Red Hat Security Advisory 2023-3455-01 - OpenShift Serverless version 1.29.0 contains a moderate security impact. Issues addressed include a denial of service vulnerability.
fb699e506aa118c17dbd87137af0d14f01a829ce5c8b64ec9846e9ca82990b0bGentoo Linux Security Advisory 202305-35 - Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution. Versions greater than or equal to 102.10.0:esr are affected.
80fb46eeb6bf6b4a190797c274bb247b815138162b8deea3f7a113e5d441ebc6Gentoo Linux Security Advisory 202305-36 - Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution. Versions greater than or equal to 102.10.0 are affected.
cf32af8db7f48a44b2fe2d1424fd1ad7ec5f57e5c79d44dd0561f7d2a05b5ea4Red Hat Security Advisory 2023-2098-01 - Multicluster Engine for Kubernetes 2.0.8 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy. Issues addressed include a denial of service vulnerability.
5b409796351ae2191f3661c02dbe09dbe4a07067b31d38f4971846d655574798Red Hat Security Advisory 2023-2061-01 - Multicluster Engine for Kubernetes 2.1.6 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy. Issues addressed include a denial of service vulnerability.
7da47561e67a1270c55a788f2757706933c85cf0d1b623630d91a7ddea2d1a34Red Hat Security Advisory 2023-1887-01 - Multicluster Engine for Kubernetes 2.2.3 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy. Issues addressed include a denial of service vulnerability.
c76abde01d9f10b906b82af70f526e5dde9beac6b1dfdb779fcbc3547e91a418Red Hat Security Advisory 2023-1677-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include heap overflow and integer overflow vulnerabilities.
d50fcde157b0d81293003398a54404e2ecee374586626ce00fc2dbcc0d6bdaa5Red Hat Security Advisory 2023-1525-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.59.
c7fff0c27d61ac3bb7204fc93a47db5959206b2f34b2f34dc40a1a0403893667Red Hat Security Advisory 2023-1310-01 - An update is now available for Logging Subsystem for Red Hat OpenShift - 5.5.9. Red Hat Product Security has rated this update as having a security impact of Moderate.
e5eb8b0b47fd0a608cf22a5a3e3741ddc9a553166dedfea4bfc036bc9cdb5742Red Hat Security Advisory 2023-1392-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.55.
f5863625956e26f29caf6b7dd89916bd8ec1fde05666507c74b9c9570b7f2065Red Hat Security Advisory 2023-1409-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.9.
ccbdea74072f5f91ca8ea4c3158780053cb6f9d1362b1546944f6471f738d613Red Hat Security Advisory 2023-1479-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.9.0 ESR.
f8d79d3bdce21e3df66b2991b5745ddf3b6bd31b8d8e621519f240fc125bfaafRed Hat Security Advisory 2023-1406-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
157f5fdab0d3940d30869b0e4ab41754986bcfc02f8a3cd972e99370f6bd9c52Red Hat Security Advisory 2023-1366-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
3911811e6f0a780ab1a557e5060720d7c70a372f80e2d894d3c3e36142f48cc4Red Hat Security Advisory 2023-1370-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
7ae2e964d5ef28fad0c2b8e699c4e5d36fe4a642cf6f30c1206488122c39d2d0Red Hat Security Advisory 2023-1365-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
6095590cbc5d14299bc1a4809fb481a0eff9fd41ff0c1142f736213b58611ad0Red Hat Security Advisory 2023-1436-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
139d41acbfe8e61e25d413292a5c7201984b454e4b75bd62b4ce602409d463daRed Hat Security Advisory 2023-1369-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
70f29a1183c13202e1b2ed3d8756d8449384ab21c7a9d0b8b2b61236d6184cfaRed Hat Security Advisory 2023-1368-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
c444d5c64575841866b6f4f0d33c9f9e8475ac120a23ec8cfd50d17de5c44f14Red Hat Security Advisory 2023-1332-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
389776e27aab442848dfbc6c1d3f0a64eb1abedeb09467048a5e0f49955dc09dRed Hat Security Advisory 2023-1252-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
7548f82ad1f400310a720ee4ef5fe58596bafca33572d7237bb20bbb6ceab239Ubuntu Security Notice 5943-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. Johan Carlsson discovered that Thunderbird did not properly implement CSP policy on a header when using iframes. An attacker could potentially exploits this to exfiltrate data.
859da6042faf89a056033a58de2955c904821993b08e8e20d961d88955336897Ubuntu Security Notice 5892-2 - USN-5892-1 fixed a vulnerability in NSS. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Christian Holler discovered that NSS incorrectly handled certain PKCS 12 certificated bundles. A remote attacker could use this issue to cause NSS to crash, leading to a denial of service, or possibly execute arbitrary code.
31cccce14c13d752e3da2d4dae4af97860c9c7d2e50376f9e6b7d48629524e70Ubuntu Security Notice 5880-2 - USN-5880-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Christian Holler discovered that Firefox did not properly manage memory when using PKCS 12 Safe Bag attributes. An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes. Johan Carlsson discovered that Firefox did not properly manage child iframe's unredacted URI when using Content-Security-Policy-Report-Only header. An attacker could potentially exploits this to obtain sensitive information. Vitor Torres discovered that Firefox did not properly manage permissions of extensions interaction via ExpandedPrincipals. An attacker could potentially exploits this issue to download malicious files or execute arbitrary code. Irvan Kurniawan discovered that Firefox did not properly validate background script invoking requestFullscreen. An attacker could potentially exploit this issue to perform spoofing attacks. Ronald Crane discovered that Firefox did not properly manage memory when using EncodeInputStream in xpcom. An attacker could potentially exploits this issue to cause a denial of service. Samuel Grob discovered that Firefox did not properly manage memory when using wrappers wrapping a scripted proxy. An attacker could potentially exploits this issue to cause a denial of service. Holger Fuhrmannek discovered that Firefox did not properly manage memory when using Module load requests. An attacker could potentially exploits this issue to cause a denial of service. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code.
d8134e53c73b5f2b98a54caf846a945da5e3e78dac7bf2d66525cf6b12579a76Ubuntu Security Notice 5892-1 - It was discovered that NSS incorrectly handled client authentication without a user certificate in the database. A remote attacker could possibly use this issue to cause a NSS client to crash, resulting in a denial of service. This issue only affected Ubuntu 22.10. Christian Holler discovered that NSS incorrectly handled certain PKCS 12 certificated bundles. A remote attacker could use this issue to cause NSS to crash, leading to a denial of service, or possibly execute arbitrary code.
08e1514e5eeec5f74d4365784fc07384f881ccfce7ae98e9d80175769c3a1622
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed