Home / mailingsPDF  

[RHSA-2019:2534-01] Important: Red Hat 3scale API Management 2.6.0 release and security update

Posted on 21 August 2019
RedHat

===================================================================== Red Hat Security Advisory

Synopsis: Important: Red Hat 3scale API Management 2.6.0 release and security update
Advisory ID: RHSA-2019:2534-01
Product: 3scale API Management
Advisory URL: https://access.redhat.com/errata/RHSA-2019:2534
Issue date: 2019-08-21
CVE Names: CVE-2019-10216
=====================================================================
1. Summary:

A security update for Red Hat 3scale API Management Platform is now
available from the Red Hat Container Catalog.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Description:

Red Hat 3scale API Management delivers centralized API management features
through a distributed, cloud-hosted layer. It includes built-in features to
help in building a more successful API program, including access control,
rate limits, payment gateway integration, and developer experience tools.

This release of Red Hat 3scale API Management 2.6.0 replaces Red Hat 3scale
API Management 2.5.1.

Security Fix(es):

* ghostscript: -dSAFER escape via .buildfont1 (CVE-2019-10216)

3. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/documentation/en-us/red_hat_3scale_api_management
/2.6/html-single/installing_3scale/#onpremises-installation

4. Bugs fixed (https://bugzilla.redhat.com/):

1737080 - CVE-2019-10216 ghostscript: -dSAFER escape via .buildfont1 (701394)

5. JIRA issues fixed (https://issues.jboss.org/):

THREESCALE-2852 - Release 3scale AMP 2.6 - Container Images

6. References:

https://access.redhat.com/security/cve/CVE-2019-10216
https://access.redhat.com/security/updates/classification/#important

7. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2019 Red Hat, Inc.

 

TOP

Mailings :

Exploits :