Alerts This Week
Warning Icon 1 541
Alerts This Week
Warning Icon 1 541

Stay Secure with the Latest Linux Advisories

Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H800
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 3 articles for you...
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity issuebug fix

Red Hat: RHSA-2022-0708-01 Critical: rh-ruby26-ruby Multiple Issues

An update for rh-ruby26-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: rh-ruby26-ruby security, bug fix, and enhancement update Advisory ID: RHSA-2022:0708-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2022:0708 Issue date: 2022-02-28 CVE Names: CVE-2020-36327 CVE-2021-31799 CVE-2021-31810 CVE-2021-32066 CVE-2021-41817 CVE-2021-41819 ==================================================================== 1. Summary: An update for rh-ruby26-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 3. Description: Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby26-ruby (2.6.9). (BZ#2056947) Security Fix(es): * rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source (CVE-2020-36327) * rubygem-rdoc: Command injection vulnerability in RDoc (CVE-2021-31799) * ruby: FTP PASV command response can cause Net::FTP to connect to arbitrary host(CVE-2021-31810) * ruby: StartTLS stripping vulnerability in Net::IMAP (CVE-2021-32066) * ruby: Regular expression denial of service vulnerability of Date parsing methods (CVE-2021-41817) * ruby: Cookie prefix spoofing in CGI::Cookie.parse (CVE-2021-41819) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1958999 - CVE-2020-36327 rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source 1980126 - CVE-2021-31810 ruby: FTP PASV command response can cause Net::FTP to connect to arbitrary host 1980128 - CVE-2021-32066 ruby: StartTLS stripping vulnerability in Net::IMAP 1980132 - CVE-2021-31799 rubygem-rdoc: Command injection vulnerability in RDoc 2025104 - CVE-2021-41817 ruby: Regular expression denial of service vulnerability of Date parsing methods 2026757 - CVE-2021-41819 ruby: Cookie prefix spoofing in CGI::Cookie.parse 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v.7): Source: rh-ruby26-ruby-2.6.9-120.el7.src.rpm noarch: rh-ruby26-ruby-doc-2.6.9-120.el7.noarch.rpm rh-ruby26-rubygem-bundler-1.17.2-120.el7.noarch.rpm rh-ruby26-rubygem-did_you_mean-1.3.0-120.el7.noarch.rpm rh-ruby26-rubygem-irb-1.0.0-120.el7.noarch.rpm rh-ruby26-rubygem-minitest-5.11.3-120.el7.noarch.rpm rh-ruby26-rubygem-net-telnet-0.2.0-120.el7.noarch.rpm rh-ruby26-rubygem-power_assert-1.1.3-120.el7.noarch.rpm rh-ruby26-rubygem-rake-12.3.3-120.el7.noarch.rpm rh-ruby26-rubygem-rdoc-6.1.2.1-120.el7.noarch.rpm rh-ruby26-rubygem-test-unit-3.2.9-120.el7.noarch.rpm rh-ruby26-rubygem-xmlrpc-0.3.0-120.el7.noarch.rpm rh-ruby26-rubygems-3.0.3.1-120.el7.noarch.rpm rh-ruby26-rubygems-devel-3.0.3.1-120.el7.noarch.rpm ppc64le: rh-ruby26-ruby-2.6.9-120.el7.ppc64le.rpm rh-ruby26-ruby-debuginfo-2.6.9-120.el7.ppc64le.rpm rh-ruby26-ruby-devel-2.6.9-120.el7.ppc64le.rpm rh-ruby26-ruby-libs-2.6.9-120.el7.ppc64le.rpm rh-ruby26-rubygem-bigdecimal-1.4.1-120.el7.ppc64le.rpm rh-ruby26-rubygem-io-console-0.4.7-120.el7.ppc64le.rpm rh-ruby26-rubygem-json-2.1.0-120.el7.ppc64le.rpm rh-ruby26-rubygem-openssl-2.1.2-120.el7.ppc64le.rpm rh-ruby26-rubygem-psych-3.1.0-120.el7.ppc64le.rpm s390x: rh-ruby26-ruby-2.6.9-120.el7.s390x.rpm rh-ruby26-ruby-debuginfo-2.6.9-120.el7.s390x.rpm rh-ruby26-ruby-devel-2.6.9-120.el7.s390x.rpm rh-ruby26-ruby-libs-2.6.9-120.el7.s390x.rpm rh-ruby26-rubygem-bigdecimal-1.4.1-120.el7.s390x.rpm rh-ruby26-rubygem-io-console-0.4.7-120.el7.s390x.rpm rh-ruby26-rubygem-json-2.1.0-120.el7.s390x.rpm rh-ruby26-rubygem-openssl-2.1.2-120.el7.s390x.rpm rh-ruby26-rubygem-psych-3.1.0-120.el7.s390x.rpm x86_64: rh-ruby26-ruby-2.6.9-120.el7.x86_64.rpm rh-ruby26-ruby-debuginfo-2.6.9-120.el7.x86_64.rpm rh-ruby26-ruby-devel-2.6.9-120.el7.x86_64.rpm rh-ruby26-ruby-libs-2.6.9-120.el7.x86_64.rpm rh-ruby26-rubygem-bigdecimal-1.4.1-120.el7.x86_64.rpm rh-ruby26-rubygem-io-console-0.4.7-120.el7.x86_64.rpm rh-ruby26-rubygem-json-2.1.0-120.el7.x86_64.rpm rh-ruby26-rubygem-openssl-2.1.2-120.el7.x86_64.rpm rh-ruby26-rubygem-psych-3.1.0-120.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-ruby26-ruby-2.6.9-120.el7.src.rpm noarch: rh-ruby26-ruby-doc-2.6.9-120.el7.noarch.rpm rh-ruby26-rubygem-bundler-1.17.2-120.el7.noarch.rpm rh-ruby26-rubygem-did_you_mean-1.3.0-120.el7.noarch.rpm rh-ruby26-rubygem-irb-1.0.0-120.el7.noarch.rpm rh-ruby26-rubygem-minitest-5.11.3-120.el7.noarch.rpm rh-ruby26-rubygem-net-telnet-0.2.0-120.el7.noarch.rpm rh-ruby26-rubygem-power_assert-1.1.3-120.el7.noarch.rpm rh-ruby26-rubygem-rake-12.3.3-120.el7.noarch.rpm rh-ruby26-rubygem-rdoc-6.1.2.1-120.el7.noarch.rpm rh-ruby26-rubygem-test-unit-3.2.9-120.el7.noarch.rpm rh-ruby26-rubygem-xmlrpc-0.3.0-120.el7.noarch.rpm rh-ruby26-rubygems-3.0.3.1-120.el7.noarch.rpm rh-ruby26-rubygems-devel-3.0.3.1-120.el7.noarch.rpm x86_64: rh-ruby26-ruby-2.6.9-120.el7.x86_64.rpm rh-ruby26-ruby-debuginfo-2.6.9-120.el7.x86_64.rpm rh-ruby26-ruby-devel-2.6.9-120.el7.x86_64.rpm rh-ruby26-ruby-libs-2.6.9-120.el7.x86_64.rpm rh-ruby26-rubygem-bigdecimal-1.4.1-120.el7.x86_64.rpm rh-ruby26-rubygem-io-console-0.4.7-120.el7.x86_64.rpm rh-ruby26-rubygem-json-2.1.0-120.el7.x86_64.rpm rh-ruby26-rubygem-openssl-2.1.2-120.el7.x86_64.rpm rh-ruby26-rubygem-psych-3.1.0-120.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2020-36327 https://access.redhat.com/security/cve/CVE-2021-31799 https://access.redhat.com/security/cve/CVE-2021-31810 https://access.redhat.com/security/cve/CVE-2021-32066 https://access.redhat.com/security/cve/CVE-2021-41817 https://access.redhat.com/security/cve/CVE-2021-41819 https://access.redhat.com/security/updates/classification#important https://access.redhat.com/articles/6206172 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2022 Red Hat, Inc. -----BEGIN PGPSIGNATURE----- Version: GnuPG v1 iQIVAwUBYh1JE9zjgjWX9erEAQiv6Q/9E4LauLLMP/p+pUvFDQkm2bKT+eSfVY5y SgIClJSk6Usn9Jif2LBiwhXB7ZiTmfwwfXO75ntWN1uhiycgSjIuEgUaa2bLenlZ fa9Xp0m02h78HPXPO9tTHppOMt6pI+2OyYK1OPwO3unRdm37sgIjYDWrWfz/kKLo AOOgNa3QfaFZ0HSufm5sbu3T+2NJVzox9AGz456GE60Am92L/uNtKGCkHOpICktf Cf5Gljf+GOiPJeNqFqvrNdtWg8sVVG8pbPrBD6OdvmIng6H4HdzgGkig8Y4NKm9L AqzWsFuCBrQ4lu5RmDn3AC2Q6d2/UzphBob1NARJhEUAxij+97Gn56vEhFMYuxjK AId/MwCNdOWEnWp0Vg5F+hnYqthrT1eLgK7nrFmYo/PNwc2qKwXO4kbWzskDLhi5 PLm/TxW8RVPUeKgOzv5tAJ5fvjlRBj4UAbFeu154G72B6XUEyDq+eyxQu+ZtBuhL uJSbTbIE+4WDFymxMklpGjsCkzZwRBKoJf3tXblqNpGG44PPkbmvu7JhFZOxGfzS zA6z0Z5CJybNvLn9wVTA1+vKIMplGiyiAqOL9VJiXWTImQGNd8ds+pQ/S1LvKzNO Rj1B8sjb99+F88S5AmbfzYhvlpoz95sP8Ac1kd9VFPxrUF1Sm3Qbk4nk0y/n+eA5 fiDE0HO9KE8=C26z -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Urgent patch released for rh-ruby26-ruby tackling several vulnerabilities that could affect your Red Hat environment.. Ruby Security Update, Red Hat Advisory, Critical Security Fix, RHSA, Software Update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 28, 2022 Important Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryupdatered hat

Red Hat: RHSA-2021-2104-01 Moderate: rh-ruby25-ruby Security Fix

An update for rh-ruby25-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: rh-ruby25-ruby security, bug fix, and enhancement update Advisory ID: RHSA-2021:2104-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2021:2104 Issue date: 2021-05-25 CVE Names: CVE-2019-15845 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255 CVE-2020-10663 CVE-2020-10933 CVE-2020-25613 CVE-2021-28965 ==================================================================== 1. Summary: An update for rh-ruby25-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - noarch, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - noarch, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 3. Description: Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby25-ruby (2.5.9). (BZ#1952998) Security Fix(es): * ruby: NULinjection vulnerability of File.fnmatch and File.fnmatch? (CVE-2019-15845) * ruby: Regular expression denial of service vulnerability of WEBrick's Digest authentication (CVE-2019-16201) * ruby: Code injection via command argument of Shell#test / Shell#[] (CVE-2019-16255) * rubygem-json: Unsafe object creation vulnerability in JSON (CVE-2020-10663) * ruby: BasicSocket#read_nonblock method leads to information disclosure (CVE-2020-10933) * ruby: Potential HTTP request smuggling in WEBrick (CVE-2020-25613) * ruby: XML round-trip vulnerability in REXML (CVE-2021-28965) * ruby: HTTP response splitting in WEBrick (CVE-2019-16254) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * rh-ruby25-ruby: Resolv::DNS: timeouts if multiple IPv6 name servers are given and address contains leading zero [rhscl-3] (BZ#1953001) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1773728 - CVE-2019-16201 ruby: Regular expression denial of service vulnerability of WEBrick's Digest authentication 1789407 - CVE-2019-15845 ruby: NUL injection vulnerability of File.fnmatch and File.fnmatch? 1789556 - CVE-2019-16254 ruby: HTTP response splitting in WEBrick 1793683 - CVE-2019-16255 ruby: Code injection via command argument of Shell#test / Shell#[] 1827500 - CVE-2020-10663 rubygem-json: Unsafe object creation vulnerability in JSON 1833291 - CVE-2020-10933 ruby: BasicSocket#read_nonblock method leads to information disclosure 1883623 - CVE-2020-25613 ruby: Potential HTTP request smuggling in WEBrick 1947526 - CVE-2021-28965 ruby: XML round-trip vulnerability in REXML 1952998 - Rebase to the latest Ruby 2.5 point release [rhscl-3] [rhscl-3.6.z] 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server(v. 7): Source: rh-ruby25-ruby-2.5.9-9.el7.src.rpm noarch: rh-ruby25-ruby-doc-2.5.9-9.el7.noarch.rpm rh-ruby25-ruby-irb-2.5.9-9.el7.noarch.rpm rh-ruby25-rubygem-did_you_mean-1.2.0-9.el7.noarch.rpm rh-ruby25-rubygem-minitest-5.10.3-9.el7.noarch.rpm rh-ruby25-rubygem-net-telnet-0.1.1-9.el7.noarch.rpm rh-ruby25-rubygem-power_assert-1.1.1-9.el7.noarch.rpm rh-ruby25-rubygem-rake-12.3.3-9.el7.noarch.rpm rh-ruby25-rubygem-rdoc-6.0.1.1-9.el7.noarch.rpm rh-ruby25-rubygem-test-unit-3.2.7-9.el7.noarch.rpm rh-ruby25-rubygem-xmlrpc-0.3.0-9.el7.noarch.rpm rh-ruby25-rubygems-2.7.6.3-9.el7.noarch.rpm rh-ruby25-rubygems-devel-2.7.6.3-9.el7.noarch.rpm ppc64le: rh-ruby25-ruby-2.5.9-9.el7.ppc64le.rpm rh-ruby25-ruby-debuginfo-2.5.9-9.el7.ppc64le.rpm rh-ruby25-ruby-devel-2.5.9-9.el7.ppc64le.rpm rh-ruby25-ruby-libs-2.5.9-9.el7.ppc64le.rpm rh-ruby25-rubygem-bigdecimal-1.3.4-9.el7.ppc64le.rpm rh-ruby25-rubygem-io-console-0.4.6-9.el7.ppc64le.rpm rh-ruby25-rubygem-json-2.1.0-9.el7.ppc64le.rpm rh-ruby25-rubygem-openssl-2.1.2-9.el7.ppc64le.rpm rh-ruby25-rubygem-psych-3.0.2-9.el7.ppc64le.rpm s390x: rh-ruby25-ruby-2.5.9-9.el7.s390x.rpm rh-ruby25-ruby-debuginfo-2.5.9-9.el7.s390x.rpm rh-ruby25-ruby-devel-2.5.9-9.el7.s390x.rpm rh-ruby25-ruby-libs-2.5.9-9.el7.s390x.rpm rh-ruby25-rubygem-bigdecimal-1.3.4-9.el7.s390x.rpm rh-ruby25-rubygem-io-console-0.4.6-9.el7.s390x.rpm rh-ruby25-rubygem-json-2.1.0-9.el7.s390x.rpm rh-ruby25-rubygem-openssl-2.1.2-9.el7.s390x.rpm rh-ruby25-rubygem-psych-3.0.2-9.el7.s390x.rpm x86_64: rh-ruby25-ruby-2.5.9-9.el7.x86_64.rpm rh-ruby25-ruby-debuginfo-2.5.9-9.el7.x86_64.rpm rh-ruby25-ruby-devel-2.5.9-9.el7.x86_64.rpm rh-ruby25-ruby-libs-2.5.9-9.el7.x86_64.rpm rh-ruby25-rubygem-bigdecimal-1.3.4-9.el7.x86_64.rpm rh-ruby25-rubygem-io-console-0.4.6-9.el7.x86_64.rpm rh-ruby25-rubygem-json-2.1.0-9.el7.x86_64.rpm rh-ruby25-rubygem-openssl-2.1.2-9.el7.x86_64.rpm rh-ruby25-rubygem-psych-3.0.2-9.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.6): Source: rh-ruby25-ruby-2.5.9-9.el7.src.rpm noarch: rh-ruby25-ruby-doc-2.5.9-9.el7.noarch.rpm rh-ruby25-ruby-irb-2.5.9-9.el7.noarch.rpm rh-ruby25-rubygem-did_you_mean-1.2.0-9.el7.noarch.rpm rh-ruby25-rubygem-minitest-5.10.3-9.el7.noarch.rpm rh-ruby25-rubygem-net-telnet-0.1.1-9.el7.noarch.rpm rh-ruby25-rubygem-power_assert-1.1.1-9.el7.noarch.rpm rh-ruby25-rubygem-rake-12.3.3-9.el7.noarch.rpm rh-ruby25-rubygem-rdoc-6.0.1.1-9.el7.noarch.rpm rh-ruby25-rubygem-test-unit-3.2.7-9.el7.noarch.rpm rh-ruby25-rubygem-xmlrpc-0.3.0-9.el7.noarch.rpm rh-ruby25-rubygems-2.7.6.3-9.el7.noarch.rpm rh-ruby25-rubygems-devel-2.7.6.3-9.el7.noarch.rpm ppc64le: rh-ruby25-ruby-2.5.9-9.el7.ppc64le.rpm rh-ruby25-ruby-debuginfo-2.5.9-9.el7.ppc64le.rpm rh-ruby25-ruby-devel-2.5.9-9.el7.ppc64le.rpm rh-ruby25-ruby-libs-2.5.9-9.el7.ppc64le.rpm rh-ruby25-rubygem-bigdecimal-1.3.4-9.el7.ppc64le.rpm rh-ruby25-rubygem-io-console-0.4.6-9.el7.ppc64le.rpm rh-ruby25-rubygem-json-2.1.0-9.el7.ppc64le.rpm rh-ruby25-rubygem-openssl-2.1.2-9.el7.ppc64le.rpm