#sap

Red Hat Security Advisory 2023-5259-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Issues addressed include a null pointer vulnerability.

Red Hat Security Advisory 2023-5236-01 - The libwebp packages provide a library and tools for the WebP graphics format. WebP is an image format with a lossy compression of digital photographic images. WebP consists of a codec based on the VP8 format, and a container based on the Resource Interchange File Format. Webmasters, web developers and browser developers can use WebP to compress, archive, and distribute digital images more efficiently. Issues addressed include a buffer overflow vulnerability.

Encrypted messaging app Signal has announced an update to the Signal Protocol to add support for quantum resistance by upgrading the Extended Triple Diffie-Hellman (X3DH) specification to Post-Quantum Extended Diffie-Hellman (PQXDH). "With this upgrade, we are adding a layer of protection against the threat of a quantum computer being built in the future that is powerful enough to break current

Red Hat Security Advisory 2023-5213-01 - The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2023-5216-01 - The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2023-5210-01 - The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Issues addressed include a bypass vulnerability.

Debian Linux Security Advisory 5500-1 - A buffer overflow was discovered in flac, a library handling Free Lossless Audio Codec media, which could potentially result in the execution of arbitrary code.

An update for the virt:rhel and virt-devel:rhel modules is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-40284: A buffer overflow flaw was found in NTFS-3G. This issue occurs via a crafted metadata in an NTFS image that can cause code execution. A local attacker can exploit this issue if the NTFS-3G binary is setuid root. A physically proximate attacker can exploit this issue if the NTFS-3G software is configured to exec...

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-2002: A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication. * CVE-2023-3090: A flaw was found in ...

An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-2454: A flaw was found in PostgreSQL. Certain database calls could permit an attacker with elevated database-level privileges to execute arbitrary code. * CVE-2023-2455: A flaw was found in PostgreSQL, which could permit incorrect policies being applied in certain cases where role-specific policies are used and a given query is planned ...