Red Hat Security Advisory 2023-5677-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.39.
4fe8af15fa950e92fa04b5b47b12712e997839f1e9502ef8ea2b28ba99e8e034
Red Hat Security Advisory 2023-5675-02 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.17.
070f7e5ae865747abd2e7af627133314003a2013b9fd5180996d8a88aa88cb97
Red Hat Security Advisory 2023-5672-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.17.
e60aa9e58850d74c840b594c0b8f6c86921299b305f3b8038fc239976a2dc645
Two and a half years ago an independent audit was performed on the Squid Caching Proxy, which ultimately resulted in 55 vulnerabilities being discovered in the project's C++ source code. Although some of the issues have been fixed, the majority (35) remain valid. The majority have not been assigned CVEs, and no patches or workarounds are available. Some of the listed issues concern more than one bug, which is why 45 issues are listed, despite there being 55 vulnerabilities in total (10 extra of the result of similar, but different pathways to reproduce a vulnerability). After two and a half years of waiting, the researcher has decided to release the issues publicly. This archive contains all of the proof of concept code released by the researcher.
8a60c32d038280c1edeea0a6969797283bd744dd1d8876f4879ad103db17b469
Ubuntu Security Notice 6437-1 - Ziqiang Gu discovered that VIPS could be made to dereference a NULL pointer. If a user or automated system were tricked into processing a specially crafted input image file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that VIPS did not properly handle uninitialized memory locations when processing corrupted input image data. An attacker could possibly use this issue to generate output images that expose sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
f1389fbfe84a630887a2d71264e245e4c353f43dc0b13710da814eedce7ae446
Ubuntu Security Notice 6434-1 - Francois Diakhate discovered that PMIx did not properly handle race conditions in the pmix library, which could lead to unwanted privilege escalation. An attacker could possibly use this issue to obtain ownership of an arbitrary file on the filesystem, under the default configuration of the application.
97544a4b0b5612f06cabfbcc84a21569fdccfd7265d635cb4e7d803db7192679
Ubuntu Security Notice 6436-1 - It was discovered that the FRR did not properly check the attribute length in NRLI. A remote attacker could possibly use this issue to cause a denial of service. It was discovered that the FRR did not properly manage memory when reading initial bytes of ORF header. A remote attacker could possibly use this issue to cause a denial of service. It was discovered that FRR did not properly validate the attributes in the BGP FlowSpec functionality. A remote attacker could possibly use this issue to cause a denial of service.
c54a218c23f3c4877ce2417fa1371aa63e38b89f4e9376e5a83bc1c582484309
Debian Linux Security Advisory 5529-1 - Francois Diakhate discovered that several race conditions in file processing of the Simple Linux Utility for Resource Management (SLURM), a cluster resource management and job scheduling system, could result in denial of service by overwriting arbitrary files.
2cab2219e1844c1e5042a5b8b60c052e98d2ea56538c5e952de91f15a9d11ad3