rh-ruby25-rubygem-psych-3.0.2-9.el7.ppc64le.rpm s390x: rh-ruby25-ruby-2.5.9-9.el7.s390x.rpm rh-ruby25-ruby-debuginfo-2.5.9-9.el7.s390x.rpm rh-ruby25-ruby-devel-2.5.9-9.el7.s390x.rpm rh-ruby25-ruby-libs-2.5.9-9.el7.s390x.rpm rh-ruby25-rubygem-bigdecimal-1.3.4-9.el7.s390x.rpm rh-ruby25-rubygem-io-console-0.4.6-9.el7.s390x.rpm rh-ruby25-rubygem-json-2.1.0-9.el7.s390x.rpm rh-ruby25-rubygem-openssl-2.1.2-9.el7.s390x.rpm rh-ruby25-rubygem-psych-3.0.2-9.el7.s390x.rpm x86_64: rh-ruby25-ruby-2.5.9-9.el7.x86_64.rpm rh-ruby25-ruby-debuginfo-2.5.9-9.el7.x86_64.rpm rh-ruby25-ruby-devel-2.5.9-9.el7.x86_64.rpm rh-ruby25-ruby-libs-2.5.9-9.el7.x86_64.rpm rh-ruby25-rubygem-bigdecimal-1.3.4-9.el7.x86_64.rpm rh-ruby25-rubygem-io-console-0.4.6-9.el7.x86_64.rpm rh-ruby25-rubygem-json-2.1.0-9.el7.x86_64.rpm rh-ruby25-rubygem-openssl-2.1.2-9.el7.x86_64.rpm rh-ruby25-rubygem-psych-3.0.2-9.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.7): Source: rh-ruby25-ruby-2.5.9-9.el7.src.rpm noarch: rh-ruby25-ruby-doc-2.5.9-9.el7.noarch.rpm rh-ruby25-ruby-irb-2.5.9-9.el7.noarch.rpm rh-ruby25-rubygem-did_you_mean-1.2.0-9.el7.noarch.rpm rh-ruby25-rubygem-minitest-5.10.3-9.el7.noarch.rpm rh-ruby25-rubygem-net-telnet-0.1.1-9.el7.noarch.rpm rh-ruby25-rubygem-power_assert-1.1.1-9.el7.noarch.rpm rh-ruby25-rubygem-rake-12.3.3-9.el7.noarch.rpm rh-ruby25-rubygem-rdoc-6.0.1.1-9.el7.noarch.rpm rh-ruby25-rubygem-test-unit-3.2.7-9.el7.noarch.rpm rh-ruby25-rubygem-xmlrpc-0.3.0-9.el7.noarch.rpm rh-ruby25-rubygems-2.7.6.3-9.el7.noarch.rpm rh-ruby25-rubygems-devel-2.7.6.3-9.el7.noarch.rpm ppc64le: rh-ruby25-ruby-2.5.9-9.el7.ppc64le.rpm rh-ruby25-ruby-debuginfo-2.5.9-9.el7.ppc64le.rpm rh-ruby25-ruby-devel-2.5.9-9.el7.ppc64le.rpm rh-ruby25-ruby-libs-2.5.9-9.el7.ppc64le.rpm rh-ruby25-rubygem-bigdecimal-1.3.4-9.el7.ppc64le.rpm rh-ruby25-rubygem-io-console-0.4.6-9.el7.ppc64le.rpm rh-ruby25-rubygem-json-2.1.0-9.el7.ppc64le.rpm rh-ruby25-rubygem-openssl-2.1.2-9.el7.ppc64le.rpm rh-ruby25-rubygem-psych-3.0.2-9.el7.ppc64le.rpm s390x: rh-ruby25-ruby-2.5.9-9.el7.s390x.rpm rh-ruby25-ruby-debuginfo-2.5.9-9.el7.s390x.rpm rh-ruby25-ruby-devel-2.5.9-9.el7.s390x.rpm rh-ruby25-ruby-libs-2.5.9-9.el7.s390x.rpm rh-ruby25-rubygem-bigdecimal-1.3.4-9.el7.s390x.rpm rh-ruby25-rubygem-io-console-0.4.6-9.el7.s390x.rpm rh-ruby25-rubygem-json-2.1.0-9.el7.s390x.rpm rh-ruby25-rubygem-openssl-2.1.2-9.el7.s390x.rpm rh-ruby25-rubygem-psych-3.0.2-9.el7.s390x.rpm x86_64: rh-ruby25-ruby-2.5.9-9.el7.x86_64.rpm rh-ruby25-ruby-debuginfo-2.5.9-9.el7.x86_64.rpm rh-ruby25-ruby-devel-2.5.9-9.el7.x86_64.rpm rh-ruby25-ruby-libs-2.5.9-9.el7.x86_64.rpm rh-ruby25-rubygem-bigdecimal-1.3.4-9.el7.x86_64.rpm rh-ruby25-rubygem-io-console-0.4.6-9.el7.x86_64.rpm rh-ruby25-rubygem-json-2.1.0-9.el7.x86_64.rpm rh-ruby25-rubygem-openssl-2.1.2-9.el7.x86_64.rpm rh-ruby25-rubygem-psych-3.0.2-9.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v.7): Source: rh-ruby25-ruby-2.5.9-9.el7.src.rpm noarch: rh-ruby25-ruby-doc-2.5.9-9.el7.noarch.rpm rh-ruby25-ruby-irb-2.5.9-9.el7.noarch.rpm rh-ruby25-rubygem-did_you_mean-1.2.0-9.el7.noarch.rpm rh-ruby25-rubygem-minitest-5.10.3-9.el7.noarch.rpm rh-ruby25-rubygem-net-telnet-0.1.1-9.el7.noarch.rpm rh-ruby25-rubygem-power_assert-1.1.1-9.el7.noarch.rpm rh-ruby25-rubygem-rake-12.3.3-9.el7.noarch.rpm rh-ruby25-rubygem-rdoc-6.0.1.1-9.el7.noarch.rpm rh-ruby25-rubygem-test-unit-3.2.7-9.el7.noarch.rpm rh-ruby25-rubygem-xmlrpc-0.3.0-9.el7.noarch.rpm rh-ruby25-rubygems-2.7.6.3-9.el7.noarch.rpm rh-ruby25-rubygems-devel-2.7.6.3-9.el7.noarch.rpm x86_64: rh-ruby25-ruby-2.5.9-9.el7.x86_64.rpm rh-ruby25-ruby-debuginfo-2.5.9-9.el7.x86_64.rpm rh-ruby25-ruby-devel-2.5.9-9.el7.x86_64.rpm rh-ruby25-ruby-libs-2.5.9-9.el7.x86_64.rpm rh-ruby25-rubygem-bigdecimal-1.3.4-9.el7.x86_64.rpm rh-ruby25-rubygem-io-console-0.4.6-9.el7.x86_64.rpm rh-ruby25-rubygem-json-2.1.0-9.el7.x86_64.rpm rh-ruby25-rubygem-openssl-2.1.2-9.el7.x86_64.rpm rh-ruby25-rubygem-psych-3.0.2-9.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-15845 https://access.redhat.com/security/cve/CVE-2019-16201 https://access.redhat.com/security/cve/CVE-2019-16254 https://access.redhat.com/security/cve/CVE-2019-16255 https://access.redhat.com/security/cve/CVE-2020-10663 https://access.redhat.com/security/cve/CVE-2020-10933 https://access.redhat.com/security/cve/CVE-2020-25613 https://access.redhat.com/security/cve/CVE-2021-28965 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYKz4Z9zjgjWX9erEAQiSGhAAolhk0URp2zYTGrVhSmNdAVBtSoAd6btc ddv/r5SiXmDuIVM9yUYeLkG62c0cLJOEKENN5ejBg0okwi4sEyd0qOQOEEGB0hSb qGtsePb5k8qDrS8jadaYBldgEhzE9wOKpZHet5+P+NPVTlLmbwNs7feeP5pTjoiv tacVQgkEsyNyQk1EtOm7IZpdoYwc2oQcA490c3ydG+LKBC/Sw6y3UeugEc1uhQl4 Da0VzGlK3wBd33hT5Sr/8hYZsjUUGKTUmmyuWomN3oJJzxCO3JEj0MY1P9O5ADmN 3KQ8jOe4eYW9XK51JqUoKuSLViTNiZLYUiNJmG7jEh1/aRcbPSm4wns467vb9xzC zaAhS4vXnLSTJw7sUrAqudN+pvmH9qcHJ3/RtSaYOQNU01uyy6r2XTSXcOXKmkYa qBv3WmxnPgRR9H2jczj9Qvnqt7TjhiTE1sceAPDEmUY00TFC4hmcons3vleqxI1s nJi5oKmns3+POTiurLDkoiK5wVY2Uexos8D5sA7PsKIuve3UNeOOzm6OVRp60eqF MusHiyR0SG+C2cICx1zog5Z2k1FSI0s/yGprY61qxZAsA+znaJeAFCjlDJPoeoTK lfBP2x/L7KD40pq2LmuE8Y3oEHeF4D5K5yCXJIFxKHrCUFafD++U8GzXd2vjWTxu VVreNcSVN/E=m8n+ -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://listman.redhat.com/mailman/listinfo/rhsa-announce . Safety patch for rh-ruby25-ruby classified as moderate significance, resolving various security vulnerabilities and operational bugs. Refer to the specifics.. rh-ruby25-ruby, Moderate Impact Update, Red Hat Advisory, Ruby Security Fix, Software Collection. . LinuxSecurity.com Team

Calendar 2 May 25, 2021 Red Hat
Banner 2 1028x280 1708121730 1 1771599631
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity issuebug fix

Red Hat: RHSA-2020-2265-01 Moderate: rh-haproxy18-haproxy Security Issue

An update for rh-haproxy18-haproxy is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: rh-haproxy18-haproxy security, bug fix, and enhancement update Advisory ID: RHSA-2020:2265-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2020:2265 Issue date: 2020-05-26 CVE Names: CVE-2019-18277 CVE-2019-19330 ==================================================================== 1. Summary: An update for rh-haproxy18-haproxy is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. The following packages have been upgraded to a later upstream version: rh-haproxy18-haproxy (1.8.24). (BZ#1774747) Security Fix(es): * haproxy: HTTP request smuggling issue with transfer-encoding header containing an obfuscated "chunked" value (CVE-2019-18277) * haproxy: HTTP/2 implementation vulnerable to intermediary encapsulation attacks (CVE-2019-19330) For more detailsabout the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Software Collections 3.5 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1759697 - CVE-2019-18277 haproxy: HTTP request smuggling issue with transfer-encoding header containing an obfuscated "chunked" value 1774747 - Rebase rhscl/haproxy to latest upstream for RHSCL 3.5 1777584 - CVE-2019-19330 haproxy: HTTP/2 implementation vulnerable to intermediary encapsulation attacks 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-haproxy18-haproxy-1.8.24-2.el7.src.rpm x86_64: rh-haproxy18-haproxy-1.8.24-2.el7.x86_64.rpm rh-haproxy18-haproxy-debuginfo-1.8.24-2.el7.x86_64.rpm rh-haproxy18-haproxy-syspaths-1.8.24-2.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6): Source: rh-haproxy18-haproxy-1.8.24-2.el7.src.rpm x86_64: rh-haproxy18-haproxy-1.8.24-2.el7.x86_64.rpm rh-haproxy18-haproxy-debuginfo-1.8.24-2.el7.x86_64.rpm rh-haproxy18-haproxy-syspaths-1.8.24-2.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7): Source: rh-haproxy18-haproxy-1.8.24-2.el7.src.rpm x86_64: rh-haproxy18-haproxy-1.8.24-2.el7.x86_64.rpm rh-haproxy18-haproxy-debuginfo-1.8.24-2.el7.x86_64.rpm rh-haproxy18-haproxy-syspaths-1.8.24-2.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-haproxy18-haproxy-1.8.24-2.el7.src.rpm x86_64: rh-haproxy18-haproxy-1.8.24-2.el7.x86_64.rpm rh-haproxy18-haproxy-debuginfo-1.8.24-2.el7.x86_64.rpm rh-haproxy18-haproxy-syspaths-1.8.24-2.el7.x86_64.rpm Thesepackages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-18277 https://access.redhat.com/security/cve/CVE-2019-19330 https://access.redhat.com/security/updates/classification/#moderate https://docs.redhat.com/en/documentation/red_hat_software_collections/3/html/3.5_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXszG49zjgjWX9erEAQigaxAAj6HXBsWFK9Yk6JfuJMPUUdxVq0e4spZS GscUoW8SRvEwBjoSb+ZFEJJ4kdkTUA9+0W5Oh0FYKhue0OUYDYP5XQiuxVBdLoKE mpcxudma3FVAnoDwVW1ooxB80zgND6q3prWrJMDI/djBDsblkfZCRrkWybc15i6n B74pnOSkvbwUcgZmeBRhmpMsT7NRYyQM/9JvKE4DxymEZ7REDJ+PVpEeMETmIbl+ jooJ6iEJitxtyVi7QKgIrrlNJf91aqpb9yvISkSX3E6x/zknJ/+FTPiYxoqbCrN2 PrYCUhCqI1OUHjLqPVB9crbW50qb7lXn2r/jjY34nPY+sQNjZzw3haHwoNFC6YRI f6ztjX3pcHnzLVPhtHb3Ma7TFXHiVOrGROeGfTGjWtby0+30ass1AF+v8sulUHOD hMuh15TIvuii0oDwe+YYs0bzmnZfTGRftO6f/NvoakXtnmwEFUn5WgP438BDqE/f GJUoMS0Kqu6ddztQlh4yuyzWJS/l80eo5LLlDxSpInKEQGll1h5cBktahp4ZOBCC I4RYaqwNuBOf+j5mKxbRD92DgCCqRseikwwn8hEjqGZf+tJQiraUScjXz8P3FvEg jhwgThbEXozyAq+1ryaund5sZ4DLo+rjfDX8mATkkPWQ69J5WuHPuJvDyc2b3zin cbAzdDyvKM0=S7eI -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Explore Red Hat's Security Advisory RHSA-2021:1234-01 regarding rh-haproxy18-haproxy, which tackles various identified vulnerabilities.. Red Hat Advisory, rh-haproxy, security update, vulnerability report, bug fixes. . LinuxSecurity.com Team

Calendar 2 May 26, 2020 Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryimportantsecurity impact

RedHat: RHSA-2019-4317-01 Important Update: Beanutils Security Fix

An update for rh-maven35-apache-commons-beanutils is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: rh-maven35-apache-commons-beanutils security update Advisory ID: RHSA-2019:4317-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2019:4317 Issue date: 2019-12-18 CVE Names: CVE-2019-10086 ==================================================================== 1. Summary: An update for rh-maven35-apache-commons-beanutils is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch 3. Description: The rh-maven35-apache-commons-beanutils package provides Java utility methods for accessing and modifying properties of arbitrary JavaBeans. Security Fix(es): * apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default (CVE-2019-10086) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other relatedinformation, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1767483 - CVE-2019-10086 apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-maven35-apache-commons-beanutils-1.9.3-2.3.el7.src.rpm noarch: rh-maven35-apache-commons-beanutils-1.9.3-2.3.el7.noarch.rpm rh-maven35-apache-commons-beanutils-javadoc-1.9.3-2.3.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-maven35-apache-commons-beanutils-1.9.3-2.3.el7.src.rpm noarch: rh-maven35-apache-commons-beanutils-1.9.3-2.3.el7.noarch.rpm rh-maven35-apache-commons-beanutils-javadoc-1.9.3-2.3.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5): Source: rh-maven35-apache-commons-beanutils-1.9.3-2.3.el7.src.rpm noarch: rh-maven35-apache-commons-beanutils-1.9.3-2.3.el7.noarch.rpm rh-maven35-apache-commons-beanutils-javadoc-1.9.3-2.3.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6): Source: rh-maven35-apache-commons-beanutils-1.9.3-2.3.el7.src.rpm noarch: rh-maven35-apache-commons-beanutils-1.9.3-2.3.el7.noarch.rpm rh-maven35-apache-commons-beanutils-javadoc-1.9.3-2.3.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7): Source: rh-maven35-apache-commons-beanutils-1.9.3-2.3.el7.src.rpm noarch: rh-maven35-apache-commons-beanutils-1.9.3-2.3.el7.noarch.rpm rh-maven35-apache-commons-beanutils-javadoc-1.9.3-2.3.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v.7): Source: rh-maven35-apache-commons-beanutils-1.9.3-2.3.el7.src.rpm noarch: rh-maven35-apache-commons-beanutils-1.9.3-2.3.el7.noarch.rpm rh-maven35-apache-commons-beanutils-javadoc-1.9.3-2.3.el7.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-10086 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXfpF/tzjgjWX9erEAQiGCA/9Ewr7O2skn0CNbTHeDp+grKWdY59+QZpD mhx7WNj18kf6qimFrssC1x/jffqLOHQs70OkxU9cmg0XlvvnHtGqkgwQiOUSYHip PZjuy+xYZ6TvCmTWWpgV4RKvVL+9WqiW3B7Y0y40DRKerD2y9I6mBTYIGNn2uOK1 O0zfXJkztToPR3n63gB42LphiuNLRhhGal+lwWV5v2pjxi2m7vYp21hZspdMzDAo QMHJV6vnz+8lbtfvUCx9NM+JBkBY8UFGlxKf4bQZQUYCGcNCyndB0NaXJKGnEzJe qvtBYEmlZtr99Jv73SJtu8zavO9feBwfr7Jn3y1uHyK23bnqdtz3ufvUu9jKeY9v hv7uGduZu5n6axf28f+FLBpSVo6zBQh9Q3CNP3OB0s4cKQ6f3NNg1V+TF9TIDNkC UJ03Mv3okC+/9dua+vKGBuw8KnAk7Yi8w8oz1soV94XHpN4BZoxejXcUbSSHTe4F H+Bqu5Fncyc92NrRMPKfE0d5EnYTo+suW/RCnJUlrRmPrXCrylLfSfZiu9OnG7Bn vxLN94xjPAHSZd7IEfEvcPHuCcC+xhrhCqOuv6hQB2UQqH6QQnNbRX4NTGP5IkWd kj6BcIYb66DByeqT/7x1PLhpc9GrTLpruTUBWxzn0wE0ocbpTGEFB9XgFkp3JtIM DK4zqdPIZpM=q1r7 -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Critical security patch for rh-maven35-apache-commons-collections released. Address CVE-2020-1938 immediately.. Red Hat Software Collections,rh-maven35-apache-commons-beanutils,security advisory. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Dec 18, 2019 Important Red Hat
Banner 2 1028x280 1708121730 1 1771599631
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryred hatsoftware update

RedHat: RHSA-2019-0806 Important: python27-python Information Disclosure

An update for python27-python is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: python27-python security update Advisory ID: RHSA-2019:0806-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2019:0806 Issue date: 2019-04-23 CVE Names: CVE-2019-9636 ==================================================================== 1. Summary: An update for python27-python is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - ppc64le, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4) - ppc64le, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5) - ppc64le, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - ppc64le, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as tovarious windowing systems. Security Fix(es): * python: Information Disclosure due to urlsplit improper NFKC normalization (CVE-2019-9636) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1688543 - CVE-2019-9636 python: Information Disclosure due to urlsplit improper NFKC normalization 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6): Source: python27-python-2.7.13-4.el6.src.rpm x86_64: python27-python-2.7.13-4.el6.x86_64.rpm python27-python-debug-2.7.13-4.el6.x86_64.rpm python27-python-debuginfo-2.7.13-4.el6.x86_64.rpm python27-python-devel-2.7.13-4.el6.x86_64.rpm python27-python-libs-2.7.13-4.el6.x86_64.rpm python27-python-test-2.7.13-4.el6.x86_64.rpm python27-python-tools-2.7.13-4.el6.x86_64.rpm python27-tkinter-2.7.13-4.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6): Source: python27-python-2.7.13-4.el6.src.rpm x86_64: python27-python-2.7.13-4.el6.x86_64.rpm python27-python-debug-2.7.13-4.el6.x86_64.rpm python27-python-debuginfo-2.7.13-4.el6.x86_64.rpm python27-python-devel-2.7.13-4.el6.x86_64.rpm python27-python-libs-2.7.13-4.el6.x86_64.rpm python27-python-test-2.7.13-4.el6.x86_64.rpm python27-python-tools-2.7.13-4.el6.x86_64.rpm python27-tkinter-2.7.13-4.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v.7): Source: python27-python-2.7.13-6.el7.src.rpm ppc64le: python27-python-2.7.13-6.el7.ppc64le.rpm python27-python-debug-2.7.13-6.el7.ppc64le.rpm python27-python-debuginfo-2.7.13-6.el7.ppc64le.rpm python27-python-devel-2.7.13-6.el7.ppc64le.rpm python27-python-libs-2.7.13-6.el7.ppc64le.rpm python27-python-test-2.7.13-6.el7.ppc64le.rpm python27-python-tools-2.7.13-6.el7.ppc64le.rpm python27-tkinter-2.7.13-6.el7.ppc64le.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: python27-python-2.7.13-6.el7.src.rpm ppc64le: python27-python-2.7.13-6.el7.ppc64le.rpm python27-python-debug-2.7.13-6.el7.ppc64le.rpm python27-python-debuginfo-2.7.13-6.el7.ppc64le.rpm python27-python-devel-2.7.13-6.el7.ppc64le.rpm python27-python-libs-2.7.13-6.el7.ppc64le.rpm python27-python-test-2.7.13-6.el7.ppc64le.rpm python27-python-tools-2.7.13-6.el7.ppc64le.rpm python27-tkinter-2.7.13-6.el7.ppc64le.rpm x86_64: python27-python-2.7.13-6.el7.x86_64.rpm python27-python-debug-2.7.13-6.el7.x86_64.rpm python27-python-debuginfo-2.7.13-6.el7.x86_64.rpm python27-python-devel-2.7.13-6.el7.x86_64.rpm python27-python-libs-2.7.13-6.el7.x86_64.rpm python27-python-test-2.7.13-6.el7.x86_64.rpm python27-python-tools-2.7.13-6.el7.x86_64.rpm python27-tkinter-2.7.13-6.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.4): Source: python27-python-2.7.13-6.el7.src.rpm ppc64le: python27-python-2.7.13-6.el7.ppc64le.rpm python27-python-debug-2.7.13-6.el7.ppc64le.rpm python27-python-debuginfo-2.7.13-6.el7.ppc64le.rpm python27-python-devel-2.7.13-6.el7.ppc64le.rpm python27-python-libs-2.7.13-6.el7.ppc64le.rpm python27-python-test-2.7.13-6.el7.ppc64le.rpm python27-python-tools-2.7.13-6.el7.ppc64le.rpm python27-tkinter-2.7.13-6.el7.ppc64le.rpm x86_64: python27-python-2.7.13-6.el7.x86_64.rpm python27-python-debug-2.7.13-6.el7.x86_64.rpm python27-python-debuginfo-2.7.13-6.el7.x86_64.rpm python27-python-devel-2.7.13-6.el7.x86_64.rpm python27-python-libs-2.7.13-6.el7.x86_64.rpm python27-python-test-2.7.13-6.el7.x86_64.rpm python27-python-tools-2.7.13-6.el7.x86_64.rpm python27-tkinter-2.7.13-6.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5): Source: python27-python-2.7.13-6.el7.src.rpm ppc64le: python27-python-2.7.13-6.el7.ppc64le.rpm python27-python-debug-2.7.13-6.el7.ppc64le.rpm python27-python-debuginfo-2.7.13-6.el7.ppc64le.rpm python27-python-devel-2.7.13-6.el7.ppc64le.rpm python27-python-libs-2.7.13-6.el7.ppc64le.rpm python27-python-test-2.7.13-6.el7.ppc64le.rpm python27-python-tools-2.7.13-6.el7.ppc64le.rpm python27-tkinter-2.7.13-6.el7.ppc64le.rpm x86_64: python27-python-2.7.13-6.el7.x86_64.rpm python27-python-debug-2.7.13-6.el7.x86_64.rpm python27-python-debuginfo-2.7.13-6.el7.x86_64.rpm python27-python-devel-2.7.13-6.el7.x86_64.rpm python27-python-libs-2.7.13-6.el7.x86_64.rpm python27-python-test-2.7.13-6.el7.x86_64.rpm python27-python-tools-2.7.13-6.el7.x86_64.rpm python27-tkinter-2.7.13-6.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.6): Source: python27-python-2.7.13-6.el7.src.rpm ppc64le: python27-python-2.7.13-6.el7.ppc64le.rpm python27-python-debug-2.7.13-6.el7.ppc64le.rpm python27-python-debuginfo-2.7.13-6.el7.ppc64le.rpm python27-python-devel-2.7.13-6.el7.ppc64le.rpm python27-python-libs-2.7.13-6.el7.ppc64le.rpm python27-python-test-2.7.13-6.el7.ppc64le.rpm python27-python-tools-2.7.13-6.el7.ppc64le.rpm python27-tkinter-2.7.13-6.el7.ppc64le.rpm x86_64: python27-python-2.7.13-6.el7.x86_64.rpm python27-python-debug-2.7.13-6.el7.x86_64.rpm python27-python-debuginfo-2.7.13-6.el7.x86_64.rpm python27-python-devel-2.7.13-6.el7.x86_64.rpm python27-python-libs-2.7.13-6.el7.x86_64.rpm python27-python-test-2.7.13-6.el7.x86_64.rpm python27-python-tools-2.7.13-6.el7.x86_64.rpm python27-tkinter-2.7.13-6.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: python27-python-2.7.13-6.el7.src.rpm x86_64: python27-python-2.7.13-6.el7.x86_64.rpm python27-python-debug-2.7.13-6.el7.x86_64.rpm python27-python-debuginfo-2.7.13-6.el7.x86_64.rpm python27-python-devel-2.7.13-6.el7.x86_64.rpm python27-python-libs-2.7.13-6.el7.x86_64.rpm python27-python-test-2.7.13-6.el7.x86_64.rpm python27-python-tools-2.7.13-6.el7.x86_64.rpm python27-tkinter-2.7.13-6.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-9636 https://access.redhat.com/security/updates/classification/#important https://bugs.python.org/issue36216 https://python-security.readthedocs.io/vuln/urlsplit-nfkc-normalization.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBXL75l9zjgjWX9erEAQhWpg//fj1jlLjYEWFRNROGFJTMVdEGZwlhNjkl i2ccl9KUE2uI08GdB33WWIjB986ZWMCMxckpFrixQQ4CNmMUs2VmKE4RJWeZHDO1 OCokO0+mcnDyb2Y3eMYTet6chpInpNLF+fA60FHD9AC35/EkOZqljsF4R5KiE7dz zFzZCGZPxaGkEx5VUyjVfSgsf0+bsEcCuFPWolTqP/QivgX6z1col4U6Hn3Spnxn Z7tQNWCztKl4AkonI2pk85d41AjImW39H8lGqSR4oEXo2g3wlRtUxgO7bxmYlmDu IT9nHQwosGOzyyRJr8Vw3q++2IFk69iZjVVIBWTjH9SBuDxO+37fU1on86mwzhB0 93NaA4er+rkC/sbxLFa6BApTpIR2MbW6nn/R+PzfQP+B8OdtHoE0SjDyWbukLkZC ZbACgzcS8585jHUjszcIXXOrPNCgosfeyQo+dwHxhS7CoD5IZASBpKrjxcLnAcON bZDD7n+1Pc9LKp7QC4LBfp5D+giZ3h0jAH/G2Go+cOwRzKnerPEG5Cuhxk4P0t0I R/ug2i05FTD4iyHf9WAIhOJy06uv+CknWBBRTCFsiZmzDO3pUn7I0cqqOtMh91eA 1SJ3RI4ebz3RTNIkhGOUSaI6krHl/yh4mVb0PAsaiGE3zSRxJip3Bt4Ew9d5+v5P Ch7pcZNPWj4=0Fjz -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . A critical patch has been released for python27-python in Red Hat Software Collections to address potential data leaks.. python security update, red hat software collections, python27 security advisory. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 23, 2019 Important Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryarbitrary code executionsecurity fix

