#js

Red Hat Security Advisory 2024-8238-03 - Red Hat OpenShift Container Platform release 4.14.39 is now available with updates to packages and images that fix several bugs and add enhancements.

### Impact _What kind of vulnerability is it? Who is impacted?_ In certain *very specific* situations, it was possible for the policies of an update action to be skipped. This occurred only on "empty" update actions (no changing fields), and would allow their hooks (side effects) to be performed when they should not have been. Note that this does not allow reading new data that the user should not have had access to, only triggering a side effect a user should not have been able to trigger. You must have an update action that: - Is on a resource with no attributes containing an "update default" (updated_at timestamp, for example) - can be performed atomically. - Does *not* have `require_atomic? false` - Has at least one authorizer (typically `Ash.Policy.Authorizer`) - Has at least one `change` (on the resource's `changes` block or in the action itself) This is where the side-effects would be performed when they should not have been. --- - Is there ever a place where you call t...

Red Hat Security Advisory 2024-8359-03 - An update for the python39:3.9 and python39-devel:3.9 module is now available for Red Hat Enterprise Linux 8.

Red Hat Security Advisory 2024-8358-03 - An update for NetworkManager-libreswan is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include a privilege escalation vulnerability.

Red Hat Security Advisory 2024-8357-03 - An update for NetworkManager-libreswan is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Issues addressed include a privilege escalation vulnerability.

Red Hat Security Advisory 2024-8356-03 - An update for NetworkManager-libreswan is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include a privilege escalation vulnerability.

Red Hat Security Advisory 2024-8355-03 - An update for NetworkManager-libreswan is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Issues addressed include a privilege escalation vulnerability.

Red Hat Security Advisory 2024-8354-03 - An update for NetworkManager-libreswan is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a privilege escalation vulnerability.

Red Hat Security Advisory 2024-8353-03 - An update for NetworkManager-libreswan is now available for Red Hat Enterprise Linux 8. Issues addressed include a privilege escalation vulnerability.

Red Hat Security Advisory 2024-8352-03 - An update for the NetworkManager-libreswan:1.2.14 module is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a privilege escalation vulnerability.