-
Language:
English
-
Language:
English
Red Hat Training
A Red Hat training course is available for Red Hat JBoss Core Services
Chapter 3. Security Fixes
This update includes fixes for the following security related issues:
| ID | Impact | Summary |
|---|---|---|
| Moderate | openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries | |
| Moderate | openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang | |
| Moderate | libxml2: NULL pointer dereference in xpath.c:xmlXPathCompOpEval() can allow attackers to cause a denial of service | |
| Moderate | curl: NTLM type-2 heap out-of-bounds buffer read | |
| Low | curl: Out-of-bounds read in code handling HTTP/2 trailers | |
| Moderate | curl: HTTP authentication leak in redirects | |
| Moderate | curl: FTP path trickery leads to NIL byte out of bounds write | |
| Moderate | curl: RTSP RTP buffer over-read | |
| Important | httpd: privilege escalation from modules scripts | |
| Moderate | curl: NTLMv2 type-3 header stack buffer overflow | |
| Low | curl: SMTP end-of-response out-of-bounds read |
