Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -6 articles for you...
98
security advisorymoderatesecurity updateRed Hat 9.0: RHSA-2023-0527-01 Moderate pcs Reflected File Download
An update for pcs is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: pcs security update Advisory ID: RHSA-2023:0527-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:0527 Issue date: 2023-01-30 CVE Names: CVE-2022-45442 ==================================================================== 1. Summary: An update for pcs is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux High Availability EUS (v.9.0) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Resilient Storage EUS (v.9.0) - ppc64le, s390x, x86_64 3. Description: The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fix(es): * sinatra: Reflected File Download attack (CVE-2022-45442) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2153363 - CVE-2022-45442 sinatra: Reflected File Download attack 6. Package List: Red Hat Enterprise Linux HighAvailability EUS (v.9.0): Source: pcs-0.11.1-10.el9_0.3.src.rpm aarch64: pcs-0.11.1-10.el9_0.3.aarch64.rpm pcs-snmp-0.11.1-10.el9_0.3.aarch64.rpm ppc64le: pcs-0.11.1-10.el9_0.3.ppc64le.rpm pcs-snmp-0.11.1-10.el9_0.3.ppc64le.rpm s390x: pcs-0.11.1-10.el9_0.3.s390x.rpm pcs-snmp-0.11.1-10.el9_0.3.s390x.rpm x86_64: pcs-0.11.1-10.el9_0.3.x86_64.rpm pcs-snmp-0.11.1-10.el9_0.3.x86_64.rpm Red Hat Enterprise Linux Resilient Storage EUS (v.9.0): Source: pcs-0.11.1-10.el9_0.3.src.rpm ppc64le: pcs-0.11.1-10.el9_0.3.ppc64le.rpm pcs-snmp-0.11.1-10.el9_0.3.ppc64le.rpm s390x: pcs-0.11.1-10.el9_0.3.s390x.rpm pcs-snmp-0.11.1-10.el9_0.3.s390x.rpm x86_64: pcs-0.11.1-10.el9_0.3.x86_64.rpm pcs-snmp-0.11.1-10.el9_0.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2022-45442 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY9fxnNzjgjWX9erEAQiNqA/+O+hbg+/u/Ba+jVhT6wACCwbLCxlyM3rq TkhbpqBMjZQ6krvIQ9ceS5vLWFp+yBbfg2faTFCC+OSHf5fxSMES2FeRsnbOUq9C TqJOlR2LvNcjjyVfxcGM+yWNSG54fdN1juP286f4wCzcnbUR675pqphKkK7FT9Js 70buM3nOw14y2jQ1070c58S2xDWtDYc6oMenHDZu8rCPP/PdJeKROBPm8kQX5h9i 0iaaJjPcRlASE6c19F6hCtQwkSgsLA6pLDR/N5EIahKJ1203eeshM9ISR7mimPS/ iWUoNIQu4ZWpHv6BscoYn6TfD14ymQgJaeWT8sgvLBCfCLO2XvfGJSxyu4/Yo2uW QkMrPywHyYTeHt5E2msS/rgMHaGcKhPohuOTVDvJbdfFwu/JX7srclfzy628nERh n8rWz3RtofEEDnF90OKCZM0hPSyQZGillElthkE+KWbnEVfc2dhzxGpawlGqNpZk 4YBGT2hw6hLvubfOdUcBcAS3vuZylcMI51L9ARscM9c0C9B1qaoTX/sZYA68HQ42 QRlmztihtJjtInrjCwMg4q6YO0Lr+xBLgh5gP1/DR5yj2xoD2DwLL+6q3tv0didR kkfgKYZnfQ6xPBmhD+BLWfqPICCX93un6PNWkjM63bdNraCqTLxF2HVYFijw0ZNg /9ZZHIAPXWE=1ju9 -----END PGP SIGNATURE----- -- RHSA-announce mailinglist
Jan 30, 2023
Red Hat
98
security advisoryred hatcode executionRedHat: RHSA-2021-4686 Moderate: Webkit2gtk3 Code Execution Risk
