Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -6 articles for you...
98
security advisorymoderatesecurity fixRed Hat: RHSA-2023-4471-01 Moderate: OpenShift Serverless Client Release
Red Hat OpenShift Serverless 1.29.1 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: Release of OpenShift Serverless Client kn 1.29.1 Advisory ID: RHSA-2023:4471-01 Product: Red Hat OpenShift Serverless Advisory URL: https://access.redhat.com/errata/RHSA-2023:4471 Issue date: 2023-08-03 CVE Names: CVE-2023-3089 ===================================================================== 1. Summary: Red Hat OpenShift Serverless 1.29.1 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Openshift Serverless 1 on RHEL 8Base - ppc64le, s390x, x86_64 3. Description: Red Hat OpenShift Serverless Client kn 1.29.1 provides a CLI to interact with Red Hat OpenShift Serverless 1.29.1. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms. This release includes security and bug fixes, and enhancements. Security Fix(es): * openshift: OCP & FIPS mode (CVE-2023-3089) For more information about CVE-2023-3089, see https://access.redhat.com/security/vulnerabilities/RHSB-2023-001. For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For instructions on how to install and use OpenShift Serverless, see documentation linked fromthe References section. 5. Bugs fixed (https://bugzilla.redhat.com/): 2212085 - CVE-2023-3089 openshift: OCP & FIPS mode 6. Package List: Openshift Serverless 1 on RHEL 8Base: Source: openshift-serverless-clients-1.8.1-6.el8.src.rpm ppc64le: openshift-serverless-clients-1.8.1-6.el8.ppc64le.rpm s390x: openshift-serverless-clients-1.8.1-6.el8.s390x.rpm x86_64: openshift-serverless-clients-1.8.1-6.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2023-3089 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/security/vulnerabilities/RHSB-2023-001 https://access.redhat.com/documentation/en-us/openshift_container_platform/4.10/html/serverless/index https://access.redhat.com/documentation/en-us/openshift_container_platform/4.11/html/serverless/index https://access.redhat.com/documentation/en-us/openshift_container_platform/4.12/html/serverless/index https://access.redhat.com/documentation/en-us/openshift_container_platform/4.13/html/serverless/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIcBAEBCAAGBQJkzAxKAAoJENzjgjWX9erEO5cQAKhOGMfA3elNcWkiSUkqi95v leDH0tONGAVdgZoTnYW1hGXMqoDin1rwijHLVcD5DZt/VNPElvPzmrGmvRajgE7C QDZmz6Kg4SPj3mScJPrJogiNMFRnBuqiSPCtzvpKDE9n2gYz88lSOFzxHVEbuP6c 6TEGzsz8ZDbPkmiSE+T4wpbDszn6gDOpwaJWTlgSqFXV68IoMCD+V9+5Nqg3dNVJ 1NWf6OrrqFdBw5uIC2l6HSVuEdHVF8Udzq3LuEAOVL+/fAVqlz+X4KFJFLKgqmrB 3+7r7zi3UJ77qKQBgd6ZMqUlt8bu9Vw3+5987wyjQBxqiHmhmosBw3wK4s/y3kBD qO3ShcCo5hYgCiebgfUZvUl2IFr0ZuzXoa0hMfdlmT+FFaNBvgvKA/8F0dLiKEuF 30pBokKuOvRpYNHHaXnRLIK9NIZcVO5zBpO9rKLeitqZAh//6sVgSoEQnY8znGjq lRAdK82C5jXeQb5gHqN6v4+gbWp0C5g5IWQl7P4lzqnq/BmvAxhq/5SHpIfg2+P6 K/7y+OSA+OGDcAROYK/tthJimXBjF7KAPvGG41F/XmhOMOUH2zXU/w+CBfgPWisz sS/UHG0i0lM/YTeS0RoSGa56fVfTzt4snysGYY6UGmjwJzZQR5VOfLLba6a7+nsS Y3VYSnzLk2qz++F29YcY =ojGB -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Aug 03, 2023
Red Hat
98
security advisorymoderatesecurity issueRed Hat OpenShift Serverless 1.16.0 Security Update: Multiple Issues
