. Red Hat Application Interconnect enables me to create a service network and it allows geographically distributed services to connect as if they were all running in the same site. Issues addressed include a denial of service vulnerability.
3dd00e84e0da1c5c1edeaa0a26bd971bfab3a639be101a9c1603c4b46458cfceRed Hat Security Advisory 2023-3915-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.44.
983f22c13da7ac7e8ade2bd73150add682db932fc974bb432e054a1cc890dd94Red Hat Security Advisory 2023-3905-01 - Network Observability 1.3.0 is an OpenShift operator that provides a monitoring pipeline to collect and enrich network flows that are produced by the Network observability eBPF agent. The operator provides dashboards, metrics, and keeps flows accessible in a queryable log store, Grafana Loki. When a FlowCollector is deployed, new dashboards are available in the Console. This update contains bug fixes.
9c1a4b3b6b1779c22972b35dae1d77dc4ebc7de0dffbdefb344d5318801994ffRed Hat Security Advisory 2023-3613-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.22.
c3f146d013ad79efb30eea96531b60720cba19094c875d1fec27a9591b05aeb5Red Hat Security Advisory 2023-3664-01 - Release of Security Advisory for the OpenShift Jenkins image and Jenkins agent base image.
dd336c3e2dc2db105e105127e1f2bbf79335a56f544ed3b31f07727c470cb571Red Hat Security Advisory 2023-3644-01 - Red Hat OpenShift Service Mesh is the Red Hat distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers container images for the release.
d08e0901464777bd733a3a8059ea4b335dfa9bfe8b9bacda0a47df5480ff08a7Red Hat Security Advisory 2023-3645-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation. This advisory covers the RPM packages for the release. Issues addressed include a denial of service vulnerability.
3023d0e9a727cd7cb6e6e20ebd2258d11d98d83016ff62bc73e6192f91c39a04Red Hat Security Advisory 2023-3642-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. This new container image is based on Red Hat Ceph Storage 6.1 and Red Hat Enterprise Linux 9. Issues addressed include bypass, cross site scripting, denial of service, information leakage, spoofing, and traversal vulnerabilities.
299c64208e7b0372bf38a7af4b78ae479c755f82d2b80c7932c562b81810811aRed Hat Security Advisory 2023-3624-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include a denial of service vulnerability.
d2f80d582085aae75b12f07fd85ac399fe95b0c3197d108af14ac014209e5633Red Hat Security Advisory 2023-3205-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.13.0 images. Issues addressed include a denial of service vulnerability.
4a34dffe5fe9a55229a283a656ce8bd4866b959518034a1c1e0f3cd63f69b2f6Red Hat Security Advisory 2023-2780-01 - Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood.
676edf27dc6043c0fe32e0a0c3693ef1c60c596ad51ae34e163fed07eb21da6aRed Hat Security Advisory 2023-2784-01 - Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.
a8f1ab5599e8950135e32e3d9ef7dd35bdbe09883bc89e41cd92d903d492aea3Red Hat Security Advisory 2023-2866-01 - Git Large File Storage replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server.
82071deb37de011938ed47108a0041f8ccf53784d009dffb14e81247b7a7d408Red Hat Security Advisory 2023-2204-01 - Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood.
6ec169c1f0d0f724af4154a32732f4fc5c348e2a8ee3490c10a9bdc39ffc1378Red Hat Security Advisory 2023-2582-01 - The lua packages provide support for Lua, a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language.
07d02c2cdcc025f64d5bfc8ef5504fe6334f6db751b82d9cf4768747227c0883Red Hat Security Advisory 2023-2357-01 - Git Large File Storage replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Issues addressed include a denial of service vulnerability.
9140faf074cda7ac19efb48b3148896fb61acf0a9b2cbb63cd55a246caf4594aRed Hat Security Advisory 2023-2167-01 - Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.
2ed45855838590ec2be67d292e8c06e401e9b8bc47f6530cf4ea451cd0b8dbe3Gentoo Linux Security Advisory 202305-23 - Multiple vulnerabilities have been discovered in Lua, the worst of which could result in arbitrary code execution.
00aefb3377c44926da8759cd1d9a0caff52ef4beac1d0f7f4a215d7820e9e283Red Hat Security Advisory 2023-2041-01 - Migration Toolkit for Applications 6.1.0 Images. Issues addressed include denial of service, privilege escalation, server-side request forgery, and traversal vulnerabilities.
cdceaf94ffb5f08d7907643b99fcb01c885eb8b1a5f5162002e04ee9e67c6574Ubuntu Security Notice 6038-1 - It was discovered that the Go net/http module incorrectly handled Transfer-Encoding headers in the HTTP/1 client. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. It was discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting into a denial of service.
d693c7af1fb087931225b61859ba4862bde511f2a7551346eb8eb6777bf0309dRed Hat Security Advisory 2023-1428-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include denial of service, traversal, and unsanitized input vulnerabilities.
cc950d2ab43d2f93dae3bec701ae554c28379d039ec26d5027d656ff0b9558b0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed