Download
| Alert*
|
oval:org.secpod.oval:def:506519
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB and OpenTSDB. The following packages have been upgraded to a later upstream version: grafana . Security Fix: * golang: crypto/elliptic: incorrect operations on the P-224 curve * grafana: snapshot feat ... oval:org.secpod.oval:def:506446 Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The following packages have been upgraded to a later upstream version: golang . Security Fix: * golang: net: lookup functions may return invalid host names * golang: net/http/httputil: Reverse ... oval:org.secpod.oval:def:89045041 This update for go1.15 fixes the following issues: Update to 1.15.13. Includes these security fixes - CVE-2021-33195: net: Lookup functions may return invalid host names . - CVE-2021-33196: archive/zip: malformed archive may cause panic or memory exhaustion . - CVE-2021-33197: net/http/httputil: Rev ... oval:org.secpod.oval:def:507356 The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Docke ... oval:org.secpod.oval:def:4501381 Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB; OpenTSDB. The following packages have been upgraded to a later upstream version: grafana . Security Fix: * golang: crypto/elliptic: incorrect operations on the P-224 curve * grafana: snapshot feature ... oval:org.secpod.oval:def:87144 [1.27.0-2.0.1] - Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117178] [1:1.27.0-2] - fix CVE-2022-2990 - Related: #2061316 [1:1.27.0-1] - update to https://github.com/containers/buildah/releases/tag/v1.27.0 - Related: #2061316 [1:1.26.4-2] - add buildah-tutorial to test sub ... oval:org.secpod.oval:def:2600051 The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Docke ... oval:org.secpod.oval:def:4501222 Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The following packages have been upgraded to a later upstream version: golang . Security Fix: * golang: net: lookup functions may return invalid host names * golang: net/http/httputil: Reverse ... oval:org.secpod.oval:def:2500296 Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. oval:org.secpod.oval:def:1505230 [7.5.9-4] - resolve CVE-2021-39226 [7.5.9-3] - rebuild to resolve CVE-2021-34558 [7.5.9-2] - remove unused dependency property-information - always include FIPS patch in SRPM [7.5.9-1] - update to 7.5.9 tagged upstream community sources, see CHANGELOG [7.5.8-1] - update to 7.5.8 tagged upstream comm ... oval:org.secpod.oval:def:1700993 A null pointer dereference vulnerability was found in golang. When using the library's ssh server without specifying an option for GSSAPIWithMICConfig, it is possible for an attacker to craft an ssh client connection using the authentication method and cause the server to panic resulting in a denial ... oval:org.secpod.oval:def:2500277 Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB OpenTSDB. oval:org.secpod.oval:def:1601580 A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding. This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid. A flaw was found in the golang standa ... |
