Red Hat OpenShift Container Platform release 4.11.44 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11.
Archive for July, 2023
Red Hat OpenShift Container Platform release 4.10.63 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10.
Red Hat OpenShift Container Platform release 4.10.63 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10.
Update to version 4.7.4 Security fix for CVE-2022-41854
The 6.3.11 stable kernel update contains a number of important fixes across the tree. —- The 6.3.10 stable kernel update contains a number of important fixes across the tree.
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
Multiple security issues were discovered in MediaWiki, a website engine for collaborative work, which could result in cross-site scripting, a bypass of vandalism protections or information disclosure.
CPDB could be made to crash or execute arbitrary code.
Django could be made to consume resources if it received specially crafted network traffic.
Several security issues were fixed in containerd.
Several security issues were fixed in Firefox.
– Release 4.0.4
– New upstream update (115.0) – Built with PGO
Several security issues were fixed in ImageMagick.
Update to 114.0.5735.198. Fixes the following security issues: CVE-2023-3420 CVE-2023-3421 CVE-2023-3422 CVE-2023-36191
Update to 2.40.3: * Make memory pressure monitor honor memory.memsw.usage_in_bytes if exists. * Include key modifiers in wheel events. * Apply cookie blocking policy to WebSocket handshakes. * Fix several crashes and rendering issues. * Security fixes: CVE-2023-32439
croc 9.6.4
It was discovered that Ghostscript, the GPL PostScript/PDF interpreter, does not properly handle permission validation for pipe devices, which could result in the execution of arbitrary commands if malformed document files are processed.
PHP could be made to expose sensitive information.
WordPress 6.3 Beta 3
WordPress 6.3 Beta 3 is now ready for download and testing! This version of the WordPress software is under development. Please do not install, run, or test this version on production or mission-critical websites. Instead, it is recommended that you test Beta 3 on a test server and site.
Join WordPress Executive Director Josepha Haden Chomphosy in the 59th episode of the WordPress Briefing. Today she invites guest speaker Alex Kirk to discuss Polyglots’ work to continue to help bring translation to WordPress.
Several security issues were fixed in Vim.
Update to 114.0.5735.198. Fixes the following security issues: CVE-2023-3420 CVE-2023-3421 CVE-2023-3422 CVE-2023-36191
Multiple multiple vulnerabilities were discovered in plugins for the GStreamer media framework and its codecs and demuxers, which may result in denial of service or potentially the execution of arbitrary code if a malformed media file is opened.
Multiple multiple vulnerabilities were discovered in plugins for the GStreamer media framework and its codecs and demuxers, which may result in denial of service or potentially the execution of arbitrary code if a malformed media file is opened.
– Rebased to the latest upstream sources (see CHANGELOG.md) – Updated pcs-web-ui – Removed dependency fedora-logos – favicon is now correctly provided by pcs- web-ui – Resolves: rhbz#2109852 rhbz#2170648
Update to 2.40.3: * Make memory pressure monitor honor memory.memsw.usage_in_bytes if exists. * Include key modifiers in wheel events. * Apply cookie blocking policy to WebSocket handshakes. * Fix several crashes and rendering issues. * Security fixes: CVE-2023-32439
– Rebased to the latest upstream sources (see CHANGELOG.md) – Updated pcs-web-ui – Removed dependency fedora-logos – favicon is now correctly provided by pcs- web-ui – Resolves: rhbz#2109852 rhbz#2170648
Patch update to Kubernetes 1.25 for Fedora 37. Primarily a security fix for CVE-2023-2431: Bypass of seccomp profile enforcement.