Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2021:1189: Red Hat Security Advisory: Red Hat Virtualization security, bug fix, and enhancement update

An update is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host’s resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host’s resources and performing administrative tasks. Changes to the redhat-release-virtualization-host component:

  • Previously, the redhat-support-tool was missing from the RHV-H 4.4 package. In this release, the redhat-support-tool has been added. (BZ#1928607) Security Fix(es):
  • openssl: NULL pointer dereference in signature_algorithms processing (CVE-2021-3449)
  • openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT (CVE-2021-3450) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Related CVEs:
  • CVE-2021-3449: openssl: NULL pointer dereference in signature_algorithms processing
  • CVE-2021-3450: openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT
Red Hat Security Data
Open in Source
#vulnerability#mac#linux#red_hat

Red Hat Security Data: Latest News

RHSA-2023:5627: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Red Hat Security Data