Red Hat Security Advisory 2023-2083-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.5 General Availability release images, which fix bugs and security updates container images. Issues addressed include denial of service and server-side request forgery vulnerabilities.
73a3a6d4835d6deabe73aac1424fead885072ae86393a0569e27f07803acfe01
Red Hat Security Advisory 2023-2061-01 - Multicluster Engine for Kubernetes 2.1.6 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy. Issues addressed include a denial of service vulnerability.
7da47561e67a1270c55a788f2757706933c85cf0d1b623630d91a7ddea2d1a34
Red Hat Security Advisory 2023-2023-01 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform.
c6904d9c5fef64669837a2ad40e8be5c2049a68a8cf769b21ca87ac743de8433
Red Hat Security Advisory 2023-1887-01 - Multicluster Engine for Kubernetes 2.2.3 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy. Issues addressed include a denial of service vulnerability.
c76abde01d9f10b906b82af70f526e5dde9beac6b1dfdb779fcbc3547e91a418
Red Hat Security Advisory 2023-1816-01 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform.
a70c6ef26c474fa0bc35f3e63191b1ee0e4542083ed8129be39343b736d85a22
Red Hat Security Advisory 2023-1888-01 - Red Hat Advanced Cluster Management for Kubernetes 2.7.3 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include denial of service and server-side request forgery vulnerabilities.
85bf3b91e2d99c1305171e27e674814c807c9b714eb4635e2b4a16597c700e46
Red Hat Security Advisory 2023-1893-01 - Red Hat Multicluster Engine Hotfix Security Update for Console. Red Hat Product Security has rated this update as having a security impact of Critical.
5a4b9ba13665b8f454d70a15f3981bf6b5d30070b62cdfc12799e26ac9c36173
Red Hat Security Advisory 2023-1310-01 - An update is now available for Logging Subsystem for Red Hat OpenShift - 5.5.9. Red Hat Product Security has rated this update as having a security impact of Moderate.
e5eb8b0b47fd0a608cf22a5a3e3741ddc9a553166dedfea4bfc036bc9cdb5742
Red Hat Security Advisory 2023-1405-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include double free and use-after-free vulnerabilities.
08426ea6ffe890c6d7ac8e02119c68b984f1023d8e5630a6ed98ba06f4da2c61
Red Hat Security Advisory 2023-1199-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include buffer overflow, double free, and use-after-free vulnerabilities.
4e40b595047797d81adf804c2f45bc97a61c115d639ef1d1e21d8aa98767fd4b
Red Hat Security Advisory 2023-0946-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include buffer overflow, double free, and use-after-free vulnerabilities.
03c201bb2ce7568e3362720c1cb0f457937348867d13e7c04e8449c3b355f24f
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. The 3.x series is the current major version of OpenSSL.
6c13d2bf38fdf31eac3ce2a347073673f5d63263398f1f69d0df4a41253e4b3e
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide.
8dee9b24bdb1dcbf0c3d1e9b02fb8f6bf22165e807f45adeb7c9677536859d3b
Ubuntu Security Notice 5845-2 - USN-5845-1 fixed several vulnerabilities in OpenSSL. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. David Benjamin discovered that OpenSSL incorrectly handled X.400 address processing. A remote attacker could possibly use this issue to read arbitrary memory contents or cause OpenSSL to crash, resulting in a denial of service.
67a3d1a9bc75eca956543ffdc9d3b1fdcdc888e804a0e86b65b6c5211c98fa7b
Debian Linux Security Advisory 5343-1 - Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit, which may result in incomplete encryption, side channel attacks, denial of service or information disclosure.
4916517dff3b6d3fb82a697282b6e0fd5fe217beb0223ca7d7db63be7baf4ac1
Ubuntu Security Notice 5845-1 - David Benjamin discovered that OpenSSL incorrectly handled X.400 address processing. A remote attacker could possibly use this issue to read arbitrary memory contents or cause OpenSSL to crash, resulting in a denial of service. Octavio Galland and Marcel Boehme discovered that OpenSSL incorrectly handled streaming ASN.1 data. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code.
b2fae3ad025b116aec7451725d91f5c92b860f8585a86fd648cfa9af96eba0d9
Ubuntu Security Notice 5844-1 - David Benjamin discovered that OpenSSL incorrectly handled X.400 address processing. A remote attacker could possibly use this issue to read arbitrary memory contents or cause OpenSSL to crash, resulting in a denial of service. Corey Bonnell discovered that OpenSSL incorrectly handled X.509 certificate verification. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10.
9148a451ed73788ce14d48db0869c0d82f74b5a31944d3cbb731fc7a3633c392
OpenSSL Security Advisory 20230207 - Security issues addressed in OpenSSL include X.400 address type confusion in X.509 GeneralName, a timing oracle in RSA decryption, a X.509 Name Constraints read buffer overflow, a use-after-free following BIO_new_NDEF, a double-free after calling PEM_read_bio_ex, an invalid pointer dereference in d2i_PKCS7 functions, a NULL dereference validating DSA public key, and a NULL dereference during PKCS7 data verification.
16370d8b2cce80bd47b575da9533d376c1ce8d49fd8cfdffe9f131d46a43f157