Red Hat Security Advisory 2020-2562-01 - Red Hat JBoss Enterprise Application Platform CD13 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform CD13 includes bug fixes and enhancements. Issues addressed include denial of service and traversal vulnerabilities.
653e0dfe34e8f71fbff88f5db8ad69c4a7a15d5d8db71bce2bd437e954f7ae3cRed Hat Security Advisory 2020-2321-01 - Red Hat Data Grid is a distributed, in-memory, NoSQL datastore based on the Infinispan project. This release of Red Hat Data Grid 7.3.6 serves as a replacement for Red Hat Data Grid 7.3.5 and includes bug fixes and enhancements, which are described in the Release Notes, linked to in the References section of this erratum. Issues addressed include HTTP request smuggling, cross site scripting, out of bounds read, and traversal vulnerabilities.
37188b4f3d0ad45e53ae50f81ab79f3432ce0a83d98c55f4c8cc57bb3deb1677Red Hat Security Advisory 2019-0877-01 - Red Hat OpenShift Application Runtimes provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of RHOAR Thorntail 2.4.0 serves as a replacement for RHOAR Thorntail 2.2.0, and includes security and bug fixes and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include code execution, denial of service, deserialization, and traversal vulnerabilities.
5a770a9e44f952c4dbd8ebcd0a5a7da0c0737d9f710ca712c6c037e86137438fDebian Linux Security Advisory 4339-1 - Multiple vulnerabilities were discovered in Ceph, a distributed storage replay attacks and calculated signatures incorrectly, "ceph mon" did not validate capabilities for pool operations (resulting in potential corruption or deletion of snapshot images) and a format string vulnerability in libradosstriper could result in denial of service.
c7019432346c7f81c0a0665e9d626906d42c2b89e4a3f57a8aca378822cf9293Debian Linux Security Advisory 4300-1 - It was discovered that Archive::Zip, a perl module for manipulation of ZIP archives, is prone to a directory traversal vulnerability. An attacker able to provide a specially crafted archive for processing can take advantage of this flaw to overwrite arbitrary files during archive extraction.
24b66271204e48260c278858e93a3d197b16c2374c13e4091face6dfc00b94cfRed Hat Security Advisory 2018-2643-01 - The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal. Issues addressed include denial of service and traversal vulnerabilities.
2bfe1cdff3a12f79e8c0bf7120a0752dcf98ef0376e166db31cb2adc9a98b0dfRed Hat Security Advisory 2018-2423-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.1.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.3, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include denial of service and traversal vulnerabilities.
c224a68b05ea31c2831df52618068edf74dd1fa122142f3dfba5e3175b8e772dRed Hat Security Advisory 2018-2424-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.1.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.3, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include denial of service and traversal vulnerabilities.
6b324a96c3a58e7814ee6ae39dee76978cf399ecb9ab55b5b76cc14c1ca98a8fRed Hat Security Advisory 2018-2428-01 - Red Hat Single Sign-On 7.2 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.2.4 serves as a replacement for Red Hat Single Sign-On 7.2.3, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include denial of service and traversal vulnerabilities.
3d98136f39a04fb9a28f785d98320918c6e9eaf4acf77cf6748807a5b1b598c8Red Hat Security Advisory 2018-2425-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on Wildfly. This release of Red Hat JBoss Enterprise Application Platform 7.1.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.3, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include denial of service and traversal vulnerabilities.
2f4719608bc90a9d14acfdd78b23c0bce292db4871bea45d924d2b244d444ef2Red Hat Security Advisory 2018-2373-01 - The redhat-certification package provides partners with a unified web-based user interface to certify their products for use on Red Hat Infrastructure. It can currently be used in the latest releases of Red Hat Certified Cloud and Service Provider Certification, Red Hat OpenStack Certification and Red Hat Hardware Certification Programs. Issues addressed include writeable and downloadable file vulnerabilities.
9286e36fffceb1c677171034038eb15e4450446f75085006ffa42eea1ff46f8cRed Hat Security Advisory 2018-2261-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Issues addressed include a replay attack vulnerability.
3abdddcc6ff800466cb69e4f002a8015497e54b68610e36aa52a8258ba62d450Red Hat Security Advisory 2018-2274-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Issues addressed include a replay attack.
bea6f150d20001083244fdaba28167aa06e13177c81317dee86bdbc4c382fa81Red Hat Security Advisory 2018-2276-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on Wildfly. This asynchronous patch is a security update for wildfly-core and apache-cxf packages in Red Hat JBoss Enterprise Application Platform 7.1 Issues addressed include a traversal vulnerability.
5bfd068d41ade41ff1f4c1290242f6d2137acaf5d4dccdaca5ac00d3c77c4c4cRed Hat Security Advisory 2018-2277-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on Wildfly. This asynchronous patch is a security update for apache-cxf package in Red Hat JBoss Enterprise Application Platform 7.1 Issues addressed include a traversal vulnerability.
846c99de715bb3f633d02464de9d396b4458165b9af6c343861912a7f7ca622eRed Hat Security Advisory 2018-2279-01 - Red Hat Single Sign-On 7.2 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This asynchronous patch is a security update for wildfly-core and apache-cxf packages in Red Hat Single Sign-On 7.2. Issues addressed include a traversal vulnerability.
d56913cfdf67e8721884d0fa325bfa7b3d2be10531eb51b925101cdb44681478Red Hat Security Advisory 2018-2179-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Issues addressed include a replay attack.
dcc4b3046d8cff4c77cd181b7bb36d7967e583f5ca3b5fab4427296c02f4669bRed Hat Security Advisory 2018-2177-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Issues addressed include a replay attack.
f66ca56100c49f8187579e719075112a6d84ba932d8fee2c646889b4646415feUbuntu Security Notice 3703-2 - USN-3703-1 fixed a vulnerability in Archive Zip module. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that the Archive Zip module incorrectly handled certain inputs. An attacker could possibly use this to access sensitive information. Various other issues were also addressed.
ad169f2f60b246c4e86fc4b527ce15285ca2220ece2a061b3efa552570fb888aUbuntu Security Notice 3703-1 - It was discovered that the Archive Zip module incorrectly handled certain inputs. An attacker could possibly use this to access sensitive information.
d3e7ef46d96106466295b083675f345b00679612061cabea89f9604540b0d2d1Red Hat Security Advisory 2018-1927-01 - The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Issues addressed include a bypass vulnerability.
9fee2fee4ce741ec158d6c6d377344294455aa99280340438629c30c41171488Debian Linux Security Advisory 4169-1 - Cedric Buissart from Red Hat discovered an information disclosure bug in pcs, a pacemaker command line interface and GUI. The REST interface normally doesn't allow passing --debug parameter to prevent information leak, but the check wasn't sufficient.
2ac2115f09656721f7b983dfebd144f6c125f2261ae196e9df7dc112990061ceRed Hat Security Advisory 2018-1060-01 - The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Issues addressed include a bypass vulnerability.
587ecffba17bd556b29cadfcccb0f9098025701508af5c5d3a0367623e81e633
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed