Red Hat Advanced Cluster Management for Kubernetes 2.3.8 General Availability release images, which provide security and container updates. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
Archive for March, 2022
Libtasn1 could be made to crash if it opened a specially crafted file.
Paramiko would allow unintended access to private key files.
Red Hat OpenShift Container Platform release 4.10.6 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10.
A security issue was discovered in Chromium, which could result in the execution of arbitrary code if a malicious website is visited. For the stable distribution (bullseye), this problem has been fixed in
Multiple speculative security issues [XSA-398]
Update to 2.53.11.1 Note that since 2.53.11, besides the ordinary builds for the current Fedora and EPEL branches, there is an additional distro-independed build available at https://buc.fedorapeople.org/seamonkey . So if you have friends who use other Linux distro, but that distro does not provide SeaMonkey yet, you can recommend this build for them.
Multiple vulnerabilities have been discovered in the freeware Advanced Audio Decoder, which may result in denial of service or potentially the execution of arbitrary code if malformed media files are processed.
This is the March 2022 update for .NET Core 3.1: SDK 3.1.417 and Runtime 3.1.23 Release notes: https://github.com/dotnet/core/blob/main/release- notes/3.1/3.1.23/3.1.23.md This includes fixes for CVE-2022-24464, CVE-2022-24512 and CVE-2020-8927
CVE-2022-24302: Creation of new private key files using `~paramiko.pkey.PKey` subclasses was subject to a race condition between file creation and mode modification, which could be exploited by an attacker with knowledge of where the Paramiko-using code would write out such files; this has been patched by using `os.open` and `os.fdopen` to ensure new files are opened with the correct
Fix for CVE-2022-0860
# UnrealIRCd 6.0.2 UnrealIRCd 6.0.2 comes with several nice feature enhancements along with some fixes. It also includes a fix for a crash bug that can be triggered by ordinary users. ## Fixes * Fix crash that can be triggered by regular users if you have any `deny dcc` blocks in the config or any spamfilters with the `d` (DCC) target. * Fix infinite hang on “Loading
It’s been less than a year since the WordPress Pattern Directory was launched, and we already have more exciting news to share. The Pattern Creator is live! You can now build, edit, and submit your best block patterns to the Pattern Directory—submissions are open to all with a WordPress.org user account! The WordPress Pattern Directory […]
Release of OpenShift Serverless 1.21.0 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
Release of OpenShift Serverless Client kn 1.21.0 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
Multiple vulnerabilities have been discovered in the libtiff library and the included tools, which may result in denial of service if malformed image files are processed.
USN-5321-1 introduced minor regressions in Firefox.
Update to 3.2.1 (fix CVE-2021-45848: DoS via malicious download request)
An update for python-twisted is now available for Red Hat OpenStack Platform 16.1 (Train). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
An update for openstack-nova is now available for Red Hat OpenStack Platform 16.1 (Train). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
An update for numpy is now available for Red Hat OpenStack Platform 16.1 (Train). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
An update for golang-github-vbatts-tar-split is now available for Red Hat OpenStack Platform 16.1 (Train). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
An update for openstack-neutron is now available for Red Hat OpenStack Platform 16.1 (Train). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
This is a maintenance release of OpenVPN 2.5 with a security fix when used in server mode ([CVE-2022-0547](https://community.openvpn.net/openvpn/wiki/CVE-2022-0547)). The other changes are available in [Changes.rst](https://github.com/OpenVPN/openvpn/blob/release/2.5/Changes.rst).
OpenVPN could allow unintended access to network services.
Marlon Starkloff discovered that twig, a template engine for PHP, did not correctly enforce sandboxing. This would allow a malicious user to execute arbitrary code.
The system could be made to crash if it received specially crafted network traffic.
Rebase to upstream version 3.0.2
Several security issues were fixed in Thunderbird.