The 5.15.16 stable kernel update contains a number of important fixes across the tree.
Archive for January, 2022
Security fix for CVE-2021-45931
An update is now available for OpenShift Logging (5.2.6) Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
Multiple security issues were discovered in Pillow, a Python imaging library, which could result in denial of service and potentially the execution of arbitrary code if malformed images are processed.
Several security issues were fixed in Thunderbird.
Security fix for CVE-2021-45930
Rebase to version 2.4.3
Matthias Gerstner reported that usbview, a USB device viewer, does not properly handle authorization in the PolicyKit policy configuration, which could result in root privilege escalation.
USBView could be made to crash or run programs as an administrator.
Several security issues were fixed in Thunderbird.
A minor version update (from 1.6.2 to 1.6.3) is now available for Red Hat Integration Camel K that includes bug fixes. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact
An update is now available for OpenShift Logging (5.3.3) Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
An update is now available for OpenShift Logging (5.0.12) Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
An update is now available for OpenShift Logging (5.1.7) Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
A security update to Red Hat Integration Camel Extensions for Quarkus 2.2 is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Red Hat Product Security has rated this update as having an impact of
David Bouman discovered a heap-based buffer overflow vulnerability in the base64 functions of aide, an advanced intrusion detection system, which can be triggered via large extended file attributes or ACLs. This may result in denial of service or privilege escalation.
An update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
Several vulnerabilities were discovered in Flatpak, an application deployment framework for desktop apps. CVE-2021-43860
AIDE could be made to crash or run programs as an administrator if it opened a specially crafted file.
The 5.15.15 stable kernel update contains a number of important fixes across the tree.
Update to newer version of arara with newer log4j. Severity is low because exploiting this locally would be challenging.
Open vSwitch could be made to hang or crash if it received specially crafted network traffic.
A security issue was fixed in the kernel.
curl could be made to expose sensitive information if it received a specially crafted input.
Several security issues were fixed in QtSvg.
The system could be made to crash or run programs as an administrator.
An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
Updated Satellite 6.10 packages that fix several bugs are now available for Red Hat Satellite. 2. Relevant releases/architectures: Red Hat Satellite 6.10 – noarch, x86_64