An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: webkit2gtk3 security update Advisory ID: RHSA-2021:4686-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:4686 Issue date: 2021-11-16 CVE Names: CVE-2021-30858 ==================================================================== 1. Summary: An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream EUS (v. 8.1) - aarch64, ppc64le, s390x, x86_64 3. Description: WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fix(es): * webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-30858) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2006099 - CVE-2021-30858 webkitgtk: Use-after-free leading to arbitrary code execution 6. Package List: Red Hat Enterprise Linux AppStream EUS (v.8.1): Source: webkit2gtk3-2.24.4-4.el8_1.src.rpm aarch64: webkit2gtk3-2.24.4-4.el8_1.aarch64.rpm webkit2gtk3-debuginfo-2.24.4-4.el8_1.aarch64.rpm webkit2gtk3-debugsource-2.24.4-4.el8_1.aarch64.rpm webkit2gtk3-devel-debuginfo-2.24.4-4.el8_1.aarch64.rpm webkit2gtk3-jsc-2.24.4-4.el8_1.aarch64.rpm webkit2gtk3-jsc-debuginfo-2.24.4-4.el8_1.aarch64.rpm webkit2gtk3-jsc-devel-debuginfo-2.24.4-4.el8_1.aarch64.rpm webkit2gtk3-plugin-process-gtk2-2.24.4-4.el8_1.aarch64.rpm webkit2gtk3-plugin-process-gtk2-debuginfo-2.24.4-4.el8_1.aarch64.rpm ppc64le: webkit2gtk3-2.24.4-4.el8_1.ppc64le.rpm webkit2gtk3-debuginfo-2.24.4-4.el8_1.ppc64le.rpm webkit2gtk3-debugsource-2.24.4-4.el8_1.ppc64le.rpm webkit2gtk3-devel-2.24.4-4.el8_1.ppc64le.rpm webkit2gtk3-devel-debuginfo-2.24.4-4.el8_1.ppc64le.rpm webkit2gtk3-jsc-2.24.4-4.el8_1.ppc64le.rpm webkit2gtk3-jsc-debuginfo-2.24.4-4.el8_1.ppc64le.rpm webkit2gtk3-jsc-devel-2.24.4-4.el8_1.ppc64le.rpm webkit2gtk3-jsc-devel-debuginfo-2.24.4-4.el8_1.ppc64le.rpm webkit2gtk3-plugin-process-gtk2-2.24.4-4.el8_1.ppc64le.rpm webkit2gtk3-plugin-process-gtk2-debuginfo-2.24.4-4.el8_1.ppc64le.rpm s390x: webkit2gtk3-2.24.4-4.el8_1.s390x.rpm webkit2gtk3-debuginfo-2.24.4-4.el8_1.s390x.rpm webkit2gtk3-debugsource-2.24.4-4.el8_1.s390x.rpm webkit2gtk3-devel-debuginfo-2.24.4-4.el8_1.s390x.rpm webkit2gtk3-jsc-2.24.4-4.el8_1.s390x.rpm webkit2gtk3-jsc-debuginfo-2.24.4-4.el8_1.s390x.rpm webkit2gtk3-jsc-devel-debuginfo-2.24.4-4.el8_1.s390x.rpm webkit2gtk3-plugin-process-gtk2-2.24.4-4.el8_1.s390x.rpm webkit2gtk3-plugin-process-gtk2-debuginfo-2.24.4-4.el8_1.s390x.rpm x86_64: webkit2gtk3-2.24.4-4.el8_1.i686.rpm webkit2gtk3-2.24.4-4.el8_1.x86_64.rpm webkit2gtk3-debuginfo-2.24.4-4.el8_1.i686.rpm webkit2gtk3-debuginfo-2.24.4-4.el8_1.x86_64.rpm webkit2gtk3-debugsource-2.24.4-4.el8_1.i686.rpm webkit2gtk3-debugsource-2.24.4-4.el8_1.x86_64.rpm webkit2gtk3-devel-2.24.4-4.el8_1.i686.rpm webkit2gtk3-devel-2.24.4-4.el8_1.x86_64.rpm webkit2gtk3-devel-debuginfo-2.24.4-4.el8_1.i686.rpm webkit2gtk3-devel-debuginfo-2.24.4-4.el8_1.x86_64.rpm webkit2gtk3-jsc-2.24.4-4.el8_1.i686.rpm webkit2gtk3-jsc-2.24.4-4.el8_1.x86_64.rpm webkit2gtk3-jsc-debuginfo-2.24.4-4.el8_1.i686.rpm