#js

Red Hat OpenShift Container Platform release 4.9.58 is now available with updates to packages and images that fix several bugs.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0056: An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability.

Red Hat Security Advisory 2023-1470-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a double free vulnerability.

Suprema BioStar 2 version 2.8.16 suffers from a remote SQL injection vulnerability.

WebTareas version 2.4 suffers from a remote blind SQL injection vulnerability. Original discovery of this issue in this version is attributed to Behrad Taher in May of 2022. Related CVE number: CVE-2021-43481.

WebTareas version 2.4 suffers from a remote shell upload vulnerability.

Fortinet FortiOS, FortiProxy, and FortiSwitchManager version 7.2.1 suffers from a authentication bypass vulnerability.

Red Hat Security Advisory 2023-1467-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a double free vulnerability.

An update for firefox is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0767: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. * CVE-2023-25751: A flaw was found in Mozilla. The Mozilla Foundation Security Advisory ...

Red Hat Security Advisory 2023-1469-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a double free vulnerability.

Desktop Central version 9.1.0 suffers from crlf injection, and server-side request forgery vulnerabilities.