AusCERT - Security Bulletins

Subscribe to AusCERT - Security Bulletins hírcsatorna
Latest published security bulletins. See https://www.auscert.org.au/rss/ for feed information.
Frissítve: 2 óra 42 perc
2022. november 16.

ESB-2022.5880 - [RedHat] skopeo: CVSS (Max): 7.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5880 skopeo security and bug fix update 16 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: skopeo Publisher: Red Hat Operating System: Red Hat Resolution: Patch/Upgrade CVE Names: CVE-2021-33198 CVE-2021-20291 Original Bulletin: https://access.redhat.com/errata/RHSA-2022:7955 Comment: CVSS (Max): 7.5 CVE-2021-33198 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVSS Source: Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: skopeo security and bug fix update Advisory ID: RHSA-2022:7955-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:7955 Issue date: 2022-11-15 CVE Names: CVE-2021-20291 CVE-2021-33198 ===================================================================== 1. Summary: An update for skopeo is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64 3. Description: The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fix(es): * containers/storage: DoS via malicious image (CVE-2021-20291) * golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents (CVE-2021-33198) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1939485 - CVE-2021-20291 containers/storage: DoS via malicious image 1988128 - Enable LTO build of skopeo for RHEL 9 1989575 - CVE-2021-33198 golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents 6. Package List: Red Hat Enterprise Linux AppStream (v. 9): Source: skopeo-1.9.2-1.el9.src.rpm aarch64: skopeo-1.9.2-1.el9.aarch64.rpm skopeo-debuginfo-1.9.2-1.el9.aarch64.rpm skopeo-debugsource-1.9.2-1.el9.aarch64.rpm skopeo-tests-1.9.2-1.el9.aarch64.rpm ppc64le: skopeo-1.9.2-1.el9.ppc64le.rpm skopeo-debuginfo-1.9.2-1.el9.ppc64le.rpm skopeo-debugsource-1.9.2-1.el9.ppc64le.rpm skopeo-tests-1.9.2-1.el9.ppc64le.rpm s390x: skopeo-1.9.2-1.el9.s390x.rpm skopeo-debuginfo-1.9.2-1.el9.s390x.rpm skopeo-debugsource-1.9.2-1.el9.s390x.rpm skopeo-tests-1.9.2-1.el9.s390x.rpm x86_64: skopeo-1.9.2-1.el9.x86_64.rpm skopeo-debuginfo-1.9.2-1.el9.x86_64.rpm skopeo-debugsource-1.9.2-1.el9.x86_64.rpm skopeo-tests-1.9.2-1.el9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-20291 https://access.redhat.com/security/cve/CVE-2021-33198 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY3PhR9zjgjWX9erEAQgx8w/8DtFfPWF06IeoNdA9Ks2qP1ZWdPmYSR+L sYV7fXD2X25jesaINsMRlXFrPXG2kaKZRO+ZCa1+va2PLEgdRe19bSRPw6Q+xun2 jq7/yo/S94ONLTXctUDRwt7uKi8BTYfj26VOQvrmzKvDKp51KwFWOGYe+7QkBlaC TUJpd9VNhW6SuR9cokvg+IMJ83Hm332/V8NsDx1AMx/Q0se4GMP9BKiR3CG83dv9 gLG0t6i/R/gWCtA2mjvjXzEtmVkLu9F19vW0LtasRBO1R1fU2prud51DlRgoRgsJ to8uiurZx3unFqQPfZf8UFSGwLkKFzbMT/zVKfjM4HdfhRcTZy1EWaTHiJUvoe4/ wD2X8v88qbeJ08a20KtZb/8X2I1hjbvNAHV2PMSxVt04ToU5miOHwd1Wgax/nqXL jPQSfTM1iiaB2Kq7/23G6JXhFcriK1/e8XKH7N02kIxAWa9LOmFJ0Z3uPuGS3YJ2 Aa+qDDfLdq3pfIaAbpJnDPFqm0scxaIx3fGw8TcmW1ra+GrnQx+4D89wTqlht4Se PQU3pf93EU0BDNDctrqW0acr3guybu1qn6Juh/NMGAMS1wtz2mbdzGYEmuUA3Cd3 x+ojiCMUxYQI31kDhAn88Xq3I1nWtm7I/sDj8kddrrNf4pMbB2Jgzqd3cJ4/s6DS UoStIDC36rc= =tD9P - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3QsCckNZI30y1K9AQifVBAAnJEnS5IuZST85UNV60EACC4FBgiIKU48 XrnhP3UzV7GfXHEQjaNjqc34+PjrmhwfqA8qJdw4C9r0mkn5uLXV+MokUNdVVa2q XAihSg9lTBHMfdwv6ZiTNTn34q37JfIpvswaqDawvz+LsMz++ITLWJbwEB1fZiCo CojLjYC3lPflo+XHHulMfelaZl7JZjWVvIUjvkWc1HcfkOwG4uFDovUhmyZvVCgY Bl8GNthwieaivCQzzKLxDwEP/jOgCiQNSxMRShA/3/QySstiZjnb+KsQKfFrkSsX jleNgkBCDxxjvtt5TMvlfPUIY1V8dnOh/HCdSXcCwGmIGNI5oys6wUiG5uajkntX E1J/u++yhmTbt4Yy9wJ5Fkhe9BPDh7QXlsH8gmy6Yidy9oHLNSHzu1liRkTt+LAy joBy4Lyu2SWKBRB7Ujt0lWXjQ/SLgW9nAKCUaIvUHiNJ4EDSYuAl1IVQ083VzMl2 5D/59A2LffY2DxiwubBCNE//U1YZbX3eJFtrRgbse0PV0l9Rh/zsgzlGR32IX86Y HuEzpJchlRmHwBOCEiK3KUtxFXe8d51aghnreQayZVx2xkMmCrIQ8J5hO/3uw3Yq dOAppEB5Rzad8wT1uvKUmUPb11PIKcbHNfEItRp3dlZNwvBXpdNRPetA1BBLiETH 4m+KtCulRo8= =UnGg -----END PGP SIGNATURE-----
2022. november 16.

ESB-2022.5879 - [RedHat] podman: CVSS (Max): 7.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5879 podman security and bug fix update 16 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: podman Publisher: Red Hat Operating System: Red Hat Resolution: Patch/Upgrade CVE Names: CVE-2022-27191 CVE-2021-34558 CVE-2021-33197 CVE-2021-20291 CVE-2021-20199 CVE-2021-4024 CVE-2020-28852 CVE-2020-28851 Original Bulletin: https://access.redhat.com/errata/RHSA-2022:7954 Comment: CVSS (Max): 7.5 CVE-2022-27191 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVSS Source: Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: podman security and bug fix update Advisory ID: RHSA-2022:7954-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:7954 Issue date: 2022-11-15 CVE Names: CVE-2020-28851 CVE-2020-28852 CVE-2021-4024 CVE-2021-20199 CVE-2021-20291 CVE-2021-33197 CVE-2021-34558 CVE-2022-27191 ===================================================================== 1. Summary: An update for podman is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 9) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fix(es): * golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing - - -u- extension (CVE-2020-28851) * golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag (CVE-2020-28852) * podman: podman machine spawns gvproxy with port bound to all IPs (CVE-2021-4024) * podman: Remote traffic to rootless containers is seen as orginating from localhost (CVE-2021-20199) * containers/storage: DoS via malicious image (CVE-2021-20291) * golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197) * golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558) * golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1913333 - CVE-2020-28851 golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension 1913338 - CVE-2020-28852 golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag 1919050 - CVE-2021-20199 podman: Remote traffic to rootless containers is seen as orginating from localhost 1939485 - CVE-2021-20291 containers/storage: DoS via malicious image 1972303 - TMPDIR is not working in podman pull and podman load [rhel-9.0 beta] 1983596 - CVE-2021-34558 golang: crypto/tls: certificate of wrong type is causing TLS client to panic 1989570 - CVE-2021-33197 golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty 2026675 - CVE-2021-4024 podman: podman machine spawns gvproxy with port bound to all IPs 2040379 - Podman exe failed to cleanup dir with NFS 2064702 - CVE-2022-27191 golang: crash in a golang.org/x/crypto/ssh server 2081349 - podman defaults to old network stack on RHEL9 2088116 - podman does not require netavark 2092798 - podman installation includes runc as a dependency 2097694 - Allow mounting -v /run:/run without leaking .containerenv file to the host 6. Package List: Red Hat Enterprise Linux AppStream (v. 9): Source: podman-4.2.0-3.el9.src.rpm aarch64: podman-4.2.0-3.el9.aarch64.rpm podman-catatonit-debuginfo-4.2.0-3.el9.aarch64.rpm podman-debuginfo-4.2.0-3.el9.aarch64.rpm podman-debugsource-4.2.0-3.el9.aarch64.rpm podman-gvproxy-4.2.0-3.el9.aarch64.rpm podman-gvproxy-debuginfo-4.2.0-3.el9.aarch64.rpm podman-plugins-4.2.0-3.el9.aarch64.rpm podman-plugins-debuginfo-4.2.0-3.el9.aarch64.rpm podman-remote-4.2.0-3.el9.aarch64.rpm podman-remote-debuginfo-4.2.0-3.el9.aarch64.rpm podman-tests-4.2.0-3.el9.aarch64.rpm noarch: podman-docker-4.2.0-3.el9.noarch.rpm ppc64le: podman-4.2.0-3.el9.ppc64le.rpm podman-catatonit-debuginfo-4.2.0-3.el9.ppc64le.rpm podman-debuginfo-4.2.0-3.el9.ppc64le.rpm podman-debugsource-4.2.0-3.el9.ppc64le.rpm podman-gvproxy-4.2.0-3.el9.ppc64le.rpm podman-gvproxy-debuginfo-4.2.0-3.el9.ppc64le.rpm podman-plugins-4.2.0-3.el9.ppc64le.rpm podman-plugins-debuginfo-4.2.0-3.el9.ppc64le.rpm podman-remote-4.2.0-3.el9.ppc64le.rpm podman-remote-debuginfo-4.2.0-3.el9.ppc64le.rpm podman-tests-4.2.0-3.el9.ppc64le.rpm s390x: podman-4.2.0-3.el9.s390x.rpm podman-catatonit-debuginfo-4.2.0-3.el9.s390x.rpm podman-debuginfo-4.2.0-3.el9.s390x.rpm podman-debugsource-4.2.0-3.el9.s390x.rpm podman-gvproxy-4.2.0-3.el9.s390x.rpm podman-gvproxy-debuginfo-4.2.0-3.el9.s390x.rpm podman-plugins-4.2.0-3.el9.s390x.rpm podman-plugins-debuginfo-4.2.0-3.el9.s390x.rpm podman-remote-4.2.0-3.el9.s390x.rpm podman-remote-debuginfo-4.2.0-3.el9.s390x.rpm podman-tests-4.2.0-3.el9.s390x.rpm x86_64: podman-4.2.0-3.el9.x86_64.rpm podman-catatonit-debuginfo-4.2.0-3.el9.x86_64.rpm podman-debuginfo-4.2.0-3.el9.x86_64.rpm podman-debugsource-4.2.0-3.el9.x86_64.rpm podman-gvproxy-4.2.0-3.el9.x86_64.rpm podman-gvproxy-debuginfo-4.2.0-3.el9.x86_64.rpm podman-plugins-4.2.0-3.el9.x86_64.rpm podman-plugins-debuginfo-4.2.0-3.el9.x86_64.rpm podman-remote-4.2.0-3.el9.x86_64.rpm podman-remote-debuginfo-4.2.0-3.el9.x86_64.rpm podman-tests-4.2.0-3.el9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-28851 https://access.redhat.com/security/cve/CVE-2020-28852 https://access.redhat.com/security/cve/CVE-2021-4024 https://access.redhat.com/security/cve/CVE-2021-20199 https://access.redhat.com/security/cve/CVE-2021-20291 https://access.redhat.com/security/cve/CVE-2021-33197 https://access.redhat.com/security/cve/CVE-2021-34558 https://access.redhat.com/security/cve/CVE-2022-27191 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY3PhTNzjgjWX9erEAQi3cg/+MBUAmnN6lN8i+PpVh7F+cKBIZF08OYvD ILPTVTIUYchZ1I6YhNJDV5zYe4erHJ2kK6Hx0ougoDHFIJYFrzrh5wRyAA0rYq69 9j+tSW5strpI3+umJjusRkwR4G/0w6WUUMWyMRAWwB8iFs/aV9SYp/Me+63hkL96 EUdq5zeMKgL8YSngno5cNRB64m+Loz+xL3xUBDI6D/tQTNQJieXQrt4OmRcHy5mL aergtSamlu0LTG4WFbAEjuXg3aG+YbRsDZK/pcSyGE3HpQGytXwPyl5kaTuZa2A1 lLCJuT03Y9pNKe4CLNwZVN54tVXcuAYoZRKdt2+ezaa86pNIwSdd11QO8UZNNi5a FvvOH9QUm68l2ZE6Et5v3qj/gTzh3m+mhPONc4qDnCpEpUiIx8/ufSls3yJdk38r eiUDwySfDnLkqcHSDkvK4XHoGeMNFeX5Inc5aEMWObJp0UsY7853rmmQxAP0znsA zRkA/2txdIyKEOjX2Ndc5/weVZZnm2hINyalQYMGKpfKFosEtls7Fzqw6u0uKZxA FbhQXlZG345K3WS+m8VK0wtXmxVjbaK9kaQ2FvEORsCFKITEaK5SoFtgvf2JOcCd sO/Pzy+6k/wu1DsyRqurc4DKMtylJvf2ICsGB6rxbmwif76Q7RoW6aVKc/pFdZA3 50yYHqkbOJU= =0pbG - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3Qr/ckNZI30y1K9AQgM/RAAszSXz2VkZ0h/NhqNJDdQLqlZ8E2QRKZ2 bEyWxxZjMrm5sgJ+PXQmHX2A7Ydk+tAkxcz/zR82cJbB38t4OyqwS7aUPGGwda6x xKgizzOK41LdufCJoFRBktlKqczhBXUgRulp1lCfidFq82UsJPXiczEmDA559GXE 8m633JtFcT8I/5P776ftabAnYYxQpG4UWNWGUm+yGFcsTZdKpdbcUJdx+YS9Uwbc Y6/mFjUdVbE7gXyYWm/nrrGGWZIXioF56xBDj2F73k1auW+lls57ShT6/AkhyFU1 eKpsY6rsBK4fDau9J5+oDLbpfPVBmHF+UoUrWYhQVNdpHfdc+Bas8/0WbhPn7/oI G2jq4GCrFlkBxL0tskNyR6iQIwKWYBy7nFUGO6nezjchvsCb9FoNuBxxRJ32wzox UHsih16OGrQq3anpGnZms7C1fAyuMoAvc2bDCzDpijG7Jzg4uxwqmkKy93Hws7bk 0PNLd1THB709kN8xwQqvntCMYDUOjN+v2bWe38ag9xzakfO0teoEZhC3rzIIQsR+ D4g2kTvmpdmVIFnttdfXqDB8+YQ0/i4RNXzSbZAFS/LavfdF2cQmnlnGiT6wkOeD x8hbXFqODIzvb9yd/cWLdJBAgQl53+HUYj+N9CmtKwyTCpTMbKlPIsGNpO9O/hs5 07be3GNCAGo= =RYZQ -----END PGP SIGNATURE-----
2022. november 16.

ESB-2022.5878 - [RedHat] Image Builder: CVSS (Max): 7.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5878 Image Builder security, bug fix, and enhancement update 16 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Image Builder Publisher: Red Hat Operating System: Red Hat Resolution: Patch/Upgrade CVE Names: CVE-2022-32189 Original Bulletin: https://access.redhat.com/errata/RHSA-2022:7950 Comment: CVSS (Max): 7.5 CVE-2022-32189 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVSS Source: Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Low: Image Builder security, bug fix, and enhancement update Advisory ID: RHSA-2022:7950-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:7950 Issue date: 2022-11-15 CVE Names: CVE-2022-32189 ===================================================================== 1. Summary: An update for cockpit-composer, osbuild, osbuild-composer, and weldr-client is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 9) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security Fix(es): * golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service (CVE-2022-32189) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2059869 - Update osbuild to the newest upstream version in RHEL 9.1 2059870 - Update osbuild-composer to the newest upstream version in RHEL 9.1 2060061 - Rebase cockpit-composer to newest release for RHEL 9.1 2062597 - [cockpit-composer] RHEL 9.1 Tier 0 Localization 2064087 - suggest to exclude dracut-config-rescue in rhel ec2 images 2088459 - [osbuild-composer] cannot build an edge container with sssd 2105961 - edge-installer (anaconda) fails if user has ssh-key defined 2110864 - edge-installer ISO image can't boot on BIOS VM 2113814 - CVE-2022-32189 golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service 2118831 - Backport test changes for new osbuild-composer 2123055 - edge images default to LVM 2123210 - podman network backend does not switch to netavark when embedding container in image 6. Package List: Red Hat Enterprise Linux AppStream (v. 9): Source: cockpit-composer-41-1.el9.src.rpm osbuild-65-1.el9.src.rpm osbuild-composer-62.1-1.el9.src.rpm weldr-client-35.5-4.el9.src.rpm aarch64: osbuild-composer-62.1-1.el9.aarch64.rpm osbuild-composer-core-62.1-1.el9.aarch64.rpm osbuild-composer-core-debuginfo-62.1-1.el9.aarch64.rpm osbuild-composer-debugsource-62.1-1.el9.aarch64.rpm osbuild-composer-dnf-json-62.1-1.el9.aarch64.rpm osbuild-composer-tests-debuginfo-62.1-1.el9.aarch64.rpm osbuild-composer-worker-62.1-1.el9.aarch64.rpm osbuild-composer-worker-debuginfo-62.1-1.el9.aarch64.rpm weldr-client-35.5-4.el9.aarch64.rpm weldr-client-debuginfo-35.5-4.el9.aarch64.rpm weldr-client-debugsource-35.5-4.el9.aarch64.rpm weldr-client-tests-debuginfo-35.5-4.el9.aarch64.rpm noarch: cockpit-composer-41-1.el9.noarch.rpm osbuild-65-1.el9.noarch.rpm osbuild-luks2-65-1.el9.noarch.rpm osbuild-lvm2-65-1.el9.noarch.rpm osbuild-ostree-65-1.el9.noarch.rpm osbuild-selinux-65-1.el9.noarch.rpm python3-osbuild-65-1.el9.noarch.rpm ppc64le: osbuild-composer-62.1-1.el9.ppc64le.rpm osbuild-composer-core-62.1-1.el9.ppc64le.rpm osbuild-composer-core-debuginfo-62.1-1.el9.ppc64le.rpm osbuild-composer-debugsource-62.1-1.el9.ppc64le.rpm osbuild-composer-dnf-json-62.1-1.el9.ppc64le.rpm osbuild-composer-tests-debuginfo-62.1-1.el9.ppc64le.rpm osbuild-composer-worker-62.1-1.el9.ppc64le.rpm osbuild-composer-worker-debuginfo-62.1-1.el9.ppc64le.rpm weldr-client-35.5-4.el9.ppc64le.rpm weldr-client-debuginfo-35.5-4.el9.ppc64le.rpm weldr-client-debugsource-35.5-4.el9.ppc64le.rpm weldr-client-tests-debuginfo-35.5-4.el9.ppc64le.rpm s390x: osbuild-composer-62.1-1.el9.s390x.rpm osbuild-composer-core-62.1-1.el9.s390x.rpm osbuild-composer-core-debuginfo-62.1-1.el9.s390x.rpm osbuild-composer-debugsource-62.1-1.el9.s390x.rpm osbuild-composer-dnf-json-62.1-1.el9.s390x.rpm osbuild-composer-tests-debuginfo-62.1-1.el9.s390x.rpm osbuild-composer-worker-62.1-1.el9.s390x.rpm osbuild-composer-worker-debuginfo-62.1-1.el9.s390x.rpm weldr-client-35.5-4.el9.s390x.rpm weldr-client-debuginfo-35.5-4.el9.s390x.rpm weldr-client-debugsource-35.5-4.el9.s390x.rpm weldr-client-tests-debuginfo-35.5-4.el9.s390x.rpm x86_64: osbuild-composer-62.1-1.el9.x86_64.rpm osbuild-composer-core-62.1-1.el9.x86_64.rpm osbuild-composer-core-debuginfo-62.1-1.el9.x86_64.rpm osbuild-composer-debugsource-62.1-1.el9.x86_64.rpm osbuild-composer-dnf-json-62.1-1.el9.x86_64.rpm osbuild-composer-tests-debuginfo-62.1-1.el9.x86_64.rpm osbuild-composer-worker-62.1-1.el9.x86_64.rpm osbuild-composer-worker-debuginfo-62.1-1.el9.x86_64.rpm weldr-client-35.5-4.el9.x86_64.rpm weldr-client-debuginfo-35.5-4.el9.x86_64.rpm weldr-client-debugsource-35.5-4.el9.x86_64.rpm weldr-client-tests-debuginfo-35.5-4.el9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-32189 https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY3PhT9zjgjWX9erEAQg9fhAAkAAGWeWiPDsQJ/TXFnrTis24eChQ9WHU XGffqSbHSQAjupkyGhzPsn8jau+HPOfvUARnI77Fz6hKM+pt8IdVWmM0cVfXKVqE CFL78X2pLnSnn3fIld5gEvPrLv6VzrxJ8wlm6wNln43KaZ//z9mrJ7qPW6RpIWvE c+A5Xx14tTMUMZ/Wh21DA2mKEgSO40wfPEXvBu0pb2XbN/+oaCmUmJV6oMx88b3U onMnRqvl+kFl1SCI8158AvkZj6NKMNeD23cjuHyT0KttoIOft+I0DCsDI5W/qRup Q0JYQ0VTbPx7hQHc/TOSO6bg1dBJbrwWHdqgjoQhP9inhdKFWUtnFj0/nw5Ddc76 IOL88AneTceR/5vomLl5dCCM4kCOHzqnwCK/G/zINkoeRyHn8zsWJ83M34Pxatr/ hWUugBz8lw0rL38qwEbssFCLXUYHLCIpr+pPnMiy90lwGDPY2Ydg1vfujMbZL9q9 BNl9U7Olz4rIH+libn8Q7VkBOEz9DpYXGnWA+CbIDgUosHyixzEvNlZxemoGtQYI n36mwgE/QbNaAhfrzXL7DZ20tGcZHzBrsoGHZImu5CQwheSO+cdm3Wx2+y6u4lk9 1N2xHiG/VRkOPxDZX1OLQ8jBPq+2ZyGIuwYNP7QOCU2wgIDUBnbOI0gAUZO1dZnK x3zLrMtLyho= =zP99 - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3Qr78kNZI30y1K9AQh9lhAAqQIWVBAiUGP1UF2UZLxH2vY8kuDw1L5d f+nJz0ca39zENvpu1142VcehO2LilA3KXqcL8YGif8RrZZJSi+34OeUEA6UzyqKF ENQ280UNMfnlE4wz5icmAok3RqxVuAvWdY2JX7vYh4cr8pUGdnNswaJCiaESMzk+ TvXEGvcEDDrB+JjthdcrAT4semSXe9qL5aoJLWKBdDl4Kt8YuzDlJb6nYvIKE3MV 0vHHUrTJNirU0rtzFFj1AOu903sSjd/Atf9pGvZgktkcGznVeFIe3IG9/OUcrZxd q6r0RW+T4O1Y518ib/C0FCp0+p3eZdBdzfzIgIHPzc71y9P3iUTy7C0y9JHvKhK/ zYxRP1JCNUsv3/92/1nWoU47cwMDXulKQlLO2dds+8S90xgdOfpoElB0DBBGdqK6 7nN4RuxIwtMQ6LJ4rNAc8SZRxtWYSXQ0IO8K+v1TmuRNieEL0BUQZ3y6RLMt84pm kbfrAnssdlieC9VskwCVtE0SEiFgRiEUw3BC8yDf8UFIsUKZYU9AHr1CEKCETfJH l4Z8n6w5tCnQGRCbqYL1nsXpmhHYB5mRYkRlcsCkVUyZGy+s102Yl7sScLu1kCI6 xx5HpsGKJwP8MH+oYBP0BPE9mHLIIzKnmNKpwMVmS01PXR0/itWVq+13S0a6V1tX fsFL+eYNd7w= =z1Ex -----END PGP SIGNATURE-----
2022. november 16.

ESB-2022.5877 - [RedHat] pcs: CVSS (Max): 6.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5877 pcs security, bug fix, and enhancement update 16 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: pcs Publisher: Red Hat Operating System: Red Hat Resolution: Patch/Upgrade CVE Names: CVE-2022-1049 Original Bulletin: https://access.redhat.com/errata/RHSA-2022:7935 Comment: CVSS (Max): 6.3 CVE-2022-1049 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L) CVSS Source: Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: pcs security, bug fix, and enhancement update Advisory ID: RHSA-2022:7935-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:7935 Issue date: 2022-11-15 CVE Names: CVE-2022-1049 ===================================================================== 1. Summary: An update for pcs is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux High Availability (v. 9) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Resilient Storage (v. 9) - ppc64le, s390x, x86_64 3. Description: The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fix(es): * pcs: improper authentication via PAM (CVE-2022-1049) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1301204 - Some stonith resource changes require "pcs resource" 2024522 - [RFE] Provide a way to add a scsi **mpath** fencing device to a cluster without requiring a restart of all cluster resources 2026725 - booth: pcs should check that '/etc/booth' exists 2029844 - [WebUI] Overhaul "Add existing cluster" wizard 2039884 - [WebUI][RFE] support SBD management 2053177 - booth: pcs should validate ticket names 2054671 - [RFE] Generate UUID for each cluster 2058243 - pcs booth ticket add does not recognize mode option 2058246 - Prevent fence_sbd in combination with stonith-watchdog-timeout>0 2058247 - [RFE] Provide easier management of constraints created by pcs move command 2058251 - [RFE] Provide method to export commands to create all resources 2058252 - [RFE] Provide method to export commands to create all fence devices 2059122 - Hiding Server Name HTTP header from TornadoServer(used in pcs/pcsd) 2059142 - [WebUI][RFE] Allow to change position of resource inside group 2059145 - [WebUI] Loading cluster status (or cluster list) does not start automatically immediately after logout and login 2059148 - [WebUI][RFE] add support for modification of utilization attributes in nodes and resources 2059149 - [WebUI][RFE] add support to add/remove resource meta attribute 2059177 - [WebUI] Wrong label for full permissions 2059501 - pcs rebase bz for 9.1 2064818 - man pcs suggests using 'stickiness' instead of 'resource-stickiness' in 'pcs resource meta' 2066629 - CVE-2022-1049 pcs: improper authentication via PAM 2076585 - [WebUI][RFE] add support to add/remove node attribute 2095695 - Cannot remove a quorum device 2097778 - Pcs WebUI - CSP headers do not restrict script source 2102663 - 'pcs resource restart' fails with a traceback 6. Package List: Red Hat Enterprise Linux High Availability (v. 9): Source: pcs-0.11.3-4.el9.src.rpm aarch64: pcs-0.11.3-4.el9.aarch64.rpm pcs-snmp-0.11.3-4.el9.aarch64.rpm ppc64le: pcs-0.11.3-4.el9.ppc64le.rpm pcs-snmp-0.11.3-4.el9.ppc64le.rpm s390x: pcs-0.11.3-4.el9.s390x.rpm pcs-snmp-0.11.3-4.el9.s390x.rpm x86_64: pcs-0.11.3-4.el9.x86_64.rpm pcs-snmp-0.11.3-4.el9.x86_64.rpm Red Hat Enterprise Linux Resilient Storage (v. 9): Source: pcs-0.11.3-4.el9.src.rpm ppc64le: pcs-0.11.3-4.el9.ppc64le.rpm pcs-snmp-0.11.3-4.el9.ppc64le.rpm s390x: pcs-0.11.3-4.el9.s390x.rpm pcs-snmp-0.11.3-4.el9.s390x.rpm x86_64: pcs-0.11.3-4.el9.x86_64.rpm pcs-snmp-0.11.3-4.el9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-1049 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY3OMj9zjgjWX9erEAQinzA/+LoayakWdPMQpdrxTPbCDe8aywOeG27Zv DWgUzRmjWpwG8K7oerlLLkNPgxmto0slnRtkhxxRb0+MkoumlECUfJhGzaTsQnBk oLfHS7KxFLbnMp+pBHNoyw56JsOR5dITGxQihS9/N81KLOvQF+OcgswxYlUlNDOH v5KWsC3Odc4QcqqKWpkqBNlS+yJYNEBfDktmIuP8kQbzGFfQ39nb+4RpjmnKUEwC fkREm9Onag+TQaekOCi8zRLCDR9v8LqTCwqAQBGQTy2qva6Ete3eHNLjWDdB9rb/ enQa8lFTfHHr/IJwvpQoEsLh8WdaL3zP0+DxgLy/maL9CGgpNvOdqoMqNVQ42xKj LsP1kiLX+9mvzHb2sUR4W5RrFrN0wJm9/r2M4d69sXgyeKs8m1FKNWGuHEvS9f5o ndAWM7BPXvZpbhCsZsMMqbWXztBgR8HzogM8LWfnRENi+FsN6IEXj3sbmhTpi/oe mN7vCP6PD9uqG1OXNgeem8zJaasPtnzl5QxQsq3H+9nXphKo6RjSotedGCPGQS5V ssMKB94SmxXgnLCSKxzjeVpVyCjKVNV4ZqyJ9Oz7Cxgk3XwKBYUqIaONfOW5ojEb MlDG6LEJSCppsPfw3k6xLxqsax+K9CzdH+VfOAS1C5GUQo5VP9uGj52kLnF7mfrw YX0PamRn+ZU= =IOln - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3QoaMkNZI30y1K9AQi/fRAAqo74SAQOPRfEgXh7qmpPUIkHTWTixJrS HnVJ6llewk9iw1rHrNvha1L+B5sV+CVMuTgl3+K/BuPW1pMMWpuZMsCbh40irumd y2RUgIa1giyhYEswVKCbHtATuAU2p+jcDzzrfiDsuVURunb62aMxQPBeClk1JeNu ZnLDXY4WcyhMA1olqOsgd0bRfQhzsA+eKzRKsuEfTlvn8jFEEw6gSKcuUuBtlgo8 aBvySgo4lJGkXVqnFtzbIqA9uz/KUPM2/3IR7Y8lmYfdCKty8QCZwspb51q1jXTZ rgc9aEDL7YmCbnHTN4jK/YjCt+JH5YfrM0EkzWJTu5y2/AphIlPpzYXXRt/POw72 WQviIXenRL30T4by+mEGu0UqPEVdVEt8C2vxHAteZiCK0rX8wH36kCy68cYanujs rwO33QyiHjyBzOXFNKIQpD18NxPg51cmnszUWB2uxBPvxNEoTlSejRJ5KvVgTtJL khPvz/9ZhB6i1w8jl7f9pgL0alnDXlb4vt801Bq+8ueEMOU5vzAzEB75KQDNnstI NCk43hh5K+enePnuS4DPge0cT8jGcbKaZbd7tlOz3XEav3zweyxuzFWj0mWa2GLV qB5qJyEpwUfnSrCpO1JAlz5H058Ywh8YXzexIlO+JUF7H6PsoC00BQaGVIhywPnV 8p3JmCTHT1A= =tV3F -----END PGP SIGNATURE-----
2022. november 16.

ESB-2022.5876 - [RedHat] kernel-rt: CVSS (Max): 7.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5876 kernel-rt security and bug fix update 16 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: kernel-rt Publisher: Red Hat Operating System: Red Hat Resolution: Patch/Upgrade CVE Names: CVE-2022-39190 CVE-2022-36946 CVE-2022-29901 CVE-2022-29900 CVE-2022-29581 CVE-2022-28893 CVE-2022-28390 CVE-2022-26373 CVE-2022-24448 CVE-2022-23825 CVE-2022-23816 CVE-2022-21499 CVE-2022-21166 CVE-2022-21125 CVE-2022-21123 CVE-2022-20368 CVE-2022-2639 CVE-2022-2586 CVE-2022-1998 CVE-2022-1852 CVE-2022-1679 CVE-2022-1353 CVE-2022-1280 CVE-2022-1184 CVE-2022-1048 CVE-2022-1016 CVE-2022-0854 CVE-2022-0617 CVE-2022-0168 CVE-2021-3640 CVE-2020-36516 Original Bulletin: https://access.redhat.com/errata/RHSA-2022:7933 Comment: CVSS (Max): 7.8 CVE-2022-29581 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) CVSS Source: Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: kernel-rt security and bug fix update Advisory ID: RHSA-2022:7933-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:7933 Issue date: 2022-11-15 CVE Names: CVE-2020-36516 CVE-2021-3640 CVE-2022-0168 CVE-2022-0617 CVE-2022-0854 CVE-2022-1016 CVE-2022-1048 CVE-2022-1184 CVE-2022-1280 CVE-2022-1353 CVE-2022-1679 CVE-2022-1852 CVE-2022-1998 CVE-2022-2586 CVE-2022-2639 CVE-2022-20368 CVE-2022-21123 CVE-2022-21125 CVE-2022-21166 CVE-2022-21499 CVE-2022-23816 CVE-2022-23825 CVE-2022-24448 CVE-2022-26373 CVE-2022-28390 CVE-2022-28893 CVE-2022-29581 CVE-2022-29900 CVE-2022-29901 CVE-2022-36946 CVE-2022-39190 ===================================================================== 1. Summary: An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Real Time (v. 9) - x86_64 Red Hat Enterprise Linux Real Time for NFV (v. 9) - x86_64 3. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * off-path attacker may inject data or terminate victim's TCP session (CVE-2020-36516) * use-after-free vulnerability in function sco_sock_sendmsg() (CVE-2021-3640) * smb2_ioctl_query_info NULL pointer dereference (CVE-2022-0168) * NULL pointer dereference in udf_expand_file_adinicbdue() during writeback (CVE-2022-0617) * swiotlb information leak with DMA_FROM_DEVICE (CVE-2022-0854) * uninitialized registers on stack in nft_do_chain can cause kernel pointer leakage to UM (CVE-2022-1016) * race condition in snd_pcm_hw_free leading to use-after-free (CVE-2022-1048) * use-after-free and memory errors in ext4 when mounting and operating on a corrupted image (CVE-2022-1184) * concurrency use-after-free between drm_setmaster_ioctl and drm_mode_getresources (CVE-2022-1280) * kernel info leak issue in pfkey_register (CVE-2022-1353) * use-after-free in ath9k_htc_probe_device() could cause an escalation of privileges (CVE-2022-1679) * NULL pointer dereference in x86_emulate_insn may lead to DoS (CVE-2022-1852) * fanotify misuses fd_install() which could lead to use-after-free (CVE-2022-1998) * nf_tables cross-table potential use-after-free may lead to local privilege escalation (CVE-2022-2586) * openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size() (CVE-2022-2639) * slab-out-of-bounds access in packet_recvmsg() (CVE-2022-20368) * incomplete clean-up of multi-core shared buffers (aka SBDR) (CVE-2022-21123) * incomplete clean-up of microarchitectural fill buffers (aka SBDS) (CVE-2022-21125) * incomplete clean-up in specific special register write operations (aka DRPW) (CVE-2022-21166) * possible to use the debugger to write zero into a location of choice (CVE-2022-21499) * AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions (CVE-2022-23816, CVE-2022-29900) * AMD: Branch Type Confusion (non-retbleed) (CVE-2022-23825) * Intel: Post-barrier Return Stack Buffer Predictions (CVE-2022-26373) * double free in ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c (CVE-2022-28390) * use after free in SUNRPC subsystem (CVE-2022-28893) * use-after-free due to improper update of reference count in net/sched/cls_u32.c (CVE-2022-29581) * Intel: RetBleed Arbitrary Speculative Code Execution with Return Instructions (CVE-2022-29901) * DoS in nfqnl_mangle in net/netfilter/nfnetlink_queue.c (CVE-2022-36946) * nf_tables disallow binding to already bound chain (CVE-2022-39190) * nfs_atomic_open() returns uninitialized data instead of ENOTDIR (CVE-2022-24448) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1980646 - CVE-2021-3640 kernel: use-after-free vulnerability in function sco_sock_sendmsg() 2037386 - CVE-2022-0168 kernel: smb2_ioctl_query_info NULL pointer dereference 2051444 - CVE-2022-24448 kernel: nfs_atomic_open() returns uninitialized data instead of ENOTDIR 2052312 - CVE-2022-1998 kernel: fanotify misuses fd_install() which could lead to use-after-free 2053632 - CVE-2022-0617 kernel: NULL pointer dereference in udf_expand_file_adinicbdue() during writeback 2058395 - CVE-2022-0854 kernel: swiotlb information leak with DMA_FROM_DEVICE 2059928 - CVE-2020-36516 kernel: off-path attacker may inject data or terminate victim's TCP session 2066614 - CVE-2022-1016 kernel: uninitialized registers on stack in nft_do_chain can cause kernel pointer leakage to UM 2066706 - CVE-2022-1048 kernel: race condition in snd_pcm_hw_free leading to use-after-free 2066819 - CVE-2022-1353 kernel: kernel info leak issue in pfkey_register 2070205 - CVE-2022-1184 kernel: use-after-free and memory errors in ext4 when mounting and operating on a corrupted image 2071022 - CVE-2022-1280 kernel: concurrency use-after-free between drm_setmaster_ioctl and drm_mode_getresources 2073064 - CVE-2022-28390 kernel: double free in ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c 2074208 - CVE-2022-28893 kernel: use after free in SUNRPC subsystem 2084125 - CVE-2022-1679 kernel: use-after-free in ath9k_htc_probe_device() could cause an escalation of privileges 2084183 - CVE-2022-21499 kernel: possible to use the debugger to write zero into a location of choice 2084479 - CVE-2022-2639 kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size() 2088021 - CVE-2022-29581 kernel: use-after-free due to improper update of reference count in net/sched/cls_u32.c 2089815 - CVE-2022-1852 kernel: NULL pointer dereference in x86_emulate_insn may lead to DoS 2090226 - CVE-2022-23816 CVE-2022-29900 hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions 2090237 - CVE-2022-21123 hw: cpu: incomplete clean-up of multi-core shared buffers (aka SBDR) 2090240 - CVE-2022-21125 hw: cpu: incomplete clean-up of microarchitectural fill buffers (aka SBDS) 2090241 - CVE-2022-21166 hw: cpu: incomplete clean-up in specific special register write operations (aka DRPW) 2103148 - CVE-2022-29901 hw: cpu: Intel: RetBleed Arbitrary Speculative Code Execution with Return Instructions 2103153 - CVE-2022-23825 hw: cpu: AMD: Branch Type Confusion (non-retbleed) 2114878 - CVE-2022-2586 kernel: nf_tables cross-table potential use-after-free may lead to local privilege escalation 2115065 - CVE-2022-26373 hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions 2115278 - CVE-2022-36946 kernel: DoS in nfqnl_mangle in net/netfilter/nfnetlink_queue.c 2123695 - CVE-2022-20368 kernel: net/packet: slab-out-of-bounds access in packet_recvmsg() 2129152 - CVE-2022-39190 kernel: nf_tables disallow binding to already bound chain 6. Package List: Red Hat Enterprise Linux Real Time for NFV (v. 9): Source: kernel-rt-5.14.0-162.6.1.rt21.168.el9_1.src.rpm x86_64: kernel-rt-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm kernel-rt-core-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm kernel-rt-debug-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm kernel-rt-debug-core-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm kernel-rt-debug-debuginfo-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm kernel-rt-debug-devel-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm kernel-rt-debug-kvm-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm kernel-rt-debug-modules-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm kernel-rt-debug-modules-extra-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm kernel-rt-debuginfo-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm kernel-rt-debuginfo-common-x86_64-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm kernel-rt-devel-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm kernel-rt-kvm-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm kernel-rt-modules-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm kernel-rt-modules-extra-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm Red Hat Enterprise Linux Real Time (v. 9): Source: kernel-rt-5.14.0-162.6.1.rt21.168.el9_1.src.rpm x86_64: kernel-rt-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm kernel-rt-core-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm kernel-rt-debug-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm kernel-rt-debug-core-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm kernel-rt-debug-debuginfo-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm kernel-rt-debug-devel-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm kernel-rt-debug-modules-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm kernel-rt-debug-modules-extra-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm kernel-rt-debuginfo-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm kernel-rt-debuginfo-common-x86_64-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm kernel-rt-devel-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm kernel-rt-modules-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm kernel-rt-modules-extra-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-36516 https://access.redhat.com/security/cve/CVE-2021-3640 https://access.redhat.com/security/cve/CVE-2022-0168 https://access.redhat.com/security/cve/CVE-2022-0617 https://access.redhat.com/security/cve/CVE-2022-0854 https://access.redhat.com/security/cve/CVE-2022-1016 https://access.redhat.com/security/cve/CVE-2022-1048 https://access.redhat.com/security/cve/CVE-2022-1184 https://access.redhat.com/security/cve/CVE-2022-1280 https://access.redhat.com/security/cve/CVE-2022-1353 https://access.redhat.com/security/cve/CVE-2022-1679 https://access.redhat.com/security/cve/CVE-2022-1852 https://access.redhat.com/security/cve/CVE-2022-1998 https://access.redhat.com/security/cve/CVE-2022-2586 https://access.redhat.com/security/cve/CVE-2022-2639 https://access.redhat.com/security/cve/CVE-2022-20368 https://access.redhat.com/security/cve/CVE-2022-21123 https://access.redhat.com/security/cve/CVE-2022-21125 https://access.redhat.com/security/cve/CVE-2022-21166 https://access.redhat.com/security/cve/CVE-2022-21499 https://access.redhat.com/security/cve/CVE-2022-23816 https://access.redhat.com/security/cve/CVE-2022-23825 https://access.redhat.com/security/cve/CVE-2022-24448 https://access.redhat.com/security/cve/CVE-2022-26373 https://access.redhat.com/security/cve/CVE-2022-28390 https://access.redhat.com/security/cve/CVE-2022-28893 https://access.redhat.com/security/cve/CVE-2022-29581 https://access.redhat.com/security/cve/CVE-2022-29900 https://access.redhat.com/security/cve/CVE-2022-29901 https://access.redhat.com/security/cve/CVE-2022-36946 https://access.redhat.com/security/cve/CVE-2022-39190 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index https://access.redhat.com/solutions/6971358 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY3OMl9zjgjWX9erEAQga8xAAji7Bp7W+r5JoAgnmLjAr0OuPxcy0wrsk IWQANfMeO9PBNz7se7saJtQBaCcQsqYWWUhyvJqP+mf7KuwLFkhadlWsOCvUvbt9 irXURndplrL4PDdFS2cdf8j70kYQj3MAibGCk9yUei3W/GbW2YwbaKG8z2/+xj7c AfStawXS0EuPi5hXTHb+38minSm3FVbQlRMT4mtoEbBodIRWMVs6CWMavgHPPj+V v+KoZHsOP0PbSU+ss8tvTwDCOtpibJcmLNiJgQuBZiA55Sl2K5u7xCk39b1jvUmQ Lk97tSD9VwbIOsj/QXmUIZzKPIvXr0oETD6+Y3tP4vD2rPz9BdgmetvhLYc/ZvVx tC4Q42onfp69pfeYA5eIMrofQdzH+IoeBYgtrbeI008prfanjyAMNN95glEnZ3xx FWxx9I+fgIXIax77OURyrNWsRLgXi0d1nWwOEIxfbn9EJUdnRpMD4oaVmhJ7WIQk iCVRRjW+KYFqZodE/PJXe03WsC/Y2KAVWShd7lqXGPih/PHkNrmzCwkgS1NxOiZV 6FNUX5u/yZ3uxgXdx2dzfIAm0edVvHAEBFI+8jfqa6EBXDhxQ3NgxBsiDfCJTaRM G2cZehg9xVmPVSkDpi7/zSLOWHLnTEcw1/ARnu8So3M24+/yKi4tjj0QvQ+H0d10 kGgOdfd83mQ= =P05y - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3QoWskNZI30y1K9AQgfOhAAgWhWslm1oujUS8gI8lQknhmhOEMk8xGd knQ82Ibrqf/NV2ET+ac1cbGtljoGdSs6xp/9bH9Xwlf/oLXDWwfwXQXUt6pxcScR +E1zE3i9Xn7IBbwaYqkuC9K6v3WbGmyjqjlBsrTeuQ/zhpZL2TC2duyBn0ReA0Lc SrRTVzFsMLO8AIpC6zctORcS7LVOGJprr77lJn84emiKHwzks/DtHQRakinz95mA GvCtz5bMOUDD5IoiuC9jiU0/iRVlal9canu86Ttpav+H938AmN/dagTYSpIFDj1F 99XptgcZ0w7dIU1oahopqZ21VyOIgmDtQzWUZ1CB8dOSB6LQPVUpRPwNbpi9OwLW Tf+l6BM+5nQAzmCnvWXo7/hAcTiEofR80Ncv0gJNh1ukpDsSOPHX1Vhc+zPZal3h LYVUgtiLFXGqCnGqJ+L5lrtSUjJGj6QbaLwhclxFYN2DRbNeBAWl5uHk+WDRUbMw 8rAKRRLV9tVGqnm+oy60zW1s8gjC6jLufTgU1QLkyIfvTZHnfuNE7cuj57mAojRy DLDEHaFL9MLv12EwIBqJFAZVSRJIZWca+fPIXILLAYn0KzPHDLZljJzpo1b3hbnW pN89EoMFPFR3hMHt6CfP1NJGRtMeWdepGCUuphu9ONKAYtHf00df/EpDY4gaM1T+ YCr7+Ecl0fU= =WnKR -----END PGP SIGNATURE-----
2022. november 15.

ESB-2022.5875 - [Win][Linux][HP-UX][Solaris][AIX] IBM HTTP Server: CVSS (Max): 7.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5875 Security Bulletin: IBM HTTP Server is vulnerable to denial of service due to libexpat (CVE-2022-43680, CVE-2013-0340, CVE-2017-9233) 15 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: IBM HTTP Server Publisher: IBM Operating System: AIX HP-UX Linux variants Solaris Windows Resolution: Patch/Upgrade CVE Names: CVE-2022-43680 CVE-2017-9233 CVE-2013-0340 Original Bulletin: https://www.ibm.com/support/pages/node/6839161 Comment: CVSS (Max): 7.5 CVE-2022-43680 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVSS Source: NVD Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- IBM HTTP Server is vulnerable to denial of service due to libexpat (CVE-2022-43680, CVE-2013-0340, CVE-2017-9233) Document Information Document number : 6839161 Modified date : 14 November 2022 Product : IBM HTTP Server Software version : 7.0, 8.0, 8.5, 9.0 Operating system(s): AIX HP-UX Linux Solaris Windows Edition : Base,Enterprise,Advanced,Single Server,Network Deployment Summary IBM HTTP Server used by IBM WebSphere Application Server is vulnerable to denial of service due to libexpat. This has been addressed. Vulnerability Details CVEID: CVE-2022-43680 DESCRIPTION: libexpat is vulnerable to a denial of service, caused by a use-after free created by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. A remote attacker could exploit this vulnerability to cause a denial of service. CVSS Base score: 7.5 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 238951 for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVEID: CVE-2013-0340 DESCRIPTION: expat is vulnerable to a denial of service, caused by the improper handling of internal entity expansion. By persuading a victim to open a specially crafted XML document, an attacker could exploit this vulnerability to consume all available resources. CVSS Base score: 4.3 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 132738 for the current score. CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P) CVEID: CVE-2017-9233 DESCRIPTION: libexpat is vulnerable to a denial of service, caused by a XML External Entity vulnerability in the parser. By using a specially-crafted XML file, a remote attacker could exploit this vulnerability to cause an infinite loop. CVSS Base score: 5.3 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 129459 for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) Affected Products and Versions +--------------------+----------+ |Affected Product(s) |Version(s)| +--------------------+----------+ |IBM HTTP Server |9.0 | +--------------------+----------+ |IBM HTTP Server |8.5 | +--------------------+----------+ |IBM HTTP Server |8.0 | +--------------------+----------+ |IBM HTTP Server |7.0 | +--------------------+----------+ Remediation/Fixes IBM strongly recommends addressing the vulnerability now by applying a currently available interim fix or fix pack that contains APAR PH50316. For IBM HTTP Server used by IBM WebSphere Application Server: For V9.0.0.0 through 9.0.5.13: . Upgrade to minimal fix pack levels as required by interim fix and then apply Interim Fix PH50316 - --OR-- . Apply Fix Pack 9.0.5.15 or later (targeted availability 2Q2023). For V8.5.0.0 through 8.5.5.22: . Upgrade to minimal fix pack levels as required by interim fix and then apply Interim Fix PH50316 - --OR-- . Apply Fix Pack 8.5.5.23 or later (targeted availability 1Q2023). For V8.0.0.0 through 8.0.0.15: . Upgrade to 8.0.0.15 and then apply Interim Fix PH50316 For V7.0.0.0 through 7.0.0.45: . Upgrade to 7.0.0.45 and then apply Interim Fix PH50316 Additional interim fixes may be available and linked off the interim fix download page. IBM HTTP Server V7.0 and V8.0 are no longer in full support; IBM recommends upgrading to a fixed, supported version/release/platform of the product. Important Note IBM strongly suggests that all System z customers be subscribed to the System z Security Portal to receive the latest critical System z security and integrity service. If you are not subscribed, see the instructions on the System z Security web site. Security and integrity APARs and associated fixes will be posted to this portal. IBM suggests reviewing the CVSS scores and applying all security or integrity fixes as soon as possible to minimize any potential risk. Workarounds and Mitigations None Change History 14 Nov 2022: Initial Publication - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3MArMkNZI30y1K9AQgS+xAAsj00vqq6fhMV3xIepa+/AXoweHQf3DvJ xzMU32b4FKZd9BpzIsDx4yzFxJ2RXCFfB/9UBvHiqlUyrSC9ZN0b8MgW2fPGjDCG 5x2EFbn/NVX3rZGV0Q5m3/XzUg4DUCwEdinhbFeZRQ4qL4AHFYtCTWcPN++0hA9J XLxr/YJ7mXbOeULT11343vU6gVAFfm6/G38BDNqrHK6aNGNSXs05cjqIchabG0wd 5g7A8jtpOI5D37KoqbyDqGP3ieTkclSF3UaC3vBwmHx36k/7iUn1VQAJQHOu6WIs kzqizIpTg9FLg1KboVflvGW68uA+iSnaM03RVDKtUqJtVvwSYMerjvP0BI3aQohd 7aFGt8IDh4E5VCVLL7uNjvlA6jeasq+eWi+fwq6/nLI19LhhPIlKn7YNYff9Ekhw QZRTbSiPhy04hIaQSahbKPPs6ChPplg3sD6t1TZzOq+0DfeJm6QwwBXHiQVT80AP f/VJ456wlQc9f86Asz0iZTcVqxOf2FLB1NPIHLaqxe8DYL8bcMS1KCm8itNCA0hT g/yaG3aqqvc8hDEjI05P72zkIAfWk3Jntz9KEkkQKa90+yLK7CdKuB58TX98Mv3d bD1bHLxxd0ajiqURITuudkBQkrE2UMlcZoP1+CnnqfWhZBDQtCw+wN8ufnIgl4lk okWTfJa8FGQ= =nzuk -----END PGP SIGNATURE-----
2022. november 15.

ESB-2022.5874 - [RedHat] device-mapper-multipath: CVSS (Max): 8.4

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5874 device-mapper-multipath security update 15 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: device-mapper-multipath Publisher: Red Hat Operating System: Red Hat Resolution: Patch/Upgrade CVE Names: CVE-2022-41974 CVE-2022-3787 Original Bulletin: https://access.redhat.com/errata/RHSA-2022:7928 Comment: CVSS (Max): 8.4 CVE-2022-41974 (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSS Source: Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: device-mapper-multipath security update Advisory ID: RHSA-2022:7928-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:7928 Issue date: 2022-11-14 CVE Names: CVE-2022-3787 ===================================================================== 1. Summary: An update for device-mapper-multipath is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Security Fix(es): * device-mapper-multipath: Regression of CVE-2022-41974 fix in Red Hat Enterprise Linux (CVE-2022-3787) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2138959 - CVE-2022-3787 device-mapper-multipath: Regression of CVE-2022-41974 fix in Red Hat Enterprise Linux 6. Package List: Red Hat Enterprise Linux BaseOS (v. 8): Source: device-mapper-multipath-0.8.4-28.el8_7.1.src.rpm aarch64: device-mapper-multipath-0.8.4-28.el8_7.1.aarch64.rpm device-mapper-multipath-debuginfo-0.8.4-28.el8_7.1.aarch64.rpm device-mapper-multipath-debugsource-0.8.4-28.el8_7.1.aarch64.rpm device-mapper-multipath-libs-0.8.4-28.el8_7.1.aarch64.rpm device-mapper-multipath-libs-debuginfo-0.8.4-28.el8_7.1.aarch64.rpm kpartx-0.8.4-28.el8_7.1.aarch64.rpm kpartx-debuginfo-0.8.4-28.el8_7.1.aarch64.rpm libdmmp-0.8.4-28.el8_7.1.aarch64.rpm libdmmp-debuginfo-0.8.4-28.el8_7.1.aarch64.rpm ppc64le: device-mapper-multipath-0.8.4-28.el8_7.1.ppc64le.rpm device-mapper-multipath-debuginfo-0.8.4-28.el8_7.1.ppc64le.rpm device-mapper-multipath-debugsource-0.8.4-28.el8_7.1.ppc64le.rpm device-mapper-multipath-libs-0.8.4-28.el8_7.1.ppc64le.rpm device-mapper-multipath-libs-debuginfo-0.8.4-28.el8_7.1.ppc64le.rpm kpartx-0.8.4-28.el8_7.1.ppc64le.rpm kpartx-debuginfo-0.8.4-28.el8_7.1.ppc64le.rpm libdmmp-0.8.4-28.el8_7.1.ppc64le.rpm libdmmp-debuginfo-0.8.4-28.el8_7.1.ppc64le.rpm s390x: device-mapper-multipath-0.8.4-28.el8_7.1.s390x.rpm device-mapper-multipath-debuginfo-0.8.4-28.el8_7.1.s390x.rpm device-mapper-multipath-debugsource-0.8.4-28.el8_7.1.s390x.rpm device-mapper-multipath-libs-0.8.4-28.el8_7.1.s390x.rpm device-mapper-multipath-libs-debuginfo-0.8.4-28.el8_7.1.s390x.rpm kpartx-0.8.4-28.el8_7.1.s390x.rpm kpartx-debuginfo-0.8.4-28.el8_7.1.s390x.rpm libdmmp-0.8.4-28.el8_7.1.s390x.rpm libdmmp-debuginfo-0.8.4-28.el8_7.1.s390x.rpm x86_64: device-mapper-multipath-0.8.4-28.el8_7.1.x86_64.rpm device-mapper-multipath-debuginfo-0.8.4-28.el8_7.1.i686.rpm device-mapper-multipath-debuginfo-0.8.4-28.el8_7.1.x86_64.rpm device-mapper-multipath-debugsource-0.8.4-28.el8_7.1.i686.rpm device-mapper-multipath-debugsource-0.8.4-28.el8_7.1.x86_64.rpm device-mapper-multipath-libs-0.8.4-28.el8_7.1.i686.rpm device-mapper-multipath-libs-0.8.4-28.el8_7.1.x86_64.rpm device-mapper-multipath-libs-debuginfo-0.8.4-28.el8_7.1.i686.rpm device-mapper-multipath-libs-debuginfo-0.8.4-28.el8_7.1.x86_64.rpm kpartx-0.8.4-28.el8_7.1.x86_64.rpm kpartx-debuginfo-0.8.4-28.el8_7.1.i686.rpm kpartx-debuginfo-0.8.4-28.el8_7.1.x86_64.rpm libdmmp-0.8.4-28.el8_7.1.i686.rpm libdmmp-0.8.4-28.el8_7.1.x86_64.rpm libdmmp-debuginfo-0.8.4-28.el8_7.1.i686.rpm libdmmp-debuginfo-0.8.4-28.el8_7.1.x86_64.rpm Red Hat CodeReady Linux Builder (v. 8): aarch64: device-mapper-multipath-debuginfo-0.8.4-28.el8_7.1.aarch64.rpm device-mapper-multipath-debugsource-0.8.4-28.el8_7.1.aarch64.rpm device-mapper-multipath-devel-0.8.4-28.el8_7.1.aarch64.rpm device-mapper-multipath-libs-debuginfo-0.8.4-28.el8_7.1.aarch64.rpm kpartx-debuginfo-0.8.4-28.el8_7.1.aarch64.rpm libdmmp-debuginfo-0.8.4-28.el8_7.1.aarch64.rpm ppc64le: device-mapper-multipath-debuginfo-0.8.4-28.el8_7.1.ppc64le.rpm device-mapper-multipath-debugsource-0.8.4-28.el8_7.1.ppc64le.rpm device-mapper-multipath-devel-0.8.4-28.el8_7.1.ppc64le.rpm device-mapper-multipath-libs-debuginfo-0.8.4-28.el8_7.1.ppc64le.rpm kpartx-debuginfo-0.8.4-28.el8_7.1.ppc64le.rpm libdmmp-debuginfo-0.8.4-28.el8_7.1.ppc64le.rpm s390x: device-mapper-multipath-debuginfo-0.8.4-28.el8_7.1.s390x.rpm device-mapper-multipath-debugsource-0.8.4-28.el8_7.1.s390x.rpm device-mapper-multipath-devel-0.8.4-28.el8_7.1.s390x.rpm device-mapper-multipath-libs-debuginfo-0.8.4-28.el8_7.1.s390x.rpm kpartx-debuginfo-0.8.4-28.el8_7.1.s390x.rpm libdmmp-debuginfo-0.8.4-28.el8_7.1.s390x.rpm x86_64: device-mapper-multipath-debuginfo-0.8.4-28.el8_7.1.i686.rpm device-mapper-multipath-debuginfo-0.8.4-28.el8_7.1.x86_64.rpm device-mapper-multipath-debugsource-0.8.4-28.el8_7.1.i686.rpm device-mapper-multipath-debugsource-0.8.4-28.el8_7.1.x86_64.rpm device-mapper-multipath-devel-0.8.4-28.el8_7.1.i686.rpm device-mapper-multipath-devel-0.8.4-28.el8_7.1.x86_64.rpm device-mapper-multipath-libs-debuginfo-0.8.4-28.el8_7.1.i686.rpm device-mapper-multipath-libs-debuginfo-0.8.4-28.el8_7.1.x86_64.rpm kpartx-debuginfo-0.8.4-28.el8_7.1.i686.rpm kpartx-debuginfo-0.8.4-28.el8_7.1.x86_64.rpm libdmmp-debuginfo-0.8.4-28.el8_7.1.i686.rpm libdmmp-debuginfo-0.8.4-28.el8_7.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-3787 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY3I6xNzjgjWX9erEAQh/cA//fWHgFPMOQS/fLZZKehl33DnYZY3hTvLG 5esVHpJpRuanUJJ54aM5SmEEKFTTKp3Va929HCazKTBr8sbVrJNIVTRpYmOpBWXQ 25rrnHGYygBtBiDloQgxQYmpJCVKzWCXq48zaxsz6a7sm8eRKaP2/nUgghKA8KJb NclesY9SrNJqoDDbeO5RoOvPL5q3ZlzPj1m1ZyknEGsx/ynChE0n+etxR0VSHnyp 25wFck8ZbR1lPrwk9YPOCCc8VPK5lZvBfBCOljesIEyrriasa5UAO7uRmwniqCjB PfE1xZxL+ms3saUigG1GrekmcMsin8f1DNm8c08t9X8IjtYxQXbaBbWxvDMCielM QOneatWAccQFFKe5FzJsVC1EGGOOY+l5VVUUevKVGMWZ71hagS5LiCHDy6Vy2Ku5 A3vQAhAKmZcE98h/MwYsA7cH5UCSx5aWAITJsnek1yWMmNZZ9gpJSDyHGmSPRZrP 82cwDMhgqmYp2oG5/BMyUqi+49bGDZN4wOdNMpYF2KGEiEUsbnkBmIkwDR/Zl1ks vg+A6Sms/j3SrzeQCFKyxRzhUUJAfxBLqcoG71cdVeJxTGzfSCYQ+0TN+2ZpH2Zl yHJYOankSUgQPWfJjFJbaD/GZpDL/OMKOR3IgLU9nalUW/cvdVFPKwrpec51qc2Z 58XJPG/Uaeg= =+XLK - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3MAl8kNZI30y1K9AQgCYg//ZqjCSRee9eYjHR94ByWps754WnNMbcPl QtoAhJuhcTK/LV0VbmZhe/pPAL5dgli81BqZWlj6HuKKEWYSTSMPusCywHftIkSm gb7WOFOtS2qwDPQmRr+XVTLNIO80rGGh1HaFRBo+X2aiCqBdaqg/kz9p5uLPOvCK 8zE85l8eaDvfhsWWnNLVmbu8dCpU/Fxkm/jK8149Hr4SVaVfq4o2KT/sdevuGIzw DNiM5+OrMK/l1AtXxQCAv+pt5+iZ0tKAwoWsgxi7bS3Shjot7h2HYW5NsL7Wo9Pu LhB/0DI81XjOd9Giht/5ftOI8afP+PWvFmP0JiOEV6kbRQLg1yDQAIh760KY0zTG hmdikTTb92EcxGbpcvP9YmO759FLlvSDdQw9HyjNAO2PSfTMOfPntagwsn2DDXN8 CgoS0Pge515nVoOEi1++HRg9BqadU1N9En9mXlMsUHf/MvD+un9tK02abUnTs976 Lc53IiUSRqKjMn4cpIor/Sz8NvZPQC6DsJ94yV1ttLr++Gs4scpdBkjZh4aVLAti 0kCiJXDeIQR3vLuYsGl7N3LO6rgitmxZ4V4KhEj7VlE0o3EtOTtlD9z55jmVzunz sQ4cjc2ZoIpV/K5p/nkXVqykjd767aISNKdgZthJMpidqZIHJz3C53rN5b1JbW1m dWJLpxsOUqI= =dM6s -----END PGP SIGNATURE-----
2022. november 15.

ESB-2022.5873 - [RedHat] libksba: CVSS (Max): 8.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5873 libksba security update 15 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: libksba Publisher: Red Hat Operating System: Red Hat Resolution: Patch/Upgrade CVE Names: CVE-2022-3515 Original Bulletin: https://access.redhat.com/errata/RHSA-2022:7927 Comment: CVSS (Max): 8.1 CVE-2022-3515 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSS Source: Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: libksba security update Advisory ID: RHSA-2022:7927-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:7927 Issue date: 2022-11-14 CVE Names: CVE-2022-3515 ===================================================================== 1. Summary: An update for libksba is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder EUS (v. 8.4) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS EUS (v.8.4) - aarch64, ppc64le, s390x, x86_64 3. Description: KSBA (pronounced Kasbah) is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Security Fix(es): * libksba: integer overflow may lead to remote code execution (CVE-2022-3515) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2135610 - CVE-2022-3515 libksba: integer overflow may lead to remote code execution 6. Package List: Red Hat Enterprise Linux BaseOS EUS (v.8.4): Source: libksba-1.3.5-8.el8_4.src.rpm aarch64: libksba-1.3.5-8.el8_4.aarch64.rpm libksba-debuginfo-1.3.5-8.el8_4.aarch64.rpm libksba-debugsource-1.3.5-8.el8_4.aarch64.rpm ppc64le: libksba-1.3.5-8.el8_4.ppc64le.rpm libksba-debuginfo-1.3.5-8.el8_4.ppc64le.rpm libksba-debugsource-1.3.5-8.el8_4.ppc64le.rpm s390x: libksba-1.3.5-8.el8_4.s390x.rpm libksba-debuginfo-1.3.5-8.el8_4.s390x.rpm libksba-debugsource-1.3.5-8.el8_4.s390x.rpm x86_64: libksba-1.3.5-8.el8_4.i686.rpm libksba-1.3.5-8.el8_4.x86_64.rpm libksba-debuginfo-1.3.5-8.el8_4.i686.rpm libksba-debuginfo-1.3.5-8.el8_4.x86_64.rpm libksba-debugsource-1.3.5-8.el8_4.i686.rpm libksba-debugsource-1.3.5-8.el8_4.x86_64.rpm Red Hat CodeReady Linux Builder EUS (v. 8.4): aarch64: libksba-debuginfo-1.3.5-8.el8_4.aarch64.rpm libksba-debugsource-1.3.5-8.el8_4.aarch64.rpm libksba-devel-1.3.5-8.el8_4.aarch64.rpm ppc64le: libksba-debuginfo-1.3.5-8.el8_4.ppc64le.rpm libksba-debugsource-1.3.5-8.el8_4.ppc64le.rpm libksba-devel-1.3.5-8.el8_4.ppc64le.rpm s390x: libksba-debuginfo-1.3.5-8.el8_4.s390x.rpm libksba-debugsource-1.3.5-8.el8_4.s390x.rpm libksba-devel-1.3.5-8.el8_4.s390x.rpm x86_64: libksba-debuginfo-1.3.5-8.el8_4.i686.rpm libksba-debuginfo-1.3.5-8.el8_4.x86_64.rpm libksba-debugsource-1.3.5-8.el8_4.i686.rpm libksba-debugsource-1.3.5-8.el8_4.x86_64.rpm libksba-devel-1.3.5-8.el8_4.i686.rpm libksba-devel-1.3.5-8.el8_4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-3515 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY3I6xtzjgjWX9erEAQgIqQ/+MihsJWSSwPhPmCV2TvOun35p83LSJur6 rgdf9Jl7toLptN1aK7tgffgLskX2SLbv7XqLvkQiebkonXp2zfRajPvR3JHnDpgV NrhABfLdcA0GXlceSR6DZWrFELXMkxb97H9lDYlv+dDkF2+tqfP1ZszcqCTuySdn rZtllxPwBbq1fGRrtv0HdwroWUKDES0lAEyDUnp3KCGp5+456z9CnAui8T8na5jJ SD38E1w/r6R9v9hH55Lg6RJz2u3MhOnFBwrWzY29iBWbe2eqynBEPhsAjONhVj6w FtQgH9PVS7Q5DNGC+KvrjVGXa7zIbjEGyS6HdVnWR2UDJYjFi2RXM+XeyqfTEd43 Erjjhjsz/gDQbZD3XvnubThcQ0XXjrJKUGS0yj17ZpWTDtBVFktD+6WryMnPYb3/ BCaUnJcZ6hFD0mMgHN2nV7UDk43a2IX/zhhfq/YkxCWPm3dRqsmevU56NG+uDUmv QSkiDwL7G5M+oHfKfjBrh9NRrSkt6R/7YsiRyOe36PNGJ5LC+cQx734TbMBFaMYo KqEvlFnzBXO9NryisDMq9db1aj2EV1N/gwzNXynm0c4vxhMHPyEpbQd62sFYQ/bH 3tvLXNE1hrdXU9UW/h3c1HgRUD1WRr/49DU5zVgNunlFTc2WOz59xRF2fiQDvF1s YW0G0pPZhVw= =Wx01 - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3MAeskNZI30y1K9AQj94w//dvA1RHroAA1xqgxdnbF+OvHU2YKlcdu6 PGJi+/hrV0JWi4NZ10tAwwtdNbwrNK1UZPge9NX+BBN9v/CaLg7omTsZZjHu4HsW bRhu2nUBmxi1/XtrvrE7IGjrbJnehx+n0jBAl7NOSTWDgdkMgYW36EgVPvH2N7dg sFbgGridgn/ZGIf7TYX/QyYoNzYYI8BOia6rkGjeuTltn+Tk6bTw6NeEc4fJHqqx u5UXGigDjGvD05IqrDwJ3TlOojZv4GtGoWChxIhoY7uftx+jv6Me7L+rsGRKOoT3 7yveCtYSeT73Zcs9zSmzriRUYGjnK1O/l61Z27L4QfdiB0uxwPbAmDAgfj7g40cY o0Hvtiw+5L5+Bw2zS+WltYhE2Ujg1rrV+uMxMU9muayATerAf1IPt2kdbnLclba8 dW5Pq/WJ0WpG9UJUwzmCdokGn4X/pEk5errdpt5ww44rjkl1Q5oR1IzhTxjMiKN6 OQGkLViJrkauYGEMjt2FpNzRRj+/dNlavuZDKidEr27wRRMrLe1j/+0VrRIi93V8 oJUkolk5SU19/FJ0eGXX+V9S90pv7bI49d3ukG1qluGup9uYOBDimRaCcQEzRhxZ UZHz0KWRXWhdCpGQubxDWJI0/7xT/DrbjNFxb8U84m1KNOJrnEqcN/0DG0jL9yJ9 0nn9BdaWZlE= =lHJO -----END PGP SIGNATURE-----
2022. november 15.

ESB-2022.5872 - [Ubuntu] Vim: CVSS (Max): 7.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5872 USN-5723-1: Vim vulnerabilities 15 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Vim Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade CVE Names: CVE-2022-2304 CVE-2022-2206 CVE-2022-2183 CVE-2022-2175 CVE-2022-2126 CVE-2022-2125 CVE-2022-2124 CVE-2022-1725 CVE-2022-1674 Original Bulletin: https://ubuntu.com/security/notices/USN-5723-1 Comment: CVSS (Max): 7.8 CVE-2022-2304 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) CVSS Source: NVD Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- USN-5723-1: Vim vulnerabilities 14 November 2022 Several security issues were fixed in Vim. Releases o Ubuntu 16.04 ESM Packages o vim - Vi IMproved - enhanced vi editor Details It was discovered that Vim could be made to crash when searching specially crafted patterns. An attacker could possibly use this to crash Vim and cause denial of service. ( CVE-2022-1674 ) It was discovered that there existed a NULL pointer dereference in Vim. An attacker could possibly use this to crash Vim and cause denial of service. ( CVE-2022-1725 ) It was discovered that there existed a buffer over-read in Vim when searching specially crafted patterns. An attacker could possibly use this to crash Vim and cause denial of service. ( CVE-2022-2124 ) It was discovered that there existed a heap buffer overflow in Vim when auto-indenting lisp. An attacker could possibly use this to crash Vim and cause denial of service. ( CVE-2022-2125 ) It was discovered that there existed an out of bounds read in Vim when performing spelling suggestions. An attacker could possibly use this to crash Vim and cause denial of service. ( CVE-2022-2126 ) It was discovered that Vim accessed invalid memory when executing specially crafted command line expressions. An attacker could possibly use this to crash Vim, access or modify memory, or execute arbitrary commands. ( CVE-2022-2175 ) It was discovered that there existed an out-of-bounds read in Vim when auto-indenting lisp. An attacker could possibly use this to crash Vim, access or modify memory, or execute arbitrary commands. ( CVE-2022-2183 ) It was discovered that Vim accessed invalid memory when terminal size changed. An attacker could possibly use this to crash Vim, access or modify memory, or execute arbitrary commands. ( CVE-2022-2206 ) It was discovered that there existed a stack buffer overflow in Vim's spelldump. An attacker could possibly use this to crash Vim and cause denial of service. ( CVE-2022-2304 ) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 o vim-nox-py2 - 2:7.4.1689-3ubuntu1.5+esm13 Available with Ubuntu Pro (Infra-only) o vim-gnome - 2:7.4.1689-3ubuntu1.5+esm13 Available with Ubuntu Pro (Infra-only) o vim-athena-py2 - 2:7.4.1689-3ubuntu1.5+esm13 Available with Ubuntu Pro (Infra-only) o vim-athena - 2:7.4.1689-3ubuntu1.5+esm13 Available with Ubuntu Pro (Infra-only) o vim-gtk - 2:7.4.1689-3ubuntu1.5+esm13 Available with Ubuntu Pro (Infra-only) o vim - 2:7.4.1689-3ubuntu1.5+esm13 Available with Ubuntu Pro (Infra-only) o vim-gtk3-py2 - 2:7.4.1689-3ubuntu1.5+esm13 Available with Ubuntu Pro (Infra-only) o vim-gtk-py2 - 2:7.4.1689-3ubuntu1.5+esm13 Available with Ubuntu Pro (Infra-only) o vim-tiny - 2:7.4.1689-3ubuntu1.5+esm13 Available with Ubuntu Pro (Infra-only) o vim-gnome-py2 - 2:7.4.1689-3ubuntu1.5+esm13 Available with Ubuntu Pro (Infra-only) o vim-gtk3 - 2:7.4.1689-3ubuntu1.5+esm13 Available with Ubuntu Pro (Infra-only) o vim-nox - 2:7.4.1689-3ubuntu1.5+esm13 Available with Ubuntu Pro (Infra-only) In general, a standard system update will make all the necessary changes. References o CVE-2022-1674 o CVE-2022-2125 o CVE-2022-2304 o CVE-2022-1725 o CVE-2022-2124 o CVE-2022-2126 o CVE-2022-2183 o CVE-2022-2175 o CVE-2022-2206 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3L/8MkNZI30y1K9AQgxTQ//UzOUbKwIRS4HrjIxgW0CoAMy7Qm+frl5 QuPvjuFHAuufVsikwbcRuwpRbBRoPEBuUksSqaez+DCMBLhGPV5HOzNnT8YPcoYb hsqZ3TeRafBsfTyE75VWdaMVAJxQh4iC7G9l8JBPUyZHkk5EWwO7qE4KOtpz8Z7E TDrUZ5GCld/qWV10jgRIPj+sxzh9zlZZaC59RKQD3bQpH5d/wxvs8EXDnbAZSXuo C6eVuti3XYumdDwlMhj7FxA+tOGFdd9rtC8R4vvL7JZTNHmoWni0XGyICvP9LkPj oS+e+XMDkn2Zq095O4GxNYQWiiNr+xDqwQWjti7Z7QRy6laDViQyHi7Le54X4BEJ DBGSvEXlu+7fHdmZ1Hm8+Q833fX5HZJavgsU9nBbgbjElSwZXo5QQA0ZNKQLpu7k 7Wau9/U6dOp7HLTA51BxFVT/3Gi8r82FJ8VJwz0xB/6ODtiYyEe8FH9DWtT0NYmG C4KUdpP4OxImKXwTnRw1gPm12Q8iJKHKdGFC/Kwqb4ZP+26eZkhwnSjM3ihd/K3y K/PTlE22KwC1d4Ms0565hUOsxh509bIFvGcZrHs/IPc7B2NZMUabrEYp74icL+XG zuJ6fugKW+rhjtEnWZjJdvggiLclM4zuOOzq9nEEc2jw1QpF9rbHt4uwFeKUw1L5 KqzD3Qvl0Jk= =Gn5d -----END PGP SIGNATURE-----
2022. november 15.

ESB-2022.5871 - [SUSE] xen: CVSS (Max): 7.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5871 Security update for xen 15 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: xen Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade CVE Names: CVE-2022-42326 CVE-2022-42325 CVE-2022-42323 CVE-2022-42322 CVE-2022-42321 CVE-2022-42320 CVE-2022-42319 CVE-2022-42318 CVE-2022-42317 CVE-2022-42316 CVE-2022-42315 CVE-2022-42314 CVE-2022-42313 CVE-2022-42312 CVE-2022-42311 CVE-2022-42310 CVE-2022-42309 CVE-2022-33748 CVE-2022-33746 CVE-2021-28689 Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20223971-1 Comment: CVSS (Max): 7.5 CVE-2022-42320 (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H) CVSS Source: SUSE Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3971-1 Rating: important References: #1027519 #1167608 #1185104 #1193923 #1199966 #1203806 #1203807 #1204482 #1204485 #1204487 #1204488 #1204489 #1204490 #1204494 #1204496 Cross-References: CVE-2021-28689 CVE-2022-33746 CVE-2022-33748 CVE-2022-42309 CVE-2022-42310 CVE-2022-42311 CVE-2022-42312 CVE-2022-42313 CVE-2022-42314 CVE-2022-42315 CVE-2022-42316 CVE-2022-42317 CVE-2022-42318 CVE-2022-42319 CVE-2022-42320 CVE-2022-42321 CVE-2022-42322 CVE-2022-42323 CVE-2022-42325 CVE-2022-42326 Affected Products: SUSE Enterprise Storage 7 SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS SUSE Linux Enterprise Server 15-SP2-BCL SUSE Linux Enterprise Server 15-SP2-LTSS SUSE Linux Enterprise Server for SAP 15-SP2 SUSE Manager Proxy 4.1 SUSE Manager Retail Branch Server 4.1 SUSE Manager Server 4.1 ______________________________________________________________________________ An update that fixes 20 vulnerabilities is now available. Description: This update for xen fixes the following issues: o CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing (bsc# 1203806). o CVE-2022-33748: Fixed DoS due to race in locking (bsc#1203807). o CVE-2021-28689: Fixed speculative vulnerabilities with bare (non-shim) 32-bit PV guests (bsc#1185104). o CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314, CVE-2022-42315, CVE-2022-42316, CVE-2022-42317, CVE-2022-42318: xen: Xenstore: Guests can let xenstored run out of memory (bsc#1204482) o CVE-2022-42309: xen: Xenstore: Guests can crash xenstored (bsc#1204485) o CVE-2022-42310: xen: Xenstore: Guests can create orphaned Xenstore nodes (bsc#1204487) o CVE-2022-42319: xen: Xenstore: Guests can cause Xenstore to not free temporary memory (bsc#1204488) o CVE-2022-42320: xen: Xenstore: Guests can get access to Xenstore nodes of deleted domains (bsc#1204489) o CVE-2022-42321: xen: Xenstore: Guests can crash xenstored via exhausting the stack (bsc#1204490) o CVE-2022-42322,CVE-2022-42323: xen: Xenstore: cooperating guests can create arbitrary numbers of nodes (bsc#1204494) o CVE-2022-42325,CVE-2022-42326: xen: Xenstore: Guests can create arbitrary number of nodes via transactions (bsc#1204496) o xen: Frontends vulnerable to backends (bsc#1193923). Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE Manager Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-3971=1 o SUSE Manager Retail Branch Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-3971=1 o SUSE Manager Proxy 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-3971=1 o SUSE Linux Enterprise Server for SAP 15-SP2: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-3971=1 o SUSE Linux Enterprise Server 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-3971=1 o SUSE Linux Enterprise Server 15-SP2-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-3971=1 o SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-3971=1 o SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-3971=1 o SUSE Enterprise Storage 7: zypper in -t patch SUSE-Storage-7-2022-3971=1 Package List: o SUSE Manager Server 4.1 (noarch): xen-tools-xendomains-wait-disk-4.13.4_16-150200.3.65.1 o SUSE Manager Server 4.1 (x86_64): xen-4.13.4_16-150200.3.65.1 xen-debugsource-4.13.4_16-150200.3.65.1 xen-devel-4.13.4_16-150200.3.65.1 xen-libs-4.13.4_16-150200.3.65.1 xen-libs-debuginfo-4.13.4_16-150200.3.65.1 xen-tools-4.13.4_16-150200.3.65.1 xen-tools-debuginfo-4.13.4_16-150200.3.65.1 xen-tools-domU-4.13.4_16-150200.3.65.1 xen-tools-domU-debuginfo-4.13.4_16-150200.3.65.1 o SUSE Manager Retail Branch Server 4.1 (noarch): xen-tools-xendomains-wait-disk-4.13.4_16-150200.3.65.1 o SUSE Manager Retail Branch Server 4.1 (x86_64): xen-4.13.4_16-150200.3.65.1 xen-debugsource-4.13.4_16-150200.3.65.1 xen-devel-4.13.4_16-150200.3.65.1 xen-libs-4.13.4_16-150200.3.65.1 xen-libs-debuginfo-4.13.4_16-150200.3.65.1 xen-tools-4.13.4_16-150200.3.65.1 xen-tools-debuginfo-4.13.4_16-150200.3.65.1 xen-tools-domU-4.13.4_16-150200.3.65.1 xen-tools-domU-debuginfo-4.13.4_16-150200.3.65.1 o SUSE Manager Proxy 4.1 (x86_64): xen-4.13.4_16-150200.3.65.1 xen-debugsource-4.13.4_16-150200.3.65.1 xen-devel-4.13.4_16-150200.3.65.1 xen-libs-4.13.4_16-150200.3.65.1 xen-libs-debuginfo-4.13.4_16-150200.3.65.1 xen-tools-4.13.4_16-150200.3.65.1 xen-tools-debuginfo-4.13.4_16-150200.3.65.1 xen-tools-domU-4.13.4_16-150200.3.65.1 xen-tools-domU-debuginfo-4.13.4_16-150200.3.65.1 o SUSE Manager Proxy 4.1 (noarch): xen-tools-xendomains-wait-disk-4.13.4_16-150200.3.65.1 o SUSE Linux Enterprise Server for SAP 15-SP2 (noarch): xen-tools-xendomains-wait-disk-4.13.4_16-150200.3.65.1 o SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64): xen-4.13.4_16-150200.3.65.1 xen-debugsource-4.13.4_16-150200.3.65.1 xen-devel-4.13.4_16-150200.3.65.1 xen-libs-4.13.4_16-150200.3.65.1 xen-libs-debuginfo-4.13.4_16-150200.3.65.1 xen-tools-4.13.4_16-150200.3.65.1 xen-tools-debuginfo-4.13.4_16-150200.3.65.1 xen-tools-domU-4.13.4_16-150200.3.65.1 xen-tools-domU-debuginfo-4.13.4_16-150200.3.65.1 o SUSE Linux Enterprise Server 15-SP2-LTSS (noarch): xen-tools-xendomains-wait-disk-4.13.4_16-150200.3.65.1 o SUSE Linux Enterprise Server 15-SP2-LTSS (x86_64): xen-4.13.4_16-150200.3.65.1 xen-debugsource-4.13.4_16-150200.3.65.1 xen-devel-4.13.4_16-150200.3.65.1 xen-libs-4.13.4_16-150200.3.65.1 xen-libs-debuginfo-4.13.4_16-150200.3.65.1 xen-tools-4.13.4_16-150200.3.65.1 xen-tools-debuginfo-4.13.4_16-150200.3.65.1 xen-tools-domU-4.13.4_16-150200.3.65.1 xen-tools-domU-debuginfo-4.13.4_16-150200.3.65.1 o SUSE Linux Enterprise Server 15-SP2-BCL (x86_64): xen-4.13.4_16-150200.3.65.1 xen-debugsource-4.13.4_16-150200.3.65.1 xen-devel-4.13.4_16-150200.3.65.1 xen-libs-4.13.4_16-150200.3.65.1 xen-libs-debuginfo-4.13.4_16-150200.3.65.1 xen-tools-4.13.4_16-150200.3.65.1 xen-tools-debuginfo-4.13.4_16-150200.3.65.1 xen-tools-domU-4.13.4_16-150200.3.65.1 xen-tools-domU-debuginfo-4.13.4_16-150200.3.65.1 o SUSE Linux Enterprise Server 15-SP2-BCL (noarch): xen-tools-xendomains-wait-disk-4.13.4_16-150200.3.65.1 o SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (x86_64): xen-4.13.4_16-150200.3.65.1 xen-debugsource-4.13.4_16-150200.3.65.1 xen-devel-4.13.4_16-150200.3.65.1 xen-libs-4.13.4_16-150200.3.65.1 xen-libs-debuginfo-4.13.4_16-150200.3.65.1 xen-tools-4.13.4_16-150200.3.65.1 xen-tools-debuginfo-4.13.4_16-150200.3.65.1 xen-tools-domU-4.13.4_16-150200.3.65.1 xen-tools-domU-debuginfo-4.13.4_16-150200.3.65.1 o SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch): xen-tools-xendomains-wait-disk-4.13.4_16-150200.3.65.1 o SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (x86_64): xen-4.13.4_16-150200.3.65.1 xen-debugsource-4.13.4_16-150200.3.65.1 xen-devel-4.13.4_16-150200.3.65.1 xen-libs-4.13.4_16-150200.3.65.1 xen-libs-debuginfo-4.13.4_16-150200.3.65.1 xen-tools-4.13.4_16-150200.3.65.1 xen-tools-debuginfo-4.13.4_16-150200.3.65.1 xen-tools-domU-4.13.4_16-150200.3.65.1 xen-tools-domU-debuginfo-4.13.4_16-150200.3.65.1 o SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch): xen-tools-xendomains-wait-disk-4.13.4_16-150200.3.65.1 o SUSE Enterprise Storage 7 (x86_64): xen-4.13.4_16-150200.3.65.1 xen-debugsource-4.13.4_16-150200.3.65.1 xen-devel-4.13.4_16-150200.3.65.1 xen-libs-4.13.4_16-150200.3.65.1 xen-libs-debuginfo-4.13.4_16-150200.3.65.1 xen-tools-4.13.4_16-150200.3.65.1 xen-tools-debuginfo-4.13.4_16-150200.3.65.1 xen-tools-domU-4.13.4_16-150200.3.65.1 xen-tools-domU-debuginfo-4.13.4_16-150200.3.65.1 o SUSE Enterprise Storage 7 (noarch): xen-tools-xendomains-wait-disk-4.13.4_16-150200.3.65.1 References: o https://www.suse.com/security/cve/CVE-2021-28689.html o https://www.suse.com/security/cve/CVE-2022-33746.html o https://www.suse.com/security/cve/CVE-2022-33748.html o https://www.suse.com/security/cve/CVE-2022-42309.html o https://www.suse.com/security/cve/CVE-2022-42310.html o https://www.suse.com/security/cve/CVE-2022-42311.html o https://www.suse.com/security/cve/CVE-2022-42312.html o https://www.suse.com/security/cve/CVE-2022-42313.html o https://www.suse.com/security/cve/CVE-2022-42314.html o https://www.suse.com/security/cve/CVE-2022-42315.html o https://www.suse.com/security/cve/CVE-2022-42316.html o https://www.suse.com/security/cve/CVE-2022-42317.html o https://www.suse.com/security/cve/CVE-2022-42318.html o https://www.suse.com/security/cve/CVE-2022-42319.html o https://www.suse.com/security/cve/CVE-2022-42320.html o https://www.suse.com/security/cve/CVE-2022-42321.html o https://www.suse.com/security/cve/CVE-2022-42322.html o https://www.suse.com/security/cve/CVE-2022-42323.html o https://www.suse.com/security/cve/CVE-2022-42325.html o https://www.suse.com/security/cve/CVE-2022-42326.html o https://bugzilla.suse.com/1027519 o https://bugzilla.suse.com/1167608 o https://bugzilla.suse.com/1185104 o https://bugzilla.suse.com/1193923 o https://bugzilla.suse.com/1199966 o https://bugzilla.suse.com/1203806 o https://bugzilla.suse.com/1203807 o https://bugzilla.suse.com/1204482 o https://bugzilla.suse.com/1204485 o https://bugzilla.suse.com/1204487 o https://bugzilla.suse.com/1204488 o https://bugzilla.suse.com/1204489 o https://bugzilla.suse.com/1204490 o https://bugzilla.suse.com/1204494 o https://bugzilla.suse.com/1204496 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3L/bskNZI30y1K9AQh/DBAAjazY16QmGn2AW0GlspRFurbfao9Vvs9Q s0ALfiNAngELnGXcF65yZs3BJGCfliKryyPiZMYRTY9AbKn6Fi8LXqCeiJPoEE37 vPyjecFG8Urv9t1BRnx7xBPQvnkP5SiDOaqO+AQXiKq9eeXpTgu9+DxMr4m5d3IX LPkO9Pb3P06e8jP507VTl5NgvkFmmD78D/k9TMuIgqvaoEpFe7XzvwlsOvCbLmpX bce4KNBv5uDNZP1dc6gPPBA7vZz3Q3FaPhQkKDpqAaI5WcZ0GfJzu1RkSp2OxZuy Uao0XLFDNjk83Mqn5C6nVVnVxIKfdTjNO2WbNRzqvWwSLuKuvAu8UCUErq6g0VMj BNbd9V+WpAkqG1HUDvg1GuxMrBah0peG6Jvq2usKFxAyvZoO/qU1jIyu70OAhPom 7MZO5nKZBDi9qCdhhU1Bnp5ow6rN8Apr2VRrvA1YxQBMQJC4B1vHW0jubRBU5m86 G3aY/5g/CB1pT+E3nTv4Mwx0TBiW/kP0U1e5cSEnIJI/cpNwQ5+95rUU041S4OKj pTMlwOmkQdC+P9Ad3lqpHczcM4kcNSdWcrRdsi1b2EpBw/LZ+cCSqXemDlkZqu7d z0rK9aNv6ja5x5KrPclPj1A0xTT/DHeOV5FZn6CuMySxOmeXniHLoQhzIu3MqXUv qWNRWWkdb04= =McBC -----END PGP SIGNATURE-----
2022. november 15.

ESB-2022.5870 - [SUSE] nodejs16: CVSS (Max): 7.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5870 Security update for nodejs16 15 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: nodejs16 Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade CVE Names: CVE-2022-43548 Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20223967-1 Comment: CVSS (Max): 7.5 CVE-2022-43548 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) CVSS Source: SUSE Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for nodejs16 ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3967-1 Rating: important References: #1205119 Cross-References: CVE-2022-43548 Affected Products: SUSE Linux Enterprise High Performance Computing 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Server 12-SP4 SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12-SP3 SUSE Linux Enterprise Server for SAP Applications 12-SP4 SUSE Linux Enterprise Server for SAP Applications 12-SP5 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for nodejs16 fixes the following issues: o Update to LTS versino 16.18.1. o CVE-2022-43548: Fixed DNS rebinding in --inspect via invalid octal IP address (bsc#1205119). o Update to LTS version 16.18.0: * http: throw error on content-length mismatch * stream: add ReadableByteStream.tee() * deps: npm updated to 8.19.2 Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE Linux Enterprise Module for Web Scripting 12: zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2022-3967=1 Package List: o SUSE Linux Enterprise Module for Web Scripting 12 (aarch64 ppc64le s390x x86_64): nodejs16-16.18.1-8.17.1 nodejs16-debuginfo-16.18.1-8.17.1 nodejs16-debugsource-16.18.1-8.17.1 nodejs16-devel-16.18.1-8.17.1 npm16-16.18.1-8.17.1 o SUSE Linux Enterprise Module for Web Scripting 12 (noarch): nodejs16-docs-16.18.1-8.17.1 References: o https://www.suse.com/security/cve/CVE-2022-43548.html o https://bugzilla.suse.com/1205119 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3L/SckNZI30y1K9AQjRsA//UNjgjX19AZbwZNfy4EqtzWPYuWlxAPM6 uHnkf52moFL3p2fJodM1WRY+GNtJ2dv95LY6SjY5Jk+P+NdJfUiqbWQN9UPlPCUA lNOh7B/df24gZ7i1DPfl3gSIS5L/eUPXdaHAYkxIURUCsptBjUmNxzG+9lJvYUP0 rv6WuXO9/kfJ4FgUlC+yBIkh6TAqgZewfycPjco6zPfE0zof8PfjbaewYMaSdomY yW0MAfbL6P4iFxven5V70OHerVtdnhh2GwE9bKYfQ23JluHrBl/fZsbnSHdkCkvQ yenQH7YPCKODdSpXUh1TzUKxokAtA7GKk9FpvV7nxDf2xomD6vntvJ8THxk2sUw/ /oHoMXf2ofBnCUReCnWMjtCGt1biVu954Qg3WXGa5sF8RcfcYvi1JNufsKJNXI5s jEB8yWvReG+O9AM8lUuIu7A5sTa/XSf2Fh/lbONB27KOFWrKx0vc0AhtJpDWLZDg XUeQJKatUTF/OtimMRI8e0iBDBF7RK7RCaXba0is7s3A214uA9hL6Q16JxWnOjTt XykwRbnayz1z0tiNNvoEdRLiA0ftW46eY4sq+S2BJW/WY64uqUbktoJKfiW0v72V sosIjtDFRS6zS3sRRNSWwh1kv7NIz/UaayW4ZFMf5yImbNhPMzJeXmOsDur86awO dyKaipVmXz4= =G7cQ -----END PGP SIGNATURE-----
2022. november 15.

ESB-2022.5869 - [SUSE] nodejs14: CVSS (Max): 7.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5869 Security update for nodejs14 15 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: nodejs14 Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade CVE Names: CVE-2022-43548 Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20223968-1 Comment: CVSS (Max): 7.5 CVE-2022-43548 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) CVSS Source: SUSE Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/U I:N/S:U/C:N/I:H/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for nodejs14 ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3968-1 Rating: important References: #1205119 Cross-References: CVE-2022-43548 Affected Products: SUSE Linux Enterprise High Performance Computing 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Server 12-SP4 SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12-SP3 SUSE Linux Enterprise Server for SAP Applications 12-SP4 SUSE Linux Enterprise Server for SAP Applications 12-SP5 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for nodejs14 fixes the following issues: o Update to 14.21.1: o CVE-2022-43548: Fixed DNS rebinding in --inspect via invalid octal IP address (bsc#1205119). o Update to 14.21.0: o src: add --openssl-shared-config option Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE Linux Enterprise Module for Web Scripting 12: zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2022-3968=1 Package List: o SUSE Linux Enterprise Module for Web Scripting 12 (aarch64 ppc64le s390x x86_64): nodejs14-14.21.1-6.37.1 nodejs14-debuginfo-14.21.1-6.37.1 nodejs14-debugsource-14.21.1-6.37.1 nodejs14-devel-14.21.1-6.37.1 npm14-14.21.1-6.37.1 o SUSE Linux Enterprise Module for Web Scripting 12 (noarch): nodejs14-docs-14.21.1-6.37.1 References: o https://www.suse.com/security/cve/CVE-2022-43548.html o https://bugzilla.suse.com/1205119 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3L/NskNZI30y1K9AQjGKhAAvUgqrsY7p3ms4bOhtns6QkPXFI81KcZ6 iD6EUdbLJz6gbMhttFRZdzYNVPTV42fuJPiXwcPfMimaAjzXG+i7qvoUdVRq3JPd l79di3AQ+KjoE7if1i4IPvWi3VORpOvPFiYzZg5mNwxIOe4zCTVgjj8s92DWlmj4 3NJXWCK4+Otuvqx8b6wxwObrm+MgI6X/9DYNl9/odGud7RYScR1ln7ZIjIxwrzCQ UQwyM4WZELHsiRbTC+jtnWRljJV4yMNDyiZub4f4HDr3foVgpx8LwA8a6zdaVhxP som/rhMrt+quE+8gg1xCXkuyMQgr/OhfvKKoUyWLrpYG5O/pgqe7vYhWfRVFBPr7 yHf1tJ2OrsVjSBaFaITAOgM9SI5eM8zLtWYqfQSo7PgeBL88ijCHcvIvWJFDEBXa nModRuGrv+VwzdFIcAkCp/cvYS3iBJrHx88FIQh3nujDEzJnDOGvZNmiA6lkWtmP be3+PreUs+Fv0MDnvrXNprF5arlGdNTI4OgZnn9ebyn3BxPa6hUTZ3ISzi58diA9 by/aX1AdJp5Zl7bLIT+Fg1kZ6bWylMnRaQjyLoEeVL4oyRvUqTisI2whfE4xNvn1 d17juqueVloSBYwFKJvskxbz35jiT3oUsfYlCEdTnI+zI3v4nZI97kJJuC0xSJ6D uaM7BQS4bwE= =aZCs -----END PGP SIGNATURE-----
2022. november 15.

ESB-2022.5868 - [SUSE] kubevirt: CVSS (Max): None

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5868 Security update for kubevirt stack 15 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: kubevirt Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20223969-1 Comment: CVSS (Max): None available when published - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for kubevirt stack ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3969-1 Rating: important References: Affected Products: SUSE Linux Enterprise High Performance Computing 15-SP4 SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Module for Containers 15-SP4 SUSE Linux Enterprise Server 15-SP4 SUSE Linux Enterprise Server for SAP Applications 15-SP4 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update provides rebuilds of the kubevirt containers with up to date base images, fixing various security issues. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-3969=1 o SUSE Linux Enterprise Module for Containers 15-SP4: zypper in -t patch SUSE-SLE-Module-Containers-15-SP4-2022-3969=1 o SUSE Linux Enterprise Micro 5.3: zypper in -t patch SUSE-SLE-Micro-5.3-2022-3969=1 Package List: o openSUSE Leap 15.4 (x86_64): kubevirt-container-disk-0.54.0-150400.3.5.1 kubevirt-container-disk-debuginfo-0.54.0-150400.3.5.1 kubevirt-manifests-0.54.0-150400.3.5.1 kubevirt-tests-0.54.0-150400.3.5.1 kubevirt-tests-debuginfo-0.54.0-150400.3.5.1 kubevirt-virt-api-0.54.0-150400.3.5.1 kubevirt-virt-api-debuginfo-0.54.0-150400.3.5.1 kubevirt-virt-controller-0.54.0-150400.3.5.1 kubevirt-virt-controller-debuginfo-0.54.0-150400.3.5.1 kubevirt-virt-handler-0.54.0-150400.3.5.1 kubevirt-virt-handler-debuginfo-0.54.0-150400.3.5.1 kubevirt-virt-launcher-0.54.0-150400.3.5.1 kubevirt-virt-launcher-debuginfo-0.54.0-150400.3.5.1 kubevirt-virt-operator-0.54.0-150400.3.5.1 kubevirt-virt-operator-debuginfo-0.54.0-150400.3.5.1 kubevirt-virtctl-0.54.0-150400.3.5.1 kubevirt-virtctl-debuginfo-0.54.0-150400.3.5.1 obs-service-kubevirt_containers_meta-0.54.0-150400.3.5.1 o SUSE Linux Enterprise Module for Containers 15-SP4 (x86_64): kubevirt-manifests-0.54.0-150400.3.5.1 kubevirt-virtctl-0.54.0-150400.3.5.1 kubevirt-virtctl-debuginfo-0.54.0-150400.3.5.1 o SUSE Linux Enterprise Micro 5.3 (x86_64): kubevirt-manifests-0.54.0-150400.3.5.1 kubevirt-virtctl-0.54.0-150400.3.5.1 kubevirt-virtctl-debuginfo-0.54.0-150400.3.5.1 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3L/HMkNZI30y1K9AQgu3BAAo2QrDG20RlJwWTUxVbtkgj9K2nd0M8KJ hnEqFhmDoOcKQ46YlgM9IxxC2eyQbp8r18G98srFScE8UopbqAv+JxRV+fFqeliI kgfswWYPXEzO53CIVj7Jct6t6oQF57qa3SKpCgLuyx903ggtoxPrqiClBYGcGZL2 W4hVqiwqKpRFSXt7hA2IaHUNj99tvJhclm7D2sYHbly0kO4sG5S1gVQrjJ9tAMk4 JUPcL25z84JeGJrP6FSlWSZWrCA9Zk4Iq1tBfzQQT+972vJWP0d1sK7iyZ5BlT3q fgYT2aQjq+PkHQrL/PDeYBKLhVmhGLE1d/gGC5tTAcjghnZz/vnAE8FHQ3b8eWEp MmCjbgBbIKLFowR9wdTzdMv6hCQulQctdol6fP1cTXR3Ofw+M+wdOd4VV66OWWdM ZsN15ecK6lsr7+BTZQEMpfuep8zh8aTLbWEWxEp64diVIpJV/yhFaHtioWtXF1xj 32nzQP+pALtV64utBoDu4bpupYBWEyWm6uaeCXAzEgYRh1a6JzoPlQlOFKEis8F1 CRfOIz7HI4oBbxObHYgoaApEHMg18fMOmcAErLBCMl5b5UCRYCt9s1UDmDPMmX7+ VAwM+AXg0UioqAmsmU+wT58v5LFVUKrRmSIqZYQqZlf0LHEcXETh0pyiQTEeYBpF taluCm6kJbU= =SHFb -----END PGP SIGNATURE-----
2022. november 15.

ESB-2022.5867 - [SUSE] containerized-data-importer: CVSS (Max): None

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5867 Security update for containerized-data-importer 15 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: containerized-data-importer Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20223970-1 Comment: CVSS (Max): None available when published - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for containerized-data-importer ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3970-1 Rating: important References: Affected Products: SUSE Linux Enterprise High Performance Computing 15-SP4 SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Module for Containers 15-SP4 SUSE Linux Enterprise Server 15-SP4 SUSE Linux Enterprise Server for SAP Applications 15-SP4 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update rebuilds the current containeried data importer images against current base images, to fix security issues. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-3970=1 o SUSE Linux Enterprise Module for Containers 15-SP4: zypper in -t patch SUSE-SLE-Module-Containers-15-SP4-2022-3970=1 o SUSE Linux Enterprise Micro 5.3: zypper in -t patch SUSE-SLE-Micro-5.3-2022-3970=1 Package List: o openSUSE Leap 15.4 (x86_64): containerized-data-importer-api-1.51.0-150400.4.5.1 containerized-data-importer-api-debuginfo-1.51.0-150400.4.5.1 containerized-data-importer-cloner-1.51.0-150400.4.5.1 containerized-data-importer-cloner-debuginfo-1.51.0-150400.4.5.1 containerized-data-importer-controller-1.51.0-150400.4.5.1 containerized-data-importer-controller-debuginfo-1.51.0-150400.4.5.1 containerized-data-importer-importer-1.51.0-150400.4.5.1 containerized-data-importer-importer-debuginfo-1.51.0-150400.4.5.1 containerized-data-importer-manifests-1.51.0-150400.4.5.1 containerized-data-importer-operator-1.51.0-150400.4.5.1 containerized-data-importer-operator-debuginfo-1.51.0-150400.4.5.1 containerized-data-importer-uploadproxy-1.51.0-150400.4.5.1 containerized-data-importer-uploadproxy-debuginfo-1.51.0-150400.4.5.1 containerized-data-importer-uploadserver-1.51.0-150400.4.5.1 containerized-data-importer-uploadserver-debuginfo-1.51.0-150400.4.5.1 obs-service-cdi_containers_meta-1.51.0-150400.4.5.1 o SUSE Linux Enterprise Module for Containers 15-SP4 (x86_64): containerized-data-importer-manifests-1.51.0-150400.4.5.1 o SUSE Linux Enterprise Micro 5.3 (x86_64): containerized-data-importer-manifests-1.51.0-150400.4.5.1 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3L+/8kNZI30y1K9AQhfOxAAqYVUilHaVvorK/Aeha0w2ld6rw5+Z+/c VqgIYVHleI/p+bY+x1PHrpQbtF8n8jCKI5bLmf1MEJb6kBxMijKKR+SGvCTiyrki ViQPACmn86Tw9TNzZhrjHZDQ8gA/4iyLGk0jDnBFsFG+rQ4qAbY0qs0SeOE/o68W w2vZMpeU04Kt8zsYmG8kKcP/4iGhF3VdqBA5up6EE3s3qaubuJ7DWnEqT0ohd82s ruPJj2/er4pW065Oe1u0yLRe4vjpolXdHjmiJrnNFlorXceuLwgAt4/DFyru8c3S UYThojqCXvj6wzr3I5de6pj3p6kprIZ6MLNfMKk+q/xE4DHfpTr+OFVBOLVRtmz3 0zhnx2Hp+hVXa3XekHwlz5JXmWZSJ0CykQhGgkIgmz882ql9hBHu/o7Nyu/t4XKu 50uF7n6+ztjflupK87EX9GeiaCrGRzl9MrVPi9d2/jo5/cTBQG9oJbgkxBqz7Qzi viHVQiBBQtmSUiykrQPTnrl9Z8QQx2v+S2lA5x6gvwDrMdI7C7pK9slUXPUm89Ih S8fWCn+aHXbBFYPdCoXdhVw27aeNClVdell5leTRIGb3XpK8gGmQLZR6KiZA9Mu9 6o3LIBjNUBdCnuhyIA6qt/AlOBvKqQU358+zSyg7uv/fPGbxOZ4oJ4kRDls1LDsQ PXnmjEKTLuY= =dpRo -----END PGP SIGNATURE-----
2022. november 15.

ESB-2022.5208.2 - UPDATE [Cisco] Cisco Identity Services Engine Cross-Site Scripting : CVSS (Max): 6.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5208.2 Cisco Identity Services Engine Cross-Site Scripting Vulnerability 15 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cisco Identity Services Engine Cross-Site Scripting Publisher: Cisco Systems Operating System: Cisco Resolution: Patch/Upgrade CVE Names: CVE-2022-20959 Original Bulletin: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss-twLnpy3M Comment: CVSS (Max): 6.1 CVE-2022-20959 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) CVSS Source: Cisco Systems Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Revision History: November 15 2022: Vendor updated advisory October 20 2022: Initial Release - --------------------------BEGIN INCLUDED TEXT-------------------- Cisco Identity Services Engine Cross-Site Scripting Vulnerability Priority: Medium Advisory ID: cisco-sa-ise-xss-twLnpy3M First Published: 2022 October 19 16:00 GMT Last Updated: 2022 November 14 20:04 GMT Version 1.2: Final Workarounds: No workarounds available Cisco Bug IDs: CSCwc62413 CVE Names: CVE-2022-20959 CWEs: CWE-79 Summary o A vulnerability in the External RESTful Services (ERS) API of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by persuading an authenticated administrator of the web-based management interface to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss-twLnpy3M Affected Products o Vulnerable Products At the time of publication, this vulnerability affected Cisco ISE Software if ERS was enabled. For information about which Cisco software releases were vulnerable at the time of publication, see the Fixed Software section of this advisory. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. Determine Whether ERS is Enabled For Cisco ISE releases 2.0 to 2.7, do the following: 1. Log in to the Cisco ISE web management interface. 2. Choose Administration > System > Settings . 3. Choose ERS Settings . If Enable ERS for Read/Write is selected, the device is vulnerable. If Disable ERS is selected, the device is not vulnerable. For Cisco ISE Release 3.0, do the following: 1. Log in to the Cisco ISE web management interface. 2. Click the menu icon. 3. Choose Administration > System > Settings . 4. Choose ERS Settings . If Enable ERS for Read/Write is selected, the device is vulnerable. If Disable ERS is selected, the device is not vulnerable. For Cisco ISE releases 3.1 and 3.2, do the following: 1. Log in to the Cisco ISE web management interface. 2. Click the menu icon. 3. Choose Administration > System > Settings . 4. Choose API Settings . 5. Choose the API Service Settings tab. If ERS (Read/Write) is selected, the device is vulnerable. If ERS (Read/Write) is not selected, the device is not vulnerable. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Workarounds o There are no workarounds that address this vulnerability. However, administrators may disable the affected feature. To disable ERS in Cisco ISE releases 2.0 to 2.7, do the following: 1. Log in to the Cisco ISE web management interface. 2. Choose Administration > System > Settings . 3. Choose ERS Settings . 4. Click the Disable ERS radio button. To disable ERS in Cisco ISE Release 3.0, do the following: 1. Log in to the Cisco ISE web management interface. 2. Click the menu icon. 3. Choose Administration > System > Settings . 4. Click the Disable ERS radio button. To disable ERS in Cisco ISE releases 3.1 and 3.2, do the following: 1. Log in to the Cisco ISE web management interface. 2. Click the menu icon. 3. Choose Administration > System > Settings . 4. Choose API Settings . 5. Choose the API Service Settings tab. 6. Click the ERS (Read/Write) toggle switch to deactivate it. While this mitigation has been deployed and was proven successful in a test environment, customers should determine the applicability and effectiveness in their own environment and under their own use conditions. Customers should be aware that any workaround or mitigation that is implemented may negatively impact the functionality or performance of their network based on intrinsic customer deployment scenarios and limitations. Customers should not deploy any workarounds or mitigations before first evaluating the applicability to their own environment and any impact to such environment. Fixed Software o When considering software upgrades , customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Fixed Releases At the time of publication, the release information in the following table (s) was accurate. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. The left column lists Cisco software releases, and the right column indicates whether a release was affected by the vulnerability that is described in this advisory and which release included the fix for this vulnerability. Cisco ISE Software Release First Fixed Release 2.4 ^1 and earlier Migrate to fixed release. 2.6 ^2 Migrate to fixed release. 2.7 ^2 2.7P8 (Nov 2022) 3.0 ^2 3.0P7 (Feb 2023) 3.1 3.1P4 3.2 ^2 3.2P1 (Jan 2023) 1. Cisco ISE Software Release 2.4 has reached End of Software Maintenance . Customers are advised to migrate to a supported release that includes the fix for this vulnerability. 2. Hot patches are available by request for the following versions and patch levels: 2.6P12, 2.7P7, 3.0P6, and 3.2. Contact Cisco TAC to make the request. For instructions on upgrading your device, see the Upgrade Guides located on the Cisco Identity Service Engine support page. The Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory. Exploitation and Public Announcements o The Cisco PSIRT is aware that proof-of-concept exploit code for the vulnerability that is described in this advisory will become available after software fixes are released. Public reports of the vulnerability, including a description and classification without specific technical details, will become available after this advisory is published. The Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory. Source o Cisco would like to thank Davide Virruso of Yoroi for reporting this vulnerability. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. Related to This Advisory o Cross-Site Scripting URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss-twLnpy3M Revision History o +---------+--------------------------+-------------+--------+-------------+ | Version | Description | Section | Status | Date | +---------+--------------------------+-------------+--------+-------------+ | 1.2 | Updated hot patch | Fixed | Final | 2022-NOV-14 | | | information. | Releases | | | +---------+--------------------------+-------------+--------+-------------+ | | Added mitigation | Workarounds | | | | 1.1 | information. Updated | and Fixed | Final | 2022-OCT-31 | | | expected release date | Releases | | | | | for 2.7P8. | | | | +---------+--------------------------+-------------+--------+-------------+ | 1.0 | Initial public release. | - | Final | 2022-OCT-19 | +---------+--------------------------+-------------+--------+-------------+ - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3MB2ckNZI30y1K9AQgB/xAAgBFOke94IL19TR6kq+J3xbE2P/DzwPxo ck9T1LKWLYwMuOlSmPfk7ZHStPrcp0dSWJJZFn8OAVrBmeHH30jaFiLV/z7Xsu0C OuGy7bcpyBHP63neus0Y8baOWVj1jOi01ODbTFJ2/4ecNs7LSLjflt4jrkOdNm52 FFZtf691jybBuQb/HjP11trCa+m1kwsaO0nlOPKxzhUN7QTDZWQJyXD4qWf8gGvr 8hgG7/9Sk0rorqri/4z+1d6JDcQpdeqQ4/emrrHsrhvoit+OCOpKbCvqXQblbzMs vrPVRsNEqsyL2x+40EEctsAdprwe3rCjao+v6kfS/jBouBhPpeEuNIZj+6gGLd1N RM35/31fT/fyFEuP/UKBDWRIhqpytJyE/SqVGhGClSO9guJfiMikvByhnX+MB/am g8UxilcVRVndniVbn1lUb+vzj4KxvUzajUgHV3V2o/H2WvVyVYB/IjWItJzqc8QQ t/nFFJMxFuQ7c3nkiC0Owj1Mc8nmDcY0Tsfb2/OHMYJdhgcYxi7LkUhtzSeBPYc0 NA6fY3uXUUV1XPcJxpIyaoXw5DoQPqQen/EMV/ATVuyzuF2A3AXGBhLHe3cjIZAy JXiEA+wod6dCMePcxIuCqOulFy1t1yektBUy1cKSerF8J0fMd+Q+PL0mZzIUurLz TsOoJHRfZzc= =Q9Qx -----END PGP SIGNATURE-----
2022. november 14.

ESB-2022.5866 - [Appliance] F5 Products: CVSS (Max): 5.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5866 K73422160: OpenSSL vulnerability CVE-2019-1547 14 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: F5OS-A F5OS-C Traffix SDC Publisher: F5 Networks Operating System: Network Appliance Resolution: Patch/Upgrade CVE Names: CVE-2019-1547 Original Bulletin: https://support.f5.com/csp/article/K73422160 Comment: CVSS (Max): 5.5 CVE-2019-1547 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) CVSS Source: F5 Networks Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- K73422160: OpenSSL vulnerability CVE-2019-1547 Original Publication Date: 10 Oct, 2019 Latest Publication Date: 14 Nov, 2022 Security Advisory Description Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s). (CVE-2019-1547) Impact A local attacker can recover a full key during an ECDSA signature operation. Security Advisory Status F5 Product Development has assigned ID 1188761 (F5OS) and CPF-25136 and CPF-25137 (Traffix) to this vulnerability. To determine if your product and version have been evaluated for this vulnerability, refer to the Applies to (see versions) box. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases, point releases, or hotfixes that address the vulnerability, refer to the following table. For more information about security advisory versioning, refer to K51812227: Understanding Security Advisory versioning. +------------------+------+----------+----------+-----------+------+----------+ | | |Versions |Fixes | |CVSSv3|Vulnerable| |Product |Branch|known to |introduced|Severity |score^|component | | | |be |in | |1 |or feature| | | |vulnerable| | | | | +------------------+------+----------+----------+-----------+------+----------+ | |15.x |None |Not | | | | | | | |applicable| | | | | +------+----------+----------+ | | | |BIG-IP (LTM, AAM, |14.x |None |Not | | | | |AFM, Analytics, | | |applicable| | | | |APM, ASM, DNS, +------+----------+----------+ | | | |Edge Gateway, FPS,|13.x |None |Not |Not |None |None | |GTM, Link | | |applicable|vulnerable | | | |Controller, PEM, +------+----------+----------+ | | | |WebAccelerator) |12.x |None |Not | | | | | | | |applicable| | | | | +------+----------+----------+ | | | | |11.x |None |Not | | | | | | | |applicable| | | | +------------------+------+----------+----------+-----------+------+----------+ |BIG-IP (APM | | |Not |Not | | | |Clients) |7.1.x |None |applicable|vulnerable^|None |None | | | | | |2 | | | +------------------+------+----------+----------+-----------+------+----------+ |Enterprise Manager|3.x |None |Not |Not |None |None | | | | |applicable|vulnerable | | | +------------------+------+----------+----------+-----------+------+----------+ | |7.x |None |Not | | | | | | | |applicable| | | | | +------+----------+----------+ | | | |BIG-IQ Centralized|6.x |None |Not |Not |None |None | |Management | | |applicable|vulnerable | | | | +------+----------+----------+ | | | | |5.x |None |Not | | | | | | | |applicable| | | | +------------------+------+----------+----------+-----------+------+----------+ |F5OS-A |1.x |1.0.0 - |1.3.0 |Medium |5.5 |OpenSSL | | | |1.2.0 | | | | | +------------------+------+----------+----------+-----------+------+----------+ |F5OS-C |1.x |1.3.0 - |None |Medium |5.5 |OpenSSL | | | |1.5.0 | | | | | +------------------+------+----------+----------+-----------+------+----------+ |F5 iWorkflow |2.x |None |Not |Not |None |None | | | | |applicable|vulnerable | | | +------------------+------+----------+----------+-----------+------+----------+ |Traffix SDC |5.x |5.0.0 - |None |Medium |5.5 |OpenSSL | | | |5.1.0 | | | | | +------------------+------+----------+----------+-----------+------+----------+ ^1The CVSSv3 score link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge. ^2The specified products contain the affected code. However, F5 identifies the vulnerability status as Not vulnerable because the attacker cannot exploit the code in default, standard, or recommended configurations. Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Fixes introduced in column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists. Mitigation None Supplemental Information o K51812227: Understanding Security Advisory versioning o K41942608: Overview of Security Advisory articles o K4602: Overview of the F5 security vulnerability response policy o K4918: Overview of the F5 critical issue hotfix policy o K9970: Subscribing to email notifications regarding F5 products o K9957: Creating a custom RSS feed to view new and updated documents - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3HiJckNZI30y1K9AQgBrRAAl0798KuTh+zUn54oIievLp9/YWZjlDU+ c3GBTZfQV6/yChmqN3+ngPAtL5wGf/h15H2FmpqDKKVywqXeLCmOgoqAgpPdXukR mSEbHxVILo3rk3AUpitD4qG48M9aE06WMbRfpA9yDuJesdAguTxvo1s1+ae7h9xK cbEIpzh1fHGp93wSfBdbUS8U9RqkXiM4TUu1EQ2D+7b8cXtMxEWJ5owpCQDw3gvF U1d7Js94a3aU9SSfLgv2TPNlraUR6fVs5v56XwbobnOu5B72ECTpRljIPdY9EnGc /xOgbRTYm0OBXLZg97dwAoA5MJldF2lULvdrmgTEt74Hkfr9QkhXVMyuubI3Cvjh 0zQbdH9uL2bGXE7Bt3Qx4ovIlU+a1sNZEn181kljx73HY0BWAIyeTIzd2ey1AhBO mTh6kEwLgiJb6Ds9eS7lDU2eyzSBJLpThmdQwryHQHRGg6OO2FeiaEXeutiZ4KLz Fmw+EDHle45+7oBh+700x3OI9sKZoO8YigJGnJDDqOK0l0dDDGXYpxRIRzVXUMy5 NYo4OMw+Vpv7Nqu/R3IX16aOnZhFPVzFntv2hcuqBAvAvUuz50PMbR5XGLa+PWwm Pfi3qAPmt5CNralIg1YQ6K7tpd/QGg4+s4XT4OTabHHUoZG1EoVzBPUIubZ2G8d5 92xZpH5FlTg= =UREe -----END PGP SIGNATURE-----
2022. november 14.

