Red Hat Update Infrastructure (RHUI) provides a highly scalable and redundant framework for managing repositories and content. It also allows cloud providers to deliver content and updates to Red Hat Enterprise Linux (RHEL) instances. Security Fixes: * Cryptography: NULL pointer dereference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override (CVE-2024-26130) Gunicorn: HTTP Request Smuggling due to improper validation of Transfer-Encoding headers (CVE-2024-1135) Aiohttps: aiohttps: XSS on index pages for static file handling (CVE-2024-27306) Aiohttps: aiohttps: DoS when trying to parse malformed POST requests (CVE-2024-30251) Sqlparse: sqlparse: parsing heavily nested list leads to denial of service (CVE-2024-4340) Jinja2: jinja2: accepts keys containing non-attribute characters (CVE-2024-34064) Django: Potential denial-of-service in django.utils.translation.get_supported_language_variant() (CVE-2024-39614) Django: Memory exhaustion in django.utils.numberformat.floatformat() (CVE-2024-41989) Django: Potential SQL injection in QuerySet.values() and values_list() (CVE-2024-42005) Django: Potential denial-of-service vulnerability in django.utils.html.urlize() (CVE-2024-41990) Django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget (CVE-2024-41991) Grpcio: client communicating with a HTTP/2 proxy can poison the HPACK table between the…Read More