Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:4524: Red Hat Security Advisory: libcap security update

An update for libcap is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2023-2602: A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory.
  • CVE-2023-2603: A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB.
Red Hat Security Data
#vulnerability#linux#red_hat#ibm#sap

Synopsis

Moderate: libcap security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libcap is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Libcap is a library for getting and setting POSIX.1e (formerly POSIX 6) draft 15 capabilities.

Security Fix(es):

  • libcap: Integer Overflow in _libcap_strdup() (CVE-2023-2603)
  • libcap: Memory Leak on pthread_create() Error (CVE-2023-2602)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.8 x86_64
  • Red Hat Enterprise Linux for ARM 64 8 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64

Fixes

  • BZ - 2209113 - CVE-2023-2603 libcap: Integer Overflow in _libcap_strdup()
  • BZ - 2209114 - CVE-2023-2602 libcap: Memory Leak on pthread_create() Error

Red Hat Enterprise Linux for x86_64 8

SRPM

libcap-2.48-5.el8_8.src.rpm

SHA-256: 51b47605300c603a3bd739778be80d8364a89b7fc10b0e6cc0cb94c37cf3f59b

x86_64

libcap-2.48-5.el8_8.i686.rpm

SHA-256: 9e1af1fd0eefa34c0ccd36119ad6c38d8dba41d0a001cccc688191211def46f5

libcap-2.48-5.el8_8.x86_64.rpm

SHA-256: b376f03226f095e392366d41578f8f9afe491039e6c472049725a53d969bdc55

libcap-debuginfo-2.48-5.el8_8.i686.rpm

SHA-256: 337b6ae4c6fa499f662dff31d763fe83cb46c269608f216d5ae167fed4ce650a

libcap-debuginfo-2.48-5.el8_8.x86_64.rpm

SHA-256: 7551e626b87ea6ec2044036a31bf408030deaab10f40374b59f5a1586ec3b2a3

libcap-debugsource-2.48-5.el8_8.i686.rpm

SHA-256: 8ba87226c64d0511a3202eefd51c5df6bca86ed6beae94fb1101afabf8f6e974

libcap-debugsource-2.48-5.el8_8.x86_64.rpm

SHA-256: 9bd2efd2b860cf4b0fc3b8b6adfd9f06531e414aa046dd9487533f7f4065a6f9

libcap-devel-2.48-5.el8_8.i686.rpm

SHA-256: f55aba3cd637981ed2cd3513b1f5e2a51e1d566dcbad9f9e204274034a2c8df1

libcap-devel-2.48-5.el8_8.x86_64.rpm

SHA-256: 0f0941bb3b784806dc3bc6714350240255b835833db0cd1b954195da0d1a70f8

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8

SRPM

libcap-2.48-5.el8_8.src.rpm

SHA-256: 51b47605300c603a3bd739778be80d8364a89b7fc10b0e6cc0cb94c37cf3f59b

x86_64

libcap-2.48-5.el8_8.i686.rpm

SHA-256: 9e1af1fd0eefa34c0ccd36119ad6c38d8dba41d0a001cccc688191211def46f5

libcap-2.48-5.el8_8.x86_64.rpm

SHA-256: b376f03226f095e392366d41578f8f9afe491039e6c472049725a53d969bdc55

libcap-debuginfo-2.48-5.el8_8.i686.rpm

SHA-256: 337b6ae4c6fa499f662dff31d763fe83cb46c269608f216d5ae167fed4ce650a

libcap-debuginfo-2.48-5.el8_8.x86_64.rpm

SHA-256: 7551e626b87ea6ec2044036a31bf408030deaab10f40374b59f5a1586ec3b2a3

libcap-debugsource-2.48-5.el8_8.i686.rpm

SHA-256: 8ba87226c64d0511a3202eefd51c5df6bca86ed6beae94fb1101afabf8f6e974

libcap-debugsource-2.48-5.el8_8.x86_64.rpm

SHA-256: 9bd2efd2b860cf4b0fc3b8b6adfd9f06531e414aa046dd9487533f7f4065a6f9

libcap-devel-2.48-5.el8_8.i686.rpm

SHA-256: f55aba3cd637981ed2cd3513b1f5e2a51e1d566dcbad9f9e204274034a2c8df1

libcap-devel-2.48-5.el8_8.x86_64.rpm

SHA-256: 0f0941bb3b784806dc3bc6714350240255b835833db0cd1b954195da0d1a70f8

Red Hat Enterprise Linux for IBM z Systems 8

SRPM

libcap-2.48-5.el8_8.src.rpm

SHA-256: 51b47605300c603a3bd739778be80d8364a89b7fc10b0e6cc0cb94c37cf3f59b

s390x

libcap-2.48-5.el8_8.s390x.rpm

SHA-256: 82eb5c635582b3efa7bf4f924f1c5166de917b6fe2e18ece9f359bf8939baf61

libcap-debuginfo-2.48-5.el8_8.s390x.rpm

SHA-256: eb2b053d77918a11c1efbb5ed7605ec077a54ac23a2138eb7486d35434941841

libcap-debugsource-2.48-5.el8_8.s390x.rpm

SHA-256: fe82f7362d228e5d8c672f9c95e49bf0c40f90fa50797d389c5ae532ca9260f9

libcap-devel-2.48-5.el8_8.s390x.rpm

SHA-256: 834f84d227de2fd713605e7342a80da424570a92a7345c510e79c3ae006df3a0

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8

SRPM

libcap-2.48-5.el8_8.src.rpm

SHA-256: 51b47605300c603a3bd739778be80d8364a89b7fc10b0e6cc0cb94c37cf3f59b

s390x

libcap-2.48-5.el8_8.s390x.rpm

SHA-256: 82eb5c635582b3efa7bf4f924f1c5166de917b6fe2e18ece9f359bf8939baf61

libcap-debuginfo-2.48-5.el8_8.s390x.rpm

SHA-256: eb2b053d77918a11c1efbb5ed7605ec077a54ac23a2138eb7486d35434941841

libcap-debugsource-2.48-5.el8_8.s390x.rpm

SHA-256: fe82f7362d228e5d8c672f9c95e49bf0c40f90fa50797d389c5ae532ca9260f9

libcap-devel-2.48-5.el8_8.s390x.rpm

SHA-256: 834f84d227de2fd713605e7342a80da424570a92a7345c510e79c3ae006df3a0

Red Hat Enterprise Linux for Power, little endian 8

SRPM

libcap-2.48-5.el8_8.src.rpm

SHA-256: 51b47605300c603a3bd739778be80d8364a89b7fc10b0e6cc0cb94c37cf3f59b

ppc64le

libcap-2.48-5.el8_8.ppc64le.rpm

SHA-256: 368d0a91769859f12d8564df0373a7c2609d495a36768db503b5927bfb4e4a84

libcap-debuginfo-2.48-5.el8_8.ppc64le.rpm

SHA-256: e5b11017c1ec485bec34b66c66735155dd1a44aa5aef5630687c636259f1c9b7

libcap-debugsource-2.48-5.el8_8.ppc64le.rpm

SHA-256: 88ac481954ab8ba4e4114181ae0a777ca18647e36a7290ff3c3e4f53f895d6d4

libcap-devel-2.48-5.el8_8.ppc64le.rpm

SHA-256: 9bf67feb9c4d25e26107e47077eb096e307c4c1b0064830eb9ea16e9834a8f46

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8

SRPM

libcap-2.48-5.el8_8.src.rpm

SHA-256: 51b47605300c603a3bd739778be80d8364a89b7fc10b0e6cc0cb94c37cf3f59b

ppc64le

libcap-2.48-5.el8_8.ppc64le.rpm

SHA-256: 368d0a91769859f12d8564df0373a7c2609d495a36768db503b5927bfb4e4a84

libcap-debuginfo-2.48-5.el8_8.ppc64le.rpm

SHA-256: e5b11017c1ec485bec34b66c66735155dd1a44aa5aef5630687c636259f1c9b7

libcap-debugsource-2.48-5.el8_8.ppc64le.rpm

SHA-256: 88ac481954ab8ba4e4114181ae0a777ca18647e36a7290ff3c3e4f53f895d6d4

libcap-devel-2.48-5.el8_8.ppc64le.rpm

SHA-256: 9bf67feb9c4d25e26107e47077eb096e307c4c1b0064830eb9ea16e9834a8f46

Red Hat Enterprise Linux Server - TUS 8.8

SRPM

libcap-2.48-5.el8_8.src.rpm

SHA-256: 51b47605300c603a3bd739778be80d8364a89b7fc10b0e6cc0cb94c37cf3f59b

x86_64

libcap-2.48-5.el8_8.i686.rpm

SHA-256: 9e1af1fd0eefa34c0ccd36119ad6c38d8dba41d0a001cccc688191211def46f5

libcap-2.48-5.el8_8.x86_64.rpm

SHA-256: b376f03226f095e392366d41578f8f9afe491039e6c472049725a53d969bdc55

libcap-debuginfo-2.48-5.el8_8.i686.rpm

SHA-256: 337b6ae4c6fa499f662dff31d763fe83cb46c269608f216d5ae167fed4ce650a

libcap-debuginfo-2.48-5.el8_8.x86_64.rpm

SHA-256: 7551e626b87ea6ec2044036a31bf408030deaab10f40374b59f5a1586ec3b2a3

libcap-debugsource-2.48-5.el8_8.i686.rpm

SHA-256: 8ba87226c64d0511a3202eefd51c5df6bca86ed6beae94fb1101afabf8f6e974

libcap-debugsource-2.48-5.el8_8.x86_64.rpm

SHA-256: 9bd2efd2b860cf4b0fc3b8b6adfd9f06531e414aa046dd9487533f7f4065a6f9

libcap-devel-2.48-5.el8_8.i686.rpm

SHA-256: f55aba3cd637981ed2cd3513b1f5e2a51e1d566dcbad9f9e204274034a2c8df1

libcap-devel-2.48-5.el8_8.x86_64.rpm

SHA-256: 0f0941bb3b784806dc3bc6714350240255b835833db0cd1b954195da0d1a70f8

Red Hat Enterprise Linux for ARM 64 8

SRPM

libcap-2.48-5.el8_8.src.rpm

SHA-256: 51b47605300c603a3bd739778be80d8364a89b7fc10b0e6cc0cb94c37cf3f59b

aarch64

libcap-2.48-5.el8_8.aarch64.rpm

SHA-256: b421f4bfa377b7b64a688b0fd30403be2c5c0009347876df9f3df57c16c6e3c7

libcap-debuginfo-2.48-5.el8_8.aarch64.rpm

SHA-256: c54d417c9fec51dd3170a94459bc3c3d872c953d66c2d98b2378e0b0647b1b7c

libcap-debugsource-2.48-5.el8_8.aarch64.rpm

SHA-256: 0232b759e49a211e49c93d3cd7443014d343f4a2caa317167deabc7b9df76c80

libcap-devel-2.48-5.el8_8.aarch64.rpm

SHA-256: e29ee3f97b2fcc3fc08a3f2861cc558175503563d24ac2dd922b4fba1f70431b

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8

SRPM

libcap-2.48-5.el8_8.src.rpm

SHA-256: 51b47605300c603a3bd739778be80d8364a89b7fc10b0e6cc0cb94c37cf3f59b

aarch64

libcap-2.48-5.el8_8.aarch64.rpm

SHA-256: b421f4bfa377b7b64a688b0fd30403be2c5c0009347876df9f3df57c16c6e3c7

libcap-debuginfo-2.48-5.el8_8.aarch64.rpm

SHA-256: c54d417c9fec51dd3170a94459bc3c3d872c953d66c2d98b2378e0b0647b1b7c

libcap-debugsource-2.48-5.el8_8.aarch64.rpm

SHA-256: 0232b759e49a211e49c93d3cd7443014d343f4a2caa317167deabc7b9df76c80

libcap-devel-2.48-5.el8_8.aarch64.rpm

SHA-256: e29ee3f97b2fcc3fc08a3f2861cc558175503563d24ac2dd922b4fba1f70431b

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8

SRPM

libcap-2.48-5.el8_8.src.rpm

SHA-256: 51b47605300c603a3bd739778be80d8364a89b7fc10b0e6cc0cb94c37cf3f59b

ppc64le

libcap-2.48-5.el8_8.ppc64le.rpm

SHA-256: 368d0a91769859f12d8564df0373a7c2609d495a36768db503b5927bfb4e4a84

libcap-debuginfo-2.48-5.el8_8.ppc64le.rpm

SHA-256: e5b11017c1ec485bec34b66c66735155dd1a44aa5aef5630687c636259f1c9b7

libcap-debugsource-2.48-5.el8_8.ppc64le.rpm

SHA-256: 88ac481954ab8ba4e4114181ae0a777ca18647e36a7290ff3c3e4f53f895d6d4

libcap-devel-2.48-5.el8_8.ppc64le.rpm

SHA-256: 9bf67feb9c4d25e26107e47077eb096e307c4c1b0064830eb9ea16e9834a8f46

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8

SRPM

libcap-2.48-5.el8_8.src.rpm

SHA-256: 51b47605300c603a3bd739778be80d8364a89b7fc10b0e6cc0cb94c37cf3f59b

x86_64

libcap-2.48-5.el8_8.i686.rpm

SHA-256: 9e1af1fd0eefa34c0ccd36119ad6c38d8dba41d0a001cccc688191211def46f5

libcap-2.48-5.el8_8.x86_64.rpm

SHA-256: b376f03226f095e392366d41578f8f9afe491039e6c472049725a53d969bdc55

libcap-debuginfo-2.48-5.el8_8.i686.rpm

SHA-256: 337b6ae4c6fa499f662dff31d763fe83cb46c269608f216d5ae167fed4ce650a

libcap-debuginfo-2.48-5.el8_8.x86_64.rpm

SHA-256: 7551e626b87ea6ec2044036a31bf408030deaab10f40374b59f5a1586ec3b2a3

libcap-debugsource-2.48-5.el8_8.i686.rpm

SHA-256: 8ba87226c64d0511a3202eefd51c5df6bca86ed6beae94fb1101afabf8f6e974

libcap-debugsource-2.48-5.el8_8.x86_64.rpm

SHA-256: 9bd2efd2b860cf4b0fc3b8b6adfd9f06531e414aa046dd9487533f7f4065a6f9

libcap-devel-2.48-5.el8_8.i686.rpm

SHA-256: f55aba3cd637981ed2cd3513b1f5e2a51e1d566dcbad9f9e204274034a2c8df1

libcap-devel-2.48-5.el8_8.x86_64.rpm

SHA-256: 0f0941bb3b784806dc3bc6714350240255b835833db0cd1b954195da0d1a70f8

Related news

RHSA-2023:5480: Red Hat Security Advisory: Release of OpenShift Serverless Logic 1.30.0 SP1 security update

Release of OpenShift Serverless Operator 1.30.1 and OpenShift Serverless Logic 1.30.0 SP1 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-4853: A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions. This issue could allow an attacker to bypass the security policy altogether, resulting in unauthorized endpoint access and possibly a denia...

RHSA-2023:5447: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.8.0 security and bug fix update

The Migration Toolkit for Containers (MTC) 1.8.0 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-26115: A flaw was found in the Node.js word-wrap module, where it is vulnerable to a denial of service caused by a Regular expression denial of service (ReDoS) issue in the result variable. By sending a specially crafted regex input, a remote attacker can cause a denial of service.

