#red_hat

An update is now available for Red Hat OpenShift Application Runtimes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-23181: The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is using. This issue is only exploitable when Tomcat is ...

EMC NetWorker may potentially be vulnerable to an unauthenticated remote code execution vulnerability in the Networker Client execution service (nsrexecd) when oldauth authentication method is used. An unauthenticated remote attacker could send arbitrary commands via RPC service to be executed on the host system with the privileges of the nsrexecd service, which runs with administrative privileges.

A flaw was found in pesign. The pesign package provides a systemd service used to start the pesign daemon. This service unit runs a script to set ACLs for /etc/pki/pesign and /run/pesign directories to grant access privileges to users in the 'pesign' group. However, the script doesn't check for symbolic links. This could allow an attacker to gain access to privileged files and directories via a path traversal attack.

sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters

<p>In this blog series, we will introduce the <a href="https://www.redhat.com/en/blog/learn-openshift-sandboxed-containers">Red Hat OpenShift sandboxed containers</a> <strong>peer-pods feature</strong>, which will be released as a <strong>dev-preview</strong> feature in <a href="https://www.redhat.com/en/technologies/cloud-computing/openshift/container-platform">Red Hat OpenShift</a> 4.12.&nbsp;</p> <p&

<p>In this blog post, we’ll be going through deploying peer-pods on an OpenShift cluster running in AWS or vSphere cloud infrastructure. We will present how to create the virtual machine (VM) image for your peer-pod and demonstrate how to run workload in a peer-pod. The post assumes familiarity with Red Hat OpenShift and the cloud-provider which is in use.</p> <p>Peer-pods is an extension of <a href="https://www.redhat.com/en/blog/openshift-sandboxed-containers">OpenShift sandboxed containers</a>, and

<p>In our <a href="https://www.redhat.com/en/blog/red-hat-openshift-sandboxed-containers-peer-pods-solution-overview">first blog post</a>, we highlighted the peer-pods solution and its ability to bring the benefits of <a href="https://www.redhat.com/en/blog/openshift-sandboxed-containers">Red Hat OpenShift sandboxed containers</a> to any environment including the cloud and third-party hypervisors. In this post, we will delve deeper into the various components that make up the peer-pods sol

<p>In June 2022, we started <a href="https://www.redhat.com/en/blog/common-security-advisory-framework-csaf-beta-files-now-available">publishing CSAF advisory files</a> in their beta format, hoping to gather feedback from customers, partners, and the security community. With your inputs we worked on improving the final version of the files and they are now ready for public consumption in production use cases at <a href="https://access.redhat.com/security/data/csaf/v2/advisories/">https://access.redhat.c

Red Hat Security Advisory 2023-0553-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include code execution, cross site scripting, denial of service, deserialization, memory exhaustion, and server-side request forgery vulnerabilities.

Red Hat Security Advisory 2023-0552-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include code execution, cross site scripting, denial of service, deserialization, memory exhaustion, and server-side request forgery vulnerabilities.