Several security issues were fixed in Apport.
Comment
Archive for April, 2020
192 results.
Debian: DSA-4649-1: haproxy security update
Apr02
on April 2, 2020
at 9:16 am
Posted In: Uncategorized
Felix Wilhelm of Google Project Zero discovered that HAProxy, a TCP/HTTP reverse proxy, did not properly handle HTTP/2 headers. This would allow an attacker to write arbitrary bytes around a certain location on the heap, resulting in denial-of-service or potential arbitrary code
RedHat: RHSA-2020-1300:01 Important: qemu-kvm-rhev security update
Apr02
on April 2, 2020
at 6:27 am
Posted In: Uncategorized
An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 10.0 (Newton). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
This update includes a rebase from 9.0.30 up to 9.0.31 which resolves one CVE along with various other bugs/features: * rhbz#1806805 CVE-2020-1938 tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability * rhbz#1801729 tomcat-9.0.31 is available **WARNING** – This update does *not* enforce the change in defaults for the AJP Connector like the upstream fix does. This is
RedHat: RHSA-2020-1296:01 Important: qemu-kvm-rhev security update
Apr02
on April 2, 2020
at 6:03 am
Posted In: Uncategorized
An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 13.0 (Queens). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
This update includes a rebase from 9.0.30 up to 9.0.31 which resolves one CVE along with various other bugs/features: * rhbz#1806805 CVE-2020-1938 tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability * rhbz#1801729 tomcat-9.0.31 is available **WARNING** – This update does *not* enforce the change in defaults for the AJP Connector like the upstream fix does. This is
RedHat: RHSA-2020-1293:01 Important: nodejs:12 security update
Apr02
on April 2, 2020
at 4:16 am
Posted In: Uncategorized
An update for the nodejs:12 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
RedHat: RHSA-2020-1292:01 Important: qemu-kvm-rhev security update
Apr02
on April 2, 2020
at 3:27 am
Posted In: Uncategorized
An update for qemu-kvm-rhev is now available for Red Hat Virtualization for Red Hat Virtualization Host 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
RedHat: RHSA-2020-0933:01 Moderate: OpenShift Container Platform 4.3.9
Apr01
on April 1, 2020
at 2:52 pm
Posted In: Uncategorized
An update for ose-openshift-apiserver-container is now available for Red Hat OpenShift Container Platform 4.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
RedHat: RHSA-2020-0934:01 Moderate: OpenShift Container Platform 4.3.9
Apr01
on April 1, 2020
at 2:52 pm
Posted In: Uncategorized
An update for ose-openshift-controller-manager-container is now available for Red Hat OpenShift Container Platform 4.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
Security fix for CVE-2020-10188
Fedora 32: coturn FEDORA-2020-6efa0fc869
Apr01
on April 1, 2020
at 12:42 pm
Posted In: Uncategorized
* An exploitable heap overflow vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. A specially crafted HTTP POST request can lead to information leaks and other misbehavior. * An exploitable denial-of-service vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. A specially crafted HTTP POST request can lead to server crash and denial of