RHSA-2023:5379: Red Hat Security Advisory: Network Observability 1.4.0 for OpenShift

Network Observability is an OpenShift operator that deploys a monitoring pipeline to collect and enrich network flows that are produced by the Network Observability eBPF agent. The operator provides dashboards, metrics, and keeps flows accessible in a queryable log store, Grafana Loki. When a FlowCollector is deployed, new dashboards are available in the Console. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-25883: A Regular Expression Denial of Service (ReDoS) vulne...

RHSA-2023:5376: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.13.3 security and bug fix update

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.13.3 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24540: A flaw was found in golang, where not all valid JavaScript white-space characters were considered white space. Due to this issue, templates containing white-space characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts ...

RHSA-2023:5314: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.6 security and bug fix update

OpenShift API for Data Protection (OADP) 1.1.6 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21698: A denial of service attack was found in prometheus/client_golang. This flaw allows an attacker to produce a denial of service attack on an HTTP server by exploiting the InstrumentHandlerCounter function in the version below 1.11.1, resulting in a loss of availability. * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream cou...

Red Hat Security Advisory 2023-5233-01

Red Hat Security Advisory 2023-5233-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.13.4 images.

Red Hat Security Advisory 2023-5175-01

Red Hat Security Advisory 2023-5175-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation. Issues addressed include a memory leak vulnerability.

Red Hat Security Advisory 2023-5174-01

Red Hat Security Advisory 2023-5174-01 - Red Hat OpenShift Service Mesh is the Red Hat distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers container images for the release.

RHSA-2023:5174: Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.3 security update

Red Hat OpenShift Service Mesh Containers for 2.4.3 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-35942: A flaw was found in Envoy, where gRPC access loggers using the listener's global scope can cause a use-after-free crash when the listener is drained. This issue can be triggered by a listener discovery service (LDS) update with the same gRPC access log configuration.

RHSA-2023:5071: Red Hat Security Advisory: libcap security update

An update for libcap is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-2602: A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory. * CVE-2023-2603: A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if th...

Red Hat Security Advisory 2023-5030-01

Red Hat Security Advisory 2023-5030-01 - An update is now available for Red Hat OpenShift GitOps 1.8. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-5029-01

Red Hat Security Advisory 2023-5029-01 - An update is now available for Red Hat OpenShift GitOps 1.9. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-4982-01

Red Hat Security Advisory 2023-4982-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.12.6 images.

