Red Hat Security Advisory 2021-1079-01 - Red Hat Ansible Automation Platform Resource Operator container images with security fixes. Ansible Automation Platform manages Ansible Platform jobs and workflows that can interface with any infrastructure on a Red Hat OpenShift Container Platform cluster, or on a traditional infrastructure that is running off-cluster. Data exposure issues have been addressed.
a0673c02c767215a0535af311644e98d31b6956c4e2cc33033d2203fa50abe65
Red Hat Security Advisory 2021-1129-01 - Red Hat 3scale API Management delivers centralized API management features through a distributed, cloud-hosted layer. It includes built-in features to help in building a more successful API program, including access control, rate limits, payment gateway integration, and developer experience tools. This advisory is intended to use with container images for Red Hat 3scale API Management 2.10.0.
080546fe1bfc5e278c82d7414e75a36e9df9b89d827f78304ae6390c7b762f52
Red Hat Security Advisory 2021-1026-01 - The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. Issues addressed include out of bounds read and use-after-free vulnerabilities.
26f63d2cdbc84bb2bfe397e8ffa86a3e4300fe8fc748347e54fb023646b44451
Red Hat Security Advisory 2021-0949-01 - Red Hat OpenShift Do is a simple CLI tool for developers to create, build, and deploy applications on OpenShift. The odo tool is completely client-based and requires no server within the OpenShift cluster for deployment. It detects changes to local code and deploys it to the cluster automatically, giving instant feedback to validate changes in real-time. It supports multiple programming languages and frameworks. Red Hat OpenShift Do openshift/odo-init-image 1.1.3 is a container image that is used as part of the InitContainer setup that provisions odo components.
0f1e14fcd33ae341ac5a449e63f1c5aaf2d67016bb8f8bf52669a3ae8351010d
Red Hat Security Advisory 2021-0876-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. Issues addressed include denial of service, out of bounds read, and use-after-free vulnerabilities.
76a35b97a80a61dc05be6f0c32e22511196b5b91c7563e8b103860cc491dcc56
Red Hat Security Advisory 2021-0778-01 - Red Hat Ansible Tower 3.6.7-1 has a security and bug fix update. Issues addressed include HTTP request smuggling, code execution, cross site scripting, and privilege escalation vulnerabilities.
b36485939bcc96f4f05a1b61fcc6c6e3aefa7b635d0f1eb06d546cdccf61da2a
Red Hat Security Advisory 2021-0758-01 - The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. Issues addressed include out of bounds read and use-after-free vulnerabilities.
9688ffeab3cce2f1d11ad411d3d167f435089eddaa5bae544cc5dd61710b36a4
Red Hat Security Advisory 2021-0538-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Issues addressed include an out of bounds read vulnerability.
c262e1576a15286836eb793cba072f9d4ea3eaeb3112849368fb9d53ccd32197
Red Hat Security Advisory 2020-4255-01 - Updated python-psutil version to 5.6.6 inside ansible-runner container. Issues addressed include a double free vulnerability.
5fa2b0edd19c548995fa81b56ae17dd75bbbcf0b7a9fd43d5777ad177066c16a
Red Hat Security Advisory 2020-4254-01 - Updated python-psutil version to 5.6.6 inside ansible-runner container. Issues addressed include a double free vulnerability.
95b6f149ed6564a7dba27bae8b6b98f52d801a1eb8ced363663ee391a124f69c
Red Hat Security Advisory 2020-4201-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. Issues addressed include a denial of service vulnerability.
3d8b1c7224e8a2deee960b7668ead051da2664d66a79b155eb862d4b51810393
Red Hat Security Advisory 2020-4076-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. Issues addressed include bypass, memory leak, out of bounds read, and use-after-free vulnerabilities.
0bda8653bef3bd9a2dd6185671fa4606731fac389e51ba99d05bf92ae5304ba4
Ubuntu Security Notice 4476-1 - It was discovered that NSS incorrectly handled some inputs. An attacker could possibly use this issue to expose sensitive information.
0cb861156c6c38c6bee4357a5840c4d3a167d2d9e2279055d791e5de14791c64
Ubuntu Security Notice 4474-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, trick the user in to installing a malicious extension, spoof the URL bar, leak sensitive information between origins, or execute arbitrary code. It was discovered that NSS incorrectly handled certain signatures. An attacker could possibly use this issue to expose sensitive information. Various other issues were also addressed.
9c3f9b8a995f19fc2e46e69b42485c8da02e85dd0a8cc8530e25b865bb07d168
Gentoo Linux Security Advisory 202008-8 - NSS has multiple information disclosure vulnerabilities when handling secret key material. Versions less than 3.55 are affected.
c5799ff9c9ac4536d22fedf39e8b495ead17a0bbbfaa825deeeba10016f08a9b
Ubuntu Security Notice 4455-1 - It was discovered that NSS incorrectly handled certain signatures. An attacker could possibly use this issue to expose sensitive information.
cfae90bde1032d5ad8537ed17322b2899520135a02709ba32e911a05eb073962
Red Hat Security Advisory 2020-3280-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities.
13e2531f1f23cbe845bd068d494f2e5cb9ba0b6581896805e8207a8798fe4de4
Debian Linux Security Advisory 4726-1 - Several vulnerabilities were discovered in NSS, a set of cryptographic libraries, which may result in side channel/timing attacks or denial of service.
f2cc1d54b85eb308f1b29e2cefa9d4fd5c0cd92ee2f46d7dd967404b92f9ed34
Gentoo Linux Security Advisory 202007-10 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. Versions less than 68.10.0 are affected.
4ce536bdb972fdf2b3ae93e96480f4ec88105eb035b203f851db2e0a8a5c399b
Ubuntu Security Notice 4421-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. It was discovered that Thunderbird would continue an unencrypted connection when configured to use STARTTLS for IMAP if the server responded with PREAUTH. A remote attacker could potentially exploit this to perform a person-in-the-middle attack in order to obtain sensitive information. Various other issues were also addressed.
e29ba156301d1adef5ee70accc941815f87182af2911cd015ba0d303ce8a38ff
Ubuntu Security Notice 4417-2 - USN-4417-1 fixed a vulnerability in NSS. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Cesar Pereida, Billy Bob Brumley, Yuval Yarom, and Nicola Tuveri discovered that NSS incorrectly handled RSA key generation. A local attacker could possibly use this issue to perform a timing attack and recover RSA keys. Various other issues were also addressed.
8cc46dfd734fdf34a52d97e8b2f176253a381484125d0877cf205886992e0c63
Ubuntu Security Notice 4417-1 - Cesar Pereida, Billy Bob Brumley, Yuval Yarom, and Nicola Tuveri discovered that NSS incorrectly handled RSA key generation. A local attacker could possibly use this issue to perform a timing attack and recover RSA keys.
b07d3665f6e61dc3a025ddaae562a72a3dcc898d1de9424f2cdc5635f505f6b2
Debian Linux Security Advisory 4695-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or a timing attack on cryptographic keys.
b695facb6dd8cc0b879476ce552b9c195948f4bc518c27cb5f63cf8e335ff6e1
Debian Linux Security Advisory 4702-1 - Multiple security issues have been found in Thunderbird which could result in the setup of a non-encrypted IMAP connection, denial of service or potentially the execution of arbitrary code.
d513edf1d7468e2dab27753b936d34950fbe909c5cde81e5cccba7e63432acc9
Red Hat Security Advisory 2020-2615-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.9.0. Issues addressed include information leakage and use-after-free vulnerabilities.
c922476117829460740b9b3aad6039736614ea3543beb85a8354c734d2d87d24