Two security issues were found in Curl, an easy-to-use client-side URL
transfer library and command line tool:
CVE-2023-38545
Jay Satiro discovered a buffer overflow in the SOCKS5 proxy handshake
CVE-2023-38546
It was discovered that under some circumstances libcurl was
susceptible to cookie injection
For the oldstable distribution ...
An issue was found in curl that can cause a buffer overflow in its SOCKS5 proxy communications code
When curl is using a SOCKS5 proxy and it needs to resolve a hostname to an IP address, its default behavior is to pass the hostname to the proxy and allow it to perform the resolution In cases where the hostname is greater than 255 characters in le ...
概述
Important: OpenShift Virtualization 4136 security and bug fix update
类型/严重性
Security Advisory: Important
标题
Red Hat OpenShift Virtualization release 4136 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security i ...
Synopsis
Important: OpenShift Virtualization 4141 security and bug fix update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Virtualization release 4141 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security imp ...
概述
Important: Red Hat JBoss Core Services Apache HTTP Server 2457 SP2 security update
类型/严重性
Security Advisory: Important
标题
Red Hat JBoss Core Services Apache HTTP Server 2457 Service Pack 2 is now availableRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability S ...
Synopsis
Important: Red Hat Ceph Storage 61 security, enhancements, and bug fix update
Type/Severity
Security Advisory: Important
Topic
Updated container image for Red Hat Ceph Storage 61 is now available in the Red Hat Ecosystem Catalog
Description
Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines ...
Synopsis
Important: curl security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for curl is now available for Red Hat Enterprise Linux 90 Extended Update SupportRed Hat Product Security has rated this ...
Synopsis
Important: curl security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for curl is now available for Red Hat Enterprise Linux 92 Extended Update SupportRed Hat Product Security has rated this ...
概述
Important: Red Hat JBoss Core Services Apache HTTP Server 2457 SP2 security update
类型/严重性
Security Advisory: Important
Red Hat Insights 补丁分析
识别并修复受此公告影响的系统。
查看受影响的系统
标题
An update is now available for Red Hat JBoss Core ServicesRed Hat Product Security has ...
Synopsis
Important: Migration Toolkit for Applications security and bug fix update
Type/Severity
Security Advisory: Important
Topic
Migration Toolkit for Applications 621 releaseRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a deta ...
Synopsis
Important: Network Observability security update
Type/Severity
Security Advisory: Important
Topic
An update for network-observability-console-plugin-container, network-observability-ebpf-agent-container, network-observability-flowlogs-pipeline-container, network-observability-operator-bundle-container, and network-observability-opera ...
Synopsis
Important: Red Hat OpenStack Platform 1711 (director-operator) security update
Type/Severity
Security Advisory: Important
Topic
An update for osp-director-agent-container, osp-director-downloader-container, osp-director-operator-bundle-container, and osp-director-operator-container is now available for Red Hat OpenStack Platform 17 ...
Synopsis
Low: Logging Subsystem 581- Red Hat OpenShift security update
Type/Severity
Security Advisory: Low
Topic
An update is now available for RHOL-58-RHEL-9Red Hat Product Security has rated this update as having a security impact of Low A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, i ...
Synopsis
Important: OpenShift Virtualization 4135 Images security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Virtualization release 4135 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security impact o ...
Synopsis
Important: cert-manager Operator for Red Hat OpenShift 1115
Type/Severity
Security Advisory: Important
Topic
cert-manager Operator for Red Hat OpenShift 1115Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed sever ...
Synopsis
Important: cert-manager Operator for Red Hat OpenShift 1121
Type/Severity
Security Advisory: Important
Topic
cert-manager Operator for Red Hat OpenShift 1121Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed sever ...
Synopsis
Important: curl security update
Type / Sévérité
Security Advisory: Important
Analyse des correctifs dans Red Hat Insights
Identifiez et remédiez aux systèmes concernés par cette alerte
Voir les systèmes concernés
Sujet
An update for curl is now available for Red Hat Enterprise Linux 9Red Hat Product Security has r ...
Synopsis
Important: Kernel Module Management security update
Type/Severity
Security Advisory: Important
Topic
This is an update for the Red Hat OpenShift Kernel Module Management 11 operator and images to address CVE-2023-44487 which Red Hat has assessed as being Important (sees accessredhatcom/security/cve/CVE-2023-44487 for detai ...
On October 11, 2023, cURL released Version 840 of the cURL utility and the libcurl library This release addressed two security vulnerabilities:
CVE-2023-38545 - High Security Impact Rating (SIR)
CVE-2023-38546 - Low SIR
This advisory covers CVE-2023-38545 only For more information about this vulnerability, see the cURL advisory
This adviso ...
A heap-based buffer overflow has been found in the SOCKS5 proxy handshake component of cURL before 840 ...
LTS-114 has been updated in the LTS channel to 11405735339 (Platform Version: 15437760) for most ChromeOS devices Want to know more about Long Term Support? Click hereThis update contains multiple Security fixes, including:1491296 High CVE-2023-5472 Use after free in Profiles1458934 Medium CVE-20 ...
A vulnerability (VTS23-013) exists in JP1/VERITAS
Affected products and versions are listed below ...
Check Point Reference:
CPAI-2023-0916
Date Published:
12 Oct 2023
Severity:
Critical
...
About Apple security updates
For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security releases page
Apple security documents reference vulnerabilities by CVE-ID whe ...
About Apple security updates
For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security releases page
Apple security documents reference vulnerabilities by CVE-ID whe ...
About Apple security updates
For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security releases page
Apple security documents reference vulnerabilities by CVE-ID whe ...