Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -6 articles for you...
98
security advisorymoderate threatsecurity impactRedHat: RHSA-2023:1277-01 Moderate: OpenStack Resource Consumption Risk
An update for collectd-libpod-stats is now available for Red Hat OpenStack Platform. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: Red Hat OpenStack Platform (collectd-libpod-stats) security update Advisory ID: RHSA-2023:1276-01 Product: Red Hat OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2023:1276 Issue date: 2023-03-15 CVE Names: CVE-2022-41717 ==================================================================== 1. Summary: An update for collectd-libpod-stats is now available for Red Hat OpenStack Platform. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenStack Platform 16.1 - ppc64le, x86_64 Red Hat OpenStack Platform 16.2 - ppc64le, x86_64 3. Description: Collectd plugin for gathering resource usage statistics from containerscreated with the libpod library. Security Fix(es): * net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2161274 - CVE-2022-41717 golang: net/http:An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests 6. Package List: Red Hat OpenStack Platform 16.1: Source: collectd-libpod-stats-1.0.4-3.el8ost.src.rpm ppc64le: collectd-libpod-stats-1.0.4-3.el8ost.ppc64le.rpm x86_64: collectd-libpod-stats-1.0.4-3.el8ost.x86_64.rpm Red Hat OpenStack Platform 16.2: Source: collectd-libpod-stats-1.0.4-3.el8ost.src.rpm ppc64le: collectd-libpod-stats-1.0.4-3.el8ost.ppc64le.rpm x86_64: collectd-libpod-stats-1.0.4-3.el8ost.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-41717 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZBI1Q9zjgjWX9erEAQjwrw//QS/1xiRblnCgDJM5fxWRtMMbQb7SPV5u w+hYG75YxWF/t137BWzlpZIjh5ej+W4ej+CzFm3aP8iKTmNjI80QnM+pMaDkq+HQ mQ83dupVuCBFNfWTabqAzElMSa8IFZoh1dJnY1AAmy4Gfk28I1KbXML/REp/WMuo zDED7Al10ewD2xXbO2f+VpvM35GhJEvTrN15wJCfWEsy/I5un3WVrmZvqcRWMSh+ 1Q7fwHZm7TSocNcvuwk7JBefU1eDXPeeIkrArpujj0ToOycxhLPigIorb2K9Wl/R vcu6O3dnHOfFyKQ05IELv4ntv3K9L0Dn5xRbTR6ysnBMR0aY6vwcEEfqYikVNkKc 39L4m2QP59tLAgCtdt9Va+DgRBPxlEIDEKSiRbZrqjFLgfUymCSrlC/4QplZIBwa CzufK9UPP/eQm1Jq9iYIp01Bi9qkeGGwfig1O8kL5VQcraL1HSOLvA9w8pJTa2If cD9yzg6fvJknRVkhQai+CGEpoTxnMrREXSdSFwAhwKLXjjZ5tMRvZoGdebP+3FPW ExpeDxVgFOMPi7wYIcsTBokiJ4Cb8Dsmej/z2FilTxdiahXpqsMNuMLbEg+iRF+0 Fd2OCGqfIApnAqkiqG3b71QlN2DEzKmOjwPZUb1w5wNZCjAtpkcfDvyyfdFeh87i K1XofkTmDsY=Z6QV -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Mar 15, 2023
Red Hat
98
security advisorysecurity impactimportant advisoryRed Hat OpenStack Platform 16.2 RHSA-2022-6062-01 Crucial collectd Upgrade
An update for collectd-libpod-stats is now available for Red Hat OpenStack Platform 16.2 (Train). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: Red Hat OpenStack Platform 16.2 (collectd-libpod-stats) security update Advisory ID: RHSA-2022:6062-01 Product: Red Hat OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2022:6062 Issue date: 2022-08-15 CVE Names: CVE-2022-30631 ==================================================================== 1. Summary: An update for collectd-libpod-stats is now available for Red Hat OpenStack Platform 16.2 (Train). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenStack Platform 16.2 - ppc64le, x86_64 3. Description: Collectd plugin for gathering resource usage statistics from containerscreated with the libpod library. Security Fix(es): * golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read 6. Package List: Red Hat OpenStack Platform16.2: Source: collectd-libpod-stats-1.0.4-2.el8ost.src.rpm ppc64le: collectd-libpod-stats-1.0.4-2.el8ost.ppc64le.rpm x86_64: collectd-libpod-stats-1.0.4-2.el8ost.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-30631 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYvo2+9zjgjWX9erEAQifBQ/9FNIwjzEhXZMoULDnpPWA5iiRmfdmd6s9 WVmP2w6qY4rrKF7hSItPz0IxzXBTOklId42E12nF3zIArzTqKKOag0oOIeiAXvdZ QOcX/KOFQC9jF7iBxU4J0uYk8wfUqxOCCITLKojHEt8pCOpH6aiGTPFM9ZpFS9HF mmF4YJUB9/1XtsjQKuqCPQHrFZHWtJUW8TBt48374F2WvC4QzCVFxfJx05d6SGvD NWyMFyI3ciyGMflGe6DZiFjPlqY0idfhaTobNS+6v73mLfPLAARtZyEqezxFawyi oR/vF4/Mcv2wcYXfM+YX5VXVawgN+Xqw8OAIbujUcEXhhK/cEYHhm5SlYEP0l7xS /OvZ+BZOZ1W2cHBxRgME6RCbdYQ8z0ZEMEmMHVGuJzd/t0OX6nSYfx9GeuIQe8gr UMCLtDNZJ06fLgr0bdJ2x8EeY+ulJWLco5F+Y/f4Jq5dX3Aj+zJE9MdVOJI768N1 BkHE0OaFklYprz4ZZu3RrIRK7OIurDpICDK/K8E/WHp08bcIfwLJdE/Wi0PHH7M/ LTAoLwPBGlP+zqQE2dPlaBp0lEDePm+w4gYVO9vfwa0jsU7UQ0dH/ptePcPhUO4a 5Rn6creMaKbQrLKZYjhRBzg4E2vAPjaqfEc7NftSZvn4B8pfX1pVEUxbn9ZsWSBZ hPFw3Kwo1GY=EOoO -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Aug 15, 2022
•Important
Red Hat
98
security advisorymoderatesecurity fixRed Hat Gluster Storage 3.4 RHSA-2018:2615-01 Moderate: Collectd Update
An update for collectd is now available for Red Hat Gluster Storage 3.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: collectd security update Advisory ID: RHSA-2018:2615-01 Product: Red Hat Gluster Storage Advisory URL: https://access.redhat.com/errata/RHSA-2018:2615 Issue date: 2018-09-04 CVE Names: CVE-2017-7401 CVE-2017-16820 ==================================================================== 1. Summary: An update for collectd is now available for Red Hat Gluster Storage 3.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Gluster 3.4 Web Administration Node Agent on RHEL-7 - x86_64 Red Hat Gluster 3.4 Web Administration on RHEL-7 - x86_64 3. Description: collectd is a host-based system statistics collection daemon that gathersmetrics from various sources periodically, such as the operating system, applications, log files and devices, and storage clusters. As the daemon does not start up each time it updates files, it has a low system footprint. For Red Hat Gluster Storage Web Administration 3.4, collectd service is responsible for gathering metrics from Red Hat Gluster Storage clusters. The updated collectd package includes the following security bug fixes. Security Fix(es): * collectd: Infinite loop due to incorrect interaction of parse_packet() and parse_part_sign_sha256() functions (CVE-2017-7401) * collectd: double free incsnmp_read_table function in snmp.c (CVE-2017-16820) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. This updated package contains a number of bug fixes and enhancements, which are documented in detail in the Release Notes, linked in the References. All users of collectd are advised to upgrade to these updated packages, which resolve these issues. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1439674 - CVE-2017-7401 collectd: Infinite loop due to incorrect interaction of parse_packet() and parse_part_sign_sha256() functions 1516447 - CVE-2017-16820 collectd: double free in csnmp_read_table function in snmp.c 6. Package List: Red Hat Gluster 3.4 Web Administration Node Agent on RHEL-7: Source: collectd-5.7.2-3.1.el7rhgs.src.rpm x86_64: collectd-5.7.2-3.1.el7rhgs.x86_64.rpm collectd-debuginfo-5.7.2-3.1.el7rhgs.x86_64.rpm collectd-ping-5.7.2-3.1.el7rhgs.x86_64.rpm libcollectdclient-5.7.2-3.1.el7rhgs.x86_64.rpm Red Hat Gluster 3.4 Web Administration on RHEL-7: Source: collectd-5.7.2-3.1.el7rhgs.src.rpm x86_64: collectd-5.7.2-3.1.el7rhgs.x86_64.rpm collectd-debuginfo-5.7.2-3.1.el7rhgs.x86_64.rpm collectd-ping-5.7.2-3.1.el7rhgs.x86_64.rpm libcollectdclient-5.7.2-3.1.el7rhgs.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-7401 https://access.redhat.com/security/cve/CVE-2017-16820 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/site/documentation/en-US/red_hat_gluster_storage/3.4/html/3.4_release_notes/ 8. Contact: The Red Hat security contact is . More contact details athttps://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBW44oitzjgjWX9erEAQgEyw/9FnseauLMHRqYlqOpyU9i1YTxaNnTcvNe L6KCgjMG6jsv19fmnNvtBny1LNlbfU4B+mmJYM+xJrguOUg1Mw8Vla15opQG+8iQ vgVRHNFZ1DUpy6J0D6hdsfisGSqDP7P75cZ/b5oiYDSSOBiDZiuDhz8KQPKIxFC0 m8GzakJPg3zs1Ih1VTp4tqgn3jt6cdq3Q1KuwXGYRuBvOYiLTzmRzztcf516hXAP go6cCufE7cml7tQLdFyHvWntWuCcbqyomKLKx6llGNSRIUrc13XrtRjfG0sphT1a ev/xcNxrt/bo55QgQ4DTf90tPu/ko8thWtYmyHmd4EHuk8t9lV5xUZDSwsK2Iqjg IEAsONlEA73jHpfebrZdGJ8jEBHostLHCOfe8889txXI0/HJdRi6PEoCEjVx/+Cb fRDnVPycHhFlAJsLbKerf8RuwCKn+dzhx3NNunR0xvBl8I02kE5BgQOQlnrnf0hT V5T8PiR1mLtfEDxmVpb9ht+bDDdvLV7RwPdrCPLcxcGnUlRXOu+50epVV4wUC5Oz y4+4hsXn6zbEeG8/3MprzEOOUUFNu30ksUMNlXqGGaP/Pbye4K9g/5vm1x0xCsDn r/u1zkrxifmBgO7+L6xTNYi0F8Sgs+QGe6UFFhYXm7ZsAkK3/FhdXYKYyI3i0UQ7 Z/GM0/8R2BM=3047 -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Sep 04, 2018
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!