Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 0 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorydenial of servicefedora

Fedora 43 k9s 0.50.18 Critical Denial of Service Issue 2026-847455954a

Update to version 0.50.18. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-847455954a 2026-02-08 01:08:54.528097+00:00 -------------------------------------------------------------------------------- Name : k9s Product : Fedora 43 Version : 0.50.18 Release : 1.fc43 URL : https://github.com/derailed/k9s Summary : Kubernetes CLI To Manage Your Clusters In Style Description : Kubernetes CLI To Manage Your Clusters In Style! -------------------------------------------------------------------------------- Update Information: Update to version 0.50.18 -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 28 2026 blinxen - 0.50.18-1 - Update to version 0.50.18 (rhbz#2428576) * Fri Jan 16 2026 Fedora Release Engineering - 0.50.16-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2417128 - CVE-2025-65965 k9s: Grype has a credential disclosure vulnerability in Grype JSON output [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2417128 [ 2 ] Bug #2419039 - CVE-2024-25621 k9s: containerd local privilege escalation [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2419039 [ 3 ] Bug #2420622 - CVE-2025-47913 k9s: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2420622 [ 4 ] Bug #2424051 - [Minor Incident] CVE-2025-52881 k9s: container escape and denial of service due to arbitrary write gadgets and procfs write redirects [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2424051 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisoryFEDORA-2026-847455954a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Critical updates for Fedora k9s 0.50.18 address multiple security flaws with important implications. Stay updated!. Fedora Updates, k9s Security Advisory, Credential Disclosure, Local Privilege Escalation. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 08, 2026 Critical Fedora
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorybuffer overflowimportant

openSUSE: Critical CVE-2026-20028 in Apache Leads to Remote Code Exec

An update that solves 2 vulnerabilities and has 2 bug fixes can now be installed.. openSUSE security update: security update for squid ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20027-1 Rating: important References: * bsc#1250627 * bsc#1252281 Cross-References: * CVE-2025-59362 * CVE-2025-62168 CVSS scores: * CVE-2025-59362 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-59362 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-62168 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N * CVE-2025-62168 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves 2 vulnerabilities and has 2 bug fixes can now be installed. Description: This update for squid fixes the following issues: - CVE-2025-62168: failure to redact HTTP authentication credentials in error handling leads to the disclosure of credentials a trusted client uses to authenticate (bsc#1252281). - CVE-2025-59362: SNMP message processing component of Squid Cache can lead to stack-based buffer overflow (bsc#1250627). Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-136=1 Package List: - openSUSE Leap 16.0: squid-6.12-160000.3.1 References: * https://www.suse.com/security/cve/CVE-2025-59362.html * https://www.suse.com/security/cve/CVE-2025-62168.html . An important security update for openSUSE fixes two vulnerabilities in squid, requiring immediate installation for safety.. openSUSE security patch, squid vulnerabilities, buffer overflow risk. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 15, 2026 Important OpenSUSE
Banner 1 1028x280 1708121660 1771599717
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorySuSEghostscript

SUSE Advisory for Ghostscript Low CVE-2025-48708 Password Disclosure

* bsc#1243701 Cross-References: * CVE-2025-48708 . # Security update for ghostscript Announcement ID: SUSE-SU-2025:03461-1 Release Date: 2025-10-07T07:37:16Z Rating: low References: * bsc#1243701 Cross-References: * CVE-2025-48708 CVSS scores: * CVE-2025-48708 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-48708 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-48708 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for ghostscript fixes the following issues: * CVE-2025-48708: Fixed password disclosure due to lacks of argument sanitization (bsc#1243701) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-3461=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-3461=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-3461=1 ## Package List: * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * ghostscript-debugsource-9.52-150000.206.1 * ghostscript-devel-9.52-150000.206.1 * ghostscript-9.52-150000.206.1 * ghostscript-x11-9.52-150000.206.1 * ghostscript-x11-debuginfo-9.52-150000.206.1 *ghostscript-debuginfo-9.52-150000.206.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * ghostscript-debugsource-9.52-150000.206.1 * ghostscript-devel-9.52-150000.206.1 * ghostscript-9.52-150000.206.1 * ghostscript-x11-9.52-150000.206.1 * ghostscript-x11-debuginfo-9.52-150000.206.1 * ghostscript-debuginfo-9.52-150000.206.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * ghostscript-debugsource-9.52-150000.206.1 * ghostscript-devel-9.52-150000.206.1 * ghostscript-9.52-150000.206.1 * ghostscript-x11-9.52-150000.206.1 * ghostscript-x11-debuginfo-9.52-150000.206.1 * ghostscript-debuginfo-9.52-150000.206.1 ## References: * https://www.suse.com/security/cve/CVE-2025-48708.html * https://bugzilla.suse.com/show_bug.cgi?id=1243701 . Ghostscript update addresses password disclosure issue with low severity. Learn how to apply patches for secure implementation.. Ghostscript security update, SUSE advisories, low severity vulnerabilities, credential disclosure, software patches. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Oct 07, 2025 Low SuSE
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorycriticaldebian

Debian 10 Buster: DLA-3106-1 Critical Python-Oslo.Utils Disclosure

It was discovered that there was credential disclosure vulnerability python-oslo.utils, a set of utilities used by OpenStack. For Debian 10 buster, this problem has been fixed in version . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3106-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Chris Lamb September 13, 2022 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : python-oslo.utils Version : 3.36.5-0+deb10u2 CVE ID : CVE-2022-0718 It was discovered that there was credential disclosure vulnerability python-oslo.utils, a set of utilities used by OpenStack. For Debian 10 buster, this problem has been fixed in version 3.36.5-0+deb10u2. We recommend that you upgrade your python-oslo.utils packages. For the detailed security status of python-oslo.utils please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/python-oslo.utils Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Notification of upgrade for python-oslo.utils related to credential leaks for Debian 10 buster. Prompt action advised.. Debian Upgrade, Python Oslo.Utils Security, Credential Disclosure. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 13, 2022 Critical Debian LTS
Banner 1 1028x280 1708121660 1771599717
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderatesecurity update

Moderate: Credential Disclosure in RedHat OpenShift 3.9 RHSA-2019:3812-01

An update for cri-o is now available for Red Hat OpenShift Container Platform 3.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which . -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: OpenShift Container Platform 3.9 cri-o security update Advisory ID: RHSA-2019:3812-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2019:3812 Issue date: 2019-11-07 CVE Names: CVE-2019-10214 ==================================================================== 1. Summary: An update for cri-o is now available for Red Hat OpenShift Container Platform 3.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenShift Container Platform 3.9 - x86_64 3. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the cri-o RPM package for Red Hat OpenShift Container Platform 3.9.102. Security Fix(es): * containers/image: not enforcing TLS when sending username+password credentials to token servers leading to credential disclosure (CVE-2019-10214) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For OpenShift Container Platform 3.9 see the following documentation, which will be updated shortly for release 3.9.102, forimportant instructions on how to upgrade your cluster and fully apply this asynchronous errata update: ease_notes.html 5. Bugs fixed (https://bugzilla.redhat.com/): 1732508 - CVE-2019-10214 containers/image: not enforcing TLS when sending username+password credentials to token servers leading to credential disclosure 6. Package List: Red Hat OpenShift Container Platform 3.9: Source: cri-o-1.9.16-5.git858756d.el7.src.rpm x86_64: cri-o-1.9.16-5.git858756d.el7.x86_64.rpm cri-o-debuginfo-1.9.16-5.git858756d.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2019-10214 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE-----Version: GnuPG v1 iQIVAwUBXcRMgtzjgjWX9erEAQgCQBAAgUnLTm0JR5eFeFvhwJZEpvpXpG8hebQK nsq/eDMXzIJ99hoSbsUt3ZWsfo4ujySyK2WoN2yUng8jHD8pYHKJ/oF+SmHB0PhD kdO7X01XOpIfv/nPVPbiUqidCksTIICuTgPgrncL2Q1Jt6kRnGyVjV2o8BWxSQ9n yCAoaTxL37Bs7m0atgfxHH7UEkgyHPqUgnaCz9VgwyVhuyGXHHCTshIJ5mRVSLAY Oak/WPPrBA0KLZ+MQCK/3KUBMnUzZ9b0I5xTE++oqOjB3Kl3dn1jH56xRHcnLLfl Re0bdlHFvXtaJ0tjvBsxXxoiYYELnZid2BEa6darR4Xxuszyo56A7CdgY7cNWrAW yFudmk9HmQZAAuJIsjFQr6cuFPJIPRpMPV556Fc0ZD7jar4B4YD/y2dxsSiH3xsO Jike5sd2Ea0qjfpZFLn5WN9MLP2TIXmxsyvoXH4tO9nWqapZ4UTME4a2y0GxEzev 7xpYd3nxCGTUbZa4CLuXpvMBUSZDfYJ3yBcSTsZggdfN135JqrYhkeYZ3pKJQdGE 4k3tHv9Fjaz3L6OUE4NKTHV9/11i0HaaOqRwa10PLCObA7YxUjJDs1g3M7dciqbp kIOAWwgRgXif9m1FBlK1AMho8nxMI0wIrQieOTwBH1LqVgLVHCfdRXt1ZIcgTjPK 2dKg4StJ8YU=43Ih -----END PGP SIGNATURE-------RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Standard security notice for OpenShift 3.9 cri-o, concerning potential credential leakage with suggested upgrade measures.. Red HatOpenShift, cri-o security, moderate advisory, software update. . LinuxSecurity.com Team

Calendar 2 Nov 07, 2019 Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryRed Hatbuffer overflow

Red Hat: RHSA-2019-3403-01 Important: Security Updates for Container-Tools

An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, . -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: container-tools:rhel8 security, bug fix, and enhancement update Advisory ID: RHSA-2019:3403-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:3403 Issue date: 2019-11-05 CVE Names: CVE-2019-10214 CVE-2019-14378 ==================================================================== 1. Summary: An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): * QEMU: slirp: heap buffer overflow during packet reassembly (CVE-2019-14378) * containers/image: not enforcing TLS when sending username+password credentials to token servers leading to credential disclosure (CVE-2019-10214) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Noteslinked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1655211 - podman exec seems to assume console even if -ti is not used 1661597 - Under podman, python recompiles sources even if they are compiled in build time 1671023 - timeout not working with podman pull on rhel8 beta 1672581 - podman does not respect -q option while pulling an image 1674519 - Not able to create volumes using Dockerfile using podman 1677251 - AVC while running php container [x86_64 only] 1677264 - There is no certs.d directory for podman currently 1689255 - don't allow a container to connect to random services 1690514 - rootless unable to access subscription: non-root podman should read /usr/share/containers/mounts.conf 1691543 - rootless unable to access subscription: bad permissions on /usr/share/rhel/secrets 1692513 - unable to mount disk at `/var/lib/containers` via `systemd` unit when `container-selinux` policy installed 1693154 - Varlink subcommand is missing for podman in rhel-8.0 1693424 - rootless: cannot specify gid= mount options for unmapped gid in rootless containers 1707220 - Add event notifications (blocking cockpit-podman) 1719626 - podman exec rc-code needs to distinguish between stopped containers and non existing ones 1719994 - [8.1.0] Registries.conf not configured to search registry.access.redhat.com 1720646 - python-podman-api needs python-psutil at runtime 1720654 - rebase packages 1721247 - [rhel-8.1.0] build without the `no_openssl` buildtag 1721638 - Podman build segfaults on Dockerfiles with RUN instruction 1723879 - Performance Problems with Podman on systems with IO load 1728700 - Unable to install container-selinux 2.107 1730281 - podman leaks kernel memory due to return code stored in tmpfs 1731117 - podman exec leaks an exec_pid_ file for every exec in tmpfs 1732508 - CVE-2019-10214containers/image: not enforcing TLS when sending username+password credentials to token servers leading to credential disclosure 1734745 - CVE-2019-14378 QEMU: slirp: heap buffer overflow during packet reassembly 1734809 - Wrong AppStream ID 1737077 - after a podman rm --all, sometimes one cannot recreate a previously existing container 1739961 - cannot find "static" IPAM module and IPAM support for the host-device module 1740079 - race/corruption: podman failed to launch containers 1741157 - exit status from command run in container not forwarded to outside 1743685 - Regression: rootless: podman run --rm hangs 6. Package List: Red Hat Enterprise Linux AppStream (v.8): Source: buildah-1.9.0-5.module+el8.1.0+4240+893c1ab8.src.rpm cockpit-podman-4-1.module+el8.1.0+4081+b29780af.src.rpm container-selinux-2.107-2.module+el8.1.0+4081+b29780af.src.rpm containernetworking-plugins-0.8.1-2.module+el8.1.0+4081+b29780af.src.rpm fuse-overlayfs-0.4.1-1.module+el8.1.0+4081+b29780af.src.rpm oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af.src.rpm oci-umount-2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af.src.rpm podman-1.4.2-5.module+el8.1.0+4240+893c1ab8.src.rpm python-podman-api-1.2.0-0.1.gitd0a45fe.module+el8.1.0+4081+b29780af.src.rpm runc-1.0.0-60.rc8.module+el8.1.0+4081+b29780af.src.rpm skopeo-0.1.37-5.module+el8.1.0+4240+893c1ab8.src.rpm slirp4netns-0.3.0-4.module+el8.1.0+4306+1d917805.src.rpm toolbox-0.0.4-1.module+el8.1.0+4081+b29780af.src.rpm aarch64: buildah-1.9.0-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm buildah-debuginfo-1.9.0-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm buildah-debugsource-1.9.0-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm buildah-tests-1.9.0-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm buildah-tests-debuginfo-1.9.0-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm containernetworking-plugins-0.8.1-2.module+el8.1.0+4081+b29780af.aarch64.rpm containernetworking-plugins-debuginfo-0.8.1-2.module+el8.1.0+4081+b29780af.aarch64.rpm containernetworking-plugins-debugsource-0.8.1-2.module+el8.1.0+4081+b29780af.aarch64.rpm containers-common-0.1.37-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm fuse-overlayfs-0.4.1-1.module+el8.1.0+4081+b29780af.aarch64.rpm fuse-overlayfs-debuginfo-0.4.1-1.module+el8.1.0+4081+b29780af.aarch64.rpm fuse-overlayfs-debugsource-0.4.1-1.module+el8.1.0+4081+b29780af.aarch64.rpm oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af.aarch64.rpm oci-systemd-hook-debuginfo-0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af.aarch64.rpm oci-systemd-hook-debugsource-0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af.aarch64.rpm oci-umount-2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af.aarch64.rpm oci-umount-debuginfo-2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af.aarch64.rpm oci-umount-debugsource-2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af.aarch64.rpm podman-1.4.2-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm podman-debuginfo-1.4.2-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm podman-debugsource-1.4.2-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm podman-remote-1.4.2-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm podman-remote-debuginfo-1.4.2-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm podman-tests-1.4.2-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm runc-1.0.0-60.rc8.module+el8.1.0+4081+b29780af.aarch64.rpm runc-debuginfo-1.0.0-60.rc8.module+el8.1.0+4081+b29780af.aarch64.rpm runc-debugsource-1.0.0-60.rc8.module+el8.1.0+4081+b29780af.aarch64.rpm skopeo-0.1.37-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm skopeo-debuginfo-0.1.37-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm skopeo-debugsource-0.1.37-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm skopeo-tests-0.1.37-5.module+el8.1.0+4240+893c1ab8.aarch64.rpm slirp4netns-0.3.0-4.module+el8.1.0+4306+1d917805.aarch64.rpm slirp4netns-debuginfo-0.3.0-4.module+el8.1.0+4306+1d917805.aarch64.rpm slirp4netns-debugsource-0.3.0-4.module+el8.1.0+4306+1d917805.aarch64.rpm toolbox-0.0.4-1.module+el8.1.0+4081+b29780af.aarch64.rpm noarch: cockpit-podman-4-1.module+el8.1.0+4081+b29780af.noarch.rpm container-selinux-2.107-2.module+el8.1.0+4081+b29780af.noarch.rpm podman-docker-1.4.2-5.module+el8.1.0+4240+893c1ab8.noarch.rpm podman-manpages-1.4.2-5.module+el8.1.0+4240+893c1ab8.noarch.rpm python-podman-api-1.2.0-0.1.gitd0a45fe.module+el8.1.0+4081+b29780af.noarch.rpm ppc64le: buildah-1.9.0-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm buildah-debuginfo-1.9.0-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm buildah-debugsource-1.9.0-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm buildah-tests-1.9.0-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm buildah-tests-debuginfo-1.9.0-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm containernetworking-plugins-0.8.1-2.module+el8.1.0+4081+b29780af.ppc64le.rpm containernetworking-plugins-debuginfo-0.8.1-2.module+el8.1.0+4081+b29780af.ppc64le.rpm containernetworking-plugins-debugsource-0.8.1-2.module+el8.1.0+4081+b29780af.ppc64le.rpm containers-common-0.1.37-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm fuse-overlayfs-0.4.1-1.module+el8.1.0+4081+b29780af.ppc64le.rpm fuse-overlayfs-debuginfo-0.4.1-1.module+el8.1.0+4081+b29780af.ppc64le.rpm fuse-overlayfs-debugsource-0.4.1-1.module+el8.1.0+4081+b29780af.ppc64le.rpm oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af.ppc64le.rpm oci-systemd-hook-debuginfo-0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af.ppc64le.rpm oci-systemd-hook-debugsource-0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af.ppc64le.rpm oci-umount-2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af.ppc64le.rpm oci-umount-debuginfo-2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af.ppc64le.rpm oci-umount-debugsource-2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af.ppc64le.rpm podman-1.4.2-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm podman-debuginfo-1.4.2-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm podman-debugsource-1.4.2-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm podman-remote-1.4.2-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm podman-remote-debuginfo-1.4.2-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm podman-tests-1.4.2-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm runc-1.0.0-60.rc8.module+el8.1.0+4081+b29780af.ppc64le.rpm runc-debuginfo-1.0.0-60.rc8.module+el8.1.0+4081+b29780af.ppc64le.rpm runc-debugsource-1.0.0-60.rc8.module+el8.1.0+4081+b29780af.ppc64le.rpm skopeo-0.1.37-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm skopeo-debuginfo-0.1.37-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm skopeo-debugsource-0.1.37-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm skopeo-tests-0.1.37-5.module+el8.1.0+4240+893c1ab8.ppc64le.rpm slirp4netns-0.3.0-4.module+el8.1.0+4306+1d917805.ppc64le.rpm slirp4netns-debuginfo-0.3.0-4.module+el8.1.0+4306+1d917805.ppc64le.rpm slirp4netns-debugsource-0.3.0-4.module+el8.1.0+4306+1d917805.ppc64le.rpm toolbox-0.0.4-1.module+el8.1.0+4081+b29780af.ppc64le.rpm s390x: buildah-1.9.0-5.module+el8.1.0+4240+893c1ab8.s390x.rpm buildah-debuginfo-1.9.0-5.module+el8.1.0+4240+893c1ab8.s390x.rpm buildah-debugsource-1.9.0-5.module+el8.1.0+4240+893c1ab8.s390x.rpm buildah-tests-1.9.0-5.module+el8.1.0+4240+893c1ab8.s390x.rpm buildah-tests-debuginfo-1.9.0-5.module+el8.1.0+4240+893c1ab8.s390x.rpm containernetworking-plugins-0.8.1-2.module+el8.1.0+4081+b29780af.s390x.rpm containernetworking-plugins-debuginfo-0.8.1-2.module+el8.1.0+4081+b29780af.s390x.rpm containernetworking-plugins-debugsource-0.8.1-2.module+el8.1.0+4081+b29780af.s390x.rpm containers-common-0.1.37-5.module+el8.1.0+4240+893c1ab8.s390x.rpm fuse-overlayfs-0.4.1-1.module+el8.1.0+4081+b29780af.s390x.rpm fuse-overlayfs-debuginfo-0.4.1-1.module+el8.1.0+4081+b29780af.s390x.rpm fuse-overlayfs-debugsource-0.4.1-1.module+el8.1.0+4081+b29780af.s390x.rpm oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af.s390x.rpm oci-systemd-hook-debuginfo-0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af.s390x.rpm oci-systemd-hook-debugsource-0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af.s390x.rpm oci-umount-2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af.s390x.rpm oci-umount-debuginfo-2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af.s390x.rpm oci-umount-debugsource-2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af.s390x.rpm podman-1.4.2-5.module+el8.1.0+4240+893c1ab8.s390x.rpm podman-debuginfo-1.4.2-5.module+el8.1.0+4240+893c1ab8.s390x.rpm podman-debugsource-1.4.2-5.module+el8.1.0+4240+893c1ab8.s390x.rpm podman-remote-1.4.2-5.module+el8.1.0+4240+893c1ab8.s390x.rpm podman-remote-debuginfo-1.4.2-5.module+el8.1.0+4240+893c1ab8.s390x.rpm podman-tests-1.4.2-5.module+el8.1.0+4240+893c1ab8.s390x.rpm runc-1.0.0-60.rc8.module+el8.1.0+4081+b29780af.s390x.rpm runc-debuginfo-1.0.0-60.rc8.module+el8.1.0+4081+b29780af.s390x.rpm runc-debugsource-1.0.0-60.rc8.module+el8.1.0+4081+b29780af.s390x.rpm skopeo-0.1.37-5.module+el8.1.0+4240+893c1ab8.s390x.rpm skopeo-debuginfo-0.1.37-5.module+el8.1.0+4240+893c1ab8.s390x.rpm skopeo-debugsource-0.1.37-5.module+el8.1.0+4240+893c1ab8.s390x.rpm skopeo-tests-0.1.37-5.module+el8.1.0+4240+893c1ab8.s390x.rpm slirp4netns-0.3.0-4.module+el8.1.0+4306+1d917805.s390x.rpm slirp4netns-debuginfo-0.3.0-4.module+el8.1.0+4306+1d917805.s390x.rpm slirp4netns-debugsource-0.3.0-4.module+el8.1.0+4306+1d917805.s390x.rpm toolbox-0.0.4-1.module+el8.1.0+4081+b29780af.s390x.rpm x86_64: buildah-1.9.0-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm buildah-debuginfo-1.9.0-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm buildah-debugsource-1.9.0-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm buildah-tests-1.9.0-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm buildah-tests-debuginfo-1.9.0-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm containernetworking-plugins-0.8.1-2.module+el8.1.0+4081+b29780af.x86_64.rpm containernetworking-plugins-debuginfo-0.8.1-2.module+el8.1.0+4081+b29780af.x86_64.rpm containernetworking-plugins-debugsource-0.8.1-2.module+el8.1.0+4081+b29780af.x86_64.rpm containers-common-0.1.37-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm fuse-overlayfs-0.4.1-1.module+el8.1.0+4081+b29780af.x86_64.rpm fuse-overlayfs-debuginfo-0.4.1-1.module+el8.1.0+4081+b29780af.x86_64.rpm fuse-overlayfs-debugsource-0.4.1-1.module+el8.1.0+4081+b29780af.x86_64.rpm oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af.x86_64.rpm oci-systemd-hook-debuginfo-0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af.x86_64.rpm oci-systemd-hook-debugsource-0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af.x86_64.rpm oci-umount-2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af.x86_64.rpm oci-umount-debuginfo-2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af.x86_64.rpm oci-umount-debugsource-2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af.x86_64.rpm podman-1.4.2-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm podman-debuginfo-1.4.2-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm podman-debugsource-1.4.2-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm podman-remote-1.4.2-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm podman-remote-debuginfo-1.4.2-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm podman-tests-1.4.2-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm runc-1.0.0-60.rc8.module+el8.1.0+4081+b29780af.x86_64.rpm runc-debuginfo-1.0.0-60.rc8.module+el8.1.0+4081+b29780af.x86_64.rpm runc-debugsource-1.0.0-60.rc8.module+el8.1.0+4081+b29780af.x86_64.rpm skopeo-0.1.37-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm skopeo-debuginfo-0.1.37-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm skopeo-debugsource-0.1.37-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm skopeo-tests-0.1.37-5.module+el8.1.0+4240+893c1ab8.x86_64.rpm slirp4netns-0.3.0-4.module+el8.1.0+4306+1d917805.x86_64.rpm slirp4netns-debuginfo-0.3.0-4.module+el8.1.0+4306+1d917805.x86_64.rpm slirp4netns-debugsource-0.3.0-4.module+el8.1.0+4306+1d917805.x86_64.rpm toolbox-0.0.4-1.module+el8.1.0+4081+b29780af.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-10214 https://access.redhat.com/security/cve/CVE-2019-14378 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/ 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE-----Version: GnuPGv1 iQIVAwUBXcHqpdzjgjWX9erEAQgWdhAAiIp2qMGDNdBjAveysGwYsamOPmUQLpek NxLzZEE4g9c1Xp8dmetUB51n11vP8UPpXM7ALUlY4zD548JruMrs4FYuxYVFYQcn YWZR05g3S/qHT3SrcbubkibtW5kICOEK9/2HK5RIbrCIAAQWTEBd0vSpDlboaYLU lu/rw+1h2yNl4Hr89DCyB/x/4XrItU8MzUbBDxLBT8ReF7vf6NmiKuNmQ6tecilO 3DvP40I/sepXWwbCYNJvnV7Tst31U45D4/TQoIhwBnvM4Cd3zvAQ9Z+K5Jbk5tCp pNN7RmVfy8L6oKH2QRku34ieLhi0Za4PW4p6h8xl0mL2VJv8Tyvot0BL1Va8yJTp 8v3dUWFU+ONXlmKK1sf3Pmw11kn5D9Pa6xVzRL0YjXveE6Gs3Q0wHE+fHTMRtJIj 4fkiJTcAEAFGvetH6YwoHDTI3+hnCg3XcpLctFFU5xB2jiYDa48qmEQwUzsiCknK Ja6zkEo2yvam2YU9QZk3F5IxNq812O0VEkP0PKb3FxNmzmFEX0VyZ1ZwJsAdunny xCnp5qvQTnptLs11XytQKP7bOERqzsNCTQGBGGf9G3beA44XOJAOgmLOh7T5PUpU 2THkTPPU8bFJSA9kOvhh926kg1hGjqk1Z6ixSHtGNXlZn0x0FWrK00ZbSEQuqhHg lSo2gYaJ4CE=3uAc -----END PGP SIGNATURE-------RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . New release for container-tools:rhel8 in Red Hat Enterprise Linux 8 designated as important, addressing various security vulnerabilities.. Red Hat Enterprise Linux, container-tools, security update, credential disclosure, buffer overflow. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Nov 05, 2019 Important Red Hat
Banner 1 1028x280 1708121660 1771599717
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderateRed Hat

RedHat OpenShift 3.10 RHSA-2019-2989-01 Moderate: SSH Issues Fixed

An update for atomic-openshift kube-apiserver is now available for Red Hat OpenShift Container Platform 3.10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: OpenShift Container Platform 3.10 atomic-openshift kube-apiserver security update Advisory ID: RHSA-2019:2989-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2019:2989 Issue date: 2019-10-14 CVE Names: CVE-2019-10150 CVE-2019-10214 ==================================================================== 1. Summary: An update for atomic-openshift kube-apiserver is now available for Red Hat OpenShift Container Platform 3.10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenShift Container Platform 3.10 - noarch, ppc64le, x86_64 3. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Security Fix(es): * atomic-openshift: OpenShift builds don't verify SSH Host Keys for the git repository (CVE-2019-10150) * containers/image: not enforcing TLS when sending username+password credentials to token servers leading to credential disclosure (CVE-2019-10214) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For OpenShift Container Platform 3.10 see thefollowing documentation, which will be updated shortly for release 3.10.175, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.redhat.com/en/documentation/openshift_container_platform/3.10/html/release_notes/release-notes-ocp-3-10-release-notes 5. Bugs fixed (https://bugzilla.redhat.com/): 1713433 - CVE-2019-10150 atomic-openshift: OpenShift builds don't verify SSH Host Keys for the git repository 1732508 - CVE-2019-10214 containers/image: not enforcing TLS when sending username+password credentials to token servers leading to credential disclosure 6. Package List: Red Hat OpenShift Container Platform3.10: Source: atomic-openshift-3.10.175-1.git.0.f9f0e81.el7.src.rpm cri-o-1.10.6-2.rhaos3.10.git56d7d9a.el7.src.rpm noarch: atomic-openshift-docker-excluder-3.10.175-1.git.0.f9f0e81.el7.noarch.rpm atomic-openshift-excluder-3.10.175-1.git.0.f9f0e81.el7.noarch.rpm ppc64le: atomic-openshift-3.10.175-1.git.0.f9f0e81.el7.ppc64le.rpm atomic-openshift-clients-3.10.175-1.git.0.f9f0e81.el7.ppc64le.rpm atomic-openshift-hyperkube-3.10.175-1.git.0.f9f0e81.el7.ppc64le.rpm atomic-openshift-hypershift-3.10.175-1.git.0.f9f0e81.el7.ppc64le.rpm atomic-openshift-master-3.10.175-1.git.0.f9f0e81.el7.ppc64le.rpm atomic-openshift-node-3.10.175-1.git.0.f9f0e81.el7.ppc64le.rpm atomic-openshift-pod-3.10.175-1.git.0.f9f0e81.el7.ppc64le.rpm atomic-openshift-sdn-ovs-3.10.175-1.git.0.f9f0e81.el7.ppc64le.rpm atomic-openshift-template-service-broker-3.10.175-1.git.0.f9f0e81.el7.ppc64le.rpm atomic-openshift-tests-3.10.175-1.git.0.f9f0e81.el7.ppc64le.rpm cri-o-1.10.6-2.rhaos3.10.git56d7d9a.el7.ppc64le.rpm x86_64: atomic-openshift-3.10.175-1.git.0.f9f0e81.el7.x86_64.rpm atomic-openshift-clients-3.10.175-1.git.0.f9f0e81.el7.x86_64.rpm atomic-openshift-clients-redistributable-3.10.175-1.git.0.f9f0e81.el7.x86_64.rpm atomic-openshift-hyperkube-3.10.175-1.git.0.f9f0e81.el7.x86_64.rpm atomic-openshift-hypershift-3.10.175-1.git.0.f9f0e81.el7.x86_64.rpm atomic-openshift-master-3.10.175-1.git.0.f9f0e81.el7.x86_64.rpm atomic-openshift-node-3.10.175-1.git.0.f9f0e81.el7.x86_64.rpm atomic-openshift-pod-3.10.175-1.git.0.f9f0e81.el7.x86_64.rpm atomic-openshift-sdn-ovs-3.10.175-1.git.0.f9f0e81.el7.x86_64.rpm atomic-openshift-template-service-broker-3.10.175-1.git.0.f9f0e81.el7.x86_64.rpm atomic-openshift-tests-3.10.175-1.git.0.f9f0e81.el7.x86_64.rpm cri-o-1.10.6-2.rhaos3.10.git56d7d9a.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7.References: https://access.redhat.com/security/cve/CVE-2019-10150 https://access.redhat.com/security/cve/CVE-2019-10214 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXaQ2v9zjgjWX9erEAQgxkA//RwBSs7u87bampa5Ac+II2ily0VJyf3MJ Drmh/55xKrHcEGA+q4u72SDxSfuw/lJVzBFVKJx3j0ON5dRVUUgm6XcVwXAS0hCB DMfL4AsKOIcExm5QVmTW3EE9gaI7mLk1hVrodb5ttKJxB28NAsVgU1er61y1BpvO ltXNhsXXymt8x6AKQYJpObWjgtSpdrDFYRZhtLTcEHIR8aBPRYAKFXSMX+h8nQRl MwkfxnQDxRI7q8ZrL9E5pUSH/V9nBZM6gXLr3INJE385uisK1MQRtGLQlkUP/flS 9CY/5BXSeBY0E19YULF/IcPw0YPsBmj/9dolc7nAxE/i6YWIPdmCXfUq9xweZVMk TVuUhvuLVtaEoooD7k+3H+c/H9xsDZpz694BQqVfa64zA7+wt1pkZn0y6Z0khULC fCu4ryWxfvvkL8oahygw3W0pNkRTKju1f5sfz7Tg7lk5qJCy03ygdt3+zOBrh0w2 mHk5jyeveQcSin7hTfTNWQrXB8FrzJ+76ZBIweftTcmzyWbMIwahcp4NVh3ML4Jl 9wUhfTzLcJ2STEIN64T+bqh6upsps9JxgpxitC6DYy0wLdJmY/0pgbAg0gzlLvBB YNaQkl/SlERoTX4L4FJJInMZvUNS4FBkBUve3wI8EXt56HOTBOmKiWmXXHvssG95 QjwSOT3Bf0Q=9BfP -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . The security advisory from Red Hat outlines a significant patch for OpenShift version 3.10, which resolves various SSH vulnerabilities and credential management concerns.. OpenShift Update, Kube-apiserver Security, Red Hat Security Advisory, SSH Host Keys Fix. . LinuxSecurity.com Team

