Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -6 articles for you...
98
security advisoryRed Hatmoderate severityRed Hat VolSync 0.7.3 Moderate Advisory: Security Fixes Overview
VolSync v0.7.3 enhancements and security fixes Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: VolSync 0.7.3 security fixes and enhancements Advisory ID: RHSA-2023:4204-01 Product: Red Hat ACM Advisory URL: https://access.redhat.com/errata/RHSA-2023:4204 Issue date: 2023-07-18 CVE Names: CVE-2020-24736 CVE-2023-1667 CVE-2023-2283 CVE-2023-3089 CVE-2023-24329 CVE-2023-26604 ==================================================================== 1. Summary: VolSync v0.7.3 enhancements and security fixes Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. 2. Description: VolSync is a Kubernetes operator that enables asynchronous replication of persistent volumes within a cluster, or across clusters. After deploying the VolSync operator, it can create and maintain copies of your persistent data. For more information about VolSync, see: https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.8/html/business_continuity/business-cont-overview#volsync or the VolSync open source community website at: https://volsync.readthedocs.io/en/stable/. This advisory contains enhancements and updates to the VolSync container images. Security fix(es): * CVE-2023-3089 openshift: OCP & FIPS mode 3. Solution: For details on how to install VolSync, referto: https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.8/html/business_continuity/business-cont-overview#volsync-rep 4. Bugs fixed (https://bugzilla.redhat.com/): 2212085 - CVE-2023-3089 openshift: OCP & FIPS mode 5. JIRA issues fixed (https://redhat.atlassian.net/jira/projects): ACM-6336 - VolSync v0.7.3 6. References: https://access.redhat.com/security/cve/CVE-2020-24736 https://access.redhat.com/security/cve/CVE-2023-1667 https://access.redhat.com/security/cve/CVE-2023-2283 https://access.redhat.com/security/cve/CVE-2023-3089 https://access.redhat.com/security/cve/CVE-2023-24329 https://access.redhat.com/security/cve/CVE-2023-26604 https://access.redhat.com/security/updates/classification/#moderate 7. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJkt2keAAoJENzjgjWX9erEKL0P/24na+zumgR7Ee/Y9VksDnX9 7TNKrwdNj4sRsOh8+QVWpcHInG/uLi3lWt7n1Xp6mOx6lG/DoO9AmiqiKFDMgCt+ kP8aakLQ+bKM/VdibJSBrB1wu+3DAJWVy7+bw2V+ivw72vBoIoz0wB5zn6Pz8SXG I2/oWUTJM5L3p4Vk/s7mFyyp/JDbElTsZLTDPWG28Yh9YTlZoLVznymbNjlUZwj4 8zS7+EMRwje7dQKnMBOWnJvCN/wASSkBsUxZVFRYIpNYdSUSoT42sPlcoqE0dGue nINsyBDZv7TNz/abUSO35gVCNwZZj0DLZ+thktzrHl6AYWKr7W5v6NhBEtG2quFL 74q4Apg3x/rl9421SOMdrgOvW/MWDA1foFNP/5K5fCWxBq30QSvCpgRKpIpAZ0er rJOVLNbin+gphFd52mJV7dJo2BK6EzIoIv7Plgurdhyl2sugYVDEmxUotWF844eX En3O2Ho/TtSDuR9CGY7wA2oxB8aPUOdbsCnKLISIl+s+uaw/2GeIMvx/MD9cepVs aLOy+unl67NzNW7mpMcvrsEJi/mxp6hRVQwVy95LSMqw0mRxHOFOC31qZ2rD5h4L GR7j0X7KKX7pbCZwhNFPw+WoQRlZL1aqK3GfV8lMZOLqSpaY7qWBfWe9DIik/gEO o9BxEjx9kmvJ+ImLK1j/ =137U -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Jul 19, 2023
Red Hat
217
security advisorymoderatesecurity issuesOracle Linux 8 ELSA-2022-1566: Moderate Advisory for Container Security
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2022-1566 https://linux.oracle.com/errata/ELSA-2022-1566.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable LinuxNetwork: x86_64: buildah-1.11.6-10.0.1.module+el8.5.0+20636+305c97cc.x86_64.rpm buildah-tests-1.11.6-10.0.1.module+el8.5.0+20636+305c97cc.x86_64.rpm cockpit-podman-11-1.module+el8.5.0+20636+305c97cc.noarch.rpm conmon-2.0.15-1.module+el8.5.0+20636+305c97cc.x86_64.rpm containernetworking-plugins-0.8.3-4.0.1.module+el8.5.0+20636+305c97cc.x86_64.rpm containers-common-0.1.41-4.0.1.module+el8.5.0+20636+305c97cc.x86_64.rpm container-selinux-2.130.0-1.module+el8.5.0+20636+305c97cc.noarch.rpm crit-3.12-9.module+el8.5.0+20636+305c97cc.x86_64.rpm criu-3.12-9.module+el8.5.0+20636+305c97cc.x86_64.rpm fuse-overlayfs-0.7.8-1.module+el8.5.0+20636+305c97cc.x86_64.rpm podman-1.6.4-28.0.1.module+el8.5.0+20636+305c97cc.x86_64.rpm podman-docker-1.6.4-28.0.1.module+el8.5.0+20636+305c97cc.noarch.rpm podman-remote-1.6.4-28.0.1.module+el8.5.0+20636+305c97cc.x86_64.rpm podman-tests-1.6.4-28.0.1.module+el8.5.0+20636+305c97cc.x86_64.rpm python3-criu-3.12-9.module+el8.5.0+20636+305c97cc.x86_64.rpm python-podman-api-1.2.0-0.2.gitd0a45fe.module+el8.5.0+20636+305c97cc.noarch.rpm runc-1.0.0-66.rc10.module+el8.5.0+20636+305c97cc.x86_64.rpm skopeo-0.1.41-4.0.1.module+el8.5.0+20636+305c97cc.x86_64.rpm skopeo-tests-0.1.41-4.0.1.module+el8.5.0+20636+305c97cc.x86_64.rpm slirp4netns-0.4.2-3.git21fdece.module+el8.5.0+20636+305c97cc.x86_64.rpm udica-0.2.1-2.module+el8.5.0+20636+305c97cc.noarch.rpm aarch64: buildah-1.11.6-10.0.1.module+el8.5.0+20636+305c97cc.aarch64.rpm buildah-tests-1.11.6-10.0.1.module+el8.5.0+20636+305c97cc.aarch64.rpm cockpit-podman-11-1.module+el8.5.0+20636+305c97cc.noarch.rpm conmon-2.0.15-1.module+el8.5.0+20636+305c97cc.aarch64.rpm containernetworking-plugins-0.8.3-4.0.1.module+el8.5.0+20636+305c97cc.aarch64.rpm containers-common-0.1.41-4.0.1.module+el8.5.0+20636+305c97cc.aarch64.rpm container-selinux-2.130.0-1.module+el8.5.0+20636+305c97cc.noarch.rpm crit-3.12-9.module+el8.5.0+20636+305c97cc.aarch64.rpm criu-3.12-9.module+el8.5.0+20636+305c97cc.aarch64.rpm fuse-overlayfs-0.7.8-1.module+el8.5.0+20636+305c97cc.aarch64.rpm podman-1.6.4-28.0.1.module+el8.5.0+20636+305c97cc.aarch64.rpm podman-docker-1.6.4-28.0.1.module+el8.5.0+20636+305c97cc.noarch.rpm podman-remote-1.6.4-28.0.1.module+el8.5.0+20636+305c97cc.aarch64.rpm podman-tests-1.6.4-28.0.1.module+el8.5.0+20636+305c97cc.aarch64.rpm python3-criu-3.12-9.module+el8.5.0+20636+305c97cc.aarch64.rpm python-podman-api-1.2.0-0.2.gitd0a45fe.module+el8.5.0+20636+305c97cc.noarch.rpm runc-1.0.0-66.rc10.module+el8.5.0+20636+305c97cc.aarch64.rpm skopeo-0.1.41-4.0.1.module+el8.5.0+20636+305c97cc.aarch64.rpm skopeo-tests-0.1.41-4.0.1.module+el8.5.0+20636+305c97cc.aarch64.rpm slirp4netns-0.4.2-3.git21fdece.module+el8.5.0+20636+305c97cc.aarch64.rpm udica-0.2.1-2.module+el8.5.0+20636+305c97cc.noarch.rpm SRPMS: https://oss.oracle.com:443/ol8/SRPMS-updates/buildah-1.11.6-10.0.1.module+el8.5.0+20636+305c97cc.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/cockpit-podman-11-1.module+el8.5.0+20636+305c97cc.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/conmon-2.0.15-1.module+el8.5.0+20636+305c97cc.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/containernetworking-plugins-0.8.3-4.0.1.module+el8.5.0+20636+305c97cc.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/container-selinux-2.130.0-1.module+el8.5.0+20636+305c97cc.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/criu-3.12-9.module+el8.5.0+20636+305c97cc.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/fuse-overlayfs-0.7.8-1.module+el8.5.0+20636+305c97cc.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/podman-1.6.4-28.0.1.module+el8.5.0+20636+305c97cc.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/python-podman-api-1.2.0-0.2.gitd0a45fe.module+el8.5.0+20636+305c97cc.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/runc-1.0.0-66.rc10.module+el8.5.0+20636+305c97cc.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/skopeo-0.1.41-4.0.1.module+el8.5.0+20636+305c97cc.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/slirp4netns-0.4.2-3.git21fdece.module+el8.5.0+20636+305c97cc.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/udica-0.2.1-2.module+el8.5.0+20636+305c97cc.src.rpm Related CVEs: CVE-2022-27649 CVE-2022-27651 Description of changes: buildah [1.11.6-10.0.1] - Handling redirect from the docker registry [Orabug: 29874238] (Nikita Gerasimov) - Reduce unnecessary writable mounts in NaiveDiffDriver [Orabug: 31025483] [1.11.6-10] - update to the latest content of https://github.com/containers/buildah/tree/release-1.11-rhel (https://github.com/containers/buildah/commit/9a4764a) - fixes CVE-2022-27649 podman [1.6.4-28.0.1] - Reduce unnecessary writable mounts in NaiveDiffDriver [Orabug: 31025483] - delivering fix for [Orabug: 29874238] by Nikita Gerasimov [1.6.4-28] - update to the latest content of https://github.com/containers/podman/tree/v1.6.4-rhel (https://github.com/containers/podman/commit/9407ffd) - fixes CVE-2022-27651 - Resolves: #2067545 [1.6.4-27] - update to the latest content of https://github.com/containers/podman/tree/v1.6.4-rhel (https://github.com/containers/podman/commit/c19e460) - Resolves: #2062401 _______________________________________________ El-errata mailing list
Apr 28, 2022
Oracle
89
security advisoryfedorasoftware managementFedora 9: 2009:2421 Moderate: XULRunner Security Issues
Update to the new upstream Firefox 3.0.7 / XULRunner 1.9.0.7 fixing multiple security issues: https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-3.0/ This update also contains new builds of all applications depending on Gecko libraries, built against the new version. Note: after the updated packages are installed, Firefox must be restarted for the update to take effect.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2009-2421 2009-03-08 06:09:09 --------------------------------------------------------------------------------Name : xulrunner Product : Fedora 9 Version : 1.9.0.7 Release : 1.fc9 URL : Summary : XUL Runtime for Gecko Applications Description : XULRunner provides the XUL Runtime environment for Gecko applications. --------------------------------------------------------------------------------Update Information: Update to the new upstream Firefox 3.0.7 / XULRunner 1.9.0.7 fixing multiple security issues: https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-3.0/ This update also contains new builds of all applications depending on Gecko libraries, built against the new version. Note: after the updated packages are installed, Firefox must be restarted for the update to take effect. --------------------------------------------------------------------------------ChangeLog: * Tue Mar 3 2009 Jan Horak - 1.9.0.7-1 - Update to 1.9.0.7 * Thu Feb 26 2009 Jan Horak - 1.9.0.6-2 - Fixed wrong version of Firefox when loading 'about:' as location (#453980). * Wed Feb 4 2009 Christopher Aillon 1.9.0.6-1 - Update to 1.9.0.6 * Tue Dec 16 2008 Christopher Aillon 1.9.0.5-1 - Update to 1.9.0.5 * Wed Nov 12 2008 Christopher Aillon 1.9.0.4-1 - Update to 1.9.0.4 * Tue Sep 23 2008 Christopher Aillon 1.9.0.2-1 - Update to 1.9.0.2 * Wed Jul 16 2008 Christopher Aillon 1.9.0.1-1 - Update to 1.9.0.1 * Mon Jun 30 2008 DennisGilmore 1.9-1.1 - handle sparc arches * Tue Jun 17 2008 Christopher Aillon 1.9-1 - Update to 1.9 final * Thu May 29 2008 Christopher Aillon 1.9-0.63 - Simplify PS/PDF operators * Thu May 22 2008 Christopher Aillon 1.9-0.62 - Upstream patch to fsync() less * Thu May 8 2008 Colin Walters 1.9-0.61 - Ensure we enable startup notification; add BR and modify config (bug #445543) --------------------------------------------------------------------------------References: [ 1 ] Bug #488272 - CVE-2009-0771 Firefox 3 Layout Engine Crashes https://bugzilla.redhat.com/show_bug.cgi?id=488272 [ 2 ] Bug #488273 - CVE-2009-0772 Firefox 2 and 3 - Layout engine crashes https://bugzilla.redhat.com/show_bug.cgi?id=488273 [ 3 ] Bug #488276 - CVE-2009-0773 Firefox 3 crashes in the JavaScript engine https://bugzilla.redhat.com/show_bug.cgi?id=488276 [ 4 ] Bug #488283 - CVE-2009-0774 Firefox 2 and 3 crashes in the JavaScript engine https://bugzilla.redhat.com/show_bug.cgi?id=488283 [ 5 ] Bug #488287 - CVE-2009-0775 Firefox XUL Linked Clones Double Free Vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=488287 [ 6 ] Bug #488290 - CVE-2009-0776 Firefox XML data theft via RDFXMLDataSource and cross-domain redirect https://bugzilla.redhat.com/show_bug.cgi?id=488290 [ 7 ] Bug #488292 - CVE-2009-0777 Firefox URL spoofing with invisible control characters https://bugzilla.redhat.com/show_bug.cgi?id=488292 --------------------------------------------------------------------------------This update can be installed with the "yum" update program. Use su -c 'yum update xulrunner' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ Fedora-package-announce mailing list
Mar 08, 2009
•Important
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!