Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -2 articles for you...
100
security advisorySuSEimportantSUSE Helm Important Issues Infinite Loop Storage Bypass 2026-2049-1
An update that solves two vulnerabilities and contains one feature can now be installed.. # Security update for helm Announcement ID: SUSE-SU-2026:2049-1 Release Date: 2026-05-25T13:58:03Z Rating: important References: * bsc#1265428 * bsc#1265758 * jsc#PED-15794 Cross-References: * CVE-2026-33814 * CVE-2026-41888 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-41888 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-41888 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2026-41888 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-41888 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L Affected Products: * Containers Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSELinux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves two vulnerabilities and contains one feature can now be installed. ## Description: This update for helm fixes the following issues Security issues: * CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265758). * CVE-2026-41888: github.com/distribution/distribution/v3: tag deletion bypasses the storage.delete.enabled configuration (bsc#1265428). Non security issue: * Fix packages for %suse_version bump (jsc#PED-15794). * Update to version 3.21.0 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2049=1 * Containers Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2026-2049=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2049=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2049=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2049=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2049=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2049=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2049=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2049=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2049=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2049=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2049=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2049=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * helm-debuginfo-3.21.0-150000.1.75.1 * helm-3.21.0-150000.1.75.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * helm-bash-completion-3.21.0-150000.1.75.1 * Containers Module 15-SP7 (aarch64 ppc64le s390x x86_64) * helm-debuginfo-3.21.0-150000.1.75.1 * helm-3.21.0-150000.1.75.1 * Containers Module 15-SP7 (noarch) * helm-bash-completion-3.21.0-150000.1.75.1 * helm-zsh-completion-3.21.0-150000.1.75.1 * SUSE Package Hub 15 15-SP7 (noarch) * helm-fish-completion-3.21.0-150000.1.75.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * helm-debuginfo-3.21.0-150000.1.75.1 * helm-3.21.0-150000.1.75.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * helm-bash-completion-3.21.0-150000.1.75.1 * helm-zsh-completion-3.21.0-150000.1.75.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * helm-bash-completion-3.21.0-150000.1.75.1 * helm-zsh-completion-3.21.0-150000.1.75.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * helm-debuginfo-3.21.0-150000.1.75.1 * helm-3.21.0-150000.1.75.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * helm-debuginfo-3.21.0-150000.1.75.1 * helm-3.21.0-150000.1.75.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * helm-bash-completion-3.21.0-150000.1.75.1 * helm-zsh-completion-3.21.0-150000.1.75.1 * SUSE Linux Enterprise Server 15SP6 LTSS (aarch64 ppc64le s390x x86_64) * helm-debuginfo-3.21.0-150000.1.75.1 * helm-3.21.0-150000.1.75.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * helm-bash-completion-3.21.0-150000.1.75.1 * helm-zsh-completion-3.21.0-150000.1.75.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * helm-debuginfo-3.21.0-150000.1.75.1 * helm-3.21.0-150000.1.75.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * helm-bash-completion-3.21.0-150000.1.75.1 * helm-zsh-completion-3.21.0-150000.1.75.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * helm-debuginfo-3.21.0-150000.1.75.1 * helm-3.21.0-150000.1.75.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * helm-bash-completion-3.21.0-150000.1.75.1 * helm-zsh-completion-3.21.0-150000.1.75.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * helm-debuginfo-3.21.0-150000.1.75.1 * helm-3.21.0-150000.1.75.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * helm-bash-completion-3.21.0-150000.1.75.1 * helm-zsh-completion-3.21.0-150000.1.75.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * helm-debuginfo-3.21.0-150000.1.75.1 * helm-3.21.0-150000.1.75.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * helm-bash-completion-3.21.0-150000.1.75.1 * helm-zsh-completion-3.21.0-150000.1.75.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * helm-debuginfo-3.21.0-150000.1.75.1 * helm-3.21.0-150000.1.75.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * helm-bash-completion-3.21.0-150000.1.75.1 * helm-zsh-completion-3.21.0-150000.1.75.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * helm-debuginfo-3.21.0-150000.1.75.1 * helm-3.21.0-150000.1.75.1 * SUSELinux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * helm-bash-completion-3.21.0-150000.1.75.1 * helm-zsh-completion-3.21.0-150000.1.75.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33814.html * https://www.suse.com/security/cve/CVE-2026-41888.html * https://bugzilla.suse.com/show_bug.cgi?id=1265428 * https://bugzilla.suse.com/show_bug.cgi?id=1265758 * https://jira.suse.com/browse/PED-15794 . Important SUSE update addresses helm security issues with two vulnerabilities and enhances functionality.. SUSE Update Important Helm Security Issue Patch. . Severity: Important. LinuxSecurity.com Team
May 25, 2026
•Important
SuSE
98
security advisorymoderatered hatRedHat: RHSA-2022-0308 Moderate: OpenShift Storage Security Update
Updated container images that fix various bugs are now available for Red Hat OpenShift Container Storage 3.11 Update 9 in the Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: OpenShift Container Storage 3.11.z security and bug fix update Advisory ID: RHSA-2022:0308-01 Product: Red Hat Gluster Storage Advisory URL: https://access.redhat.com/errata/RHSA-2022:0308 Issue date: 2022-01-27 CVE Names: CVE-2021-3114 CVE-2021-31525 ==================================================================== 1. Summary: Updated container images that fix various bugs are now available for Red Hat OpenShift Container Storage 3.11 Update 9 in the Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Gluster Storage Server 3.5 on RHEL-7 - x86_64 Red Hat Storage Native Client for Red Hat Enterprise Linux 7 - x86_64 3. Description: The OpenShift Container Storage solution provides persistent storage service for OpenShift Containers and OpenShift Infrastructure services. Security Fix(es): * golang: crypto/elliptic: incorrect operations on the P-224 curve (CVE-2021-3114) * golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header (CVE-2021-31525) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * With this update, the Heketi packages are upgraded to upstream version 10.4.0.(BZ#2012287) All users of OpenShift Container Storage 3.11 are advised to upgrade to these updated packages, which fix these bugs. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1918750 - CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve 1958341 - CVE-2021-31525 golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header 1979199 - Heketi fails to create volume on OCS 3.11.8 builds 2012287 - Rebase Heketi to version v10.4 upstream source 6. Package List: Red Hat Gluster Storage Server 3.5 on RHEL-7: Source: heketi-10.4.0-2.el7rhgs.src.rpm x86_64: heketi-10.4.0-2.el7rhgs.x86_64.rpm heketi-client-10.4.0-2.el7rhgs.x86_64.rpm python-heketi-10.4.0-2.el7rhgs.x86_64.rpm Red Hat Storage Native Client for Red Hat Enterprise Linux 7: Source: heketi-10.4.0-2.el7rhgs.src.rpm x86_64: heketi-client-10.4.0-2.el7rhgs.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-3114 https://access.redhat.com/security/cve/CVE-2021-31525 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYfLi+9zjgjWX9erEAQjbAQ/+Ndw4zXl+Gan8yDdCgEA7raPJbQOem8vj unlrzCvlgyLzzdYssMbrfBiLY64aBGmgDjDnc+Rh6pL2xBRT479i1j//h0Mm4/Qh vI3yU99aDvmD62Qn1Eu2vlu7v6+0uwnXZz9esuP2L4yFdsPX/sZMu41LCDI8Q2/2 OyVBMLeHC98hu41SjfiMAJlHeBjFeW/5WtGibl7UBP6LDfed45Vx+ize5OaSLkgV wRn/baNyyD/cGF7d/y0UDyCV3YRc7+ed94SPl+lLJXOVL5+pjvfhSxPXrcJ2evfd lwU3h8pFu8q/atXpHh/XawNVurG5df0QBHDSyokQUjNiKaT3/skkGatL5XQLOK3v +Smp7RDww6dsJfW4CjKlfxNU1sFr+emsSvTpzzJnYIN1YTgoWNcr8/BCgk8lbP26 mWw3eLrF1Xhs2ES6wtvNV0NU/AEIMKa+HG2quVwFh8g4P8cKxyGpc3MXCQTzu8UK +xTCaF9uMvD3+P5DBK4JTJVgxEP/jpETHTjivhqtuoMb+ALD+9GOUA6QA6PdUa6O NX8gmv6Q0JEgtQRY7QlUP8CnlNGoq7uDcnDUiI9Ue2+5Jpmy+J/3paa0OzRXf73b KzBv3Mo1SCIXPKXb/hHvXJZ7RM623ofY6KScia3RnA/xCqwXc1MIpc9pveTBF0K4 oyOYpj77h/E=YejA -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Jan 27, 2022
Red Hat
202
security advisoryimportantpolicy enforcementopenSUSE: 2020:1542-1 important: chromium Out Of Bounds Issues
An update that fixes 7 vulnerabilities is now available.. openSUSE Security Update: Security update for chromium ______________________________________________________________________________ Announcement ID: openSUSE-SU-2020:1542-1 Rating: important References: #1176791 Cross-References: CVE-2020-15960 CVE-2020-15961 CVE-2020-15962 CVE-2020-15963 CVE-2020-15964 CVE-2020-15965 CVE-2020-15966 Affected Products: openSUSE Backports SLE-15-SP1 ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. Description: This update for chromium fixes the following issues: Chromium was updated to 85.0.4183.121 (boo#1176791): - CVE-2020-15960: Out of bounds read in storage - CVE-2020-15961: Insufficient policy enforcement in extensions - CVE-2020-15962: Insufficient policy enforcement in serial - CVE-2020-15963: Insufficient policy enforcement in extensions - CVE-2020-15965: Out of bounds write in V8 - CVE-2020-15966: Insufficient policy enforcement in extensions - CVE-2020-15964: Insufficient data validation in media This update was imported from the openSUSE:Leap:15.1:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP1: zypper in -t patch openSUSE-2020-1542=1 Package List: - openSUSE Backports SLE-15-SP1 (aarch64 x86_64): chromedriver-85.0.4183.121-bp151.3.110.1 chromium-85.0.4183.121-bp151.3.110.1 References: https://www.suse.com/security/cve/CVE-2020-15960.html https://www.suse.com/security/cve/CVE-2020-15961.html https://www.suse.com/security/cve/CVE-2020-15962.html https://www.suse.com/security/cve/CVE-2020-15963.html https://www.suse.com/security/cve/CVE-2020-15964.html https://www.suse.com/security/cve/CVE-2020-15965.html https://www.suse.com/security/cve/CVE-2020-15966.html https://bugzilla.suse.com/1176791 -- . A patch for openSUSE fixes vital flaws within Firefox, fortifying protection by rectifying several security risks.. openSUSE Updates, Chromium Security Fixes, Important Security Advisory. . Severity: Important. LinuxSecurity.com Team
Sep 26, 2020
•Important
OpenSUSE
197
security advisorymoderatebuffer overflowDebian 7: DLA-928-1 Moderate: libsndfile Buffer Overflow Threat
Multiple vulnerabilities were found in libsndfile, a popular library for reading/writing audio files. CVE-2017-7585 . Package : libsndfile Version : 1.0.25-9.1+deb7u1 CVE ID : CVE-2015-7805 CVE-2017-7585 CVE-2017-7586 CVE-2017-7741 CVE-2017-7742 Debian Bug : 860255 Multiple vulnerabilities were found in libsndfile, a popular library for reading/writing audio files. CVE-2017-7585 In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file. CVE-2017-7586 In libsndfile before 1.0.28, an error in the "header_read()" function (common.c) when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file. CVE-2017-7741 In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with write memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585. CVE-2017-7742 In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with read memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585. CVE-2014-9496 The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attackers to have unspecified impact via vectors related to a (1) map offset or (2) rsrc marker, which triggers an out-of-bounds read. CVE-2014-9756 The psf_fwrite function in file_io.c in libsndfile allows attackers to cause a denial of service (divide-by-zero error and application crash) via unspecified vectors related to the headindex variable. CVE-2015-7805 Heap-based buffer overflow in libsndfile 1.0.25 allows remote attackers to have unspecified impact via the headindex value in the header in an AIFF file. For Debian 7 "Wheezy", these problems have been fixed in version 1.0.25-9.1+deb7u1. We recommend that you upgrade your libsndfile packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -- . Several vulnerabilities addressed in the libsndfile package on Debian by updating to version 1.0.25-9.1+deb7u1.. Debian Security Update, libsndfile Issues, Buffer Overflow Fix, Audio Library Security. . LinuxSecurity.com Team
Apr 29, 2017
Debian LTS
98
security advisorybug fixDoSRed Hat OpenStack 5.0 RHSA-2015-0838-01 Low: Storage Quota Bypass
Updated openstack-glance packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Low security. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Low: openstack-glance security and bug fix update Advisory ID: RHSA-2015:0838-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2015:0838.html Issue date: 2015-04-16 CVE Names: CVE-2014-9623 ==================================================================== 1. Summary: Updated openstack-glance packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux OpenStack Platform 5.0 for RHEL 6 - noarch 3. Description: OpenStack Image service (glance) provides discovery, registration, and delivery services for disk and server images. It provides the ability to copy or snapshot a server image, and immediately store it away. Stored images can be used as a template to get new servers up and running quickly and more consistently than installing a server operating system and individually configuring additional services. A storage quota bypass flaw was found in OpenStack Image (glance). If an image was deleted while it was being uploaded, it would not count towards a user's quota. A malicious user could use this flaw to deliberately fill the backing store, and cause a denial of service. (CVE-2014-9623) Red Hat wouldlike to thank the OpenStack project for reporting this issue. Upstream acknowledges Tushar Patil of NTT as the original reporter. The openstack-glance packages have been upgraded to upstream version 2014.1.4, which provides a number of bug fixes over the previous version. (BZ#1203227) All openstack-glance users are advised to upgrade to these updated packages, which correct these issues. 4. Solution: Before applying this update, ensure all previously released errata relevant to your system have been applied. Red Hat Enterprise Linux OpenStack Platform 5 for RHEL 6 runs on Red Hat Enterprise Linux 6.6. The Red Hat Enterprise Linux OpenStack Platform 5 for RHEL 6 Release Notes contain the following: * An explanation of the way in which the provided components interact to form a working cloud computing environment. * Technology Previews, Recommended Practices, and Known Issues. * The channels required for Red Hat Enterprise Linux OpenStack Platform 5 for RHEL 6, including which channels need to be enabled and disabled. The Release Notes are linked to in the References section. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1183647 - CVE-2014-9623 openstack-glance: user storage quota bypass 1203227 - Rebase openstack-glance to 2014.1.4 6. Package List: Red Hat Enterprise Linux OpenStack Platform 5.0 for RHEL 6: Source: openstack-glance-2014.1.4-1.el6ost.src.rpm noarch: openstack-glance-2014.1.4-1.el6ost.noarch.rpm openstack-glance-doc-2014.1.4-1.el6ost.noarch.rpm python-glance-2014.1.4-1.el6ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-9623 https://access.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details athttps://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFVMAa0XlSAg2UNWIIRAvaMAJ0UAbyZfs3vLzlmftkmLFflgDoyXACgiEkD pTEqmoFvqytnv4EaWVc4iUg=gFrl -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list
Apr 16, 2015
•Low
Red Hat
98
security advisorydenial of serviceRed HatRed Hat: RHSA-2015:0837-01 Low: Storage Quota Bypass in OpenStack-Glance
Updated openstack-glance packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Low: openstack-glance security and bug fix update Advisory ID: RHSA-2015:0837-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2015:0837.html Issue date: 2015-04-16 CVE Names: CVE-2014-9623 ==================================================================== 1. Summary: Updated openstack-glance packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux OpenStack Platform 5.0 for RHEL 7 - noarch 3. Description: OpenStack Image service (glance) provides discovery, registration, and delivery services for disk and server images. It provides the ability to copy or snapshot a server image, and immediately store it away. Stored images can be used as a template to get new servers up and running quickly and more consistently than installing a server operating system and individually configuring additional services. A storage quota bypass flaw was found in OpenStack Image (glance). If an image was deleted while it was being uploaded, it would not count towards a user's quota. A malicious user could use this flaw to deliberately fill the backing store, and cause a denial of service. (CVE-2014-9623) Red Hat would like to thank the OpenStack project for reporting this issue. Upstream acknowledges Tushar Patil of NTT asthe original reporter. The openstack-glance packages have been upgraded to upstream version 2014.1.4, which provides a number of bug fixes over the previous version. (BZ#1203275) All openstack-glance users are advised to upgrade to these updated packages, which correct these issues. 4. Solution: Red Hat Enterprise Linux OpenStack Platform 5 for RHEL 7 runs on Red Hat Enterprise Linux 7.1. The Red Hat Enterprise Linux OpenStack Platform 5 for RHEL 7 Release Notes contain the following: * An explanation of the way in which the provided components interact to form a working cloud computing environment. * Technology Previews, Recommended Practices, and Known Issues. * The channels required for Red Hat Enterprise Linux OpenStack Platform 5 for RHEL 7, including which channels need to be enabled and disabled. The Release Notes are linked to in the References section. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1183647 - CVE-2014-9623 openstack-glance: user storage quota bypass 1203275 - Rebase openstack-glance to 2014.1.4 6. Package List: Red Hat Enterprise Linux OpenStack Platform 5.0 for RHEL 7: Source: openstack-glance-2014.1.4-1.el7ost.src.rpm noarch: openstack-glance-2014.1.4-1.el7ost.noarch.rpm openstack-glance-doc-2014.1.4-1.el7ost.noarch.rpm python-glance-2014.1.4-1.el7ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2014-9623 https://access.redhat.com/security/updates/classification#low 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2015 Red Hat, Inc. . Canonical has released a minor security patch for Ubuntu's nova-compute, which resolves a networking misconfiguration vulnerability that could lead to unauthorized accessto resources.. OpenStack Security, Red Hat Advisory, Storage Quota, Image Service Fix. . Severity: Low. LinuxSecurity.com Team
Apr 16, 2015
•Low
Red Hat
98
security advisoryRed Hat Enterprise Linuxmoderate severityRed Hat Enterprise Linux Versions 4 and 5: Moderate Device-Mapper Update
Updated device-mapper-multipath packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team.. ==================================================================== Red Hat Security Advisory Synopsis: Moderate: device-mapper-multipath security update Advisory ID: RHSA-2009:0411-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2009:0411.html Issue date: 2009-04-07 CVE Names: CVE-2009-0115 ==================================================================== 1. Summary: Updated device-mapper-multipath packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: The device-mapper multipath packages provide tools to manage multipath devices by issuing instructions to the device-mapper multipath kernel module, and by managing the creation and removal of partitions for device-mapper devices. It was discovered that the multipathd daemon set incorrect permissions on the socket used to communicate with command line clients. An unprivileged, local user could use this flaw to send commands to multipathd, resulting in access disruptions to storage devices accessible via multiple paths and, possibly, file system corruption on these devices. (CVE-2009-0115) Users ofdevice-mapper-multipath are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. The multipathd service must be restarted for the changes to take effect. Important: the version of the multipathd daemon in Red Hat Enterprise Linux 5 has a known issue which may cause a machine to become unresponsive when the multipathd service is stopped. This issue is tracked in the Bugzilla bug #494582; a link is provided in the References section of this erratum. Until this issue is resolved, we recommend restarting the multipathd service by issuing the following commands in sequence: # killall -KILL multipathd # service multipathd restart 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bugs fixed (http://bugzilla.redhat.com/): 493330 - CVE-2009-0115 device-mapper-multipath: insecure permissions on multipathd.sock 6. Package List: Red Hat Enterprise Linux AS version 4: Source: i386: device-mapper-multipath-0.4.5-31.el4_7.1.i386.rpm device-mapper-multipath-debuginfo-0.4.5-31.el4_7.1.i386.rpm ia64: device-mapper-multipath-0.4.5-31.el4_7.1.ia64.rpm device-mapper-multipath-debuginfo-0.4.5-31.el4_7.1.ia64.rpm ppc: device-mapper-multipath-0.4.5-31.el4_7.1.ppc.rpm device-mapper-multipath-debuginfo-0.4.5-31.el4_7.1.ppc.rpm s390: device-mapper-multipath-0.4.5-31.el4_7.1.s390.rpm device-mapper-multipath-debuginfo-0.4.5-31.el4_7.1.s390.rpm s390x: device-mapper-multipath-0.4.5-31.el4_7.1.s390x.rpm device-mapper-multipath-debuginfo-0.4.5-31.el4_7.1.s390x.rpm x86_64: device-mapper-multipath-0.4.5-31.el4_7.1.x86_64.rpm device-mapper-multipath-debuginfo-0.4.5-31.el4_7.1.x86_64.rpm Red Hat Enterprise Linux Desktop version4: Source: i386: device-mapper-multipath-0.4.5-31.el4_7.1.i386.rpm device-mapper-multipath-debuginfo-0.4.5-31.el4_7.1.i386.rpm x86_64: device-mapper-multipath-0.4.5-31.el4_7.1.x86_64.rpm device-mapper-multipath-debuginfo-0.4.5-31.el4_7.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: i386: device-mapper-multipath-0.4.5-31.el4_7.1.i386.rpm device-mapper-multipath-debuginfo-0.4.5-31.el4_7.1.i386.rpm ia64: device-mapper-multipath-0.4.5-31.el4_7.1.ia64.rpm device-mapper-multipath-debuginfo-0.4.5-31.el4_7.1.ia64.rpm x86_64: device-mapper-multipath-0.4.5-31.el4_7.1.x86_64.rpm device-mapper-multipath-debuginfo-0.4.5-31.el4_7.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: i386: device-mapper-multipath-0.4.5-31.el4_7.1.i386.rpm device-mapper-multipath-debuginfo-0.4.5-31.el4_7.1.i386.rpm ia64: device-mapper-multipath-0.4.5-31.el4_7.1.ia64.rpm device-mapper-multipath-debuginfo-0.4.5-31.el4_7.1.ia64.rpm x86_64: device-mapper-multipath-0.4.5-31.el4_7.1.x86_64.rpm device-mapper-multipath-debuginfo-0.4.5-31.el4_7.1.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: i386: device-mapper-multipath-0.4.7-23.el5_3.2.i386.rpm device-mapper-multipath-debuginfo-0.4.7-23.el5_3.2.i386.rpm kpartx-0.4.7-23.el5_3.2.i386.rpm x86_64: device-mapper-multipath-0.4.7-23.el5_3.2.x86_64.rpm device-mapper-multipath-debuginfo-0.4.7-23.el5_3.2.x86_64.rpm kpartx-0.4.7-23.el5_3.2.x86_64.rpm Red Hat Enterprise Linux (v. 5server): Source: i386: device-mapper-multipath-0.4.7-23.el5_3.2.i386.rpm device-mapper-multipath-debuginfo-0.4.7-23.el5_3.2.i386.rpm kpartx-0.4.7-23.el5_3.2.i386.rpm ia64: device-mapper-multipath-0.4.7-23.el5_3.2.ia64.rpm device-mapper-multipath-debuginfo-0.4.7-23.el5_3.2.ia64.rpm kpartx-0.4.7-23.el5_3.2.ia64.rpm ppc: device-mapper-multipath-0.4.7-23.el5_3.2.ppc.rpm device-mapper-multipath-debuginfo-0.4.7-23.el5_3.2.ppc.rpm kpartx-0.4.7-23.el5_3.2.ppc.rpm s390x: device-mapper-multipath-0.4.7-23.el5_3.2.s390x.rpm device-mapper-multipath-debuginfo-0.4.7-23.el5_3.2.s390x.rpm kpartx-0.4.7-23.el5_3.2.s390x.rpm x86_64: device-mapper-multipath-0.4.7-23.el5_3.2.x86_64.rpm device-mapper-multipath-debuginfo-0.4.7-23.el5_3.2.x86_64.rpm kpartx-0.4.7-23.el5_3.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CVE-2009-0115 https://access.redhat.com/security/updates/classification#moderate https://bugzilla.redhat.com/show_bug.cgi?id=494582 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2009 Red Hat, Inc. . A cautious security notice for Red Hat concerning device-mapper-multipath, tackling access interruption concerns impacting storage solutions.. Red Hat Enterprise, Device Mapper, Storage Access, Security Update, Access Disruption. . LinuxSecurity.com Team
Apr 07, 2009
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!