Red Hat Security Advisory 2023-4980-01

Red Hat Security Advisory 2023-4980-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.7 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2023-4972-01

Red Hat Security Advisory 2023-4972-01 - Multicluster Engine for Kubernetes 2.1.8 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy. Issues addressed include a bypass vulnerability.

RHSA-2023:4972: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.1.8 security updates and bug fixes

Multicluster Engine for Kubernetes 2.1.8 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated. * CVE-2023-37466: A flaw was found in the vm2 Promise handler sanitization, which allows attackers to esc...

Red Hat Security Advisory 2023-4889-01

Red Hat Security Advisory 2023-4889-01 - The DevWorkspace Operator extends OpenShift to provide DevWorkspace support. Issues addressed include a code execution vulnerability.

RHSA-2023:4921: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.5 for OpenShift image enhancement and security update

A new image is available for Red Hat Single Sign-On 7.6.5, running on OpenShift Container Platform 3.10 and 3.11, and 4.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-46877: A flaw was found in Jackson Databind. This issue may allow a malicious user to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization. * CVE-2023-1436: A flaw was found in Jettison. Infinite recursion is triggered in Jettison w...

RHSA-2023:4889: Red Hat Security Advisory: DevWorkspace Operator 0.22 release

Red Hat DevWorkspace Operator 0.22 has been released. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-38408: A vulnerability was found in OpenSSH. The PKCS#11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system (the code in /usr/lib is not necessarily safe for loading into ssh-agent). This flaw allows an attacker with control of the forwarded agent-...

Red Hat Security Advisory 2023-4875-01

Red Hat Security Advisory 2023-4875-01 - Red Hat Advanced Cluster Management for Kubernetes 2.8.1 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which provide security updates and fix several bugs. Issues addressed include bypass and privilege escalation vulnerabilities.

RHSA-2023:4875: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.8.1 security and bug fix updates

Red Hat Advanced Cluster Management for Kubernetes 2.8.1 General Availability release images, which provide security updates and fix bugs. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3027: The grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtained values (instead of the policy apply a static manifest on a managed cluster) of taking advantage of cluster scoped access in a created polic...

Red Hat Security Advisory 2023-4720-01

Red Hat Security Advisory 2023-4720-01 - Red Hat Middleware for OpenShift provides images for many of the Red Hat Middleware products for use within the OpenShift Container Platform cloud computing Platform-as-a-Service for on-premise or private cloud deployments. This release of the AMQ Broker 7.11.1 aligned Operator includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.

RHSA-2023:4720: Red Hat Security Advisory: AMQ Broker 7.11.1.OPR.2.GA Container Images Release

This is the multiarch release of the AMQ Broker 7.11.1 aligned Operator and associated container images on Red Hat Enterprise Linux 8 for the OpenShift Container Platform. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-4065: No description is available for this CVE. * CVE-2023-4066: No description is available for this CVE.

Red Hat Security Advisory 2023-4694-01

Red Hat Security Advisory 2023-4694-01 - Red Hat OpenStack Platform (RHOSP) 16.2.z (Train) director Operator containers are now available. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-4654-01

Red Hat Security Advisory 2023-4654-01 - Red Hat Advanced Cluster Management for Kubernetes 2.7.7 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs.

Red Hat Security Advisory 2023-4650-01

Red Hat Security Advisory 2023-4650-01 - Multicluster Engine for Kubernetes 2.2.7 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.

RHSA-2023:4650: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.2.7 security updates and bug fixes

Multicluster Engine for Kubernetes 2.2.7 General Availability release images, which provide security updates and fix bugs. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated. * CVE-2023-37903: A flaw was found in the vm2 custom inspect function, which allows attackers to escape t...

Red Hat Security Advisory 2023-4524-01

Red Hat Security Advisory 2023-4524-01 - Libcap is a library for getting and setting POSIX.1e draft 15 capabilities. Issues addressed include integer overflow and memory leak vulnerabilities.

Red Hat Security Advisory 2023-4524-01

Red Hat Security Advisory 2023-4524-01 - Libcap is a library for getting and setting POSIX.1e draft 15 capabilities. Issues addressed include integer overflow and memory leak vulnerabilities.

Ubuntu Security Notice USN-6166-2

Ubuntu Security Notice 6166-2 - USN-6166-1 fixed a vulnerability in libcap2. This update provides the corresponding update for Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. Richard Weinberger discovered that libcap2 incorrectly handled certain long input strings. An attacker could use this issue to cause libcap2 to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2023-2603

A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB.