Red Hat Security Advisory 2024-1675-03 - An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8. Issues addressed include memory exhaustion and spoofing vulnerabilities.
e9aec56c841ee5780b5d12fc9f1e0d123236bbab4454d1f197a567e33821ae1a
Red Hat Security Advisory 2024-1674-03 - An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Issues addressed include memory exhaustion and spoofing vulnerabilities.
3f6d23937d9d13152cb271b30a3885276ea14e2fa58bf7c02682208c95ed59a8
Red Hat Security Advisory 2024-1665-03 - Red Hat Advanced Cluster Management for Kubernetes 2.8.6 is now available.
1107e3216401d51825ebcb0cdf2da83cc6f9acd859a5009677096df282296584
Red Hat Security Advisory 2024-1567-03 - Red Hat OpenShift Container Platform release 4.14.19 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a memory leak vulnerability.
05a1cbe893be49827492114fcf2c9a3d278750da5ef71daee534c6bb1a053164
Red Hat Security Advisory 2024-1566-03 - Red Hat build of MicroShift release 4.14.19 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a memory leak vulnerability.
62b6b98106e275200c7461bddbe6b22d9fb8e0748120dc9302b6d521809b7da6
Debian Linux Security Advisory 5667-1 - Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine.
4b5ad87c90c9f2a81b7b85903e923bd1ef5858810aaf4daa3aa058bfa455c207
Debian Linux Security Advisory 5666-1 - Gergo Koteles discovered that sandbox restrictions in Flatpak, an application deployment framework for desktop apps, could by bypassed in combination with xdg-desktop-portal.
d4f8e7d8fdbaa5f16964c5a67372ac10c12ec22b2f4145483f1b0040d1910fd8
Debian Linux Security Advisory 5668-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
9f120f241f69e89a87048439ebf297321291e0322dc11b8f0a150b792d26785c
Debian Linux Security Advisory 5669-1 - It was discovered that insufficient restriction of unix daemon sockets in the GNU Guix functional package manager could result in sandbox bypass.
b5492ee7913aac805b810eb199120b74b7940e09b5a74900b06cbdd74ddc9d0d
Ubuntu Security Notice 6743-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
5e5f229563e3c429730da05f62649d804fe5fcc3df71db82f33e6fe0ba5299c1
Ubuntu Security Notice 6742-1 - Daniele Antonioli discovered that the Secure Simple Pairing and Secure Connections pairing in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials. A physically proximate attacker placed between two Bluetooth devices could use this to subsequently impersonate one of the paired devices. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
234102586def229a208c315fa397cd1db7c7bc4c31eab695d1718ef42f88ce93
Ubuntu Security Notice 6741-1 - Daniele Antonioli discovered that the Secure Simple Pairing and Secure Connections pairing in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials. A physically proximate attacker placed between two Bluetooth devices could use this to subsequently impersonate one of the paired devices. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
c6b3855c5a30ae98458ae3e5b1858440f9d4c3d136432f67ecdd3beeeb05fc11
Ubuntu Security Notice 6740-1 - Wei Chen discovered that a race condition existed in the TIPC protocol implementation in the Linux kernel, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. It was discovered that the virtio network implementation in the Linux kernel did not properly handle file references in the host, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly expose sensitive information.
444f68d723cc469e212afdb8cada5cf6504c7f71ead1646805559424b443f87e
Ubuntu Security Notice 6739-1 - It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service. Wei Chen discovered that a race condition existed in the TIPC protocol implementation in the Linux kernel, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service.
5f4dadac1f0ffbad1948bc44ea21d9526e86681e856c3a3cb7fb406e90965bf4
Debian Linux Security Advisory 5665-1 - Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine.
f71a2704a09d499ccfe3d1492004ddcb7f2429e9761b62b167df8ac3625763b8
Debian Linux Security Advisory 5664-1 - Jetty 9 is a Java based web server and servlet engine. It was discovered that remote attackers may leave many HTTP/2 connections in ESTABLISHED state (not closed), TCP congested and idle. Eventually the server will stop accepting new connections from valid clients which can cause a denial of service.
f811fdb59918d1ff6c0f69e7c41be61c5a9681f083aca6ccdb106ccc1fb89b43
Ubuntu Security Notice 6737-1 - Charles Fol discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly execute arbitrary code.
a2193ea8debdc56e5db177fb9a7501493c0c605992b026d6d4b0041034023456
Ubuntu Security Notice 6729-2 - USN-6729-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Orange Tsai discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks.
48e8f6ab38e454ffe37a65ae74aa96cb5b3942a28276a0cc0f3a974d4716ae83
Red Hat Security Advisory 2024-1904-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include a use-after-free vulnerability.
ae4aac2e36e264d0ac979954cc68c2d0ef6012f9dc1cfa22f4b5b5d67359850f
Red Hat Security Advisory 2024-1901-03 - OpenShift container images for the Red Hat Service Interconnect 1.5 release.
bf7cf6d6fa915b2733b85e8d1e76d765cad3f8214eae02a05f9c286f01f5edf4
Red Hat Security Advisory 2024-1883-03 - An update for shim is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include buffer overflow, bypass, integer overflow, and out of bounds read vulnerabilities.
c1ea6025a858fac3737458660132784a8297331282060c087e38da04b57eae15
Red Hat Security Advisory 2024-1882-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a use-after-free vulnerability.
9e10ada3ddb528acb9ccbcfdd5961551f172a10a3b49d7e80a65876978d4f1f1
Red Hat Security Advisory 2024-1881-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include null pointer and use-after-free vulnerabilities.
acea5cb9cd1b6c350fd4c7a2ed9b9beb19ec417f14f50e1f89fe7aea71333885
Red Hat Security Advisory 2024-1880-03 - An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include denial of service and privilege escalation vulnerabilities.
c8fe117dd2af0c7d9a581ef6df81d035e6d25838717225cebb9f207af4fe0fd0
Red Hat Security Advisory 2024-1879-03 - An update for gnutls is now available for Red Hat Enterprise Linux 9. Issues addressed include an information leakage vulnerability.
6d8e6f9e5dfba8b13a681f3c306557227f9eeac671925f3dcc514d4eb10f5e2e