Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -1 articles for you...
217
security advisorymoderatesecurity issueOracle Linux 9 ELSA-2024-11216 Moderate: containernetworking security fix
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-11216 http://linux.oracle.com/errata/ELSA-2024-11216.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: containernetworking-plugins-1.5.1-3.el9_5.x86_64.rpm aarch64: containernetworking-plugins-1.5.1-3.el9_5.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//containernetworking-plugins-1.5.1-3.el9_5.src.rpm Related CVEs: CVE-2024-34156 Description of changes: [1:1.5.1-3] - rebuild to fix CVE-2024-34156 _______________________________________________ El-errata mailing list
Dec 20, 2024
Oracle
217
security advisorysecurity updatemoderate severityOracle Linux 9: Advisory ELSA-2024-6186 Targets Containernetworking Plugins
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-6186 http://linux.oracle.com/errata/ELSA-2024-6186.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: containernetworking-plugins-1.4.0-5.el9_4.x86_64.rpm aarch64: containernetworking-plugins-1.4.0-5.el9_4.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//containernetworking-plugins-1.4.0-5.el9_4.src.rpm Related CVEs: CVE-2024-24783 Description of changes: [1:1.4.0-5] - rebuild for CVE-2024-24783 - Resolves: RHEL-28431 _______________________________________________ El-errata mailing list
Sep 04, 2024
Oracle
217
security advisoryimportant advisoryoracle linuxOracle Linux 9 ELSA-2024-4761 Important: Containernetworking Plugins
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-4761 http://linux.oracle.com/errata/ELSA-2024-4761.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: containernetworking-plugins-1.4.0-4.el9_4.x86_64.rpm aarch64: containernetworking-plugins-1.4.0-4.el9_4.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//containernetworking-plugins-1.4.0-4.el9_4.src.rpm Related CVEs: CVE-2024-1394 Description of changes: [1:1.4.0-4] - rebuild for CVE-2024-1394 - Resolves: RHEL-40809 _______________________________________________ El-errata mailing list
Jul 25, 2024
•Important
Oracle
217
security advisorysecurity issuemoderate severityOracle Linux 9 ELSA-2023-7766 Moderate: Containernetworking Plugin Update
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2023-7766 https://linux.oracle.com/errata/ELSA-2023-7766.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: containernetworking-plugins-1.3.0-6.el9_3.x86_64.rpm aarch64: containernetworking-plugins-1.3.0-6.el9_3.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol9/SRPMS-updates//containernetworking-plugins-1.3.0-6.el9_3.src.rpm Related CVEs: CVE-2023-29409 CVE-2023-39318 CVE-2023-39319 CVE-2023-39321 CVE-2023-39322 Description of changes: [1:1.3.0-6] - rebuild for following CVEs: CVE-2023-29409 CVE-2023-39318 CVE-2023-39319 CVE-2023-39321 CVE-2023-39322 - Resolves: #2228743 - Resolves: #2237773 - Resolves: #2237776 - Resolves: #2237777 - Resolves: #2237778 [1:1.3.0-5] - fix path to dhcp service - Resolves: #RHEL-3140 _______________________________________________ El-errata mailing list
Dec 15, 2023
•Important
Oracle
89
security advisoryupdatecriticalFedora 37: 2023-c0149844e2 Critical: Containernetworking Memory Growth
Resolves: 2161274, 2163068 - Rebuild for CVE-2022-41717. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-c0149844e2 2023-03-18 04:57:44.403009 --------------------------------------------------------------------------------Name : containernetworking-plugins Product : Fedora 37 Version : 1.1.1 Release : 16.fc37 URL : https://github.com/containernetworking/plugins Summary : Libraries for writing CNI plugin Description : The CNI (Container Network Interface) project consists of a specification and libraries for writing plugins to configure network interfaces in Linux containers, along with a number of supported plugins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted. --------------------------------------------------------------------------------Update Information: Resolves: 2161274, 2163068 - Rebuild for CVE-2022-41717 --------------------------------------------------------------------------------ChangeLog: * Wed Mar 8 2023 Lokesh Mandvekar - 1.1.1-16 - Resolves: #2161274, #2163068 - Rebuild for CVE-2022-41717 * Mon Mar 6 2023 Lokesh Mandvekar - 1.1.1-15 - migrated to SPDX license * Thu Jan 19 2023 Fedora Release Engineering - 1.1.1-14 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Fri Oct 28 2022 Troy Dawson - 1.1.1-13 - Add ExclusiveArch * Mon Oct 10 2022 Lokesh Mandvekar - 1.1.1-12 - remove debbuild macros to comply with Fedora guidelines * Thu Aug 18 2022 Lokesh Mandvekar - 1.1.1-11 - no bundled provides for debbuild * Wed Aug 17 2022 Lokesh Mandvekar - 1.1.1-10 - use easier tag macros to make both fedora and debbuild happy * Tue Aug 16 2022 Lokesh Mandvekar - 1.1.1-9 - enable debbuild --------------------------------------------------------------------------------References: [ 1 ] Bug #2161274 - CVE-2022-41717 golang: net/http: An attackercan cause excessive memory growth in a Go server accepting HTTP/2 requests https://bugzilla.redhat.com/show_bug.cgi?id=2161274 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-c0149844e2' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Mar 18, 2023
•Critical
Fedora
89
security advisorycriticalsoftware updateFedora 33: FEDORA-2021-fb466fb623 Critical: containernetworking Plugins
bump podman to v3.0.1, Security fix for CVE-2021-20206 ---- Resolves: #1919391, #1926796 - Security fix for CVE-2021-20206 ---- Autobuilt v1.19.3 ---- Autobuilt v1.19.2 ---- Autobuilt v1.19.1 ---- Autobuilt v1.19.0 ---- harden cgo based golang binaries ---- Autobuilt v0.9.1. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-fb466fb623 2021-02-26 01:07:35.018897 --------------------------------------------------------------------------------Name : containernetworking-plugins Product : Fedora 33 Version : 0.9.1 Release : 2.fc33 URL : https://github.com/containernetworking/plugins Summary : Libraries for writing CNI plugin Description : The CNI (Container Network Interface) project consists of a specification and libraries for writing plugins to configure network interfaces in Linux containers, along with a number of supported plugins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted. --------------------------------------------------------------------------------Update Information: bump podman to v3.0.1, Security fix for CVE-2021-20206 ---- Resolves: #1919391, #1926796 - Security fix for CVE-2021-20206 ---- Autobuilt v1.19.3 ---- Autobuilt v1.19.2 ---- Autobuilt v1.19.1 ---- Autobuilt v1.19.0 ----harden cgo based golang binaries ---- Autobuilt v0.9.1 --------------------------------------------------------------------------------ChangeLog: * Thu Feb 11 2021 Lokesh Mandvekar - 0.9.1-2 - rebuild for OBS happiness * Fri Feb 5 2021 RH Container Bot - 0.9.1-1 - autobuilt v0.9.1 --------------------------------------------------------------------------------References: [ 1 ] Bug #1919391 - CVE-2021-20206 containernetworking-cni: Arbitrary path injection via type field in CNI configuration https://bugzilla.redhat.com/show_bug.cgi?id=1919391 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-fb466fb623' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Feb 25, 2021
•Critical
Fedora
98
security advisoryRed Hatnetwork connectivityRed Hat OpenShift 4.2 Advisory: RHSA-2020-2592 Moderate Risk for Networking
An update for containernetworking-plugins is now available for Red Hat OpenShift Container Platform 4.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: OpenShift Container Platform 4.2.36 containernetworking-plugins security update Advisory ID: RHSA-2020:2592-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2020:2592 Issue date: 2020-07-01 CVE Names: CVE-2020-10749 ==================================================================== 1. Summary: An update for containernetworking-plugins is now available for Red Hat OpenShift Container Platform 4.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenShift Container Platform 4.2 - s390x, x86_64 3. Description: The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted. Security Fix(es): * containernetworking/plugins: IPv6 router advertisements allowed for MitM attacks on IPv4 clusters (CVE-2020-10749) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For OpenShift Container Platform 4.2 see thefollowing documentation, which will be updated shortly for release 4.2.36, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.redhat.com/en/documentation/openshift_container_platform/4.2/html/release_notes/ocp-4-2-release-notes Details on how to access this content are available at - -cli.html. 5. Bugs fixed (https://bugzilla.redhat.com/): 1833220 - CVE-2020-10749 containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters 6. Package List: Red Hat OpenShift Container Platform 4.2: Source: containernetworking-plugins-0.8.6-1.rhaos4.2.el7.src.rpm s390x: containernetworking-plugins-0.8.6-1.rhaos4.2.el7.s390x.rpm containernetworking-plugins-debuginfo-0.8.6-1.rhaos4.2.el7.s390x.rpm x86_64: containernetworking-plugins-0.8.6-1.rhaos4.2.el7.x86_64.rpm containernetworking-plugins-debuginfo-0.8.6-1.rhaos4.2.el7.x86_64.rpm Red Hat OpenShift Container Platform 4.2: Source: containernetworking-plugins-0.8.6-1.rhaos4.2.el8.src.rpm s390x: containernetworking-plugins-0.8.6-1.rhaos4.2.el8.s390x.rpm containernetworking-plugins-debuginfo-0.8.6-1.rhaos4.2.el8.s390x.rpm containernetworking-plugins-debugsource-0.8.6-1.rhaos4.2.el8.s390x.rpm x86_64: containernetworking-plugins-0.8.6-1.rhaos4.2.el8.x86_64.rpm containernetworking-plugins-debuginfo-0.8.6-1.rhaos4.2.el8.x86_64.rpm containernetworking-plugins-debugsource-0.8.6-1.rhaos4.2.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-10749 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBXvy0t9zjgjWX9erEAQjWmw/+MEtrAMwpGlx3LAF6aC/mn2oO5pzaIAIx vhuEDK6xaBBgMnwCrRvFxRoQV6aFOcPNgRU3rn/hRMx/4KZ/OvGhPXpu9WU9R8qa 0aNQjcg3arKLGBFyA6CWFGHGXS2t8G3OnurTvYgepBLMWPTsl6e3Ce90hvvm0gBa yf0oKfCr0pSRLp9Z3SxYuGSzIuxQq+soIlByKKWFXYGFabNKDDtrDV5MB18OQNxE 44SxdE6y5Rgkkv61EqhcbBeHQU6aqmTkWflghbimTh2C+EJSmD3mbsMAh6wGnbKM xxdqROFEwsTIgCOFA4HzoSoQ8HuqYlGH+3Z9WArj5nqVkvNH01lzPZnjenF4Lt7P O08cWa/Je4LdjWjhlI4eYn3lNap+Wj/8SjYEv2Jmbb6vpaEe+KJJ0lGpUJn/Vz5/ PJcAFa6A2kZ5TQUm+SmIrC40T6uzri4mmNglNdjPh9DudVHmRtVM9Jf5gFWgJBvt fUSm1U4XJueD0DMUAdbD0yoMc68jSB/khBRAmJ6Jb+o+RfTuepnPDzMhClR6Wkbf 7OoZscpYClNUOCHcAiGXjjdxDJZgJGtjKnX9xMiCBjHW8xPSfKuwuvnaybQWmQY2 UEa0fRQ6kJIGaxScyDEvkv9uBC8MkQ300ePkayBJhwguWFM0N0Nx7PpAQT8h8M3j 9h8khY3jZyY=xiOg -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Jul 01, 2020
Red Hat
98
security advisorymoderateRed HatRed Hat OpenShift 4.4 Security Update: RHSA-2020-2403-01 Moderate MitM Risk
An update for containernetworking-plugins is now available for Red Hat OpenShift Container Platform 4.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: OpenShift Container Platform 4.4.8 containernetworking-plugins security update Advisory ID: RHSA-2020:2403-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2020:2403 Issue date: 2020-06-17 CVE Names: CVE-2020-10749 ==================================================================== 1. Summary: An update for containernetworking-plugins is now available for Red Hat OpenShift Container Platform 4.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenShift Container Platform 4.4 - x86_64 3. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Security Fix(es): * containernetworking/plugins: IPv6 router advertisements allowed for MITM attacks on IPv4 clusters (CVE-2020-10749) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For OpenShift Container Platform 4.4 see the following documentation, which will be updated shortly for release 4.4.8, for important instructions on how to upgrade your cluster and fully apply this asynchronouserrata update: https://docs.redhat.com/en/documentation/openshift_container_platform/4.4/html/release_notes/ocp-4-4-release-notes Details on how to access this content are available at - -cli.html. 5. Bugs fixed (https://bugzilla.redhat.com/): 1833220 - CVE-2020-10749 containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters 6. Package List: Red Hat OpenShift Container Platform 4.4: Source: containernetworking-plugins-0.8.6-1.rhaos4.4.el7.src.rpm x86_64: containernetworking-plugins-0.8.6-1.rhaos4.4.el7.x86_64.rpm containernetworking-plugins-debuginfo-0.8.6-1.rhaos4.4.el7.x86_64.rpm Red Hat OpenShift Container Platform 4.4: Source: containernetworking-plugins-0.8.6-1.rhaos4.4.el8.src.rpm x86_64: containernetworking-plugins-0.8.6-1.rhaos4.4.el8.x86_64.rpm containernetworking-plugins-debuginfo-0.8.6-1.rhaos4.4.el8.x86_64.rpm containernetworking-plugins-debugsource-0.8.6-1.rhaos4.4.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-10749 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBXuqCgtzjgjWX9erEAQgldg//dI4fyAcV9q5QBvC9yCj5buf9w182Z/Nt 6zy1zvJAAs2I0z28WFYvZtD1Zu/OjiVcWxDmV8WpksdL01eqK+PWqzSJn7UhJNJZ E7VNE03KAU8Gix2YNKfiVzPSAuAkSjKHBKbHOxc0ZcuXExqVfzL66+o+LMP/Gpdo dciqLtilozriTWsiw9pehoAb9brTlRzjdv3NvY+XklBMa7z3UmF6Hjn7qZd9PnJK 8xkzgezv77n4wzW/IYBGh1/GCct5SxJTU5LsFJMRQy+IV24gV83CHYBwwQBe/uVO 9PTxuUtHYd7f/gnX3ePKxEaOPHb6wiFqQS+N8yOFHqtKl1FnrWSOrKl87pBOz12k Cwlo0kBHjZzb0aQ0vQEjJHL9ywImNnULJk2Ck1x/x5Ked4PtTDrNqjRBMAJoegOm 5WUmhxxjw1Lf7iq51BjVG/aJ69WOume1SOw+3+fb43ZFulzgZbFmVia2UJ7qIPVi 0s4Ccpu1Kbd4hRmDZrYeHuTyOFW0W3RMzuw0kIP0I0v7qOo2AwmHOHux1mqjAPZ8 c3peTFIKooWo9k+s/9hEJfCOr31Znc7R5jeg/13M3ARqYoMvZ/Ij2L/fHSFZUOKC RNE8/cJfOFdv97SGkK9ke7YD7Q+30jCiAxY3XBKB5kMQvtRxcl3RcNKvRL0nQ8Qo rmXmjtJqNZo=RWvT -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Jun 17, 2020
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!