Red Hat Security Advisory 2023-3299-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include bypass, cross site scripting, denial of service, deserialization, improper authorization, and information leakage vulnerabilities.
070dedb972682a284f682880ba83ebf6de70378d3be68806dd984d5184f93267Ubuntu Security Notice 6105-1 - The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.60 version of the Mozilla certificate authority bundle.
f22bf0d2ddc2cf2c0bae363bb5572040b967a8a65a857d08c1811490f966625aUbuntu Security Notice 6105-2 - USN-6105-1 updated ca-certificates. This provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.60 version of the Mozilla certificate authority bundle.
aa01a73e7f39c87d42f93aceed0c02858835a9f7af7c29fca363180b5271fbe7Red Hat Security Advisory 2023-3318-01 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The golang packages provide the Go programming language compiler.
3d3353c83137edde8c19c6b0ada61c8786da79987b2ab1a304cf0a1a891ca93cUbuntu Security Notice 6100-1 - It was discovered that HTML::StripScripts does not properly parse HTML content with certain style attributes. A remote attacker could use this issue to cause a regular expression denial of service.
3369b3afc25252012ae1d6f7ef3ebb9ebf1c386106f6f00919d46ec390e2af5aWordPress Beautiful Cookie Consent Banner versions 2.10.1 and below suffer from an unauthenticated persistent cross site scripting vulnerability.
8858c77125409fd0fe39f8b285596c6f700c81b1e8838d3dc6e332a0dfaf4d61Red Hat Security Advisory 2023-3296-01 - Multicluster Engine for Kubernetes 2.2.4 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.
0d190181de187a85cca97396c686e2bf391eef8e2f72f844b36951fbeb15a493Red Hat Security Advisory 2023-3297-01 - Red Hat Advanced Cluster Management for Kubernetes 2.7.4 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs.
a9c95cee3c3f2ef8153d088eeac3a325877fe0187e2772e5100d0e99f69c0a202023 Online Course Registration version 1.0 suffers from a remote SQL Injection vulnerability that allows for authentication bypass.
97f89701c16c65008c586edfec5db4bfb42238c1ce697dfcbcc4be61071ce5d1Red Hat Security Advisory 2023-3291-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP response splitting and denial of service vulnerabilities.
20dec59adcb39ef2916d6cca7cd13c8ca58d1f5b2b3c7506b88fe76014af5ad2Ubuntu Security Notice 6104-1 - Alexander Lakhin discovered that PostgreSQL incorrectly handled certain CREATE privileges. An authenticated user could possibly use this issue to execute arbitrary code as the bootstrap supervisor. Wolfgang Walther discovered that PostgreSQL incorrectly handled certain row security policies. An authenticated user could possibly use this issue to complete otherwise forbidden reads and modifications.
87aa4a75c2584ff4230215d084b97a2b13caf7a8c4f0ef083f04b56d6bfa60b5Red Hat Security Advisory 2023-3216-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.60.
2e204d66d6c6ccc190511e837867a192ca1dc8d3f90f41e397ac215267e0ccf1Red Hat Security Advisory 2023-3292-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
64bfb6c54b4fd8abfa6ef7b05ba343cd3bf2b907be57f42ec10b205d422bdae8WFTPD version 3.25 leaves credentials accessible in wftpd.ini.
84b7e59e7c79b2e7f54fe4511e8ee6e1626462eecb05c8c986d66ac424e88a4aService Provider Management System version 1.0 suffers from a remote SQL injection vulnerability.
2bc6f4ea8d528872c6a4c8167f3490045aea3489057ff522fe4ff1f53c23f345Debian Linux Security Advisory 5410-1 - Multiple security issues were discovered in Sofia-SIP, a SIP User-Agent library, which could result in denial of service.
6a5c35f944423c00333235bd7622abb351551dfe6fbfabc5d70316bb8466189aUbuntu Security Notice 6103-1 - It was discovered that JSON Schema incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to exploit JavaScript runtimes and cause a denial of service or execute arbitrary code.
b8bb540756590db3d76511beb77a469c4d41e7876af021018b32db9f06b5c27dFusionInvoice version 2023-1.0 suffers from a persistent cross site scripting vulnerability.
025695812c81674c72c23cd6e0f848b4f9277e0d7574ffb741a4adf5ace223b8Red Hat Security Advisory 2023-3276-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root.
51db434bdac9e1d765db7e0ae1a010d796c792f5cce968883d44dfaf31b8adcbRed Hat Security Advisory 2023-3269-01 - The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Issues addressed include buffer overflow and null pointer vulnerabilities.
a289180fa7285e4d383b228c646180c2d4e702f9b90480dcf8cd3802e8af9b79GetSimple CMS version 3.3.16 suffers from a remote shell upload vulnerability.
99127c487b04ae24e2f03143097d9abfc702cfd0d14e9f6462be41ae66fc0642Ubuntu Security Notice 6074-3 - USN-6074-1 fixed vulnerabilities and USN-6074-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Irvan Kurniawan discovered that Firefox did not properly manage memory when using RLBox Expat driver. An attacker could potentially exploits this issue to cause a denial of service. Anne van Kesteren discovered that Firefox did not properly validate the import call in service workers. An attacker could potentially exploits this to obtain sensitive information. Sam Ezeh discovered that Firefox did not properly handle certain favicon image files. If a user were tricked into opening a malicious favicon file, an attacker could cause a denial of service.
7d3fa9c2c23bb5c2e2deadaf33571680848e749c4924a7ad19facbb363e58246Ubuntu Security Notice 6101-1 - It was discovered that GNU binutils incorrectly handled certain DWARF files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 22.10. It was discovered that GNU binutils did not properly verify the version definitions in zer0-lengthverdef table. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10 and Ubuntu 23.04.
163e1361b1036adfae116692f58dd0705369897977479d4b1f14c2c63f96b907Red Hat Security Advisory 2023-3280-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.
478c302246ce6f609213d2bbe423210776c6606679b7237cf8d06738be67b756Red Hat Security Advisory 2023-3218-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.60.
315cc1865f5c0ce57b74b613321db7517f5b2cf00c1f0fc17b622b162f72918a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed