RedHat: RHSA-2019-2534:01 Important: Red Hat 3scale API Management 2.6.0

    Date21 Aug 2019
    CategoryRed Hat
    2306
    Posted ByLinuxSecurity Advisories
    A security update for Red Hat 3scale API Management Platform is now available from the Red Hat Container Catalog. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256
    
    =====================================================================
                       Red Hat Security Advisory
    
    Synopsis:          Important: Red Hat 3scale API Management 2.6.0 release and security update
    Advisory ID:       RHSA-2019:2534-01
    Product:           3scale API Management
    Advisory URL:      https://access.redhat.com/errata/RHSA-2019:2534
    Issue date:        2019-08-21
    CVE Names:         CVE-2019-10216 
    =====================================================================
    
    1. Summary:
    
    A security update for Red Hat 3scale API Management Platform is now
    available from the Red Hat Container Catalog.
    
    Red Hat Product Security has rated this update as having a security impact
    of Important. A Common Vulnerability Scoring System (CVSS) base score,
    which gives a detailed severity rating, is available for each vulnerability
    from the CVE link(s) in the References section.
    
    2. Description:
    
    Red Hat 3scale API Management delivers centralized API management features
    through a distributed, cloud-hosted layer. It includes built-in features to
    help in building a more successful API program, including access control,
    rate limits, payment gateway integration, and developer experience tools.
    
    This release of Red Hat 3scale API Management 2.6.0 replaces Red Hat 3scale
    API Management 2.5.1.
    
    Security Fix(es):
    
    * ghostscript: -dSAFER escape via .buildfont1 (CVE-2019-10216)
    
    3. Solution:
    
    Before applying this update, make sure all previously released errata
    relevant to your system have been applied.
    
    For details on how to apply this update, refer to:
    
    https://access.redhat.com/documentation/en-us/red_hat_3scale_api_management
    /2.6/html-single/installing_3scale/#onpremises-installation
    
    4. Bugs fixed (https://bugzilla.redhat.com/):
    
    1737080 - CVE-2019-10216 ghostscript: -dSAFER escape via .buildfont1 (701394)
    
    5. JIRA issues fixed (https://issues.jboss.org/):
    
    THREESCALE-2852 - Release 3scale AMP 2.6 - Container Images
    
    6. References:
    
    https://access.redhat.com/security/cve/CVE-2019-10216
    https://access.redhat.com/security/updates/classification/#important
    
    7. Contact:
    
    The Red Hat security contact is . More contact
    details at https://access.redhat.com/security/team/contact/
    
    Copyright 2019 Red Hat, Inc.
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1
    
    iQIVAwUBXV0vO9zjgjWX9erEAQjqdA/9Gy6SP3jYmCeiNKR0uwPOk4nphQCrVY1d
    ZhaqnXPObfkl5+NebVTpXo5+0HbSnXShWXIH8LLU94Y2TRlfDgzuUL3243B8i6KM
    fUNgDBPq9sT/DAjE2zAN5F2VI09lVUNfySvypMHRYf1xrsUQ1GR7wPJGukn28eUG
    rC423rBLaSude8U0s55efkJhs+I/V/0cwCfOiL325JeAS5BqsbkDS5qlBVmtAZSH
    fFD1HabE5xCeUK6vvGLIkjbdvywSKsVJtYeFzyZE0CdfofSn4z+LLDQQ0XvRicM+
    FsRkOvtfXFca0k7xkglpyOzKSV7bwy1vZfyi78sleWi1vTZRGjd+s4bogdFY1sW1
    6jA6Z9n2zHCsBv3knwjj4AoOwJ8Z6WQBBwN7g0vTTFOKRdpmfMf8rJGA/enLnZRe
    R3lfNzG4jLg1L5aWHOCHbX3YcKvt9fMiNKgpNzKKqONwnAqC7hKuMEQ5mvc05UW+
    MpbNsbmLTXVL3oYF5iQDJaUdAQJ7vN3hB1In/p5wIJ4bFleaf+57k0jhw3jVxayX
    fuwH1EcAzenlBafHYnyzIFHrH27lkQ/jbxZ8cU6jAHqDNsayS7Vl/8056TV14tcv
    uiK1Mfou0HnvDcNaUPW9EHbctEHLLLE9UzEGpGAxRfhF4CUSMQrvoEFIlOZQrbUC
    C3xua/zoKbY=
    =9v+4
    -----END PGP SIGNATURE-----
    
    --
    RHSA-announce mailing list
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://www.redhat.com/mailman/listinfo/rhsa-announce
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"13","type":"x","order":"1","pct":54.17,"resources":[]},{"id":"88","title":"Should be more technical","votes":"4","type":"x","order":"2","pct":16.67,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"7","type":"x","order":"3","pct":29.17,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.