Red Hat Security Advisory 2021-3770-01

API security risk has dramatically evolved in the last two years. Jason Kent, Hacker-in-Residence at Cequence Security, discusses the top API security concerns today and how to address them.

Red Hat Security Advisory 2021-4059-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.

Red Hat Security Advisory 2021-3971-01 - Redis is an advanced key-value store. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2021-3880-01 - This release of Red Hat build of Quarkus 2.2.3 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Issues addressed include an information leakage vulnerability.

Red Hat Security Advisory 2021-3917-01 - Quay 3.6.0 release. Issues addressed include buffer over-read, buffer overflow, denial of service, out of bounds read, and spoofing vulnerabilities.

Red Hat Security Advisory 2021-3904-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

Red Hat Security Advisory 2021-3903-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.

Red Hat Security Advisory 2021-3909-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Red Hat Security Advisory 2021-3856-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a server-side request forgery vulnerability.

Fallout from the transition highlights the need for organizations to monitor and have processes for updating CA roots, experts say.

Red Hat Security Advisory 2021-3836-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a server-side request forgery vulnerability.

Red Hat Security Advisory 2021-3837-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a server-side request forgery vulnerability.

Red Hat Security Advisory 2021-3816-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include heap overflow and server-side request forgery vulnerabilities.

Red Hat Security Advisory 2021-3810-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2021-3798-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include integer overflow and null pointer vulnerabilities.

Red Hat Security Advisory 2021-3801-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2021-3802-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2021-3812-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass and out of bounds write vulnerabilities.

Red Hat Security Advisory 2021-3814-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include bypass and out of bounds write vulnerabilities.

Red Hat Security Advisory 2021-3811-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2021-3771-01 - Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2021-3769-01 - Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2021-3768-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2021-3767-02 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2021-3766-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2021-3754-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a server-side request forgery vulnerability.

Red Hat Security Advisory 2021-3725-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass and out of bounds write vulnerabilities.

Red Hat Security Advisory 2021-3676-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

During the installation process forZoom Rooms for Conference Room for Windows before version 5.3.0 it is possible to launch Internet Explorer with elevated privileges. If the installer was launched with elevated privileges such as by SCCM this can result in a local privilege escalation.

During the installation process for all versions of the Zoom Client for Meetings for Windows before 5.4.0, it is possible to launch Internet Explorer. If the installer was launched with elevated privileges such as by SCCM this can result in a local privilege escalation.

During the installation process for all versions of the Zoom Client for Meetings for Windows before 5.4.0, it is possible to launch Internet Explorer. If the installer was launched with elevated privileges such as by SCCM this can result in a local privilege escalation.

During the installation process forZoom Rooms for Conference Room for Windows before version 5.3.0 it is possible to launch Internet Explorer with elevated privileges. If the installer was launched with elevated privileges such as by SCCM this can result in a local privilege escalation.

Red Hat Security Advisory 2021-3653-01 - Red Hat Advanced Cluster Management 2.1.11 security fix and container updates are available.