Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -4 articles for you...
98
security advisorymoderateRed HatRHEL-7: RHSA-2022-6268 Moderate: convert2rhel Security Bug Fix
An update for convert2rhel is now available for Convert2RHEL for RHEL-7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: convert2rhel security, bug fix, and enhancement update Advisory ID: RHSA-2022:6268-01 Product: Convert2RHEL Advisory URL: https://access.redhat.com/errata/RHSA-2022:6268 Issue date: 2022-08-31 CVE Names: CVE-2022-0851 ==================================================================== 1. Summary: An update for convert2rhel is now available for Convert2RHEL for RHEL-7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Convert2RHEL for RHEL-7 - noarch 3. Description: The convert2rhel package provides the Convert2RHEL utility, which performs operating system conversion. During the conversion process, Convert2RHEL replaces all RPM packages from the original Linux distribution with their Red Hat Enteprise Linux versions. Security Fix(es): * convert2rhel: Activation key passed via command line by code (CVE-2022-0851) Bug Fix(es): * Conversion fails due to gnome-documents-libs conflict (BZ#2043724) * Using dbus API for RHSM registration to safely pass the activation key * Verifying GPG key for UBI repositories Deprecation: * Deprecated `-f|--password-from-file` parameter option Enhancement(s): * Checking if a new version of convert2rhel is available * Warning if multiple authentication sources are specified * Fixed logging errorwith unavailable RHSM certificate * Fixed gnome-documents-libs package conflict * Fixed handling shim-x64 package protection on non-UEFI systems For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2043724 - Conversion fails due to gnome-documents-libs conflict 2060217 - CVE-2022-0851 convert2rhel: Activation key passed via command line by code 6. JIRA issues fixed (https://redhat.atlassian.net/jira/projects): RHELC-700 - Move yum clean metadata and yum makecache to the beginning of conversion RHELC-701 - Unknown tag in rpm query format call RHELC-702 - Incorrectly logging error with unavailable RHSM certificate RHELC-703 - Use dbus API for RHSM registration RHELC-704 - Update grub bootloader images RHELC-705 - Check for a new version available RHELC-706 - Add the ability to take the activation key from a config file rather than the command line RHELC-707 - Check whether the user has specified multiple authentication sources and warn if so RHELC-708 - Remove UEFI condition from shim-x64 workaround 7. Package List: Convert2RHEL for RHEL-7: Source: convert2rhel-1.0-1.el7.src.rpm noarch: convert2rhel-1.0-1.el7.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 8. References: https://access.redhat.com/security/cve/CVE-2022-0851 https://access.redhat.com/security/updates/classification/#moderate 9. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYw+LzNzjgjWX9erEAQiQrxAAhQYSSCd/8idpwx/5UdPzZsvKcZujBl6Q anuflYs/d/P5V6bnw4YOzgVxtVzHAzQ5ea3fWKvaA2GO680cQWTYHPvlFzA0yVeS /teg8pmcQ8RQAiU3nZ7xa2G8YRfZReTARADQbUeZBF3DA+FzVc0zxP+bplRDeNTN Jd9JZlYFs17F2VIJLJou944mr8en3X2Du7i5Ui0fHMBxmB0kHhmb3rD9kccDjKQP KzIZFl+Tn+EXyw5wNG0zXPvBuqDEMDWH2y6QYMyYDLxGRFQfaulxdVzg++BQbKD1 GAewTQzBhxpgvo5yWV4M9BmhrwoKxu8hMHIsx32VaAvNRG+wXJxHutwdV7vlyvf9 qU/ApWpNeriVQC2jmTC+4arAslZyz3JixPSF1ybsVr07MmB/xTNh+ywaAXH8KBac +Q38S5h/bsp4dCWKjzjDofUoolTa6bRP2Hl8J6nHvfY5jKZb+2Nkg2LE1ouwniQ5 j907YHXHUO8EEhEbWxR+kVAOTItIrwBa/3znnXeN7ipmCJOIvvoRcNAkTDFgo5mV oEJx5jrabmawCbIWYbHGh6oVZ8jrj9T8WEl5x0frNFl4bZ2S2rHjS6DNCs+eAa61 5ZkeC1Emr3oLmT7jQkqpztpgeiQGzIymVWH2ItD74niCJ4Z8psN05/OTYkU6wqqG qwyhzhQSx/0=PhnH -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Aug 31, 2022
Red Hat
98
security advisorymoderateRed HatRHEL-8: RHSA-2022-6269-01 Moderate: Convert2RHEL Activation Key Issue
An update for convert2rhel is now available for Convert2RHEL for RHEL-8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: convert2rhel security, bug fix, and enhancement update Advisory ID: RHSA-2022:6269-01 Product: Convert2RHEL Advisory URL: https://access.redhat.com/errata/RHSA-2022:6269 Issue date: 2022-08-31 CVE Names: CVE-2022-0851 ==================================================================== 1. Summary: An update for convert2rhel is now available for Convert2RHEL for RHEL-8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Convert2RHEL for RHEL-8 - noarch 3. Description: The convert2rhel package provides the Convert2RHEL utility, which performs operating system conversion. During the conversion process, Convert2RHEL replaces all RPM packages from the original Linux distribution with their Red Hat Enterprise Linux versions. Security Fix(es): * convert2rhel: Activation key passed via command line by code (CVE-2022-0851) Bug Fix(es): * Using dbus API for RHSM registration to safely pass the activation key * Verifying GPG key for UBI repositories Deprecation: * Deprecated `-f|--password-from-file` parameter option. Enhancement(s): * Checking if a new version of convert2rhel is available * Warning if multiple authentication sources are specified * Fixed logging error with unavailable RHSM certificate * Fixed handling shim-x64 packageprotection on non-UEFI systems For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2060217 - CVE-2022-0851 convert2rhel: Activation key passed via command line by code 6. JIRA issues fixed (https://redhat.atlassian.net/jira/projects): RHELC-126 - Unknown tag in rpm query format call RHELC-251 - Move yum clean metadata and yum makecache to the beginning of conversion RHELC-332 - Check for a new version available RHELC-367 - Update grub bootloader images RHELC-411 - Add the ability to take the activation key from a config file rather than the command line RHELC-413 - Check whether the user has specified multiple authentication sources and warn if so RHELC-45 - Incorrectly logging error with unavailable RHSM certificate RHELC-597 - Use dbus API for RHSM registration RHELC-678 - Remove UEFI condition from shim-x64 workaround 7. Package List: Convert2RHEL for RHEL-8: Source: convert2rhel-1.0-1.el8.src.rpm noarch: convert2rhel-1.0-1.el8.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 8. References: https://access.redhat.com/security/cve/CVE-2022-0851 https://access.redhat.com/security/updates/classification/#moderate 9. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYw+Lx9zjgjWX9erEAQgtGQ//TVXv6XKuy6eVkI6FW6HAgcMx0jzdg+ao y7ufqykb6gX+qYYCuI0chMWEM/zjHJIbKU3zr0Q2WyGvHR8vs3u4meFQTY3lAjoX eMXr/wXuqyLu7ZbIJf1Vs+weM1wxkoi9njqPnZmLXC3Cq8fF4wo/JKEzVJb9Hld9 +RfN4S775P62QTT/gXi6jzsAdt8HDtk3Z4biP3DjKgwSft+H0WU/6IHAOEbgA07z zEaN7sF4JMv3RqR1thK+x82R/xin0yN5hBc+4qvzBcSejqdVSqnuv4+fIDT0KDjy i5upNVtRLcVdPqdq0oQKgVIipe37tPZLUpIApDZrMUo+DGVL/8izEWNFtZ1Dcr7o DJj9XX0/ND4ybKPaawsUoMDIzn8Qb/mx0tGmrHomqXQdZ+zC/nxz2ZW8ohw/uNWP olFRfY5d16G51KN61k8RdrwLhCYtFxrmsmcu9mGpE0MX8vjimnx9NSwd+6ZPEOpV a3nUBTdAfvZ6lLs5GG/ON35Dbmncp1TrpPp0O9/W5AJbgNZaJNYhbmUSODlnjNUW KA4tX+R0DRJYQuDRf08bB2kBnNxTtNN4GM+50bER7c5O87KX05dDILxUaV3gd8yP pK6vmBwNgowIAcJPoS7cYYKwUlSvBDe8+HVK/jVGta0MNtn9wudzSkSp8WWeOOLl j56ZxVgO7qY=UxOc -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Aug 31, 2022
Red Hat
98
security advisoryRed Hatsecurity fixRedHat RHEL-6 RHSA-2022:6266-01 Moderate: Convert2RHEL Activation Key
An update for convert2rhel is now available for Convert2RHEL for RHEL-6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: convert2rhel security update Advisory ID: RHSA-2022:6266-01 Product: Convert2RHEL Advisory URL: https://access.redhat.com/errata/RHSA-2022:6266 Issue date: 2022-08-31 CVE Names: CVE-2022-0851 ==================================================================== 1. Summary: An update for convert2rhel is now available for Convert2RHEL for RHEL-6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Convert2RHEL for RHEL-6 - noarch 3. Description: The convert2rhel package provides the Convert2RHEL utility, which performs operating system conversion. During the conversion process, Convert2RHEL replaces all RPM packages from the original Linux distribution with their Red Hat Enteprise Linux versions. Security Fix(es): * convert2rhel: Activation key passed via command line by code (CVE-2022-0851) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2060217 - CVE-2022-0851 convert2rhel: Activation keypassed via command line by code 6. Package List: Convert2RHEL for RHEL-6: Source: convert2rhel-1.0-1.el6.src.rpm noarch: convert2rhel-1.0-1.el6.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-0851 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYw+Lw9zjgjWX9erEAQiA1Q//WjjVIPysvXmlSvUNCLj+48HrseFURAVL Ef6ujwSEBOQFH7sD8QKNr//QUGYQFNoYaw3X4NPvM6SN4T0nUmSKbry6yNqxQ8+W r6IYPRpn4SShKdltVuehADtPCeU14As3sO2GqpFAActSMpvH52Jbb2TTVyM4iQG+ n1agBlI2zCfnv5qi9WSpiPzV5ln7jx3YXhCurNPqh2FMOVpkjPFgklR1Zo10RUo7 uaM0GQSbyCLxKl8jz8WIxg0ryxD8shrJIARw1Z6m+e4D/W8C0YZRwaRjaisCLcHN o+OCFnG/xSQ4ZGpzADIhCsn3hPlCVuvEdQeXs2rNzsjHTKllobGqYiorV35vPyCp Dy4biVdm6GQT0wTWMC79MYV7HgeUKnTHI4KUz8SBMOF7px49tFWjEQ+aSSiPtoSJ lhE4QI/lCdkeWRMB10mo2AQViiFrZGglpRbJ8G/1Own1VPEvaHsNzopG57pXzOpv 98Z7ujh4yn+Ble/ya2zWD5MqQxf8SHKCV8KX0Cc04MR5K9VoCPfuOv2mtlWsyQBt VZHXcj+CNdd/nuCKjDFTIKdrE3Tn87SW6SavN++Te9+c30CbiraRY38t6NLHYzIk 1VwzQddlIeWaPMDhbbBKamwbd5MvLq3MDoNPgHydqM3yGVV96emYR9W2NrSg/Vwo e9/+w8dGpO8=1uIH -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Aug 31, 2022
Red Hat
98
security advisoryRed HatimportantRed Hat 7 RHSA-2022:1617-01 Important: convert2rhel Code Issue
A security update for convert2rhel is now available for supported conversions of CentOS Linux 7 and Oracle Linux 7 to Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: convert2rhel security update Advisory ID: RHSA-2022:1617-01 Product: Convert2RHEL Advisory URL: https://access.redhat.com/errata/RHSA-2022:1617 Issue date: 2022-04-27 CVE Names: CVE-2022-0852 ==================================================================== 1. Summary: A security update for convert2rhel is now available for supported conversions of CentOS Linux 7 and Oracle Linux 7 to Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Convert2RHEL for RHEL-7 - noarch 3. Description: The convert2rhel package provides the Convert2RHEL utility, which performs operating system conversion. During the conversion process, Convert2RHEL replaces all RPM packages from the original Linux distribution with their Red Hat Enterprise Linux version. Security fix: * convert2rhel: Red Hat account password passed via command line by code (CVE-2022-0852) Enhancement: * Enable the conversion of untested 8.6 to 8.10 on release day For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed(https://bugzilla.redhat.com/): 2060129 - CVE-2022-0852 convert2rhel: Red Hat account password passed via command line by code 6. Package List: Convert2RHEL for RHEL-7: Source: convert2rhel-0.25-4.el7.src.rpm noarch: convert2rhel-0.25-4.el7.