Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -6 articles for you...
98
security advisorysecurity fixCVE issueRed Hat OpenShift 2.0.10 RHSA-2022-5003-01 Important: Envoy Security Issue
An update is now available for Red Hat OpenShift Service Mesh 2.0.10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: Red Hat OpenShift Service Mesh 2.0.10 security update Advisory ID: RHSA-2022:5003-01 Product: Red Hat OpenShift Service Mesh Advisory URL: https://access.redhat.com/errata/RHSA-2022:5003 Issue date: 2022-06-13 CVE Names: CVE-2022-29224 CVE-2022-29225 ==================================================================== 1. Summary: An update is now available for Red Hat OpenShift Service Mesh 2.0.10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: 2.0 - ppc64le, s390x, x86_64 3. Description: Red Hat OpenShift Service Mesh is Red Hat''s distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers the RPM packages for the release. Security Fix(es): * envoy: Decompressors can be zip bombed (CVE-2022-29225) * envoy: Segfault in GrpcHealthCheckerImpl (CVE-2022-29224) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: The OpenShift Service Mesh release notes provide information on the features and known issues: 5. Bugs fixed (https://bugzilla.redhat.com/): 2088737 - CVE-2022-29225 envoy:Decompressors can be zip bombed 2088738 - CVE-2022-29224 envoy: Segfault in GrpcHealthCheckerImpl 6. JIRA issues fixed (https://redhat.atlassian.net/jira/projects): OSSM-1613 - RPM Release for Maistra 2.0.10 7. Package List: 2.0: Source: servicemesh-2.0.10-1.el8.src.rpm servicemesh-cni-2.0.10-1.el8.src.rpm servicemesh-operator-2.0.10-1.el8.src.rpm servicemesh-prometheus-2.14.0-17.el8.1.src.rpm servicemesh-proxy-2.0.10-1.el8.src.rpm ppc64le: servicemesh-2.0.10-1.el8.ppc64le.rpm servicemesh-cni-2.0.10-1.el8.ppc64le.rpm servicemesh-istioctl-2.0.10-1.el8.ppc64le.rpm servicemesh-mixc-2.0.10-1.el8.ppc64le.rpm servicemesh-mixs-2.0.10-1.el8.ppc64le.rpm servicemesh-operator-2.0.10-1.el8.ppc64le.rpm servicemesh-pilot-agent-2.0.10-1.el8.ppc64le.rpm servicemesh-pilot-discovery-2.0.10-1.el8.ppc64le.rpm servicemesh-prometheus-2.14.0-17.el8.1.ppc64le.rpm servicemesh-proxy-2.0.10-1.el8.ppc64le.rpm s390x: servicemesh-2.0.10-1.el8.s390x.rpm servicemesh-cni-2.0.10-1.el8.s390x.rpm servicemesh-istioctl-2.0.10-1.el8.s390x.rpm servicemesh-mixc-2.0.10-1.el8.s390x.rpm servicemesh-mixs-2.0.10-1.el8.s390x.rpm servicemesh-operator-2.0.10-1.el8.s390x.rpm servicemesh-pilot-agent-2.0.10-1.el8.s390x.rpm servicemesh-pilot-discovery-2.0.10-1.el8.s390x.rpm servicemesh-prometheus-2.14.0-17.el8.1.s390x.rpm servicemesh-proxy-2.0.10-1.el8.s390x.rpm x86_64: servicemesh-2.0.10-1.el8.x86_64.rpm servicemesh-cni-2.0.10-1.el8.x86_64.rpm servicemesh-istioctl-2.0.10-1.el8.x86_64.rpm servicemesh-mixc-2.0.10-1.el8.x86_64.rpm servicemesh-mixs-2.0.10-1.el8.x86_64.rpm servicemesh-operator-2.0.10-1.el8.x86_64.rpm servicemesh-pilot-agent-2.0.10-1.el8.x86_64.rpm servicemesh-pilot-discovery-2.0.10-1.el8.x86_64.rpm servicemesh-prometheus-2.14.0-17.el8.1.x86_64.rpm servicemesh-proxy-2.0.10-1.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 8.References: https://access.redhat.com/security/cve/CVE-2022-29224 https://access.redhat.com/security/cve/CVE-2022-29225 https://access.redhat.com/security/updates/classification#important 9. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYqd67dzjgjWX9erEAQiKghAAlaOQUdcfJvfVLoenJDY8uqnHLOwbkIi5 0CI3E7DIg+6xCGzg9n6mNdU15+GIGRC567dKCpbTvgyDCBBv8sUOcPDn2KmoI5OQ VEtBChd49i9qD18VEYbhbuEsNTMr3E4ET9q4BqvqcfEfw1MaUYCaiEZFEgfycq9B mt6WH5CCMPg3KnXw7RqC1NWLOKa9qGNFTEgbx4Db4tPZIQoSjxaNWFvphR1nT3i+ PKy9CaIBXAcbBdBjrp+89RXfI2Mld8zmeclD/3Du3Dmdh3a383YJvHQcpICIki8M MXDrudv4xZr9NtsbaRKmpalvBPkfQdNIDbl1gENGgOJWYZKVdOE4c/PxBAsrDyr+ MmGko8FmlzRX4q7WqbqtIn77mujUfguyEtq2wxDZWqOybGgQJhB6FB5o9F+qzBos IXMOV4Zo2L1cm/cvwW49QMBFlHQAPPLN8RC6Mtts4btxzHikZwNh/VP3w9egXBaT LZOFH2ZD3KB4pqfWt2XAoIE0MhCr9lAaxCM0ktdYwbahnI7CrgrL/3wytC7mqP/M /RHfm7lElh4upaIp6IfMesJDIUI0I7+ZSXpra6x2mlnoTc5mEkKAP/68rysc6gEs x5292wN7am1hFdW2eEUXBQIj5pGdIE/Zq2ibxTOAGqPJn3qFyIBhNxp92qCObvvl +uQLK2+FSBc=yaR1 -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Jun 13, 2022
•Important
Red Hat
98
security advisoryred hatimportantRedHat: RHSA-2020-2864-01 Critical Update for OpenShift Service Mesh
An update for servicemesh-proxy is now available for OpenShift Service Mesh 1.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: Red Hat OpenShift Service Mesh 1.0 servicemesh-proxy security update Advisory ID: RHSA-2020:2864-01 Product: Red Hat OpenShift Service Mesh Advisory URL: https://access.redhat.com/errata/RHSA-2020:2864 Issue date: 2020-07-07 CVE Names: CVE-2020-8663 CVE-2020-12603 CVE-2020-12604 CVE-2020-12605 ==================================================================== 1. Summary: An update for servicemesh-proxy is now available for OpenShift Service Mesh 1.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: OpenShift Service Mesh 1.0 - x86_64 3. Description: Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Security Fix(es): * envoy: Resource exhaustion when accepting too many connections (CVE-2020-8663) * envoy: Resource exhaustion when proxying HTTP/2 requests or responses with small data frames (CVE-2020-12603) * envoy: Resource exhaustion when processing HTTP/1.1 headers with long field names (CVE-2020-12605) * envoy: Resource exhaustion via HTTP/2 client requests with large payloads and improper stream windows (CVE-2020-12604) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other relatedinformation, refer to the CVE page(s) listed in the References section. 4. Solution: The OpenShift Service Mesh release notes provide information on the features and known issues: 5. Bugs fixed (https://bugzilla.redhat.com/): 1844251 - CVE-2020-12603 envoy: Resource exhaustion when proxying HTTP/2 requests or responses with small data frames 1844252 - CVE-2020-12605 envoy: Resource exhaustion when processing HTTP/1.1 headers with long field names 1844254 - CVE-2020-8663 envoy: Resource exhaustion when accepting too many connections 1844255 - CVE-2020-12604 envoy: Resource exhaustion via HTTP/2 client requests with large payloads and improper stream windows 6. Package List: OpenShift Service Mesh 1.0: Source: servicemesh-proxy-1.0.11-1.el8.src.rpm x86_64: servicemesh-proxy-1.0.11-1.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-8663 https://access.redhat.com/security/cve/CVE-2020-12603 https://access.redhat.com/security/cve/CVE-2020-12604 https://access.redhat.com/security/cve/CVE-2020-12605 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIUAwUBXwTOstzjgjWX9erEAQhSyg/0CDZeUoy2EvmNHi8V/GMoo5pS3r2Pn099 FxV+Rs8zwz5q8kaKnU/TMp5uzNw+IHrwSfsBKT99txPFspS0yGE+hcsil+1gyfLv 6ERtxgNaPEGG6EHueWly+vLP58dLITPelmGVIKtmzQYSj+7rT4E53zdoIa4INJBi bN6TetPRj2BnjjkE8Fb1muPmpV6HWGvrsdHSsqvBUl8QQUNKMFony+aMBN6gQfyc zXc0wh8yAfs12ClVGCluwdLQugzJMl2JyxLK3aKnOitmqtSBoicNoWKCECaLX2ui VKL75iWTWhuGIyXXBRfW3kS++uw5Nk1aCOGyJe7olbhW0dzNJYK+79+tuGz7qsxn r9QZ2coXO2PChyH1QRJcolf3k854KYXi765mYZDm5aNKPCxtN3iB4wtHGR12IuuR QS9tj9sHofOa9xv7hGO2g7VwYPwUYqMSXubbvi9PiVgT1X2r0z81k3xvj8z0McAW IUcT/ProlMYG0rzhgKTr9r1BrwjVWti/3fm4KTsTqh70N4z3VVPymW3EIQb8JfXN iQOBoc7MmLX0rhzWewnIE5xW7KB9QOO7rpGVzcXd8HD7PmD75pwL0XCAu/fcUoip N0EG0TG//PWqQTu4RVNW9gyoqdQb9a1XmfdvrNyZ9uZKVAJysPI/F0QWE/mrmm5t D0EN45lDDg==P3Yn -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Jul 07, 2020
•Important
Red Hat
98
security advisorymoderatesecurity fixRedHat: RHSA-2020-0734-01 Moderate Security Update for OpenShift Mesh 1.0.9
Red Hat OpenShift Service Mesh 1.0.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: Red Hat OpenShift Service Mesh 1.0.9 servicemesh-proxy security update Advisory ID: RHSA-2020:0734-01 Product: Red Hat OpenShift Service Mesh Advisory URL: https://access.redhat.com/errata/RHSA-2020:0734 Issue date: 2020-03-05 CVE Names: CVE-2020-8659 CVE-2020-8660 CVE-2020-8661 CVE-2020-8664 ==================================================================== 1. Summary: Red Hat OpenShift Service Mesh 1.0.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: OpenShift Service Mesh 1.0 - x86_64 3. Description: Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Security Fix(es): * envoy: Excessive CPU and/or memory usage when proxying HTTP/1.1 (CVE-2020-8659) * envoy: TLS inspector bypassc (CVE-2020-8660) * envoy: Response flooding for HTTP/1.1 (CVE-2020-8661) * envoy: Incorrect Access Control when using SDS with Combined Validation Context (CVE-2020-8664) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: The OpenShift Service Mesh release notes provide information onthe features and known issues: https://docs.redhat.com/en/documentation/openshift_container_platform/4.3/html/service_mesh/service-mesh-1-x 5. Bugs fixed (https://bugzilla.redhat.com/): 1802539 - CVE-2020-8659 envoy: Excessive CPU and/or memory usage when proxying HTTP/1.1 1802540 - CVE-2020-8661 envoy: Response flooding for HTTP/1.1 1802542 - CVE-2020-8664 envoy: Incorrect Access Control when using SDS with Combined Validation Context 1802545 - CVE-2020-8660 envoy: TLS inspector bypassc 6. Package List: OpenShift Service Mesh 1.0: Source: servicemesh-proxy-1.0.9-2.el8.src.rpm x86_64: servicemesh-proxy-1.0.9-2.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2020-8659 https://access.redhat.com/security/cve/CVE-2020-8660 https://access.redhat.com/security/cve/CVE-2020-8661 https://access.redhat.com/security/cve/CVE-2020-8664 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXmFMc9zjgjWX9erEAQh5RxAAgCnYM0L0+b2PgDeANzdtC4yRqzkwBkjR uUSF5cWNzK0pSywGDc4u5hTv3ZBvMDCV1bFazKEtQuBqiQMBZtEHD3XNN7//HZov jYxn9Tj/tv7E/9S2Lge3hPTNlYAo6ryI+DdlsZ/0hc+SRqeQYSc0sLx+QN+kJcsU Fz3fdOG36tsHx6fekn0GyEFRsNsPTCP7k7dlT9AQXMSUpP3YtJQ2fm/zjEZqbtVh lt4FzOJSFuPeSy7ZTZpVGU0Ad4ummcyI8/YB/mA2jMthOpiR1N9F/aH5vMWf+q4e 0JH9KL5jh7aKsL4oqMyDM0n4AIVqxhz2Iks9z04bJKEELF1XiNmDLtxfQnh8e3Th KV8JpR/+M8efAQ1HtNQf/5CqG7ZJvBEpk4HQCLbaXQo5URWoccAgIsVieMQIWrA4 rOmx/KVLDqnJiak/kI1b6sV9tMJorkJv2B1eKylMJyj+1e04Xa1n2V2sC/E+42tY ALxdYlMxxHNNyF0TpNEDLlXtFr4SLL7Id4mtnDpKdFi5Vz/q3EwzA5G/seqFttjF bRRrCWWj36jxDsFMxkTWeqh9lclo2AmGz29cV9oDNntXnuwTozowKijyT0xKNyOr Oi3Ic7poIirR9NIJFgbOkSXShdPa/pctJVmVzAyIElp4jANgAGOXW5LTRBijnEzO fxoJqGuD7G0=9SJw -----ENDPGP SIGNATURE----- -- RHSA-announce mailing list
Mar 05, 2020
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!