Release of OpenShift Serverless Client kn 1.16.0 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: Release of OpenShift Serverless Client kn 1.16.0 Advisory ID: RHSA-2021:2704-01 Product: Red Hat OpenShift Serverless Advisory URL: https://access.redhat.com/errata/RHSA-2021:2704 Issue date: 2021-07-13 CVE Names: CVE-2021-27918 CVE-2021-31525 CVE-2021-33196 ==================================================================== 1. Summary: Release of OpenShift Serverless Client kn 1.16.0 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Openshift Serverless 1 on RHEL 8Base - ppc64le, s390x, x86_64 3. Description: Red Hat OpenShift Serverless Client kn 1.16.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.16.0. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms. Security Fix(es): * golang: encoding/xml: infinite loop when using xml.NewTokenDecoder with a custom TokenReader (CVE-2021-27918) * golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header (CVE-2021-31525) * golang: archive/zip: malformed archive may cause panic or memory exhaustion (CVE-2021-33196) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the Referencessection. 4. Solution: See the Red Hat OpenShift Container Platform 4.6 documentation at: https://docs.redhat.com/en/documentation/openshift_container_platform/4.21 4.6/html/serverless_applications/index See the Red Hat OpenShift Container Platform 4.7 documentation at: https://docs.redhat.com/en/documentation/openshift_container_platform/4.21 4.7/html/serverless/index 5. Bugs fixed (https://bugzilla.redhat.com/): 1937901 - CVE-2021-27918 golang: encoding/xml: infinite loop when using xml.NewTokenDecoder with a custom TokenReader 1958341 - CVE-2021-31525 golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header 1965503 - CVE-2021-33196 golang: archive/zip: Malformed archive may cause panic or memory exhaustion 1971449 - Release of Openshift Serverless Client 1.16.0 6. Package List: Openshift Serverless 1 on RHEL 8Base: Source: openshift-serverless-clients-0.22.0-3.el8.src.rpm ppc64le: openshift-serverless-clients-0.22.0-3.el8.ppc64le.rpm s390x: openshift-serverless-clients-0.22.0-3.el8.s390x.rpm x86_64: openshift-serverless-clients-0.22.0-3.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2021-27918 https://access.redhat.com/security/cve/CVE-2021-31525 https://access.redhat.com/security/cve/CVE-2021-33196 https://access.redhat.com/security/updates/classification#moderate https://docs.redhat.com/en/documentation/red_hat_openshift_serverless/1.33 https://docs.redhat.com/en/documentation/red_hat_openshift_serverless/1.33 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYO3FdtzjgjWX9erEAQjjQw/+LxSwIt4AwBdpF3tFtWEU2PGlzF8oO8rc /QAIc5NB/WPYyZ/73pCBKr7qjbBOnOKiHpvpH4dVnMJK7EuhEIyr5Zz+vJM38f3j zX5pCeLdJl6hvjckL0/4YlUZvMnQrlgel5mHCtCDxnjzxhG16k0j8Ybgvn9hBDEu JI3c9hgFSSP0JAJp4zPTfQrcVEoCg9/FD0wzcoyweuf8ayaeUIf055dIxYeX2jAy SMuCHGf7clP8bk7UYVg8DCovaCjT3UKtt6UTu/AWD/6MQhl7X9XHop+tbJ/mrIk6 PRPYtA4cTAfitYtnKrB+pOJ5NrEFlLDzKgE5kqWi4jZjH6ZyW1MIkN0q90Nclclu DiWNp3kRM1AZzzBVgrQgQ1Advd6ofW6GAFlGSKglNBJXHhHMtCAOv24zcvyFoaet cujsurPWxkahku9uYDdfjW4Z0Xep9Nw0ZUuFX5QJQZK0fo6G30HguTswf86oGSRQ u3yZGqTmuQ1FUqWn+sKuM3wTwoyieyOUuBlB4+uCQ+qQCTvchucOdVWNh4rK4VG7 cCgTZ99mglofSXZbCDBywXXiDN95d2zG/avQoXT8g2OGFQGIREfqaHR7dorg5HPT 8kc0CK6eQK42uFi0e+Fa/4g8ZLm0odDxlaKGr6UpFb9g8G2IdXOv56mC6BdDuP0M rCrerE0quyo=O3dK -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Jul 13, 2021