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-0852 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/converting_from_an_rpm-based_linux_distribution_to_rhel/index https://access.redhat.com/support/policy/convert2rhel-support 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYmkYbdzjgjWX9erEAQgngQ/+IEXe9uN7PcKMlB0YnofHav8q+U+lb3GQ FEeI0mb9fT2Em1fg3262RmYam6BVDb9kspFIOXxcvS5yBfgPoC7qHkYij4mDJbEo eFj0HH0BxvHt52ZcG0mr56hF+yMUm70A8YLb1rKnkLwzpYzO5XrQwSTSF9ew0HIO 00g8oSVCPJl7vVGcBBTuHlaFxsQhv6aCMngKEhixkC8tzsBKMMJ0jYRGHJe9t2aU TRPHkfLrc8SKlqJ98yhH5XdBVMjaXMDKGGF0SmLX868SuqCfh/3fvyIhHW59EPZg 35SKFzgPJCfiSSp8MFkHZe1yN6l+Dhl3Jv8qNYLkFApur8nBLZi/pehEEHnscQuC WzzB5WSR7V3HqKoxKV9DWSEF2QmQ//sVl9mUZHegDzMZe9/5sJcShcsz3XCLjiBC sWaiPAZ8Jp4CIbHwUITjX6lKNs0K2lsGUEq/1Jyyf8AXYUFNNUs2yN4Stmg69AUF yAjQunHyVSDA4nbybWGGrvCVduHiIRqGTty7u3SvPVnBGEVC2XeAODxO6/AWl3Lg S0UpMUuZOdM0Rew5gpbkIOC59P0ZjxllsCtmdNMwjAwaYo9lndpmf8DFup4HRFe9 5kSanZEvorBj8pGwdBwYvEr5P762iCEqrVAJZKHMk4Ig1xqj7GzyaOibVBU97o6c G2NXL8VkrTQ=K2xq -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Apr 27, 2022
•Important
Red Hat
98
security advisoryRed Hatsecurity impactRedHat: RHSA-2022-1618-01 Important: Convert2RHEL Password Exposure
A security update for convert2rhel is now available for unsupported conversions of CentOS Linux 6 and Oracle Linux 6 to Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: convert2rhel security update Advisory ID: RHSA-2022:1618-01 Product: Convert2RHEL Advisory URL: https://access.redhat.com/errata/RHSA-2022:1618 Issue date: 2022-04-27 CVE Names: CVE-2022-0852 ==================================================================== 1. Summary: A security update for convert2rhel is now available for unsupported conversions of CentOS Linux 6 and Oracle Linux 6 to Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Convert2RHEL for RHEL-6 - noarch 3. Description: The convert2rhel package provides the Convert2RHEL utility, which performs operating system conversion. During the conversion process, Convert2RHEL replaces all RPM packages from the original Linux distribution with their Red Hat Enterprise Linux version. Security fix: * convert2rhel: Red Hat account password passed via command line by code (CVE-2022-0852) Enhancement: * Enable the conversion of untested 8.6 to 8.10 on release day For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed(https://bugzilla.redhat.com/): 2060129 - CVE-2022-0852 convert2rhel: Red Hat account password passed via command line by code 6. Package List: Convert2RHEL for RHEL-6: Source: convert2rhel-0.25-4.el6.src.rpm noarch: convert2rhel-0.25-4.el6.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-0852 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/articles/2360841 https://access.redhat.com/support/policy/convert2rhel-support 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYmkYZNzjgjWX9erEAQhUCw/+JOfVj5t8dBwkbFFl13eYTKxaffs5S31O lIDX+qobhvZpAf10N+L4+C4kkbz3g3i2D5PKel8raQzbwlo4taiGHHEQ/EabOkjn pStKFIaXaS7ahJcLPOjE1jA0A3JDhFhBrh+UNmDfGeawDf1NtO9IugqrlbdGDPCh EAIQyB7aXgobDiBnULMrfIucQubX5lEv2Zk5Qa1wFsvrFmnc2cmh3lQ1KTzEm1TB 0rUYdsOdgePxrLikS/qccXSUrBVbb2+0vt4rq6ZtXQjwRk/btfRAbvzGeIgMiOgx ii2sJPZ/Wfm6Uw+TXfWLxByCAD17SQij3lU1JVAN13AdaOUvaihbgzkjbOBX8KrI RsehNv23Nde6ixRCVC3smCnCQMkfwF4Va8PCx83PUz5ggJXNV7gElOMGH8P8BKCI GWLdQYZi1HrLvzPpuRyL5HbrIy5eEbeV9IhW3oAKcp/+rtkkjvA3GARrYJIYPZY5 iNYihDMXJLuQIizidt78q+QplZcfA5hBF+zbKV0zhE40svvG69fRZUJ6l0kczHBu /gQsEKWtDo+/pS74uDKn5LV9VZ/CVI4pWAul2/mNldA8emen6sTk55QlW6/12KyL rsmdOBJlyJFamwEDz/2buhBGNGhss5tzVC0cQ9pKPMfHC7mGeuXATark6MvEnRCS ruplhcS704c=kqai -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Apr 27, 2022
•Important
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!