webkit2gtk3-jsc-debuginfo-2.24.4-4.el8_1.x86_64.rpm webkit2gtk3-jsc-devel-2.24.4-4.el8_1.i686.rpm webkit2gtk3-jsc-devel-2.24.4-4.el8_1.x86_64.rpm webkit2gtk3-jsc-devel-debuginfo-2.24.4-4.el8_1.i686.rpm webkit2gtk3-jsc-devel-debuginfo-2.24.4-4.el8_1.x86_64.rpm webkit2gtk3-plugin-process-gtk2-2.24.4-4.el8_1.i686.rpm webkit2gtk3-plugin-process-gtk2-2.24.4-4.el8_1.x86_64.rpm webkit2gtk3-plugin-process-gtk2-debuginfo-2.24.4-4.el8_1.i686.rpm webkit2gtk3-plugin-process-gtk2-debuginfo-2.24.4-4.el8_1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-30858 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYZO5ctzjgjWX9erEAQhJ+xAAj1d/Mwsit142j1c3uKa/qKMLvgEiZoJk lrfsrDTjMH6tduT5vj956Povv43dU1MFfODJLCvelRhy3a+cWdjXJ+YjPAWOllCm 4r37sWQLN8GjutMKIKR59snwJKGZoM5q26D1UTNgpXh1j41dPuASQGJWMOL+velF wK+hYKOOcYJ5R6eX2IHSmqsEpP6yjUpCKs5LAxk9faDDWDh056zUwkMpYcZ6OyQ7 KHc+Kyja967+54Ts5fUwvb73rnqjfpKFZNhYy91lQxh6Isp370KcevrLq5fABaRy s6QQNWaS6V+bHV9yCOlvD7j5Q++Dg/xPy9H3/h7n5S9Ue56bTy/KE48qSOpqZ7I3 7ME6bfvuukRAb5G7KhKtNh2+zTKqeUhB4IGPDneh0RpiIwNCF2Qap83eAJ3k+TmC nlE8Zn9HuCCNFgCBGL5+EYgQDb/9SQ5YJl0BlsNVd/mvYmhkOmOkT4zb71Ykruws bl4/9Oz3dbKeRcTkqX6zRGnVChnaDHOG/rsnSvTn+V9T4gcQsiAEOlWdfijH/+EU Di3w/7AdhWYQCQYi7wj3P6xHOf5E3VKEG9Cf1SBcmcgMZ21st3nR7bP7TqyUTHfZ FDlBQ5N2ZbAX1S2+GNR4+yUTHv3Q98om+wRDbsurUVyBk+ZphArD0KATtrKeWKLU biz3TtZHTCE=mmU0 -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Nov 16, 2021
•Medium
Red Hat
98
security advisoryred hatend of lifeUbuntu 20.04 Critical Service Bulletin for End Of Life Notice
This is the 1-year notification of the End Of Life plans for Red Hat Enterprise Linux 3. 2. Relevant releases/architectures: Red Hat Desktop version 3 - i386, x86_64. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Low: Red Hat Enterprise Linux 3 - 1-Year End Of Life Notice Advisory ID: RHSA-2009:1526-02 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2009:1526.html Issue date: 2009-11-09 ==================================================================== 1. Summary: This is the 1-year notification of the End Of Life plans for Red Hat Enterprise Linux 3. 2. Relevant releases/architectures: Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Description: In accordance with the Red Hat Enterprise Linux Errata Support Policy, the regular 7 year life-cycle of Red Hat Enterprise Linux 3 will end on October 31, 2010. After this date, Red Hat will discontinue the regular subscription services for Red Hat Enterprise Linux 3. Therefore, new bug fix, enhancement, and security errata updates, as well as technical support services will no longer be available for the following products: * Red Hat Enterprise Linux AS 3 * Red Hat Enterprise Linux ES 3 * Red Hat Enterprise Linux WS 3 * Red Hat Enterprise Linux Extras 3 * Red Hat Desktop 3 * Red Hat Global File System 3 * Red Hat Cluster Suite 3 Customers still running production workloads on Red Hat Enterprise Linux 3 are advised to begin planning the upgrade to Red Hat Enterprise Linux 5. Active subscribers of Red Hat Enterprise Linux already have access to all currently maintained versions of Red Hat Enterprise Linux, as part of their subscription without additional fees. For customerswho are unable to migrate off Red Hat Enterprise Linux 3 before its end-of-life date, Red Hat may offer a limited, optional extension program. For more information, contact your Red Hat sales representative or channel partner. Details of the Red Hat Enterprise Linux life-cycle can be found on the Red Hat website: https://access.redhat.com/support/policy/updates/errata/ 4. Solution: This errata contains an updated redhat-release package, that adds a new file to "/usr/share/doc/", which contains this end of life notice. 5. Bugs fixed (http://bugzilla.redhat.com/): 531220 - Send Out RHEL 3 1-Year EOL Notice 6. Package List: Red Hat Enterprise Linux AS version 3: Source: i386: redhat-release-3AS-13.9.7.i386.rpm redhat-release-debuginfo-3AS-13.9.7.i386.rpm ia64: redhat-release-3AS-13.9.7.ia64.rpm redhat-release-debuginfo-3AS-13.9.7.ia64.rpm ppc: redhat-release-3AS-13.9.7.ppc.rpm redhat-release-debuginfo-3AS-13.9.7.ppc.rpm s390: redhat-release-3AS-13.9.7.s390.rpm redhat-release-debuginfo-3AS-13.9.7.s390.rpm s390x: redhat-release-3AS-13.9.7.s390x.rpm redhat-release-debuginfo-3AS-13.9.7.s390x.rpm x86_64: redhat-release-3AS-13.9.7.x86_64.rpm redhat-release-debuginfo-3AS-13.9.7.x86_64.rpm Red Hat Desktop version 3: Source: i386: redhat-release-3Desktop-13.9.7.i386.rpm redhat-release-debuginfo-3Desktop-13.9.7.i386.rpm x86_64: redhat-release-3Desktop-13.9.7.x86_64.rpm redhat-release-debuginfo-3Desktop-13.9.7.x86_64.rpm Red Hat Enterprise Linux ES version 3: Source: i386: redhat-release-3ES-13.9.7.i386.rpm redhat-release-debuginfo-3ES-13.9.7.i386.rpm ia64: redhat-release-3ES-13.9.7.ia64.rpm redhat-release-debuginfo-3ES-13.9.7.ia64.rpm x86_64: redhat-release-3ES-13.9.7.x86_64.rpm redhat-release-debuginfo-3ES-13.9.7.x86_64.rpm Red Hat Enterprise Linux WS version3: Source: i386: redhat-release-3WS-13.9.7.i386.rpm redhat-release-debuginfo-3WS-13.9.7.i386.rpm ia64: redhat-release-3WS-13.9.7.ia64.rpm redhat-release-debuginfo-3WS-13.9.7.ia64.rpm x86_64: redhat-release-3WS-13.9.7.x86_64.rpm redhat-release-debuginfo-3WS-13.9.7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/updates/classification#low 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2009 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFK+DsyXlSAg2UNWIIRAkcOAJ45lQqnnn894jTtNMN0YFsSXNTeAACfbIpZ gSvMQB3GC3rC2wZrmX2o+Ig=Hr8G -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list
Nov 09, 2009
•Low
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!