Red Hat
98
security advisorymoderatesecurity updateRed Hat OpenShift 1.14.0 RHSA-2021:1339-01 Moderate: CLI Security Update
Release of OpenShift Serverless Client kn 1.14.0 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: Release of OpenShift Serverless Client kn 1.14.0 and security update Advisory ID: RHSA-2021:1339-01 Product: Red Hat OpenShift Serverless Advisory URL: https://access.redhat.com/errata/RHSA-2021:1339 Issue date: 2021-04-22 CVE Names: CVE-2021-3114 CVE-2021-3115 ==================================================================== 1. Summary: Release of OpenShift Serverless Client kn 1.14.0 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Openshift Serverless 1 on RHEL 8Base - ppc64le, s390x, x86_64 3. Description: Red Hat OpenShift Serverless Client kn 1.14.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.14.0. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms. Security Fix(es): * golang: crypto/elliptic: incorrect operations on the P-224 curve (CVE-2021-3114) * golang: cmd/go: packages using cgo can cause arbitrary code execution at build time (CVE-2021-3115) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: See the Red Hat OpenShift Container Platform 4.6 documentationat: https://docs.redhat.com/en/documentation/openshift_container_platform/4.21 4.6/html/serverless_applications/index See the Red Hat OpenShift Container Platform 4.7 documentation at: https://docs.redhat.com/en/documentation/openshift_container_platform/4.21 4.7/html/serverless/index 5. Bugs fixed (https://bugzilla.redhat.com/): 1918750 - CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve 1918761 - CVE-2021-3115 golang: cmd/go: packages using cgo can cause arbitrary code execution at build time 1941695 - Release of OpenShift Serverless Client 1.14.0 6. Package List: Openshift Serverless 1 on RHEL 8Base: Source: openshift-serverless-clients-0.20.0-6.el8.src.rpm ppc64le: openshift-serverless-clients-0.20.0-6.el8.ppc64le.rpm s390x: openshift-serverless-clients-0.20.0-6.el8.s390x.rpm x86_64: openshift-serverless-clients-0.20.0-6.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2021-3114 https://access.redhat.com/security/cve/CVE-2021-3115 https://access.redhat.com/security/updates/classification#moderate https://docs.redhat.com/en/documentation/red_hat_openshift_serverless/1.33 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYIG+JtzjgjWX9erEAQg53g/+Plj203uZhkyfzfqWCpSOa7b6N29nlZ6e URYk+GSmKc9d4TB9L2ZG6sTvwtLo0WFP09dEbn7XOvN61Rj9zUgHALC8pWENppsZ ok085H8VaH1ND835bGcDAbHvo9t97h2T6j9tjaNHFmVuC2ZqnQwnjp1qiE2+Gb+6 TdHo4dA40rOyF0JUmmuIUTs06cfYIySrVsgGYOCSmDlkAxivZrjUi0Q3gzTHt4MP Q24m0RqZM+GyyCJUuAZUAfoiiPTVxM7vqa4ssXr0PTJTbPyNkl8oHl7+l6sguZdf cY4ILptHyNLsWvvZIZnUu9uHuQ9ABaGKJEYfesvu6CLXp4U+M1R9Waf+XMqoyk72 YAuptXu0wqMMR//v3x/3efcEyMvFKT9pAPqDONKYbpofI0YQL/5/kOm/h+gSFGpB PDqgKEOrMTxhGIf5I7Y9PRkq2ijADuIGxp23tE+tV4ksBpv4zAhMleV/MZFpvuxK 8AUq0e8F4WIcCFIYoksAfDJdIA04qBMN8IMlQUChg10K6mpYPRG68P7ACgvkp7ty zB83XE8QzSYPniYU11advsDukoL1pg/1JofN38d4MQHyEPMJgqXRyUbWit90HDF4 mOyyUbC8WnG0qwPc3QrWUhZPIbjqvozK3UEF1ppknT6Le5xdlSBzU1GSdKm8DFIv t7nxjEbNyrc=LjPU -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Apr 22, 2021
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!