Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -7 articles for you...
100
security advisorycriticalsoftware updateSUSE: Important Azure Update for Public Cloud Modules 2025:03117-1
* bsc#1243419 * bsc#1246995 Affected Products: * openSUSE Leap 15.6 . # Security update for regionServiceClientConfigAzure Announcement ID: SUSE-SU-2025:03117-1 Release Date: 2025-09-09T12:58:06Z Rating: critical References: * bsc#1243419 * bsc#1246995 Affected Products: * openSUSE Leap 15.6 * Public Cloud Module 15-SP3 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * Public Cloud Module 15-SP6 * Public Cloud Module 15-SP7 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that has two security fixes can now be installed. ## Description: This update for regionServiceClientConfigAzure contains the following fixes: * Update to version 3.0.0.(bsc#1246995) * SLE 16 python-requests requires SSL v3 certificates. Update 2 region server certs to support SLE 16 when it gets released. * Update dependency name for metadata package, name change in SLE 16. (bsc#1243419) * Replacing certificate for rgnsrv-azure-southeastasia to getrid of weird chain cert ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-3117=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-3117=1 * Public Cloud Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP7-2025-3117=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-3117=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-3117=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-3117=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-3117=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-3117=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-3117=1 * Public Cloud Module 15-SP3 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2025-3117=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-3117=1 ## Package List: * Public Cloud Module 15-SP5 (noarch) * regionServiceClientConfigAzure-3.0.0-150000.3.28.1 * Public Cloud Module 15-SP6 (noarch) * regionServiceClientConfigAzure-3.0.0-150000.3.28.1 * Public Cloud Module 15-SP7 (noarch) * regionServiceClientConfigAzure-3.0.0-150000.3.28.1 * openSUSE Leap 15.6 (noarch) * regionServiceClientConfigAzure-3.0.0-150000.3.28.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * regionServiceClientConfigAzure-3.0.0-150000.3.28.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * regionServiceClientConfigAzure-3.0.0-150000.3.28.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) *regionServiceClientConfigAzure-3.0.0-150000.3.28.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * regionServiceClientConfigAzure-3.0.0-150000.3.28.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * regionServiceClientConfigAzure-3.0.0-150000.3.28.1 * Public Cloud Module 15-SP3 (noarch) * regionServiceClientConfigAzure-3.0.0-150000.3.28.1 * Public Cloud Module 15-SP4 (noarch) * regionServiceClientConfigAzure-3.0.0-150000.3.28.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1243419 * https://bugzilla.suse.com/show_bug.cgi?id=1246995 . An important upgrade for regionServiceClientConfigAzure resolves two major vulnerabilities. Ensure you implement the necessary fixes to protect your infrastructure!. SUSE Update, Region Service Client, Critical Security Patch. . Severity: Critical. LinuxSecurity.com Team
Sep 09, 2025
•Critical
SuSE
98
security advisoryRed Hatbug fixRed Hat RHACS 3.73: RHSA-2022:8827-01 Low Impact Security Update
Updated images are now available for Red Hat Advanced Cluster Security (RHACS). The updated image includes new features and bug fixes. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Low: RHACS 3.73 enhancement and security update Advisory ID: RHSA-2022:8827-01 Product: RHACS Advisory URL: https://access.redhat.com/errata/RHSA-2022:8827 Issue date: 2022-12-06 CVE Names: CVE-2022-24778 CVE-2022-36056 CVE-2022-42898 ==================================================================== 1. Summary: Updated images are now available for Red Hat Advanced Cluster Security (RHACS). The updated image includes new features and bug fixes. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Release of RHACS 3.73 provides these changes: New features: * Red Hat Advanced Cluster Security Cloud Service (ACSCS) is a Red Hat managed service that simplifies and accelerates RHACS deployments. ACSCS is available as a Field Trial release. For more information about accessing ACSCS, contact Red Hat Sales. * Improved Vulnerability Management dashboard for ACSCS users. * PostgreSQL database option is available as Technology Preview feature. If you are interested in participating in the Tech Preview program, contact your Red Hat account representative. * A new build-time network policy generator as Technology Preview feature, to generate Kubernetes network policies based on Application YAML manifests. Notable technical changes: * RHACS uses GraphQL internally to show data in the RHACS portal.However, Red Hat does not support querying RHACS using GraphQL. If you are using GraphQL, see https://access.redhat.com/articles/6986289 and contact Red Hat Consulting. * Sensor no longer uses `anyuid` Security Context Constraint (SCC). Instead, the default SCC for Sensor is now `restricted[-v2]` or `stackrox-sensor`, depending on the settings. In addition, the `runAsUser` and `fsGroup` for the Admission control and Sensor deployments are no longer hard-coded to `4000` on OpenShift clusters to allow using the `restricted` and `restricted-v2` SCCs. (ROX-9342) * The service account `central`, which the Central deployment uses, now includes `get` and `list` access to the pods, events, and namespaces resources in the namespace where you deploy Central. * The CSV export API `/api/vm/export/csv` now requires the `CVE Type` filter as part of the input query parameter. Supported values for `CVE Type` are `IMAGE_CVE`, `K8S_CVE`, `ISTIO_CVE`, `NODE_CVE`, and `OPENSHIFT_CVE`. Notice of in-product docs removal: * Beginning in the RHACS 3.74 release, Red Hat will remove the in-product docs accessible from the help menu. If you are using the in-product docs, you can instead download the required documentation in PDF format from Red Hat Customer Portal. (ROX-12839) Bug fixes: * Previously, if you were using StackRox Kubernetes Security Platform - Splunk Technology Add-on, results for the `ocp4-cis-node` compliance standard was missing from Splunk. This issue is now fixed. The Splunk integration now includes the `ocp4-cis-node` compliance standard results. (ROX-11937) * Previously, Central would fail on the v1 CronJob deployment check. This issue is fixed. (ROX-13500) Security Fix(es): * imgcrypt: Unauthorized access to encryted container image on a shared system due to missing check in CheckAuthorization() code path (CVE-2022-24778) * app-containers/cosign: false positive verification (CVE-2022-36056) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other relatedinformation, refer to the CVE page(s) listed in the References section. 3. Solution: To take advantage of the new features, bug fixes, and enhancements in RHACS 3.73 you are advised to upgrade to RHACS 3.73.0. 4. Bugs fixed (https://bugzilla.redhat.com/): 2069368 - CVE-2022-24778 imgcrypt: Unauthorized access to encryted container image on a shared system due to missing check in CheckAuthorization() code path 2128820 - CVE-2022-36056 app-containers/cosign: false positive verification 5. JIRA issues fixed (https://redhat.atlassian.net/jira/projects): ROX-13687 - Release RHACS 3.73.0 6. References: https://access.redhat.com/security/cve/CVE-2022-24778 https://access.redhat.com/security/cve/CVE-2022-36056 https://access.redhat.com/security/cve/CVE-2022-42898 https://access.redhat.com/security/updates/classification#low https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/3.73/html/release_notes/release-notes-373 7. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY4+QLtzjgjWX9erEAQhgOxAAl3J3PEic6f7jSpbFNJVnj4ACQxursTFG CX9qxbMTwCy19vqKx/pummlobOSRhweidwVJMMSIaXW0/ZLJyuyLDhKBjrBhjq67 kpuJBilDSDWwZNJLqtU9QFx/VJyHcnACuPf22SFouXW3FZS6a4dlvK2N7va3Wiwc yW29PdwRjfe8gft8UIbzLb3T2UokXwNY5s34y8q8y1Lr2KFUqFxM7e/IKl3XrLPa g+rPGsw/boYhHU6U9LspaBlZ/0wv4SnYQHPvS/t5kMKiA+yRvUDmpYKo23Hi7SK+ Y2c7yKUwqmeuem6ZmdefJkhTfVmTcptik1f/ie9rOHvpFeSZdZ5laEOm4DGixuh3 J1qxtcMsUItYO1S8iLbF17z1jkT3V2bEZmLRjKD8L28EhYS6nqX2IfBl8wjhlbbD tv9LGFWbwwec+j1/k1kMz5u3tQThkeO9znJNYC0QiE07h28A77u7oLkC3r1OksfY vIcaQ8f8NC7AkT4kK9LhGU/w99z7y+TNErIlx3/ws3HvaSfjGsDsSVEiRh/AyCfl qb5FioiHf5Mt88IoIH2mk3SUlDVyg0r5WUajdN9WQqAogTtUTesUxnUgOjuGLfxY +vVOsfSekZAk+LnlFkMrYfd28IhT9bkEFhW1NbSF5C1wfY82rpuUC1aPvsB3ua+l xqlw1gy7Hpo=If/b -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Dec 06, 2022
•Low
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!