Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
98
security advisoryred hatsecurity fixRedHat OpenShift Serverless 1.30.1 RHSA-2023-5479-01 Critical HTTP Issue
Red Hat OpenShift Serverless 1.30.1 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: Release of OpenShift Serverless Client kn 1.30.1 security update Advisory ID: RHSA-2023:5479-01 Product: Red Hat OpenShift Serverless Advisory URL: https://access.redhat.com/errata/RHSA-2023:5479 Issue date: 2023-10-05 CVE Names: CVE-2023-4853 ===================================================================== 1. Summary: Red Hat OpenShift Serverless 1.30.1 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Openshift Serverless 1 on RHEL 8Base - ppc64le, s390x, x86_64 3. Description: Red Hat OpenShift Serverless Client kn 1.30.1 provides a CLI to interact with Red Hat OpenShift Serverless 1.30.1. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms. This release includes security and bug fixes, and enhancements. Security Fix(es): * quarkus: HTTP security policy bypass (CVE-2023-4853) For further information about CVE-2023-4853, see the Red Hat Security Bulletin linked to in the References section. For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: Before applying this update, make sure all previously releasederrata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2238034 - CVE-2023-4853 quarkus: HTTP security policy bypass 6. Package List: Openshift Serverless 1 on RHEL 8Base: Source: openshift-serverless-clients-1.9.2-3.el8.src.rpm ppc64le: openshift-serverless-clients-1.9.2-3.el8.ppc64le.rpm s390x: openshift-serverless-clients-1.9.2-3.el8.s390x.rpm x86_64: openshift-serverless-clients-1.9.2-3.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2023-4853 https://access.redhat.com/security/vulnerabilities/RHSB-2023-002 https://access.redhat.com/security/updates/classification#important https://docs.redhat.com/en/documentation/red_hat_openshift_serverless/1.33 https://docs.redhat.com/en/documentation/red_hat_openshift_serverless/1.33 https://docs.redhat.com/en/documentation/red_hat_openshift_serverless/1.33 https://docs.redhat.com/en/documentation/red_hat_openshift_serverless/1.33 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIcBAEBCAAGBQJlHypFAAoJENzjgjWX9erE8dYP/0f2bxOTsczhrQ+AB4503Rl0 roHKG2ZfmKrhNfNCL1v6POQ0iXQryhxU0Uv3t3Vp25dzy5JZyiUoVwugKLkkrISs iFxReqOp336nDs9OIUSMgmMMSYRbhiteMpSR/Z0dFH/kTqsEHHa0YaneVq0x0y8w 2A4oG01A8vAX5WwJJmemIrsJn5ygRm9unKNO2SRleM5Wjbt1gV5ufpKxfY4PvaR+ Z7H7CmqC1A7hzDmZRyGBv8ScKTlBT1fJomBqhEMHSi2PrfH9D4rvGIi+CTF0r30n 3wAaH6CukubiPBms7FEQV5Bgt6XDdtUV7FWaKVLaPjPhboUXKCwGE2gwUkZXp7Wt cV+Uk5NP9/60WYf6WIcqentfy8yARX0Vackh0hIm2YgIXphZ1Oa49Y4KU2lQcijy FXa3CYspd34BNxi96B6WhjYm7LQVPl4zKpeP3PquS1HJNnyOOgH7vtARZGaxn3GK vNMcnP+rUD7sucDicy5fsRF6Fq0wIZHSr0iXSmwc+2YmzSPgRdl0nYXb+0Z0j8Wj IdoHBRifgsHcLjABfeyPqV83fEYXv+dxR5GHgmxrulbw/AdkubYE7koFcgPiFQtB INQM+pfSh8jvieS2ksLvVVTNtj23EPjhmoyCErR1DniUOMhT/8d8ZUuIeVP+p7E9 ONO2EX/B4jH2twYWiKbW =VuSI -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Oct 05, 2023
•Important
Red Hat
98
security advisorymoderatesecurity fixRed Hat: RHSA-2023-4471-01 Moderate: OpenShift Serverless Client Release
Red Hat OpenShift Serverless 1.29.1 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: Release of OpenShift Serverless Client kn 1.29.1 Advisory ID: RHSA-2023:4471-01 Product: Red Hat OpenShift Serverless Advisory URL: https://access.redhat.com/errata/RHSA-2023:4471 Issue date: 2023-08-03 CVE Names: CVE-2023-3089 ===================================================================== 1. Summary: Red Hat OpenShift Serverless 1.29.1 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Openshift Serverless 1 on RHEL 8Base - ppc64le, s390x, x86_64 3. Description: Red Hat OpenShift Serverless Client kn 1.29.1 provides a CLI to interact with Red Hat OpenShift Serverless 1.29.1. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms. This release includes security and bug fixes, and enhancements. Security Fix(es): * openshift: OCP & FIPS mode (CVE-2023-3089) For more information about CVE-2023-3089, see https://access.redhat.com/security/vulnerabilities/RHSB-2023-001. For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For instructions on how to install and use OpenShift Serverless, see documentation linked fromthe References section. 5. Bugs fixed (https://bugzilla.redhat.com/): 2212085 - CVE-2023-3089 openshift: OCP & FIPS mode 6. Package List: Openshift Serverless 1 on RHEL 8Base: Source: openshift-serverless-clients-1.8.1-6.el8.src.rpm ppc64le: openshift-serverless-clients-1.8.1-6.el8.ppc64le.rpm s390x: openshift-serverless-clients-1.8.1-6.el8.s390x.rpm x86_64: openshift-serverless-clients-1.8.1-6.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2023-3089 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/security/vulnerabilities/RHSB-2023-001 https://access.redhat.com/documentation/en-us/openshift_container_platform/4.10/html/serverless/index https://access.redhat.com/documentation/en-us/openshift_container_platform/4.11/html/serverless/index https://access.redhat.com/documentation/en-us/openshift_container_platform/4.12/html/serverless/index https://access.redhat.com/documentation/en-us/openshift_container_platform/4.13/html/serverless/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIcBAEBCAAGBQJkzAxKAAoJENzjgjWX9erEO5cQAKhOGMfA3elNcWkiSUkqi95v leDH0tONGAVdgZoTnYW1hGXMqoDin1rwijHLVcD5DZt/VNPElvPzmrGmvRajgE7C QDZmz6Kg4SPj3mScJPrJogiNMFRnBuqiSPCtzvpKDE9n2gYz88lSOFzxHVEbuP6c 6TEGzsz8ZDbPkmiSE+T4wpbDszn6gDOpwaJWTlgSqFXV68IoMCD+V9+5Nqg3dNVJ 1NWf6OrrqFdBw5uIC2l6HSVuEdHVF8Udzq3LuEAOVL+/fAVqlz+X4KFJFLKgqmrB 3+7r7zi3UJ77qKQBgd6ZMqUlt8bu9Vw3+5987wyjQBxqiHmhmosBw3wK4s/y3kBD qO3ShcCo5hYgCiebgfUZvUl2IFr0ZuzXoa0hMfdlmT+FFaNBvgvKA/8F0dLiKEuF 30pBokKuOvRpYNHHaXnRLIK9NIZcVO5zBpO9rKLeitqZAh//6sVgSoEQnY8znGjq lRAdK82C5jXeQb5gHqN6v4+gbWp0C5g5IWQl7P4lzqnq/BmvAxhq/5SHpIfg2+P6 K/7y+OSA+OGDcAROYK/tthJimXBjF7KAPvGG41F/XmhOMOUH2zXU/w+CBfgPWisz sS/UHG0i0lM/YTeS0RoSGa56fVfTzt4snysGYY6UGmjwJzZQR5VOfLLba6a7+nsS Y3VYSnzLk2qz++F29YcY =ojGB -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Aug 03, 2023
Red Hat
98
security advisorymoderatered hatRHEL 8: RHSA-2022-0432 Moderate: OpenShift Serverless Client 1.20.0
Release of OpenShift Serverless Client kn 1.20.0 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: Release of OpenShift Serverless Client kn 1.20.0 Advisory ID: RHSA-2022:0432-01 Product: Red Hat OpenShift Serverless Advisory URL: https://access.redhat.com/errata/RHSA-2022:0432 Issue date: 2022-02-03 CVE Names: CVE-2021-29923 CVE-2021-38297 CVE-2021-39293 ==================================================================== 1. Summary: Release of OpenShift Serverless Client kn 1.20.0 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Openshift Serverless 1 on RHEL 8Base - ppc64le, s390x, x86_64 3. Description: Red Hat OpenShift Serverless Client kn 1.20.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.20.0. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms. Security Fix(es): * golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923) * golang: Command-line arguments may overwrite global data (CVE-2021-38297) * golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) (CVE-2021-39293) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the Referencessection. 4. Solution: See the Red Hat OpenShift Container Platform 4.6 documentation at: https://docs.redhat.com/en/documentation/red_hat_openshift_serverless/1.33 See the Red Hat OpenShift Container Platform 4.7 documentation at: https://docs.redhat.com/en/documentation/red_hat_openshift_serverless/1.33 See the Red Hat OpenShift Container Platform 4.8 documentation at: https://docs.redhat.com/en/documentation/red_hat_openshift_serverless/1.33 See the Red Hat OpenShift Container Platform 4.9 documentation at: https://docs.redhat.com/en/documentation/red_hat_openshift_serverless/1.33 5. Bugs fixed (https://bugzilla.redhat.com/): 1992006 - CVE-2021-29923 golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet 2006044 - CVE-2021-39293 golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) 2012887 - CVE-2021-38297 golang: Command-line arguments may overwrite global data 2024823 - Release of Openshift Serverless Client 1.20.0 6. Package List: Openshift Serverless 1 on RHEL 8Base: Source: openshift-serverless-clients-0.26.0-2.el8.src.rpm ppc64le: openshift-serverless-clients-0.26.0-2.el8.ppc64le.rpm s390x: openshift-serverless-clients-0.26.0-2.el8.s390x.rpm x86_64: openshift-serverless-clients-0.26.0-2.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7.References: https://access.redhat.com/security/cve/CVE-2021-29923 https://access.redhat.com/security/cve/CVE-2021-38297 https://access.redhat.com/security/cve/CVE-2021-39293 https://access.redhat.com/security/updates/classification#moderate https://docs.redhat.com/en/documentation/red_hat_openshift_serverless/1.33 https://docs.redhat.com/en/documentation/red_hat_openshift_serverless/1.33 https://docs.redhat.com/en/documentation/red_hat_openshift_serverless/1.33 https://docs.redhat.com/en/documentation/red_hat_openshift_serverless/1.33 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYfwPLdzjgjWX9erEAQg3fA//YAUCLuEhkNvVhRsiUYfYlad1CO2cyjh7 rb2sUnpPPr8yubpoRC0CTcvPDXOQa2Rp2yzub//WpZfjSEm666MSH4+LltAAzHB+ WaONgmOQxm+em0n3sYbh7eU9fcn+sYlG6Krzc2inL1wNFJ4ZBLzlBn94uN0NVo+A zIXJJWPtiVX2uDJ1Sm5c3XzEwheWAWmA30nypW6zox9ScrjOWZ/oHrO3bAs8Uqhs 7fWemusPnhs512r+ZOWWf0hpC7cbGsaHQlEbsBR68u9laiDZg8dJXpCPPWqCXSG+ pIm9j/sdTOb7CHAOl49NNYtKfB4vinRt8UD1n/ave0PuuFA0IfAyXNcRRFy2D/vJ 1HVow3WMTHZZOpGzwzUQ+T2KZbZKU5HPrGEnan+QKLUFbNX4ERz7qEIRyfyEY6s7 PYsEx2GvSFMJ0NFIql8/vydIRfZBBbgoQqQZX8l1ZTH3IKECSk3KyE10iHJpZoGN ZDeSiGGqADGpVbLNPuSbb81Fgyd/ITg2HaVEPFbgfeuCuSuTeZEbbXunXRsA9gmb j+5STbfDGpz640BpeV2eJh8zH2dk0T7TbKoqVhbPs5v3epeHhHSjRLa8HggawZa6 dxcMtKw8FylJFjRNcPcsyjaOpg0hc4juJ5aZLiBdTcUtM0p4ghO0XaauASTBe8Sp A+4e6hizAIg=OC/P -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Feb 03, 2022
Red Hat
98
security advisorymoderatesecurity updateRed Hat OpenShift Serverless 1.14.1 RHSA-2021:2095-01 Moderate Server Issue
Release of OpenShift Serverless Client kn 1.14.1 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: Release of OpenShift Serverless Client kn 1.14.1 security update Advisory ID: RHSA-2021:2095-01 Product: Red Hat OpenShift Serverless Advisory URL: https://access.redhat.com/errata/RHSA-2021:2095 Issue date: 2021-05-24 CVE Names: CVE-2021-3114 CVE-2021-3115 ==================================================================== 1. Summary: Release of OpenShift Serverless Client kn 1.14.1 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Openshift Serverless 1 on RHEL 8Base - ppc64le, s390x, x86_64 3. Description: Red Hat OpenShift Serverless Client kn 1.14.1 provides a CLI to interact with Red Hat OpenShift Serverless 1.14.1. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms. Security Fix(es): * golang: crypto/elliptic: incorrect operations on the P-224 curve (CVE-2021-3114) * golang: cmd/go: packages using cgo can cause arbitrary code execution at build time (CVE-2021-3115) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: See the Red Hat OpenShift Container Platform 4.6 documentationat: https://access.redhat.com/documentation/en-us/openshift_container_platform/ 4.6/html/serverless/index See the Red Hat OpenShift Container Platform 4.7 documentation at: https://access.redhat.com/documentation/en-us/openshift_container_platform/ 4.7/html/serverless/index 5. Bugs fixed (https://bugzilla.redhat.com/): 1918750 - CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve 1918761 - CVE-2021-3115 golang: cmd/go: packages using cgo can cause arbitrary code execution at build time 6. Package List: Openshift Serverless 1 on RHEL 8Base: Source: openshift-serverless-clients-0.20.0-7.el8.src.rpm ppc64le: openshift-serverless-clients-0.20.0-7.el8.ppc64le.rpm s390x: openshift-serverless-clients-0.20.0-7.el8.s390x.rpm x86_64: openshift-serverless-clients-0.20.0-7.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-3114 https://access.redhat.com/security/cve/CVE-2021-3115 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/openshift_container_platform/4.6/html/serverless/index https://access.redhat.com/documentation/en-us/openshift_container_platform/4.7/html/serverless/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYKvO+tzjgjWX9erEAQhGohAAllik9UYxOWLuC3N2sSBv2rRFyhyYOHDi xq6eYWQvYXhEnO4tRlB6zP6QPp2fRXhSVnmUWeHwVXmmizBcuA3eCqACxwb2K4bD 344J5s7OF9HEFpQlINtBGCAEuuauPfTYYgyfldEwXLasqiidi2ViOHE/GMBr3AsS 33k2O7wy8ev9QLJVYNP2GD7NgRoEGioK5qL/zsMOVyBtzGc3Nq55OzZ9Fdw3lcCH 4a7rQ0k4N5zMiLdNmZWEMl4xBh8+s8nJODCUYLlv/f1OqiQdsZnokWd7i/OItQNA ysMduemUGfFHakQRyoEVmHdkFsI2ryZpbWPTLN70zBqVxzXGMrF6Trtfv5RkEdh/ zeM5qeufvIXxVGUV2XSKk0mIvHeue5cNC3y95olaxwtDNDNUSlmIf50rqlGSEkKq /kl5w07kImYUvyk99SqieflokafeRBtBHbMXv9xWbtVeGwlI9kk9RrXaM4i2ckMc D6rYZJkdHPWNNw1KloEGXDQ7wbjs2DkrdhzmDi21XqRAX/ndr8J5Qs3gGGepJUym nBNZzEJfYD9OAekxQh/1yIKzH9yK4SYYdWsZ40uEdlxmCdlaeYQZNBvjzN1flvfc exZkubZcN0o8WPODxyQ1WwyfKbzj9vTr4wvRWgMh8RLKJgwVKnLPDDCouP7suvmd UAbzd48WZrA=T7IS -----END PGP SIGNATURE----- -- RHSA-announce mailing list
May 24, 2021
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!