Calendar 2 Oct 14, 2019 Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderatesecurity issue

RedHat OpenShift 4.1: RHSA-2019-2825-01 Moderate: cri-o Credentials Leak

An update for cri-o is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: OpenShift Container Platform 4.1.17 cri-o security update Advisory ID: RHSA-2019:2825-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2019:2825 Issue date: 2019-09-25 CVE Names: CVE-2019-10214 ==================================================================== 1. Summary: An update for cri-o is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenShift Container Platform 4.1 - x86_64 3. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains cri-o RPM packages for Red Hat OpenShift Container Platform 4.1.17. Security Fix(es): * containers/image: not enforcing TLS when sending username+password credentials to token servers leading to credential disclosure (CVE-2019-10214) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For OpenShift Container Platform 4.1 see the following documentation, which will be updated shortly for release 4.1.17, for important instructions on how to upgrade yourcluster and fully apply this asynchronous errata update: https://docs.redhat.com/en/documentation/openshift_container_platform/4.1/html/release_notes/ocp-4-1-release-notes 5. Bugs fixed (https://bugzilla.redhat.com/): 1732508 - CVE-2019-10214 containers/image: not enforcing TLS when sending username+password credentials to token servers leading to credential disclosure 6. Package List: Red Hat OpenShift Container Platform 4.1: Source: cri-o-1.13.11-0.4.dev.rhaos4.1.git9cb8f2f.el7.src.rpm x86_64: cri-o-1.13.11-0.4.dev.rhaos4.1.git9cb8f2f.el7.x86_64.rpm cri-o-debuginfo-1.13.11-0.4.dev.rhaos4.1.git9cb8f2f.el7.x86_64.rpm Red Hat OpenShift Container Platform 4.1: Source: cri-o-1.13.11-0.7.dev.rhaos4.1.git9cb8f2f.el8.src.rpm x86_64: cri-o-1.13.11-0.7.dev.rhaos4.1.git9cb8f2f.el8.x86_64.rpm cri-o-debuginfo-1.13.11-0.7.dev.rhaos4.1.git9cb8f2f.el8.x86_64.rpm cri-o-debugsource-1.13.11-0.7.dev.rhaos4.1.git9cb8f2f.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-10214 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBXYsLE9zjgjWX9erEAQga+Q//UQx1LEjGS9YjIfp5fLwdMqMebOkVaDsn qmO0NKjPFbC350Jb3qZ0hq71XS2rLz5U/Wyf6Cie6iLm7GxEIRSfo6ibyEsGbuEm 6/e9ziqRtwXimEJGakcevI9if2E/LI32sDJ94NRiZmyP5ZbRw9xG0VXsZ1V+ZY+8 AHzCf6pbP/Fxm59hrjYr6udZHas9BpY67Ucm5zQ0A6Dq+IOC+AX+bYRWTktjwctw DWvBETHU4KZlKOKmHg+4ldG90VkHwgkrp7LUZ2aRqkMvS8hckIG1c2nbPdsXyT7e 0gkZNDBinLs4PPdME/W97J5xzetExzaId4rNOQEBI0ofeWsMv4redbvmvfUvmytC qjNSjfKyGEzqk7XYlVReaAvUTDtll4Mn3J0heEsP+rNEQ5JSsxQ+BoCnKqQeNYxa /co95jRL8nPICyICdwETEKbHvGhZfaFcFjM01YET7Jm7v/7HhRQCVcR6wfOCSIJZ UJTCkAV7PGXl34jZVDylzKKduHYPcz95cfckAmLHtMUItUJK9a5WMe05EXCc1dq2 SdAcBbCAG2uQcw5jTaLCsTSKWLuhtmqHuilEO9voPjrSnRK3xjhbwYA9cCowxWDy JW/oRhk3Ks2TNRETE7IFrJExLHLn5U9W6HQagS5d7e/M4gWPTe5e6Yp+dKgit2f+ UA6e9QdSo5I=yYY8 -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Red Hat OpenShift 4.1.17 Update: Moderate security concern identified linked to credentials leakage in cri-o.. OpenShift Security Update, Red Hat Security Advisory, cri-o Vulnerability Detail. . LinuxSecurity.com Team

Calendar 2 Sep 25, 2019 Red Hat
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here