ESB-2022.5865 - [Win][Linux][Solaris][AIX] IBM MQ: CVSS (Max): 5.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5865 Security Bulletin: IBM MQ Internet Pass-Thru traces sensitive data (CVE-2022-35719) 14 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: IBM MQ Publisher: IBM Operating System: AIX Linux variants Windows Solaris Resolution: Patch/Upgrade CVE Names: CVE-2022-35719 Original Bulletin: https://www.ibm.com/support/pages/node/6838559 Comment: CVSS (Max): 5.1 CVE-2022-35719 (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) CVSS Source: IBM Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- IBM MQ Internet Pass-Thru traces sensitive data (CVE-2022-35719) Document Information Document number : 6838559 Modified date : 11 November 2022 Product : IBM MQ Software version : 2.1.0, 9.2 Operating system(s): AIX Linux Linux on IBM Z Systems Windows Solaris Edition : All Summary An issue was found within IBM MQ Internet Pass-Thru which causes sensitive data to be written to trace files when trace is enabled. Vulnerability Details CVEID: CVE-2022-35719 DESCRIPTION: IBM MQ stores potentially sensitive information in trace files that could be read by a local user. CVSS Base score: 5.1 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 231370 for the current score. CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) Affected Products and Versions +-------------------------+----------+ |Affected Product(s) |Version(s)| +-------------------------+----------+ |IBM MQ Internet Pass-Thru|2.1 | +-------------------------+----------+ |IBM MQ Internet Pass-Thru|9.2 LTS | +-------------------------+----------+ |IBM MQ Internet Pass-Thru|9.2 CD | +-------------------------+----------+ Remediation/Fixes IBM MQ Internet Pass-Thru 2.1 o Apply FixPack 2.1.0.6 Note: MQ IPT 2.1.0.6 is provided on Solaris platforms only, for users with appropriate extended support entitlement. Contact IBM support to obtain the installation files for MQIPT 2.1.0.6 on Solaris. Users of MQ IPT 2.1 on all other platforms should migrate to one of the MQ IPT 9.2 levels listed below (or later). IBM MQ Internet Pass-Thru 9.2 LTS o Apply the 9.2.0.6 interim fix for APAR IT41700 IBM MQ Internet Pass-Thru 9.2 CD o Upgrade to IBM MQ Internet Pass-Thru 9.3.0.1 LTS or IBM MQ Internet Pass-Thru 9.3.1 CD Workarounds and Mitigations None Change History 10 Nov 2022: Initial Publication - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3HgZMkNZI30y1K9AQjdXg//UfsGdlYJxeUiWbZgc7ewngmseQRNxr6k yKm+1TOFhvN3NYtWMPkY+ronxkTtFDtPv47WrDD7UOZh3d4IecpP6ted0RfHHuET fzZFM3GwG/JXsTYg3ZPgbYV/wjdmsHck8cp6X5mPBp3un61wSijCTSuj4UQ7rM2h qJ7lBvZKXJAJ4LRhBXkx/aLAtMR4orQh/XFL6ysTsqymsujl72kYQdIYVfvCfPow sxwtN72knjhwOAH0P+lhTvIRKfREaor/MQrvYbe3998WaG9EQ9STjqlgKIR6J7y4 rXWZ/mclzqnCoIOKVBP9oYtl+pgsRVbhRBSfDdkat3kMqiHcyhUTi9uJgmCr5d79 +w7tdAsW6TxLTOB/w8lYiA0Sr9tfkiZm8mJp5HTBkVZV8jWs6V+2uYkp3rVGWum+ eF3WmedkkBCu8EEFWqG9uQUw7XqMjH21w+/10e8mrmorcpNFpOtfGuilm2s76TsI G+Fadjqjzh4VBkWfCFuJQdCGAppmPaHbvE0QBMhsf04+CgmhQ8A+nrqkV1AgC4BV FszFQ6Hd0ekqT7lSF+N5Jg9fBseoVdEtUM2h3dLdrdEjjhBcE4IqPxC0jkGYy+81 P31VkdpZbI0ZcUHh857pZ1MIPNZqPLNZKJdBs51/B7aNItNz7b1CcEDHs2Rca+ol fbaLkJHeOOY= =xE9O -----END PGP SIGNATURE-----
2022. november 14.

ESB-2022.5864 - sysstat: CVSS (Max): 9.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5864 sysstat security update 14 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: sysstat Publisher: Debian Operating System: Debian GNU/Linux Resolution: Patch/Upgrade CVE Names: CVE-2022-39377 CVE-2019-19725 CVE-2019-16167 Original Bulletin: https://lists.debian.org/debian-lts-announce/2022/11/msg00014.html Comment: CVSS (Max): 9.8 CVE-2019-19725 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSS Source: [NVD], SUSE Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - - ----------------------------------------------------------------------- Debian LTS Advisory DLA-3188-1 debian-lts@lists.debian.org https://www.debian.org/lts/security/ Utkarsh Gupta November 14, 2022 https://wiki.debian.org/LTS - - ----------------------------------------------------------------------- Package : sysstat Version : 12.0.3-2+deb10u1 CVE ID : CVE-2019-16167 CVE-2019-19725 CVE-2022-39377 Debian Bug : 939914 946657 1023832 There were a couple of secuity issues found in sysstat, system performance tools for Linux, which are as follows: CVE-2019-16167 sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remap_struct() in sa_common.c. CVE-2019-19725 sysstat through 12.2.0 has a double free in check_file_actlst in sa_common.c. CVE-2022-39377 On 32 bit systems, allocate_structures contains a size_t overflow in sa_common.c. The allocate_structures function insufficiently checks bounds before arithmetic multiplication, allowing for an overflow in the size allocated for the buffer representing system activities. This issue may lead to Remote Code Execution (RCE). For Debian 10 buster, these problems have been fixed in version 12.0.3-2+deb10u1. We recommend that you upgrade your sysstat packages. For the detailed security status of sysstat please refer to its security tracker page at: https://security-tracker.debian.org/tracker/sysstat Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS - -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAmNxZ6UACgkQgj6WdgbD S5azUxAAgBdUpwFTx01R0WzjWUVI3SZpFJF3VpRTAHRHb2r1Bi2XcuBsKWu9hwXa cLPjq7ZW1TLgBH81wJMQnCfJjo7ZEf9P4V8dxdaobcwxjUONNIafgXcwW4zF3VD0 8f3IoGnpzXKO85BfEjJC+9u6nkQ1xQpSyoAz6Gfn/GKLtG2+R6B1aTcV9KWKU8iy P8ubDMaP9bb4E8QPWRCyddE3IsHhjGIq3R5Y6abA9nDkYhI1s0rA3NovQivd23wp OBJYczdb4tdA9sY5Omcrepy9pajXlJlhN3cx0dxWijdhq7J5dONFcQsE6QpcMhRV pvrJWfoYzxqwqRldgmL2j61l8u6YI+On8d97zZoHtLAj4D/iKEn6fNJEEL64EiE9 dus1tyawD2BpLtooKemINNBszZH8SL9CTIxyLnqbz02Fj2PVWW88H4Tw4WkS4ttn 8EWYY9s7eRGdl/s13gfBqQaTIVupw9vRAKCjDfL7eHV2FBQAS/Eu67G10Vv4feAa FmscULFMPI6i/KwJOcDkOk7IAnd/vjl9zGa5OlGJw75a8sOh/aQjMe6p6CRJn5SO JIlc7VhAUr9IcQSbuf6Ox9ORxTDfaxMGk7v0BGW6DwhvVJ0ycvjz0FQ7n68zyX/K Ns+H+OTrbQwt4phW78c9N6/LM5/PZtEGulRvDHj+kUy+E0qxzfE= =FJFP - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3G3LMkNZI30y1K9AQiTbRAAgs0KnNA6xzB1zd0PbmQ75Ux8uxZcfQgm uMQk7ydUu9/Mecq4t7Lxt6lXkuNg5wooNKLdjBKrIBRMAPoAvFed6Zq7pVuiW0mF XYeEyHpdyUcqQXpMTANLxJDMhVZ1IfU/LjmPDDNDVaMa19eiyxC1AaGNi6YFPQvf S0+2IRK5V8O/nAYT2j16LJgWZhTa6ob79/Uyo4Ux5IUWC/nqXJZiMpZrfkZU5HtR 2C+VGjB0pE2MEIcichlUUVU42h5HaYvsHdSmeKS3ojTNu8z1BD2OwwP1jNEK6Knj RnhrxPy9LcuUM5y0Znl4hvSAgb4dkLpInOXnNZeV5JV3MQ4P71Zz7e4fz4i6WoFO hJKBkECPG6adH+XU50KJYtZBezKxW/p3kjk1NIDTzS/ZIyMn4piEbEJFy3tDO9GB ga+arJnUY9NzJXld5sa0i2QM3OpeJdtiEUAm7gH8BkEAVJSuCIR2G5HBt96VFRsq fyiYp44e3MQy7L8wBQpndqU6ti4DiVTHJJXqFB+MNjErxs3N+QOStE8IC5kGqoue oXPavF/e8Fx2kfG1ZeuEROPmYkaqds0wnWFR5aJoTPQGYB5OMJtvMSOmy/swK5+T mHiA9vGuBK7pAbXPGONbtcQWRIRjSGWMNX6ziq+jcxsYqzqFh5gyQXrC1ST4XUpm vVMENG4nwN0= =me7o -----END PGP SIGNATURE-----
2022. november 14.

ESB-2022.5863 - [Debian] pixman: CVSS (Max): 8.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5863 pixman security update 14 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: pixman Publisher: Debian Operating System: Debian GNU/Linux Resolution: Patch/Upgrade CVE Names: CVE-2022-44638 Original Bulletin: https://lists.debian.org/debian-security-announce/2022/msg00246.html Comment: CVSS (Max): 8.8 CVE-2022-44638 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) CVSS Source: NVD Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - - ------------------------------------------------------------------------- Debian Security Advisory DSA-5276-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 12, 2022 https://www.debian.org/security/faq - - ------------------------------------------------------------------------- Package : pixman CVE ID : CVE-2022-44638 Debian Bug : 1023427 Maddie Stone reported a heap-based buffer overflow flaw in pixman, a pixel-manipulation library for X and cairo, which could result in denial of service or potentially the execution of arbitrary code. For the stable distribution (bullseye), this problem has been fixed in version 0.40.0-1.1~deb11u1. We recommend that you upgrade your pixman packages. For the detailed security status of pixman please refer to its security tracker page at: https://security-tracker.debian.org/tracker/pixman Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ - -----BEGIN PGP SIGNATURE----- iQKSBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmNvmIhfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0ToTQ/3bIRPJMysz984NBivSyxdCCD4If1AjwKLr+At3fHCJVs3BrzY/K+nBMlW SkzBVcWGnIyJ7WF50DKwnEflUrjDBLMrYN6v+PEXgZGSWsTsyy4pcmJxYwZsyxJv Zv0uuqEKT2VAFIG8MjAVNjCzRadJnLzCi7EFvheMiRXpWMMUt3DlOvtu+075TXW6 5n1TgBbgVSqGtg83oRoCqU213nxgkYhdxASHTLPqU8GIYUtIngbRpk/mPy+NZKDt cofrpqnd5QuRngkRvqqFs7h0u3U0bFVO7miG0mMJWAm/QNZN5NLNoxfZrBUhoZWg jGJ1tu6NQVggAmb3rb6DCNwWKVnCqFyZOaInDcq9Up6Rh+NbLMMhUm0ghFKp+rr2 sWZ+Pmnn4tnvZLb47kJDUk7ZP/LCC9q6hd5yFpKdRTxCznCH+9gmxfqOKSW5qBgW yCsbVySLQcuNZwRf1zgynkilNgyKcRNUnMeZU7FZVB9zABxwWqgD/ZVJIKhts5mq 6hyLKXwTzwtQ0Kw7kYHkRya3hv6BFwJm7saKhHKySGb7JceFz2udBUoeA9y/pgGS GEJUWenuuQ0LVKH8QflbsfI8jlVKdUlHEYVrYo2yjULr9rraURabK6OClmrs9JI3 Fg6PEl/wwh+SKmdeJZqOY4Vse4ZxcRfN0sGtiu1hfqTM6owm8Q== =0y3/ - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3G3BskNZI30y1K9AQh1mBAAsGG3iHJSaFuBGNWFv4eJZCF0iJLTaILm g98tD2Do1ZzFmeHFVzaeGjBtvUqzZhBGc4mLWIQZXjq+bYMu1jfDIjFgWxCu/gkQ S+t+eIEpk39PwL0ISSl3XWQxKZgeH01bcLhD19WcGEnMWQE2GVv6S4f69XxjSJai XymcIXwtIskYMKdDr3qSfGKSSK/ZBZpanNGHZvArobiev9cal6B31SAcF7+6Ajln acH45Xv9157KyLf2su9MY1kiACxJTuojeEyzHnVnGjr/xPaOnhy61Bu0sDAbv70s 1YEFBSP270Gzu117+K+invou7lQvfq1aT0BdEdeh8JWeDFePNTCd6YN5YCuPZfFf ZMspvbPMctALJuAfjMnbOIeYirsBhY7gBXZzx/MUEoIZ/feOHaT5O/qNIWgkw3gP WHvRDMCWtanH/o1Un2KFXNnX0JW2kuqTDyvOw3uvBvFoDfAjs+xNm1nQY7z63fhs Cv5GiW/AE9SzZqUbbt5xkv/UjX5f2j5NUHLnjAzU0GEB6JzpDlZa3lO8DrlJY2kd L88I7btmOpJ23YyHb0hHpDVCr7rtSLwN6gTlO51J70D7yLB+jym+AHDdxp/MMo4x Suivx8zmSxDyBhcN/YsfC28RpfmOiuY6cQ4szmJydPz/KWjtaVLdkTbxF/1UPp8d 6Lv5hQ1SY5Q= =JtLA -----END PGP SIGNATURE-----
2022. november 14.

ESB-2022.5862 - [Debian] dropbear: CVSS (Max): 7.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5862 dropbear security update 14 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: dropbear Publisher: Debian Operating System: Debian GNU/Linux Resolution: Patch/Upgrade CVE Names: CVE-2021-36369 Original Bulletin: https://lists.debian.org/debian-lts-announce/2022/11/msg00015.html Comment: CVSS (Max): 7.5 CVE-2021-36369 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) CVSS Source: NVD Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - - ----------------------------------------------------------------------- Debian LTS Advisory DLA-3187-1 debian-lts@lists.debian.org https://www.debian.org/lts/security/ Utkarsh Gupta November 14, 2022 https://wiki.debian.org/LTS - - ----------------------------------------------------------------------- Package : dropbear Version : 2018.76-5+deb10u2 CVE ID : CVE-2021-36369 An issue was discovered in Dropbear, a relatively small SSH server and client. Due to a non-RFC-compliant check of the available authentication methods in the client-side SSH code, it was possible for an SSH server to change the login process in its favor. This attack can bypass additional security measures such as FIDO2 tokens or SSH-Askpass. Thus, it allows an attacker to abuse a forwarded agent for logging on to another server unnoticed. For Debian 10 buster, this problem has been fixed in version 2018.76-5+deb10u2. We recommend that you upgrade your dropbear packages. For the detailed security status of dropbear please refer to its security tracker page at: https://security-tracker.debian.org/tracker/dropbear Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS - -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAmNxaG4ACgkQgj6WdgbD S5a8DxAAwCRGu+BrK9fZGoZdGO0fRNyFF3KxPOZxSNFk/crm3IH9lf7JMzbXTpSo L3g8kDmCIIq6piPn2PNstLV1eBfHvjFswNj8712JcECiHFMiTWu72zwtbuhKPTRO y3L66Kz8sCBRrK0uGoVZbnTQgSZJ0cnM8LcUDIN+2ELkrPO6zY2ZyfCsW/c6o3ZC s8rGBGWQ5Cjgj1fjF+6NnooxgQcI6pyquWLGXdUs8tkZx+aABL2uCxtqlqaeomje kCPLpyG5xz6Ui9xuPfMwzRG/NcDIfAtFpCciPXN2NLgrflGZadrMgBluM3YvUcXn 57eE9Zz2hII+ChZ64KcH765MWQxJ5C9hgONKWTh5lFLasAMO068EBFb8Svan19w1 yrnaWxFyIg71bOCObRDV2imOsqiKjKvdzlgTEI2JAepAHAskjNFbO4iBHkgfJ9Wu jW/Rr2X1Axyx/KkduUsm0htCo+++REb+9eqDM/hWYmWlQ94RPOUxolQCp8teKQ5P QSlP/wH8nVkIGHDxmD93PudpH0tMVbzZeUApevKsBuUAns6X76yVvhxkSe1n38Kd q603iA/RRAx+7buIlMNOZDRWLxluVPRr3U7jXuYwG35wGSZ69spgOjlT2kK0jQ13 EN55CiHyr7fjZpSjL0cHcK3jphIBqXAjsN0EkuqE+a2VfjlTZiA= =df9d - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3G0lckNZI30y1K9AQgG7hAAkvmSlb+PxUnFUV1PR/dWP4CSlf670jvH 3/m5c2Sl0CdJLI16UO5vkv9P5r2fTCeoF0lSYzcL1P9yYO/XnjRC1SL0ZoxP9Ld7 3ZgzWuRDxnhi8cwEVVGYFLHBILWRgll8X/R9BwePoeZw8wBjdPXHKr97Txwvo+ml NDbG9hSqfkjMYRUN14tLW7aFfdtj/ElOieGOvMQ397ld1L77ykyPwKrToYyOnkmZ GckLIQUA1h6d1PKdSw4bKjCtLEyNguQp5eYxTt9hJYOEKCnqbiYtb3Ot3NO/3rut Q3flc3qHA1eBQNtUaVlyX2P2S5NU4N+c7Zm8upX+xgtLZrhzioQ5rP0aVetahuo1 gnYAgKKm/JVnnegVF1+UpA4GuOnfhk2ECb2YmNR6L2YF/7AzS0ucGOmHU20+/QIk TRAnBQWGg5BLWEyoF9/kPYVSmgyaSRuIlJASYxmryApkaccZ6iWie1v/YWbahfAa QJH4DL7W6yGSkNfs6gmXOVKPsYAhd12ZF8cjwKIuV1zGNowxOfOfrnH/Oq2CJc7Q pYNiklV7ZKdbjd6hbjTTDd/ojOIKFy1eoyYdPOEYYZBbZMVW4PVUPftz1Ur8m9x/ ttlFQmLlv3Muvj5hVmb88AJJRFqDh4SiMNLc8aVSXwFl6Q0ipuvbYdxyFyJUQrIb dAO2qluinbo= =ChgI -----END PGP SIGNATURE-----