#sap

Red Hat Security Advisory 2023-5766-01 - nghttp2 contains the Hypertext Transfer Protocol version 2 client, server, and proxy programs as well as a library implementing the HTTP/2 protocol in C. Issues addressed include a denial of service vulnerability.

Encrypted messaging app Signal has pushed back against "viral reports" of an alleged zero-day flaw in its software, stating it found no evidence to support the claim. "After responsible investigation *we have no evidence that suggests this vulnerability is real* nor has any additional info been shared via our official reporting channels," it said in a series of messages posted in X (formerly

Denial of Service in GitHub repository gpac/gpac prior to 2.3.0-DEV.

Apache Airflow, versions prior to 2.7.2, contains a security vulnerability that allows authenticated users of Airflow to list warnings for all DAGs, even if the user had no permission to see those DAGs. It would reveal the dag_ids and the stack-traces of import errors for those DAGs with import errors. Users of Apache Airflow are advised to upgrade to version 2.7.2 or newer to mitigate the risk associated with this vulnerability.

Scammers have targeted the vaunted blue check marks on the platform formerly known as Twitter, smearing individuals and brands alike.

Red Hat Security Advisory 2023-5628-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-5591-01 - The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Issues addressed include an information leakage vulnerability.

Red Hat Security Advisory 2023-5589-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include double free and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-5587-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.

Red Hat Security Advisory 2023-5580-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.