Red Hat: RHSA-2018-3541-01 Important: Git Update for Security Risk

An update for rh-git29-git is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: rh-git29-git security update Advisory ID: RHSA-2018:3541-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2018:3541 Issue date: 2018-11-12 CVE Names: CVE-2018-17456 ==================================================================== 1. Summary: An update for rh-git29-git is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3) - noarch, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4) - noarch, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5) - noarch, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 3. Description: Git is a distributed revision control system with adecentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Security Fix(es): * git: arbitrary code execution via .gitmodules (CVE-2018-17456) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1636619 - CVE-2018-17456 git: arbitrary code execution via .gitmodules 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6): Source: rh-git29-git-2.9.3-7.el6.src.rpm noarch: rh-git29-emacs-git-2.9.3-7.el6.noarch.rpm rh-git29-emacs-git-el-2.9.3-7.el6.noarch.rpm rh-git29-git-all-2.9.3-7.el6.noarch.rpm rh-git29-git-cvs-2.9.3-7.el6.noarch.rpm rh-git29-git-email-2.9.3-7.el6.noarch.rpm rh-git29-git-gui-2.9.3-7.el6.noarch.rpm rh-git29-git-p4-2.9.3-7.el6.noarch.rpm rh-git29-gitk-2.9.3-7.el6.noarch.rpm rh-git29-gitweb-2.9.3-7.el6.noarch.rpm rh-git29-perl-Git-2.9.3-7.el6.noarch.rpm rh-git29-perl-Git-SVN-2.9.3-7.el6.noarch.rpm x86_64: rh-git29-git-2.9.3-7.el6.x86_64.rpm rh-git29-git-core-2.9.3-7.el6.x86_64.rpm rh-git29-git-core-doc-2.9.3-7.el6.x86_64.rpm rh-git29-git-daemon-2.9.3-7.el6.x86_64.rpm rh-git29-git-debuginfo-2.9.3-7.el6.x86_64.rpm rh-git29-git-svn-2.9.3-7.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.6.7): Source: rh-git29-git-2.9.3-7.el6.src.rpm noarch: rh-git29-emacs-git-2.9.3-7.el6.noarch.rpm rh-git29-emacs-git-el-2.9.3-7.el6.noarch.rpm rh-git29-git-all-2.9.3-7.el6.noarch.rpm rh-git29-git-cvs-2.9.3-7.el6.noarch.rpm rh-git29-git-email-2.9.3-7.el6.noarch.rpm rh-git29-git-gui-2.9.3-7.el6.noarch.rpm rh-git29-git-p4-2.9.3-7.el6.noarch.rpm rh-git29-gitk-2.9.3-7.el6.noarch.rpm rh-git29-gitweb-2.9.3-7.el6.noarch.rpm rh-git29-perl-Git-2.9.3-7.el6.noarch.rpm rh-git29-perl-Git-SVN-2.9.3-7.el6.noarch.rpm x86_64: rh-git29-git-2.9.3-7.el6.x86_64.rpm rh-git29-git-core-2.9.3-7.el6.x86_64.rpm rh-git29-git-core-doc-2.9.3-7.el6.x86_64.rpm rh-git29-git-daemon-2.9.3-7.el6.x86_64.rpm rh-git29-git-debuginfo-2.9.3-7.el6.x86_64.rpm rh-git29-git-svn-2.9.3-7.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6): Source: rh-git29-git-2.9.3-7.el6.src.rpm noarch: rh-git29-emacs-git-2.9.3-7.el6.noarch.rpm rh-git29-emacs-git-el-2.9.3-7.el6.noarch.rpm rh-git29-git-all-2.9.3-7.el6.noarch.rpm rh-git29-git-cvs-2.9.3-7.el6.noarch.rpm rh-git29-git-email-2.9.3-7.el6.noarch.rpm rh-git29-git-gui-2.9.3-7.el6.noarch.rpm rh-git29-git-p4-2.9.3-7.el6.noarch.rpm rh-git29-gitk-2.9.3-7.el6.noarch.rpm rh-git29-gitweb-2.9.3-7.el6.noarch.rpm rh-git29-perl-Git-2.9.3-7.el6.noarch.rpm rh-git29-perl-Git-SVN-2.9.3-7.el6.noarch.rpm x86_64: rh-git29-git-2.9.3-7.el6.x86_64.rpm rh-git29-git-core-2.9.3-7.el6.x86_64.rpm rh-git29-git-core-doc-2.9.3-7.el6.x86_64.rpm rh-git29-git-daemon-2.9.3-7.el6.x86_64.rpm rh-git29-git-debuginfo-2.9.3-7.el6.x86_64.rpm rh-git29-git-svn-2.9.3-7.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v.7): Source: rh-git29-git-2.9.3-8.el7.src.rpm aarch64: rh-git29-git-2.9.3-8.el7.aarch64.rpm rh-git29-git-core-2.9.3-8.el7.aarch64.rpm rh-git29-git-core-doc-2.9.3-8.el7.aarch64.rpm rh-git29-git-daemon-2.9.3-8.el7.aarch64.rpm rh-git29-git-debuginfo-2.9.3-8.el7.aarch64.rpm rh-git29-git-svn-2.9.3-8.el7.aarch64.rpm noarch: rh-git29-git-all-2.9.3-8.el7.noarch.rpm rh-git29-git-cvs-2.9.3-8.el7.noarch.rpm rh-git29-git-email-2.9.3-8.el7.noarch.rpm rh-git29-git-gui-2.9.3-8.el7.noarch.rpm rh-git29-git-p4-2.9.3-8.el7.noarch.rpm rh-git29-gitk-2.9.3-8.el7.noarch.rpm rh-git29-gitweb-2.9.3-8.el7.noarch.rpm rh-git29-perl-Git-2.9.3-8.el7.noarch.rpm rh-git29-perl-Git-SVN-2.9.3-8.el7.noarch.rpm ppc64le: rh-git29-git-2.9.3-8.el7.ppc64le.rpm rh-git29-git-core-2.9.3-8.el7.ppc64le.rpm rh-git29-git-core-doc-2.9.3-8.el7.ppc64le.rpm rh-git29-git-daemon-2.9.3-8.el7.ppc64le.rpm rh-git29-git-debuginfo-2.9.3-8.el7.ppc64le.rpm rh-git29-git-svn-2.9.3-8.el7.ppc64le.rpm s390x: rh-git29-git-2.9.3-8.el7.s390x.rpm rh-git29-git-core-2.9.3-8.el7.s390x.rpm rh-git29-git-core-doc-2.9.3-8.el7.s390x.rpm rh-git29-git-daemon-2.9.3-8.el7.s390x.rpm rh-git29-git-debuginfo-2.9.3-8.el7.s390x.rpm rh-git29-git-svn-2.9.3-8.el7.s390x.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v.7): Source: rh-git29-git-2.9.3-8.el7.src.rpm aarch64: rh-git29-git-2.9.3-8.el7.aarch64.rpm rh-git29-git-core-2.9.3-8.el7.aarch64.rpm rh-git29-git-core-doc-2.9.3-8.el7.aarch64.rpm rh-git29-git-daemon-2.9.3-8.el7.aarch64.rpm rh-git29-git-debuginfo-2.9.3-8.el7.aarch64.rpm rh-git29-git-svn-2.9.3-8.el7.aarch64.rpm noarch: rh-git29-git-all-2.9.3-8.el7.noarch.rpm rh-git29-git-cvs-2.9.3-8.el7.noarch.rpm rh-git29-git-email-2.9.3-8.el7.noarch.rpm rh-git29-git-gui-2.9.3-8.el7.noarch.rpm rh-git29-git-p4-2.9.3-8.el7.noarch.rpm rh-git29-gitk-2.9.3-8.el7.noarch.rpm rh-git29-gitweb-2.9.3-8.el7.noarch.rpm rh-git29-perl-Git-2.9.3-8.el7.noarch.rpm rh-git29-perl-Git-SVN-2.9.3-8.el7.noarch.rpm ppc64le: rh-git29-git-2.9.3-8.el7.ppc64le.rpm rh-git29-git-core-2.9.3-8.el7.ppc64le.rpm rh-git29-git-core-doc-2.9.3-8.el7.ppc64le.rpm rh-git29-git-daemon-2.9.3-8.el7.ppc64le.rpm rh-git29-git-debuginfo-2.9.3-8.el7.ppc64le.rpm rh-git29-git-svn-2.9.3-8.el7.ppc64le.rpm s390x: rh-git29-git-2.9.3-8.el7.s390x.rpm rh-git29-git-core-2.9.3-8.el7.s390x.rpm rh-git29-git-core-doc-2.9.3-8.el7.s390x.rpm rh-git29-git-daemon-2.9.3-8.el7.s390x.rpm rh-git29-git-debuginfo-2.9.3-8.el7.s390x.rpm rh-git29-git-svn-2.9.3-8.el7.s390x.rpm x86_64: rh-git29-git-2.9.3-8.el7.x86_64.rpm rh-git29-git-core-2.9.3-8.el7.x86_64.rpm rh-git29-git-core-doc-2.9.3-8.el7.x86_64.rpm rh-git29-git-daemon-2.9.3-8.el7.x86_64.rpm rh-git29-git-debuginfo-2.9.3-8.el7.x86_64.rpm rh-git29-git-svn-2.9.3-8.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.3): Source: rh-git29-git-2.9.3-8.el7.src.rpm noarch: rh-git29-git-all-2.9.3-8.el7.noarch.rpm rh-git29-git-cvs-2.9.3-8.el7.noarch.rpm rh-git29-git-email-2.9.3-8.el7.noarch.rpm rh-git29-git-gui-2.9.3-8.el7.noarch.rpm rh-git29-git-p4-2.9.3-8.el7.noarch.rpm rh-git29-gitk-2.9.3-8.el7.noarch.rpm rh-git29-gitweb-2.9.3-8.el7.noarch.rpm rh-git29-perl-Git-2.9.3-8.el7.noarch.rpm rh-git29-perl-Git-SVN-2.9.3-8.el7.noarch.rpm ppc64le: rh-git29-git-2.9.3-8.el7.ppc64le.rpm rh-git29-git-core-2.9.3-8.el7.ppc64le.rpm rh-git29-git-core-doc-2.9.3-8.el7.ppc64le.rpm rh-git29-git-daemon-2.9.3-8.el7.ppc64le.rpm rh-git29-git-debuginfo-2.9.3-8.el7.ppc64le.rpm rh-git29-git-svn-2.9.3-8.el7.ppc64le.rpm s390x: rh-git29-git-2.9.3-8.el7.s390x.rpm rh-git29-git-core-2.9.3-8.el7.s390x.rpm rh-git29-git-core-doc-2.9.3-8.el7.s390x.rpm rh-git29-git-daemon-2.9.3-8.el7.s390x.rpm rh-git29-git-debuginfo-2.9.3-8.el7.s390x.rpm rh-git29-git-svn-2.9.3-8.el7.s390x.rpm x86_64: rh-git29-git-2.9.3-8.el7.x86_64.rpm rh-git29-git-core-2.9.3-8.el7.x86_64.rpm rh-git29-git-core-doc-2.9.3-8.el7.x86_64.rpm rh-git29-git-daemon-2.9.3-8.el7.x86_64.rpm rh-git29-git-debuginfo-2.9.3-8.el7.x86_64.rpm rh-git29-git-svn-2.9.3-8.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.4): Source: rh-git29-git-2.9.3-6.el7.src.rpm noarch: rh-git29-git-all-2.9.3-6.el7.noarch.rpm rh-git29-git-cvs-2.9.3-6.el7.noarch.rpm rh-git29-git-email-2.9.3-6.el7.noarch.rpm rh-git29-git-gui-2.9.3-6.el7.noarch.rpm rh-git29-git-p4-2.9.3-6.el7.noarch.rpm rh-git29-gitk-2.9.3-6.el7.noarch.rpm rh-git29-gitweb-2.9.3-6.el7.noarch.rpm rh-git29-perl-Git-2.9.3-6.el7.noarch.rpm rh-git29-perl-Git-SVN-2.9.3-6.el7.noarch.rpm ppc64le: rh-git29-git-2.9.3-6.el7.ppc64le.rpm rh-git29-git-core-2.9.3-6.el7.ppc64le.rpm rh-git29-git-core-doc-2.9.3-6.el7.ppc64le.rpm rh-git29-git-daemon-2.9.3-6.el7.ppc64le.rpm rh-git29-git-debuginfo-2.9.3-6.el7.ppc64le.rpm rh-git29-git-svn-2.9.3-6.el7.ppc64le.rpm s390x: rh-git29-git-2.9.3-6.el7.s390x.rpm rh-git29-git-core-2.9.3-6.el7.s390x.rpm rh-git29-git-core-doc-2.9.3-6.el7.s390x.rpm rh-git29-git-daemon-2.9.3-6.el7.s390x.rpm rh-git29-git-debuginfo-2.9.3-6.el7.s390x.rpm rh-git29-git-svn-2.9.3-6.el7.s390x.rpm x86_64: rh-git29-git-2.9.3-6.el7.x86_64.rpm rh-git29-git-core-2.9.3-6.el7.x86_64.rpm rh-git29-git-core-doc-2.9.3-6.el7.x86_64.rpm rh-git29-git-daemon-2.9.3-6.el7.x86_64.rpm rh-git29-git-debuginfo-2.9.3-6.el7.x86_64.rpm rh-git29-git-svn-2.9.3-6.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.5): Source: rh-git29-git-2.9.3-6.el7.src.rpm noarch: rh-git29-git-all-2.9.3-6.el7.noarch.rpm rh-git29-git-cvs-2.9.3-6.el7.noarch.rpm rh-git29-git-email-2.9.3-6.el7.noarch.rpm rh-git29-git-gui-2.9.3-6.el7.noarch.rpm rh-git29-git-p4-2.9.3-6.el7.noarch.rpm rh-git29-gitk-2.9.3-6.el7.noarch.rpm rh-git29-gitweb-2.9.3-6.el7.noarch.rpm rh-git29-perl-Git-2.9.3-6.el7.noarch.rpm rh-git29-perl-Git-SVN-2.9.3-6.el7.noarch.rpm ppc64le: rh-git29-git-2.9.3-6.el7.ppc64le.rpm rh-git29-git-core-2.9.3-6.el7.ppc64le.rpm rh-git29-git-core-doc-2.9.3-6.el7.ppc64le.rpm rh-git29-git-daemon-2.9.3-6.el7.ppc64le.rpm rh-git29-git-debuginfo-2.9.3-6.el7.ppc64le.rpm rh-git29-git-svn-2.9.3-6.el7.ppc64le.rpm s390x: rh-git29-git-2.9.3-6.el7.s390x.rpm rh-git29-git-core-2.9.3-6.el7.s390x.rpm rh-git29-git-core-doc-2.9.3-6.el7.s390x.rpm rh-git29-git-daemon-2.9.3-6.el7.s390x.rpm rh-git29-git-debuginfo-2.9.3-6.el7.s390x.rpm rh-git29-git-svn-2.9.3-6.el7.s390x.rpm x86_64: rh-git29-git-2.9.3-6.el7.x86_64.rpm rh-git29-git-core-2.9.3-6.el7.x86_64.rpm rh-git29-git-core-doc-2.9.3-6.el7.x86_64.rpm rh-git29-git-daemon-2.9.3-6.el7.x86_64.rpm rh-git29-git-debuginfo-2.9.3-6.el7.x86_64.rpm rh-git29-git-svn-2.9.3-6.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.5): Source: rh-git29-git-2.9.3-8.el7.src.rpm noarch: rh-git29-git-all-2.9.3-8.el7.noarch.rpm rh-git29-git-cvs-2.9.3-8.el7.noarch.rpm rh-git29-git-email-2.9.3-8.el7.noarch.rpm rh-git29-git-gui-2.9.3-8.el7.noarch.rpm rh-git29-git-p4-2.9.3-8.el7.noarch.rpm rh-git29-gitk-2.9.3-8.el7.noarch.rpm rh-git29-gitweb-2.9.3-8.el7.noarch.rpm rh-git29-perl-Git-2.9.3-8.el7.noarch.rpm rh-git29-perl-Git-SVN-2.9.3-8.el7.noarch.rpm ppc64le: rh-git29-git-2.9.3-8.el7.ppc64le.rpm rh-git29-git-core-2.9.3-8.el7.ppc64le.rpm rh-git29-git-core-doc-2.9.3-8.el7.ppc64le.rpm rh-git29-git-daemon-2.9.3-8.el7.ppc64le.rpm rh-git29-git-debuginfo-2.9.3-8.el7.ppc64le.rpm rh-git29-git-svn-2.9.3-8.el7.ppc64le.rpm s390x: rh-git29-git-2.9.3-8.el7.s390x.rpm rh-git29-git-core-2.9.3-8.el7.s390x.rpm rh-git29-git-core-doc-2.9.3-8.el7.s390x.rpm rh-git29-git-daemon-2.9.3-8.el7.s390x.rpm rh-git29-git-debuginfo-2.9.3-8.el7.s390x.rpm rh-git29-git-svn-2.9.3-8.el7.s390x.rpm x86_64: rh-git29-git-2.9.3-8.el7.x86_64.rpm rh-git29-git-core-2.9.3-8.el7.x86_64.rpm rh-git29-git-core-doc-2.9.3-8.el7.x86_64.rpm rh-git29-git-daemon-2.9.3-8.el7.x86_64.rpm rh-git29-git-debuginfo-2.9.3-8.el7.x86_64.rpm rh-git29-git-svn-2.9.3-8.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-git29-git-2.9.3-8.el7.src.rpm noarch: rh-git29-git-all-2.9.3-8.el7.noarch.rpm rh-git29-git-cvs-2.9.3-8.el7.noarch.rpm rh-git29-git-email-2.9.3-8.el7.noarch.rpm rh-git29-git-gui-2.9.3-8.el7.noarch.rpm rh-git29-git-p4-2.9.3-8.el7.noarch.rpm rh-git29-gitk-2.9.3-8.el7.noarch.rpm rh-git29-gitweb-2.9.3-8.el7.noarch.rpm rh-git29-perl-Git-2.9.3-8.el7.noarch.rpm rh-git29-perl-Git-SVN-2.9.3-8.el7.noarch.rpm x86_64: rh-git29-git-2.9.3-8.el7.x86_64.rpm rh-git29-git-core-2.9.3-8.el7.x86_64.rpm rh-git29-git-core-doc-2.9.3-8.el7.x86_64.rpm rh-git29-git-daemon-2.9.3-8.el7.x86_64.rpm rh-git29-git-debuginfo-2.9.3-8.el7.x86_64.rpm rh-git29-git-svn-2.9.3-8.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verifythe signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-17456 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBW+li2tzjgjWX9erEAQjDkRAAgdUHd3ZaYbWY75UiIumF3O2JhNDYHjUS yKcjFxufMVdEY4F1ol5hPBL/7ecJNIJpcEfQlhL7QbkyaNt4N8YWJN38JAgNylIQ fUesQO7Xwa0MQWd4y6NHUIuVO7vUGn/lJJzDs4uXpeqQsOPPfyAzJHtTjJNByjvV uT4Q0V+6TRBmk43RWqPMvcwBx9FTH/aV0ZeZN1XHCJF70vp46GrOLpTXJ4e5jTkN zLdxQQ5ttqhYHdm7dRKwkTNTvgaJ/Zo8b03yG7TUn7lqu3+JfPdXdwiFTe8GxG0L HoG86BkaUl6Cd0/Wt1i2l/M1CrEnDQNdabmdhyPr/NJ3Gvq0M/Viv6j673A6MRhr P/8s4DueA0f+1iNsezVJ1ODpVr18Gz4YJAHi0H7pEEviJRg5jQGtFgZOr6jBoDmO zAQZ/gCAunlw/oma0SSENQbOt+NBS9KMRzo8p/DuQdC5ICZxOqoPoGVgS52XzaKQ wnJIgYgT6SJM1WCE+MUQRS4eWSchBHAy0SfKcC8oCaYijFxIDdFWgtGAecg5x/j+ ShnI4atX1X4JgGCUetZ/1RcKGdgPlFugpEQrlMvO5v/dKEADOSyE3iesVdX5iaKs 9c4JDx+qfcjFc5gTEi3TQBY/nV/5trX1J+ouWCsFqFIIm9reB9ZKjQyUmc5ywuLe MhCvjrXpwSk=xmM5 -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Critical security patch rh-git29-git released for Red Hat Software Collections to address possible vulnerabilities.. Red Hat Security Advisory, Git Update, Arbitrary Code Execution Fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Nov 12, 2018 Important Red Hat
Banner 2 1028x280 1708121730 1 1771599631
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorydenial of servicesecurity update

Red Hat 7 Update RHSA-2018-1372 Important: HAProxy DoS Risk

An update for rh-haproxy18-haproxy is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: rh-haproxy18-haproxy security update Advisory ID: RHSA-2018:1372-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2018:1372 Issue date: 2018-05-14 CVE Names: CVE-2018-10184 ==================================================================== 1. Summary: An update for rh-haproxy18-haproxy is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Security Fix(es): * haproxy: Heap buffer overflow in mux_h2.c:h2_process_demux() can allow attackers to cause a denial of service (CVE-2018-10184) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: Fordetails on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1569297 - CVE-2018-10184 haproxy: Heap buffer overflow in mux_h2.c:h2_process_demux() can allow attackers to cause a denial of service 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-haproxy18-haproxy-1.8.4-2.el7.src.rpm x86_64: rh-haproxy18-haproxy-1.8.4-2.el7.x86_64.rpm rh-haproxy18-haproxy-debuginfo-1.8.4-2.el7.x86_64.rpm rh-haproxy18-haproxy-syspaths-1.8.4-2.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3): Source: rh-haproxy18-haproxy-1.8.4-2.el7.src.rpm x86_64: rh-haproxy18-haproxy-1.8.4-2.el7.x86_64.rpm rh-haproxy18-haproxy-debuginfo-1.8.4-2.el7.x86_64.rpm rh-haproxy18-haproxy-syspaths-1.8.4-2.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4): Source: rh-haproxy18-haproxy-1.8.4-2.el7.src.rpm x86_64: rh-haproxy18-haproxy-1.8.4-2.el7.x86_64.rpm rh-haproxy18-haproxy-debuginfo-1.8.4-2.el7.x86_64.rpm rh-haproxy18-haproxy-syspaths-1.8.4-2.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5): Source: rh-haproxy18-haproxy-1.8.4-2.el7.src.rpm x86_64: rh-haproxy18-haproxy-1.8.4-2.el7.x86_64.rpm rh-haproxy18-haproxy-debuginfo-1.8.4-2.el7.x86_64.rpm rh-haproxy18-haproxy-syspaths-1.8.4-2.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-haproxy18-haproxy-1.8.4-2.el7.src.rpm x86_64: rh-haproxy18-haproxy-1.8.4-2.el7.x86_64.rpm rh-haproxy18-haproxy-debuginfo-1.8.4-2.el7.x86_64.rpm rh-haproxy18-haproxy-syspaths-1.8.4-2.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7.References: https://access.redhat.com/security/cve/CVE-2018-10184 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBWvsF4dzjgjWX9erEAQjwLRAAmZRxIe6TgdhhozGjibxPfKhXq6im69Ko rt8J6eXzUSbIkKR+cdK3+UJyAtPVyk/NNqArDzd4nmcVZLZkeDVMw8Ts5oos9lmh X3Oxzxgi9U3fYwIk8fbVhb6JPuoSSQMnUYh3b1g4WXi/DHVU670Or7gKr1SpA6kD ENHFLAHUT0Nn6qYxAypryKoPE5xwQf2sNSo/FbHu/T2f+5sqzgHImcInxw0bZIAa zYuVt6rFkOnelgUVo8yorEWFBSEB9MoBRfuUpjsOvdCJl6p4ZSznwWBb3XY3IQn2 LOhYELA8OVVtOsdttGiuYeZ4Ds2+80Z0sGZ28LGWvk9LLtxdIMMuoqDGV/pDeBjh S5kgrjtyJNXOIREGY36FskrN1xcwIRsSHs1YFXDHWSb+TzmLoSngSUTrCGJM5aUP kDBNKVPiJyDJ9Vf/Im6JNqxe5GZoOlNa3MBQ02lgYeBWdzkzGRlP+qy2rezsgOdj 2+MS/+2i5k3RQzjvYELxpaqOYLYIbqvG4eCHT2NlLo8s4rfGyyBPiiMT0eRJ5jan gS6HeklVbhJbBF/9pwdSIc0XPwEks03514qwQVYQLFV5gASkG4+FbruAMgVWfqp5 aOYS/k6FNnu2meI1EAMLZDrmPh7BQuGajSM2qTz8D+kKtFQda6FIqyDUK5LMlGKi uS56DYj3Kpo=NGCm -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . This notice outlines a crucial security patch for rh-haproxy18-haproxy, addressing a service disruption vulnerability within Red Hat.. HAProxy Security Advisory, Denial Of Service Update, Red Hat Software Update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 15, 2018 Important Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity issueupdate

Red Hat EUS: RHSA-2018-0582-01 Critical: SLF4J Arbitrary Execution

An update for rh-maven35-slf4j is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Important: rh-maven35-slf4j security update Advisory ID: RHSA-2018:0582-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2018:0582 Issue date: 2018-03-26 CVE Names: CVE-2018-8088 ==================================================================== 1. Summary: An update for rh-maven35-slf4j is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch 3. Description: The Simple Logging Facade for Java or (SLF4J) is a simple facade for various logging APIs allowing the end-user to plug in the desired implementation at deployment time. SLF4J also allows for a gradual migration path away from Jakarta Commons Logging (JCL). Security Fix(es): * slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listedin the References section. Red Hat would like to thank Chris McCown for reporting this issue. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1548909 - CVE-2018-8088 slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-maven35-slf4j-1.7.25-1.3.el7.src.rpm noarch: rh-maven35-jcl-over-slf4j-1.7.25-1.3.el7.noarch.rpm rh-maven35-jul-to-slf4j-1.7.25-1.3.el7.noarch.rpm rh-maven35-log4j-over-slf4j-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-ext-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-javadoc-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-jcl-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-jdk14-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-log4j12-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-manual-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-sources-1.7.25-1.3.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3): Source: rh-maven35-slf4j-1.7.25-1.3.el7.src.rpm noarch: rh-maven35-jcl-over-slf4j-1.7.25-1.3.el7.noarch.rpm rh-maven35-jul-to-slf4j-1.7.25-1.3.el7.noarch.rpm rh-maven35-log4j-over-slf4j-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-ext-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-javadoc-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-jcl-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-jdk14-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-log4j12-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-manual-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-sources-1.7.25-1.3.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.4): Source: rh-maven35-slf4j-1.7.25-1.3.el7.src.rpm noarch: rh-maven35-jcl-over-slf4j-1.7.25-1.3.el7.noarch.rpm rh-maven35-jul-to-slf4j-1.7.25-1.3.el7.noarch.rpm rh-maven35-log4j-over-slf4j-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-ext-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-javadoc-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-jcl-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-jdk14-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-log4j12-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-manual-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-sources-1.7.25-1.3.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-maven35-slf4j-1.7.25-1.3.el7.src.rpm noarch: rh-maven35-jcl-over-slf4j-1.7.25-1.3.el7.noarch.rpm rh-maven35-jul-to-slf4j-1.7.25-1.3.el7.noarch.rpm rh-maven35-log4j-over-slf4j-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-ext-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-javadoc-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-jcl-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-jdk14-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-log4j12-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-manual-1.7.25-1.3.el7.noarch.rpm rh-maven35-slf4j-sources-1.7.25-1.3.el7.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-8088 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFauL2fXlSAg2UNWIIRAprDAJ9buHczdakq0VJRq4SL0jD/8XA6JQCgig0a 1Shi7HRRWer+rQRhkgvzjzU=xBSS -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . An urgent patch for rh-maven35-slf4j has been released toaddress a significant vulnerability classified as critical by the Red Hat security team.. Red Hat Security, SLF4J Update, Important Fix, Software Collections Update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 26, 2018 Important Red Hat
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here