Red Hat Security Advisory 2021-1125-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.
984381442736581cb0cc1b03ddec7e16Red Hat Security Advisory 2021-1093-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, out of bounds read, and use-after-free vulnerabilities.
5cd97afb5849f42c3e9017765e17a37fRed Hat Security Advisory 2021-1086-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Issues addressed include an information leakage vulnerability.
6e592d686186ab5fe693156a01bc1d8dRed Hat Security Advisory 2021-1081-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, out of bounds read, and use-after-free vulnerabilities.
c13387ded30e131eec84c0c8bae119e8Ubuntu Security Notice 4902-1 - Dennis Brinkrolf discovered that Django incorrectly handled certain filenames. A remote attacker could possibly use this issue to create or overwrite files in unexpected directories.
6fb4afa701c67bbfc2606b1a826d5550Ubuntu Security Notice 4561-2 - USN-4561-1 fixed vulnerabilities in Rack. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 20.04 LTS and Ubuntu 20.10. It was discovered that Rack incorrectly handled certain paths. An attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Various other issues were also addressed.
04337f9d1336ac329d86fe6c1373cc09Red Hat Security Advisory 2021-1072-01 - The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. Issues addressed include an out of bounds read vulnerability.
801f4e70a01df9126a3eae103d40299aRed Hat Security Advisory 2021-1073-01 - Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux.
4dc1d3cc9f0b2cd14ea16511e016ef5fRed Hat Security Advisory 2021-1074-01 - Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux.
82b296dd1b729f469c3a887ec56e653eRed Hat Security Advisory 2021-1071-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and out of bounds read vulnerabilities.
bfa99c9a1f3bdb9d91c6b78bc7db931fRed Hat Security Advisory 2021-1069-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include buffer overflow and out of bounds read vulnerabilities.
245bb001794052bc35268640547d848eRed Hat Security Advisory 2021-1068-01 - Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux.
2d337b91cb03988a46988ae32b24aa7eRed Hat Security Advisory 2021-1070-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow and out of bounds read vulnerabilities.
1484f5eeb720f261b753dfefe6dfa22cRed Hat Security Advisory 2021-1064-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.
5463f44ff29d090a9cf47a6338cb0a2cRed Hat Security Advisory 2021-1005-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.7.5.
c25b9b9a44ac9f1363773c3c8b3db850Red Hat Security Advisory 2021-1007-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.5.
1d804be0ca84b08daf912081472a4052Red Hat Security Advisory 2021-1063-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include a null pointer vulnerability.
9efc832b1053b83fafa8fe2a8fcb4c8dRed Hat Security Advisory 2021-1006-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.5.
04fe7e3783108c40240733556287f9b4Ubuntu Security Notice 4900-1 - It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code.
22c7345367e0c3c848f48020433aace9This Metasploit module leverages an authentication bypass and directory traversal vulnerabilities in Saltstack Salt's REST API to execute commands remotely on the master as the root user. Every 60 seconds, salt-master service performs a maintenance process check that reloads and executes all the grains on the master, including custom grain modules in the Extension Module directory. So, this module simply creates a Python script at this location and waits for it to be executed. The time interval is set to 60 seconds by default but can be changed in the master configuration file with the loop_interval option. Note that, if an administrator executes commands locally on the master, the maintenance process check will also be performed. It has been fixed in the following installation packages: 3002.5, 3001.6 and 3000.8. Also, a patch is available for the following versions: 3002.2, 3001.4, 3000.6, 2019.2.8, 2019.2.5, 2018.3.5, 2017.7.8, 2016.11.10, 2016.11.6, 2016.11.5, 2016.11.3, 2016.3.8, 2016.3.6, 2016.3.4, 2015.8.13 and 2015.8.10. This module has been tested successfully against versions 3001.4, 3002 and 3002.2 on Ubuntu 18.04.
c836d9acbeb076642702599310fe13a4Ubuntu Security Notice 4899-1 - Damian Lukowski discovered that SpamAssassin incorrectly handled certain CF files. If a user or automated system were tricked into using a specially- crafted CF file, a remote attacker could possibly run arbitrary code.
dbd6e8e06d2d1fef4a9f91f0e3ace87eRed Hat Security Advisory 2021-1050-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include denial of service and memory leak vulnerabilities.
5ff8aca5506d26ec6be3fd12d445df48Red Hat Security Advisory 2021-1051-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include denial of service and memory leak vulnerabilities.
0db1df594bd5aabba0243d259f43fb74Gentoo Linux Security Advisory 202103-4 - A vulnerability in SQLite could lead to remote code execution. Versions less than 3.34.1 are affected.
f59bbf0f68384bc27dd0164f4bade7f9Gentoo Linux Security Advisory 202103-3 - Multiple vulnerabilities have been found in OpenSSL, the worst of which could allow remote attackers to cause a Denial of Service condition. Versions less than 1.1.1k are affected.
07c6a7c57274c3e07d6e5c3532051d5e
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed