Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2010-0003: [SECURITY] Fedora 11 Update: kernel-2.6.30.10-105.2.4.fc11

The print_fatal_signal function in kernel/signal.c in the Linux kernel before 2.6.32.4 on the i386 platform, when print-fatal-signals is enabled, allows local users to discover the contents of arbitrary memory locations by jumping to an address and then reading a log file, and might allow local users to cause a denial of service (system slowdown or crash) by jumping to an address.

CVE
#mac#apple#linux#dos#intel#acer#auth#wifi

updates at fedoraproject.org updates at fedoraproject.org
Fri Jan 22 22:36:26 UTC 2010

  • Previous message: Fedora 11 Update: cclive-0.5.8-1.fc11
  • Next message: Fedora 12 Update: mono-2.4.3.1-1.fc12
  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-0919 2010-01-22 22:11:51


Name : kernel Product : Fedora 11 Version : 2.6.30.10 Release : 105.2.4.fc11 URL : http://www.kernel.org/ Summary : The Linux kernel Description : The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.


Update Information:

Security update: CVE-2010-0003 CVE-2010-0006 CVE-2010-0007

ChangeLog:

* Tue Jan 19 2010 Chuck Ebbert <cebbert at redhat.com> 2.6.30.10-105.2.4

  • CVE-2010-0003: kernel: infoleak if print-fatal-signals=1 * Tue Jan 19 2010 Chuck Ebbert <cebbert at redhat.com> 2.6.30.10-105.2.3
  • CVE-2010-0007: kernel: normal users can modify ebtables rules (#555238) * Tue Jan 19 2010 Chuck Ebbert <cebbert at redhat.com> 2.6.30.10-105.2.2
  • Backport fix for CVE-2010-0006: kernel: ipv6: skb_dst() can be NULL in ipv6_hop_jumbo() (rhbz#555217) * Fri Dec 25 2009 Dan Williams <dcbw at redhat.com> 2.6.30.10-105.2.1
  • libertas: fix crash on 64-bit platforms with >= 4GB RAM * Thu Dec 24 2009 Kyle McMartin <kyle at redhat.com> 2.6.30.10-105
  • fuse: fix kunmap in fuse_ioctl_copy_user, #549400 * Tue Dec 8 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.10-104
  • Copy fix for #540580 from F-12. * Fri Dec 4 2009 Kyle McMartin <kyle at redhat.com> 2.6.30.10-103
  • 2.6.30.10
  • nuke ipv4-fix-null-ptr-deref-in-ip_fragment.patch, it’s in the latest stable release. * Thu Dec 3 2009 Kyle McMartin <kyle at redhat.com> 2.6.30.9-102
  • ipv4-fix-null-ptr-deref-in-ip_fragment.patch: null ptr deref bug fix. * Thu Nov 19 2009 Kyle McMartin <kyle at redhat.com>
  • fuse-prevent-fuse_put_request-in-invalid-ptr.patch: fix oops in fuse when low on memory. rhbz#538734. * Thu Nov 19 2009 David Woodhouse <David.Woodhouse at intel.com> 2.6.30.9-100
  • Re-enable CONFIG_DMAR_GFX_WA on x86_64. * Tue Nov 17 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-99
  • Silence pointless DRM warning message (#537196) * Tue Nov 17 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-98
  • More sata_nv fixes (#524756). * Mon Nov 16 2009 Eric Sandeen <sandeen at redhat.com> 2.6.30.9-97
  • Fix ext4 preallocation-related corruption (#513221) * Tue Nov 3 2009 Kyle McMartin <kyle at redhat.com> 2.6.30.9-96
  • fs/pipe.c: fix null pointer dereference (CVE-2009-3547) * Sun Oct 25 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-95
  • Disable the stack protector on functions that don’t have onstack arrays. * Thu Oct 22 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-94
  • Fix overflow in KVM cpuid code. (CVE-2009-3638) * Thu Oct 22 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-93
  • Fix exploitable oops in keyring code (CVE-2009-3624) * Wed Oct 21 2009 Kyle McMartin <kyle at redhat.com>
  • shut-up-LOCK_TEST_WITH_RETURN.patch: sort out #445331… or paper bag over it for now until the lock warnings can be killed. * Mon Oct 19 2009 Kyle McMartin <kyle at redhat.com>
  • af_unix-fix-deadlock-connecting-to-shutdown-socket.patch: fix for rhbz#529626 local DoS. (CVE-2009-3621) * Sat Oct 17 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-90
  • Fix null deref in r128 (F10#487546) (CVE-2009-3620) * Sat Oct 17 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-89
  • Keyboard and mouse fixes from 2.6.32 (#522126) * Sat Oct 17 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-88
  • Scheduler wakeup patch, fixes high latency on wakeup (sched-update-the-clock-of-runqueue-select-task-rq-selected.patch) * Fri Oct 16 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-87
  • Fix uninitialized data leak in netlink (CVE-2009-3612) * Thu Oct 15 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-86
  • AX.25 security fix (CVE-2009-2909) * Thu Oct 15 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-85
  • Disable CONFIG_USB_STORAGE_CYPRESS_ATACB because it causes failure to boot from USB disks using Cypress bridges (#524998) * Tue Oct 13 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-84
  • Copy libata drive detection fix from 2.6.31.4 (#524756) * Tue Oct 13 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-83
  • Networking fixes taken from 2.6.31-stable * Tue Oct 13 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-82
  • Fix boot hang with ACPI on some systems. * Mon Oct 12 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-81
  • Critical ftrace fixes: ftrace-use-module-notifier-for-function-tracer.patch ftrace-check-for-failure-for-all-conversions.patch tracing-correct-module-boundaries-for-ftrace_release.patch * Thu Oct 8 2009 Ben Skeggs <bskeggs at redhat.com> 2.6.30.9-80
  • ppc: compile nvidiafb as a module only, nvidiafb+nouveau = bang! (rh#491308) * Wed Oct 7 2009 Dave Jones <davej at redhat.com> 2.6.30.9-78
  • Disable IRQSOFF tracer. (Adds unnecessary overhead when unused) * Wed Oct 7 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-77
  • eCryptfs fixes taken from 2.6.31.2 (fixes CVE-2009-2908) * Tue Oct 6 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-76
  • fix race in forcedeth network driver (#526546) * Tue Oct 6 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-75
  • x86: Don’t leak 64-bit reg contents to 32-bit tasks. * Tue Oct 6 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-74
  • ACPI EC bug fixes taken from kernel 2.6.32 (#492699, #525681) * Mon Oct 5 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-73
  • Linux 2.6.30.9 * Sun Oct 4 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-72.rc3
  • Copy stack randomization fix from 2.6.31.2 (F10#526882) * Sun Oct 4 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-71.rc3
  • Linux 2.6.30.9-rc3
  • Drop merged upstream patches: linux-2.6-cifs-reenable-lanman-security.patch kvm-guest-fix-bogus-wallclock-physical-address-calculation.patch kvm-mmu-make-__kvm_mmu_free_some_pages-handle-empty-list.patch kvm-vmx-check-cpl-before-emulating-debug-register-access.patch kvm-vmx-fix-cr8-exiting-control-clobbering-by-ept.patch kvm-x86-disallow-hypercalls-for-guest-callers-in-rings-0.patch linux-2.6-kvm-revert-x86-check-for-cr3-validity.patch * Fri Oct 2 2009 Justin M. Forbes <jforbes at redhat.com> 2.6.30.8-70
  • Add linux-2.6-virtio-net-refill-on-out-of-memory.patch, from 2.6.31 to prevent page allocation failures in guests. (#520119) * Mon Sep 28 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.8-69
  • Add linux-2.6-kvm-revert-x86-check-for-cr3-validity.patch, from 2.6.32-rc, fixes bug #525743 * Mon Sep 28 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.8-68
  • Drop sched-disable-NEW-FAIR-SLEEPERS-for-now.patch, reported to cause problems on 2.6.30. * Sat Sep 26 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.8-67
  • Scheduler fixes cherry-picked from 2.6.32 * Sat Sep 26 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.8-66
  • Backport “appletalk: Fix skb leak when ipddp interface is not loaded” (fixes CVE-2009-2903) * Sat Sep 26 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.8-65
  • KVM fixes from 2.6.31.1, including fix for CVE-2009-3290 * Fri Sep 25 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.8-64
  • Fix serious CFQ performance regression. * Fri Sep 25 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.8-63
  • Disable the GEM graphics manager on i686 PAE kernels (fixes modesetting on Intel graphics.) * Fri Sep 25 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.8-62
  • Fix breakage in hostap driver (#522269) * Thu Sep 24 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.8-61
  • Backport the cpuidle-faster-io fix from Fedora 12 to fix I/O performance problems when reading/writing multiple disks. * Thu Sep 24 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.8-60
  • Linux 2.6.30.8 * Thu Sep 24 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.7-59
  • Disable sound powersave by default; it still pops when playing sounds. (#523836) * Wed Sep 16 2009 Justin M. Forbes <jforbes at redhat.com> 2.6.30.7-58
  • Revert virtio_blk to rotational mode. (#509383) * Tue Sep 15 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.7-57
  • Linux 2.6.30.7 * Tue Sep 15 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.7-56.rc1
  • Fix CIFS security flags mask broken in 2.6.30 (#523173) * Tue Sep 15 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.7-55.rc1
  • Fix cpufreq lockdep warnings (#522685) * Sat Sep 12 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.7-54.rc1
  • 2.6.30.7-rc1
  • Drop patches merged in -stable: linux-2.6-slub-fix-destroy-by-rcu.patch * Thu Sep 10 2009 Dennis Gilmore <dennis at ausil.us> 2.6.30.6-53
  • kgdb only works on sparc64 smp kernels so disable on the up one and enable on the smp one
  • update to 256 cpus supported on sparc64 smp * Wed Sep 9 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.6-52
  • Add linux-2.6-slub-fix-destroy-by-rcu.patch (fixes bug in 2.6.30.4) * Wed Sep 9 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.6-51
  • 2.6.30.6
  • Drop patches merged in -stable: do_sigaltstack-avoid-copying-stack_t-as-a-structure-to-userspace.patch linux-2.6-x86-dont-send-ipi-to-empty-set-cpus.patch linux-2.6-bitmap-make-ops-return-result.patch linux-2.6-x86-dont-call-send-ipi-mask-with-empty-mask.patch linux-2.6-clone-fix-race-between-copy-process-and-de-thread.patch linux-2.6-kthreads-fix-kthread-create-vs-kthread-stop.patch linux-2.6-xen-x86-dont-probe-if-apics-are-disabled.patch * Tue Sep 8 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.5-50
  • Disable Amiga One support to fix powerpc coherency bug (#521703) * Fri Sep 4 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.5-49
  • Fix build system getting confused during firmware install. * Fri Sep 4 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.5-48
  • Added additional fixes needed for #514787: linux-2.6-ppc64-vs-broadcom-lmb-no-init-*.patch
  • Fix up lirc patch context so it applies. * Wed Sep 2 2009 Jarod Wilson <jarod at redhat.com>
  • Make it possible to rmmod lirc_zilog w/o it hanging indefinitely
  • Add transmit support (via port 2 only) on 1st-gen mceusb transceiver * Tue Sep 1 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.5-46
  • Fix yet another Xen boot crash (#520517) * Tue Sep 1 2009 Jarod Wilson <jarod at redhat.com> 2.6.30.5-45
  • Refresh lirc patches, add new lirc_ene0100 driver
  • Fix up hdpvr driver for use with modular i2c so that lirc_zilog can actually bind to it
  • Make lirc_zilog IR transmit and receive work on the hdpvr
  • Fix audio on PVR-500 when used in same system as HVR-1800 (#480728) * Fri Aug 28 2009 David Woodhouse <David.Woodhouse at intel.com>
  • Enable Solos DSL driver * Thu Aug 27 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.5-43
  • Don’t load the floppy driver automatically: linux-2.6-defaults-die-floppy-die.patch * Thu Aug 27 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.5-42
  • Fix stackprotector problems with Xen on x86_64.
  • Disable stackprotector on i386 until 32-bit Xen gets fixed. * Thu Aug 27 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.5-41
  • linux-2.6-kthreads-fix-kthread-create-vs-kthread-stop.patch: fix race in kthreads. * Thu Aug 27 2009 Justin M. Forbes <jforbes at redhat.com> 2.6.30.5-40
  • xen: Fix guest crash when trying to debug. (#458385) * Thu Aug 27 2009 John W. Linville <linville at redhat.com> 2.6.30.5-39
  • zd1211rw: adding 083a:e503 as a ZD1211B device (#518538) * Thu Aug 27 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.5-38
  • Fix string overflows found by stackprotector: hda-check-strcpy-length.patch linux-2.6-v4l-dvb-af9015-fix-stack-corruption.patch * Thu Aug 27 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.5-37
  • Fix race in clone() syscall. * Thu Aug 27 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.5-36
  • Fix hangs on older x86 systems with 440*X chipsets. * Fri Aug 21 2009 David Woodhouse <David.Woodhouse at intel.com>
  • Fix b43 on iMac G5 (#514787) * Tue Aug 18 2009 Kyle McMartin <kyle at redhat.com>
  • Backport several upstream commits 52dec22e739eec8f3a0154f768a599f5489048bd to improve mmap_min_addr.
  • CVE-2009-2847: do_sigaltstack: avoid copying ‘stack_t’ as a structure to user space * Mon Aug 17 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.5-32
  • Change config options: CONFIG_SCSI_DEBUG=m CONFIG_PCI_MSI_DEFAULT_ON=y * Mon Aug 17 2009 Jarod Wilson <jarod at redhat.com> 2.6.30.5-31
  • Fix flub in prior lirc patch update that resulted in no lirc drivers getting built * Sun Aug 16 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.5-29
  • Linux 2.6.30.5 * Fri Aug 14 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.5-28.rc2
  • Linux 2.6.30.5-rc2
  • Dropped drm-intel-tv-fix.patch, merged in -stable now. * Wed Aug 12 2009 Kyle McMartin <kyle at redhat.com>
  • drm-no-gem-on-i8xx.patch: fix misspelled IS_8XX & IS_I845G, sigh. * Wed Aug 12 2009 Kyle McMartin <kyle at redhat.com>
  • DRM patch sync-up with F-11-2.6.29.y, ABI probably isn’t right yet though…
  • drm-modesetting-radeon.patch
  • drm-nouveau.patch
  • drm-no-gem-on-i8xx.patch
  • drm-i915-resume-force-mode.patch
  • drm-intel-big-hammer.patch
  • drm-intel-gen3-fb-hack.patch
  • drm-intel-hdmi-edid-fix.patch
  • drm-modesetting-radeon-fixes.patch
  • drm-radeon-new-pciids.patch
  • drm-dont-frob-i2c.patch
  • drm-intel-tv-fix.patch
  • drm-radeon-cs-oops-fix.patch
  • drm-pnp-add-resource-range-checker.patch
  • drm-i915-enable-mchbar.patch
  • The rest were merged upstream. * Wed Aug 12 2009 John W. Linville <linville at redhat.com>
  • iwlwifi: fix TX queue race * Mon Aug 10 2009 Kyle McMartin <kyle at redhat.com>
  • Patch sync-up with F-11-2.6.29.y:
  • linux-2.6-x86-delay-tsc-barrier.patch
  • linux-2.6-fs-cifs-fix-port-numbers.patch
  • linux-2.6-kvm-skip-pit-check.patch
  • linux-2.6.29-xen-disable-gbpages.patch
  • linux-2.6-virtio_blk-dont-bounce-highmem-requests.patch
  • linux-2.6-drivers-char-low-latency-removal.patch
  • linux-2.6-serial-add-txen-test-param.patch
  • linux-2.6-input-wacom-bluetooth.patch
  • linux-2.6-defaults-saner-vm-settings.patch
  • linux-2.6-mm-lru-evict-streaming-io-pages-first.patch
  • linux-2.6-mm-lru-report-vm-flags-in-page-referenced.patch
  • linux-2.6-mm-lru-dont-evict-mapped-executable-pages.patch
  • linux-2.6-utrace.patch
  • linux-2.6-utrace-ftrace.patch
  • linux-2.6-tracehook.patch * Mon Aug 10 2009 Jarod Wilson <jarod at redhat.com>
  • Add tunable pad threshold support to lirc_imon
  • Blacklist all iMON devices in usbhid driver so lirc_imon can bind
  • Add new device ID to lirc_mceusb (#512483)
  • Enable IR transceiver on the HD PVR * Wed Aug 5 2009 Kyle McMartin <kyle at redhat.com>
  • Update to released 2.6.30.4.
  • Drop now-unneeded upstream reverts. * Wed Jul 29 2009 Chuck Ebbert <cebbert at redhat.com>
  • Linux 2.6.30.4-rc1 * Mon Jul 27 2009 Neil Horman <nhorman at redhat.com>
  • Backport xfrm gc_thresh export code (bz 503124) * Fri Jul 24 2009 Kyle McMartin <kyle at redhat.com>
  • CONFIG_DEFAULT_MMAP_MIN_ADDR=65536 [i386 x86_64], 4096 elsewhere, as per defconfigs.
  • Blat patches from other tag, now to rebase fixes, splat in the changelog, and tag it for building. * Fri Jul 24 2009 Kyle McMartin <kyle at redhat.com>
  • Copy over release configs from devel-2.6.30 tag.
  • Fix up some spec deviations. * Fri Jul 24 2009 Kyle McMartin <kyle at redhat.com>
  • Linux 2.6.30.3 rebase for Fedora 11.
  • Fedora 11 2.6.29 branch is on tag private-fedora-11-2_6_29_6.

References:

[ 1 ] Bug #554578 - CVE-2010-0003 kernel: infoleak if print-fatal-signals=1 https://bugzilla.redhat.com/show_bug.cgi?id=554578 [ 2 ] Bug #555217 - CVE-2010-0006 kernel: ipv6: skb_dst() can be NULL in ipv6_hop_jumbo() https://bugzilla.redhat.com/show_bug.cgi?id=555217 [ 3 ] Bug #555238 - CVE-2010-0007 kernel: netfilter: ebtables: enforce CAP_NET_ADMIN https://bugzilla.redhat.com/show_bug.cgi?id=555238


This update can be installed with the “yum” update program. Use su -c ‘yum update kernel’ at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys


  • Previous message: Fedora 11 Update: cclive-0.5.8-1.fc11
  • Next message: Fedora 12 Update: mono-2.4.3.1-1.fc12
  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the package-announce mailing list

Related news

CVE-2010-0008: Red Hat Customer Portal - Access to 24x7 support and knowledge

The sctp_rcv_ootb function in the SCTP implementation in the Linux kernel before 2.6.23 allows remote attackers to cause a denial of service (infinite loop) via (1) an Out Of The Blue (OOTB) chunk or (2) a chunk of zero length.

CVE-2010-0008: Red Hat Customer Portal - Access to 24x7 support and knowledge

The sctp_rcv_ootb function in the SCTP implementation in the Linux kernel before 2.6.23 allows remote attackers to cause a denial of service (infinite loop) via (1) an Out Of The Blue (OOTB) chunk or (2) a chunk of zero length.

CVE-2010-0006: Bugtraq

The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.32.4, when network namespaces are enabled, allows remote attackers to cause a denial of service (NULL pointer dereference) via an invalid IPv6 jumbogram, a related issue to CVE-2007-4567.

CVE-2010-0007: security - Re: CVE Request: kernel ebtables perm check

net/bridge/netfilter/ebtables.c in the ebtables module in the netfilter framework in the Linux kernel before 2.6.33-rc4 does not require the CAP_NET_ADMIN capability for setting or modifying rules, which allows local users to bypass intended access restrictions and configure arbitrary network-traffic filtering via a modified ebtables application.

CVE-2009-3547

Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.

CVE-2009-3620

The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907