AusCERT - Security Bulletins

Subscribe to AusCERT - Security Bulletins hírcsatorna
Latest published security bulletins. See https://www.auscert.org.au/rss/ for feed information.
Frissítve: 2 óra 42 perc
2022. november 14.

ESB-2022.5861 - [Debian] xorg-server: CVSS (Max): 9.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5861 xorg-server security update 14 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: xorg-server Publisher: Debian Operating System: Debian GNU/Linux Resolution: Patch/Upgrade CVE Names: CVE-2022-3551 CVE-2022-3550 Original Bulletin: https://lists.debian.org/debian-security-announce/2022/msg00248.html Comment: CVSS (Max): 9.8 CVE-2022-3550 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSS Source: NVD Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - - ------------------------------------------------------------------------- Debian Security Advisory DSA-5278-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 13, 2022 https://www.debian.org/security/faq - - ------------------------------------------------------------------------- Package : xorg-server CVE ID : CVE-2022-3550 CVE-2022-3551 It was discovered that a buffer overflow in the _getCountedString() function of the Xorg X server may result in denial of service or potentially the execution of arbitrary code. For the stable distribution (bullseye), these problems have been fixed in version 2:1.20.11-1+deb11u3. We recommend that you upgrade your xorg-server packages. For the detailed security status of xorg-server please refer to its security tracker page at: https://security-tracker.debian.org/tracker/xorg-server Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ - -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmNxPhMACgkQEMKTtsN8 TjYGIw//eDkQaWMUaRzlfNcFJUPkYQJot20IGvCa5UwUgNCcky13/riQ13OedOAZ n7ORM7vtn28v3WhQkUqO2XJ8ODT0LGKuAFuwbXOLqJd/f1bqkhAVYp0eNMmZm3wr CLfa8zoTM0lh4eOu5r7ecdFSd/sZ3Dy7ODwL8tuOaTrHo+rJ5epYd2xqrFxVi9NA EfyeycQb8LY+/OqCbpp8nUq+CpvT22Z7oNTgQpKy4ScQKLe7pqPQDO4VEkSwsBrs HGInGuNRMMM3uAHTTQts6tn4jK5eou24hws1fYUXSi57zTJc5jwVG75jhIjEtGOm /UfnEhAbUeEB+o21gP0HAxLy1F20h8Qonasvh3LH1ormzwhl8RqVR/Ny62jb79/k jlS4IUUQGPK8WYdbkJPrs1GFu/2quW8VWcpYRIE5b/Ylq/XsmLNotSVs29ID10Q2 U91rimYdlTKG3UDsErFzBh6uPqNP2vWUimpPq6nRQgEfX94H2kb96cyE1EpKnDnk jf1+UINP4Pe2r+XPGglw9krUGWsFMIJoPohCwOsXBSNhkfOJ4bO4huOzz3C1XLy3 9i6BIrhaZRrKASemZSGieoKQyHXfsCBN1JIsoXYqYPxIu6STvyoG4kIv8VlAylXY 9b9F1jtO2G3zGXuVlPEwJacMh5CPKNcUJP/SgpRrcov0iop/X8U= =gxG8 - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3GxzskNZI30y1K9AQhS5xAAmC+crTw5Kw+yI70QzZw+3tStDatI+yLQ QQdNHZxHZdZhE5J19gnuZaYMB4Biws5H5JXNOeKehWCHuhEglrQtdUHax2IDfQXk bvLaMtXayomceu46pgYOHp3X2SLSusvvSXnL//y61pkj5jQRE1bQ4HU+bSyOSfyK /KTfkfDsguAbxCFT6yeCezC3CXEoTXjnE4CIHpalHHCKVfCnh9CsGIDd075uYNVC tj1kBDs0IBjwMfNCvSOQ49F0KyUAjq/KOHQjCvGo6h2mGMQ6zwTrLJzeJKIZ/5t1 wtS5xc+voLvjLCcy+tsyXZ7NeGM9riIZMQCCI0KY/QvpjeyuKsVAl1JvXPZhrSfp YF7fdSR4FeHxcmZtBHqP6S5H3AbUPT0khyupQyrlEhgwIYPYD1/eMGWb3IpYKCIv B1ddyx+Ml0n7k4Ur2ekk6Sg6kgd1TZ0eKi/lGUU57erdcocHuecI3LUIpPN4/twZ 1NzkZq3MedrhHVm/iRqqRgfmAW4esWwccFIqMaAFTGVOStIFOFNFETW9hXWZ5K41 ZvrOyiHWnrWkWGN+Yc+iS8AD/tHNqIYm5oDML38RtoO+FRcs9wfha+XibKowWjQ3 bwDFXHVrZs99L5hvUvWn6jSM4flPvGQpcSWBROXS2EQB+PC9vlMRz2DKr+7Jau18 yd5mTQej3Rk= =hOXW -----END PGP SIGNATURE-----
2022. november 14.

ESB-2022.5860 - [Debian] php7.4: CVSS (Max): 9.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5860 php7.4 security update 14 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: php7.4 Publisher: Debian Operating System: Debian GNU/Linux Resolution: Patch/Upgrade CVE Names: CVE-2022-37454 CVE-2022-31630 CVE-2022-31629 CVE-2022-31628 Original Bulletin: https://lists.debian.org/debian-security-announce/2022/msg00247.html Comment: CVSS (Max): 9.8 CVE-2022-37454 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSS Source: [NVD], Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - - ------------------------------------------------------------------------- Debian Security Advisory DSA-5277-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 13, 2022 https://www.debian.org/security/faq - - ------------------------------------------------------------------------- Package : php7.4 CVE ID : CVE-2022-31630 CVE-2022-37454 CVE-2022-31629 CVE-2022-31628 Multiple security issues were discovered in PHP, a widely-used open source general purpose scripting language which could result an denial of service, information disclosure, insecure cooking handling or potentially the execution of arbitrary code. For the stable distribution (bullseye), these problems have been fixed in version 7.4.33-1+deb11u1. We recommend that you upgrade your php7.4 packages. For the detailed security status of php7.4 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/php7.4 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ - -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmNxOm0ACgkQEMKTtsN8 TjYZ7xAAspdPvtpc+Sq8l2NsZlKUew50JSsTb0UbwAYH0G8prnYzEQK898syuP2e aZsbPHec/aqClyvFfrhnWsrGyWUAwHtQIHmG0lIPXAZuCMawbud95MY3sFY7lidK +6UvTFxBCx3hbYaZE/Xz+3Zsx6qX3L+eSQSEdVKy4lV4CbZtVBM3iVlg+lB+EXZq FjdZZsoDSbK5K8pYRD2HQBMa7RMFau/zYc7ZZpcwRjcojUvrLB+2xQHitcCZLxNt J4IpNqKr3BmDfIe+h9mzY9q22sdTC5H29u9p+s2XssYgNfkS9h6IxBfYbYQAwxZL fBIDJ3inbmAnHz/OBTEcmt/OufdaBUt0V4otddaZHT/6nhaY/0Hhdd9f5F40ohKG R4R4nv5zFKVLB9/fONxPjKARj7X81PsBhB7GFzKbrdQtpK+tTek/sxDJTW5TSvN+ tvRtAPBTxzEbvzl+duscIZr7eVlIqfd/tLuspnc/iaeOxBWup1ekx8Eu5voHcC3S FnLJCFeSdqfA9/qiG8Gj/FYA4a8/S2D7mWH+xQlT1aWVU33b9bgJkzdg1WYj79Dv 6K9Yg64T22CIy0w8EOpQXSJcKlILd6gP6cdz3P5WfCt/51VhBQAJb/+qd4w98c5L Ahoet75dSWVIbynja1asPTMZ1RhJvIWpYud3LmfOAO8Q/NFGYtc= =MMQt - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3GwXskNZI30y1K9AQhHjQ//W1lYaQxH1KTFNLVm7p0BflP2I8EC8o3R +BGeF11+JriYyCjVgIQ+ieRI3rHYhOpCe+BlwN9RaXocoGSEwF+OHOfqUudFDcHd J1/K1g/m4OfiHwxBF3rkJq+GKKZZfx2kCn9gluSXtyeBc/j+bvw6jbUinCycFsj0 OgsbeYvOkLJEdKwnAflvMVHMdpf+usVdyIfF5vGGiiPHq5No/Q0jEc9pEVeWKUxm +uOsV8iDBc8Q27j9XOgDInjEG4qn6C5gskA4vHmWoNXJ4aiRO5+GEh10LUWrqmtV cIsuXNqUPPTik4mG42gFJczAGV8WiEjeRPCnGxFJ0qrkyTD+mW2b1obIlE0X71IX HKQUJhPX3Vhu8wv/k4JU/FBmw6S/sB+kk2RXtLfZa/wL1D5e/aSuXnUOxtFskfml JQxD20Ig5xf5AJs9BWK5rg+An7Dmxtcbz7rArdNuozmctHBODzqY131Gh1XOPvXB fSCt3NO+kKlzHtWijr7egSUS67fBYID/ypLPgEW8w6KhZ6UaaemZzumnzZ0ULyxz c+MAOYdslmzbl3GvD+r+lRu7x11nuBbmGDFFj7p710Mv8MIqbv4rk46ue06h6idX iMa1gFW5jqxglU+gJw18rt6XNcoFw4Qog/iLuXxB12Ntu3gJZmfaLUuRQcZEnsbw pGPykwmaH4Q= =ZzoM -----END PGP SIGNATURE-----
2022. november 14.

ESB-2022.5859 - [Ubuntu] Thunderbird: CVSS (Max): None

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5859 USN-5724-1: Thunderbird vulnerabilities 14 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Thunderbird Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade CVE Names: CVE-2022-42932 CVE-2022-42929 CVE-2022-42928 CVE-2022-42927 CVE-2022-40962 CVE-2022-40960 CVE-2022-40959 CVE-2022-40958 CVE-2022-40957 CVE-2022-40956 CVE-2022-39251 CVE-2022-39250 CVE-2022-39249 CVE-2022-39236 CVE-2022-3266 Original Bulletin: https://ubuntu.com/security/notices/USN-5724-1 Comment: CVSS (Max): None available when published - --------------------------BEGIN INCLUDED TEXT-------------------- USN-5724-1: Thunderbird vulnerabilities 11 November 2022 Several security issues were fixed in Thunderbird. Releases o Ubuntu 22.10 o Ubuntu 22.04 LTS o Ubuntu 20.04 LTS o Ubuntu 18.04 LTS Packages o thunderbird - Mozilla Open Source mail and newsgroup client Details Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass Content Security Policy (CSP) or other security restrictions, or execute arbitrary code. These issues only affect Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. ( CVE-2022-3266 , CVE-2022-40956 , CVE-2022-40957 , CVE-2022-40958 , CVE-2022-40959 , CVE-2022-40960 , CVE-2022-40962 ) Multiple security issues were discovered in the Matrix SDK bundled with Thunderbird. An attacker could potentially exploit these in order to impersonate another user. These issues only affect Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. ( CVE-2022-39236 , CVE-2022-39249 , CVE-2022-39250 , CVE-2022-39251 ) Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. ( CVE-2022-42927 , CVE-2022-42928 , CVE-2022-42929 , CVE-2022-42932 ) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 22.10 o thunderbird - 1:102.4.2+build2-0ubuntu0.22.10.1 Ubuntu 22.04 o thunderbird - 1:102.4.2+build2-0ubuntu0.22.04.1 Ubuntu 20.04 o thunderbird - 1:102.4.2+build2-0ubuntu0.20.04.1 Ubuntu 18.04 o thunderbird - 1:102.4.2+build2-0ubuntu0.18.04.1 After a standard system update you need to restart Thunderbird to make all the necessary changes. References o CVE-2022-40956 o CVE-2022-39236 o CVE-2022-42928 o CVE-2022-39251 o CVE-2022-40962 o CVE-2022-42927 o CVE-2022-39249 o CVE-2022-3266 o CVE-2022-42932 o CVE-2022-40958 o CVE-2022-40957 o CVE-2022-40960 o CVE-2022-39250 o CVE-2022-42929 o CVE-2022-40959 Related notices o USN-5649-1 : firefox-locale-cak, firefox-locale-vi, firefox-locale-mn, firefox-locale-ca, firefox-locale-hsb, firefox-locale-ms, firefox-locale-my, firefox-locale-kab, firefox-locale-kk, firefox-locale-en, firefox-locale-uk, firefox-locale-nb, firefox-locale-hr, firefox-locale-gn, firefox-locale-cs, firefox-locale-sk, firefox-locale-ka, firefox-locale-zh-hans, firefox-geckodriver, firefox-locale-bn, firefox-locale-hu, firefox-locale-ml, firefox-locale-cy, firefox-locale-mr, firefox-locale-sv, firefox-locale-sq, firefox-locale-sl, firefox-locale-hi, firefox-locale-pa, firefox-locale-zu, firefox-locale-fa, firefox-locale-lv, firefox-locale-km, firefox-locale-zh-hant, firefox-locale-nl, firefox-locale-et, firefox-locale-bs, firefox-locale-he, firefox-locale-uz, firefox-locale-te, firefox-locale-el, firefox, firefox-locale-fy, firefox-locale-it, firefox-locale-ar, firefox-locale-be, firefox-locale-kn, firefox-locale-mai, firefox-locale-fi, firefox-locale-ku, firefox-locale-or, firefox-locale-oc, firefox-locale-es, firefox-locale-ta, firefox-locale-af, firefox-locale-bg, firefox-locale-gl, firefox-locale-lt, firefox-locale-ja, firefox-locale-ia, firefox-locale-an, firefox-locale-si, firefox-locale-ru, firefox-locale-gu, firefox-locale-hy, firefox-locale-th, firefox-locale-eu, firefox-dev, firefox-locale-da, firefox-locale-xh, firefox-locale-nn, firefox-locale-sw, firefox-locale-szl, firefox-locale-ur, firefox-locale-tr, firefox-locale-az, firefox-locale-is, firefox-locale-de, firefox-mozsymbols, firefox-locale-ko, firefox-locale-ne, firefox-locale-nso, firefox-locale-fr, firefox-locale-ga, firefox-locale-lg, firefox-locale-sr, firefox-locale-pl, firefox-locale-mk, firefox-locale-ro, firefox-locale-pt, firefox-locale-eo, firefox-locale-gd, firefox-locale-as, firefox-locale-csb, firefox-locale-br, firefox-locale-id, firefox-locale-ast o USN-5709-1 : firefox-locale-cak, firefox-locale-vi, firefox-locale-mn, firefox-locale-ca, firefox-locale-hsb, firefox-locale-ms, firefox-locale-my, firefox-locale-kab, firefox-locale-kk, firefox-locale-en, firefox-locale-uk, firefox-locale-nb, firefox-locale-hr, firefox-locale-gn, firefox-locale-cs, firefox-locale-sk, firefox-locale-ka, firefox-locale-zh-hans, firefox-geckodriver, firefox-locale-bn, firefox-locale-hu, firefox-locale-ml, firefox-locale-cy, firefox-locale-mr, firefox-locale-sv, firefox-locale-sq, firefox-locale-sl, firefox-locale-hi, firefox-locale-pa, firefox-locale-zu, firefox-locale-fa, firefox-locale-lv, firefox-locale-km, firefox-locale-zh-hant, firefox-locale-nl, firefox-locale-et, firefox-locale-bs, firefox-locale-he, firefox-locale-uz, firefox-locale-te, firefox-locale-el, firefox, firefox-locale-fy, firefox-locale-it, firefox-locale-ar, firefox-locale-be, firefox-locale-kn, firefox-locale-mai, firefox-locale-fi, firefox-locale-ku, firefox-locale-or, firefox-locale-oc, firefox-locale-es, firefox-locale-ta, firefox-locale-af, firefox-locale-bg, firefox-locale-gl, firefox-locale-lt, firefox-locale-ja, firefox-locale-ia, firefox-locale-an, firefox-locale-si, firefox-locale-ru, firefox-locale-gu, firefox-locale-hy, firefox-locale-th, firefox-locale-eu, firefox-dev, firefox-locale-da, firefox-locale-xh, firefox-locale-nn, firefox-locale-sw, firefox-locale-szl, firefox-locale-ur, firefox-locale-tr, firefox-locale-az, firefox-locale-is, firefox-locale-de, firefox-mozsymbols, firefox-locale-ko, firefox-locale-ne, firefox-locale-nso, firefox-locale-fr, firefox-locale-ga, firefox-locale-lg, firefox-locale-sr, firefox-locale-pl, firefox-locale-mk, firefox-locale-ro, firefox-locale-pt, firefox-locale-eo, firefox-locale-gd, firefox-locale-as, firefox-locale-csb, firefox-locale-br, firefox-locale-id, firefox-locale-ast - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3GwK8kNZI30y1K9AQgE5g/8D/0fljjj8T/5kYncCl8EvX+4ZUujQCLt JETRf/3VcFQZOdKC9Kiskphg68hS8jGW3yX6KkM9tQdxgRMONuKZibC+onFm04ZM qoNqk74Por9EeHQG6g4j552IPbBnkSXLE3ryeJ1ifZcMLv6lTbD/5iSciqJKi1YT avdYQT9ewAETRGdhGv6m8UxyxLy8yx/bzT2uq4aCm5+EmAWWlW3FjZpIGH/DECKP HzZGBpE7LqZyLF7njF6cIk6v4b6iiqZ0NNFVuKh+vMuc9Uob3A2azM3kBJLCoD/n i47NdZnEygPHw9kiAMEXvLObLCxtUzPq8hLJ/fb3fBilEiv+LYZIytvAQfcG5ous 7GRiQgu/K1reloIhJWXqf0tH9sq0iPckR0SyiKeLy7s8/IcJNRgJcQInsRfrHcpi FtCy7o/H/DvrAo44LhO4r3dBCTi/Agjaob85hY0vjsH/3hEWhmyiKYYYfEiFIsIe n5T4ApcKIhEZxgzTDj8aXe5dKYablj/Cu//9CwnnBphzXBkdIzBvVS52XocWV7C9 Ww8EnjSrMkOFrvzTyXgCvBjiikEQ3F47Cyp9LusSJZSTVRD42MvBXQSexbpxIxrU GxuvkEZpOy0yv1MTuzWTr4sCR+5q4Kpn5jqKNRjpzB0yL/mCsLwSaVEXi69VDdtC V9W7RlTylSs= =EueL -----END PGP SIGNATURE-----
2022. november 14.

ESB-2022.5858 - [SUSE] xterm: CVSS (Max): 5.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5858 Security update for xterm 14 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: xterm Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade CVE Names: CVE-2022-24130 Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20223952-1 Comment: CVSS (Max): 5.5 CVE-2022-24130 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) CVSS Source: SUSE Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for xterm ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3952-1 Rating: moderate References: #1195387 Cross-References: CVE-2022-24130 Affected Products: SUSE Linux Enterprise Server 12-SP5 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for xterm fixes the following issues: o CVE-2022-24130: Fixed buffer overflow in set_sixel when Sixel support is enabled. (bsc#1195387) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-3952=1 Package List: o SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): xterm-308-5.6.1 xterm-debuginfo-308-5.6.1 xterm-debugsource-308-5.6.1 References: o https://www.suse.com/security/cve/CVE-2022-24130.html o https://bugzilla.suse.com/1195387 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3GwDMkNZI30y1K9AQhhoQ/7B1ZAvotiFEq4/NPhbfRIkhzV402ZwF+0 OprBAryN5iNJugkxTUPVaybX4cUj13VJ+vTcaJeBnm9VfFxCK1rgOnVzEvvdXaaf 9HGee1vsj6tbTozB8a5Zj5ifzZ7Oz+Tp1iTosgjbZwCF+FrAzmKvokqKJqJPTjEk d57Y8Oaw5V3EOIJx+SA1miYRIhGBQBStFpfFJ2izF3jrnkrJPT1Mx3L9W0KBC5ht JjQK5VGoGdGfU16K1yk7cGGbSIqo8gxBTQ4hOggEkTo5X7KWGQJTTTBUJhHatZGG ybFxWxnKLv3kpbdG6UbjdNyIqSMGhy0BOP1BttP4wXWhmesL5Nn00uQnww2ld3NM MgIyX1jE7nEZsgoUpbpWULE/4bshX5llp+SLI5Xdkhs9SUWBV5aztHxj/UnCECGB g16UhO6N1sLKmv6/A67lhM+dOjMdFn2T23IACJz3vlQGEXUtR0MLUGII9tGKIGAE MzM3Zvc7frbbqadfT8Z0FnBnH3aF1sUMa+Tu2serGq6ZZAE1+JaGsy+EhhehT19C eZhgNl+wG1/lJrV1IVeLdOJsksl7ojT3qYLjZJgY9AhdzJm9iyBAku4OE6K/zGsT /qCXu8ShqDk7Kv+wqJx4VsUooLzjZp8gKbHYVcTRBLMd88iaA7jKO8T8uAwYpHK3 o1xIVx9/tLw= =agqj -----END PGP SIGNATURE-----
2022. november 14.

ESB-2022.5857 - [SUSE] xterm: CVSS (Max): 5.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5857 Security update for xterm 14 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: xterm Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade CVE Names: CVE-2022-24130 Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20223953-1 Comment: CVSS (Max): 5.5 CVE-2022-24130 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) CVSS Source: SUSE Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for xterm ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3953-1 Rating: moderate References: #1195387 Cross-References: CVE-2022-24130 Affected Products: SUSE Enterprise Storage 7.1 SUSE Linux Enterprise Desktop 15-SP3 SUSE Linux Enterprise Desktop 15-SP4 SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise High Performance Computing 15-SP4 SUSE Linux Enterprise Module for Basesystem 15-SP3 SUSE Linux Enterprise Module for Basesystem 15-SP4 SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server 15-SP4 SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Linux Enterprise Server for SAP Applications 15-SP4 SUSE Manager Proxy 4.2 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.2 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.2 SUSE Manager Server 4.3 openSUSE Leap 15.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for xterm fixes the following issues: - - CVE-2022-24130: Fixed buffer overflow in set_sixel when Sixel support is enabled (bsc#1195387). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-3953=1 o openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-3953=1 o SUSE Linux Enterprise Module for Basesystem 15-SP4: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3953=1 o SUSE Linux Enterprise Module for Basesystem 15-SP3: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3953=1 Package List: o openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): xterm-330-150200.11.6.1 xterm-bin-330-150200.11.6.1 xterm-bin-debuginfo-330-150200.11.6.1 xterm-debugsource-330-150200.11.6.1 o openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): xterm-330-150200.11.6.1 xterm-bin-330-150200.11.6.1 xterm-bin-debuginfo-330-150200.11.6.1 xterm-debugsource-330-150200.11.6.1 o SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64): xterm-330-150200.11.6.1 xterm-bin-330-150200.11.6.1 xterm-bin-debuginfo-330-150200.11.6.1 xterm-debugsource-330-150200.11.6.1 o SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64): xterm-330-150200.11.6.1 xterm-bin-330-150200.11.6.1 xterm-bin-debuginfo-330-150200.11.6.1 xterm-debugsource-330-150200.11.6.1 References: o https://www.suse.com/security/cve/CVE-2022-24130.html o https://bugzilla.suse.com/1195387 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3Gv8skNZI30y1K9AQj6YA//Ug/jKqsg3OxpK8O+SA3JWM64rtkkHnfR PIkIX27m0BhlttdMLaVqGcpCo/T7nGzhrwRFh/W0aekdP05iPqwLH7SbwRhAhGe1 4jiVVWRl33+2KPlpSbh/hT0yXdD23TcYnmknOcYjVQHOrFzKAdOHitQHv53eFeRQ w2owGxlJbSQBVmYjhgJcQF6HqGkWcI6XOjqa+ITnz9FdeJQtCsiFWZ+BiMrEqZcM meIrMuqkajQO06+jeuTFmDXXiJItzpcrPEl9OZ6uWeG8HkFyVevxdChdzcwfatMh jBHm83jovuNUp4oyuyszQQrZ3VH3Hm4FzuaLFg7TssF5FWKqjp5z7B0CAny26mso psUmpPnBrj119lvv1DHGehNKMDCpR466DjSCEE/tAD7FPtsCQsOVqebah2iHs0wK mch9yZzUsDvLqkGgLCQCnvCdJBWuzPTQQTRkZ7Tg/Zix+PIB3wZBBnW6hMhZYQsF 43hjMY2sMWJGef2FhLE1aYTlo5rYK0h/HroLyPfPBZAW3fheUcwHgllZjrNN5PS3 wamRe8AcZEyiIOw7McIMXDPakxfHP9VenZZq1xmFHSJN8K80/bNPgIvYUl/c4m+N /cGPdxxMCuGqrYu8X/Jp98IoEksA2hqB+//WjdPpwrA7F6efLhwLEb+MpgVnoO6G jqJYaBKLm7A= =THE7 -----END PGP SIGNATURE-----
2022. november 14.

ESB-2022.5856 - [SUSE] xen: CVSS (Max): 7.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5856 Security update for xen 14 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: xen Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade CVE Names: CVE-2022-42326 CVE-2022-42325 CVE-2022-42323 CVE-2022-42322 CVE-2022-42321 CVE-2022-42320 CVE-2022-42319 CVE-2022-42318 CVE-2022-42317 CVE-2022-42316 CVE-2022-42315 CVE-2022-42314 CVE-2022-42313 CVE-2022-42312 CVE-2022-42311 CVE-2022-42310 CVE-2022-42309 CVE-2022-33748 CVE-2022-33747 CVE-2022-33746 Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20223947-1 Comment: CVSS (Max): 7.5 CVE-2022-42320 (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H) CVSS Source: [SUSE], NVD Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3947-1 Rating: important References: #1027519 #1193923 #1203806 #1203807 #1204482 #1204485 #1204487 #1204488 #1204489 #1204490 #1204494 #1204496 Cross-References: CVE-2022-33746 CVE-2022-33747 CVE-2022-33748 CVE-2022-42309 CVE-2022-42310 CVE-2022-42311 CVE-2022-42312 CVE-2022-42313 CVE-2022-42314 CVE-2022-42315 CVE-2022-42316 CVE-2022-42317 CVE-2022-42318 CVE-2022-42319 CVE-2022-42320 CVE-2022-42321 CVE-2022-42322 CVE-2022-42323 CVE-2022-42325 CVE-2022-42326 Affected Products: SUSE Enterprise Storage 7.1 SUSE Linux Enterprise Desktop 15-SP3 SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Module for Basesystem 15-SP3 SUSE Linux Enterprise Module for Server Applications 15-SP3 SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.2 SUSE Manager Server 4.2 openSUSE Leap 15.3 openSUSE Leap Micro 5.2 ______________________________________________________________________________ An update that fixes 20 vulnerabilities is now available. Description: This update for xen fixes the following issues: o CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing (bsc# 1203806) o CVE-2022-33748: Fixed DoS due to race in locking (bsc#1203807) o CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314, CVE-2022-42315, CVE-2022-42316, CVE-2022-42317, CVE-2022-42318: xen: Xenstore: Guests can let xenstored run out of memory (bsc#1204482) o CVE-2022-42309: xen: Xenstore: Guests can crash xenstored (bsc#1204485) o CVE-2022-42310: xen: Xenstore: Guests can create orphaned Xenstore nodes (bsc#1204487) o CVE-2022-42319: xen: Xenstore: Guests can cause Xenstore to not free temporary memory (bsc#1204488) o CVE-2022-42320: xen: Xenstore: Guests can get access to Xenstore nodes of deleted domains (bsc#1204489) o CVE-2022-42321: xen: Xenstore: Guests can crash xenstored via exhausting the stack (bsc#1204490) o CVE-2022-42322,CVE-2022-42323: xen: Xenstore: cooperating guests can create arbitrary numbers of nodes (bsc#1204494) o CVE-2022-42325,CVE-2022-42326: xen: Xenstore: Guests can create arbitrary number of nodes via transactions (bsc#1204496) o xen: Frontends vulnerable to backends (bsc#1193923) Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o openSUSE Leap Micro 5.2: zypper in -t patch openSUSE-Leap-Micro-5.2-2022-3947=1 o openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-3947=1 o SUSE Linux Enterprise Module for Server Applications 15-SP3: zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-3947=1 o SUSE Linux Enterprise Module for Basesystem 15-SP3: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3947=1 o SUSE Linux Enterprise Micro 5.2: zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-3947=1 o SUSE Linux Enterprise Micro 5.1: zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-3947=1 Package List: o openSUSE Leap Micro 5.2 (x86_64): xen-debugsource-4.14.5_08-150300.3.40.1 xen-libs-4.14.5_08-150300.3.40.1 xen-libs-debuginfo-4.14.5_08-150300.3.40.1 o openSUSE Leap 15.3 (aarch64 x86_64): xen-4.14.5_08-150300.3.40.1 xen-debugsource-4.14.5_08-150300.3.40.1 xen-devel-4.14.5_08-150300.3.40.1 xen-doc-html-4.14.5_08-150300.3.40.1 xen-libs-4.14.5_08-150300.3.40.1 xen-libs-debuginfo-4.14.5_08-150300.3.40.1 xen-tools-4.14.5_08-150300.3.40.1 xen-tools-debuginfo-4.14.5_08-150300.3.40.1 xen-tools-domU-4.14.5_08-150300.3.40.1 xen-tools-domU-debuginfo-4.14.5_08-150300.3.40.1 o openSUSE Leap 15.3 (x86_64): xen-libs-32bit-4.14.5_08-150300.3.40.1 xen-libs-32bit-debuginfo-4.14.5_08-150300.3.40.1 o openSUSE Leap 15.3 (noarch): xen-tools-xendomains-wait-disk-4.14.5_08-150300.3.40.1 o SUSE Linux Enterprise Module for Server Applications 15-SP3 (noarch): xen-tools-xendomains-wait-disk-4.14.5_08-150300.3.40.1 o SUSE Linux Enterprise Module for Server Applications 15-SP3 (x86_64): xen-4.14.5_08-150300.3.40.1 xen-debugsource-4.14.5_08-150300.3.40.1 xen-devel-4.14.5_08-150300.3.40.1 xen-tools-4.14.5_08-150300.3.40.1 xen-tools-debuginfo-4.14.5_08-150300.3.40.1 o SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64): xen-debugsource-4.14.5_08-150300.3.40.1 xen-libs-4.14.5_08-150300.3.40.1 xen-libs-debuginfo-4.14.5_08-150300.3.40.1 xen-tools-domU-4.14.5_08-150300.3.40.1 xen-tools-domU-debuginfo-4.14.5_08-150300.3.40.1 o SUSE Linux Enterprise Micro 5.2 (x86_64): xen-debugsource-4.14.5_08-150300.3.40.1 xen-libs-4.14.5_08-150300.3.40.1 xen-libs-debuginfo-4.14.5_08-150300.3.40.1 o SUSE Linux Enterprise Micro 5.1 (x86_64): xen-debugsource-4.14.5_08-150300.3.40.1 xen-libs-4.14.5_08-150300.3.40.1 xen-libs-debuginfo-4.14.5_08-150300.3.40.1 References: o https://www.suse.com/security/cve/CVE-2022-33746.html o https://www.suse.com/security/cve/CVE-2022-33747.html o https://www.suse.com/security/cve/CVE-2022-33748.html o https://www.suse.com/security/cve/CVE-2022-42309.html o https://www.suse.com/security/cve/CVE-2022-42310.html o https://www.suse.com/security/cve/CVE-2022-42311.html o https://www.suse.com/security/cve/CVE-2022-42312.html o https://www.suse.com/security/cve/CVE-2022-42313.html o https://www.suse.com/security/cve/CVE-2022-42314.html o https://www.suse.com/security/cve/CVE-2022-42315.html o https://www.suse.com/security/cve/CVE-2022-42316.html o https://www.suse.com/security/cve/CVE-2022-42317.html o https://www.suse.com/security/cve/CVE-2022-42318.html o https://www.suse.com/security/cve/CVE-2022-42319.html o https://www.suse.com/security/cve/CVE-2022-42320.html o https://www.suse.com/security/cve/CVE-2022-42321.html o https://www.suse.com/security/cve/CVE-2022-42322.html o https://www.suse.com/security/cve/CVE-2022-42323.html o https://www.suse.com/security/cve/CVE-2022-42325.html o https://www.suse.com/security/cve/CVE-2022-42326.html o https://bugzilla.suse.com/1027519 o https://bugzilla.suse.com/1193923 o https://bugzilla.suse.com/1203806 o https://bugzilla.suse.com/1203807 o https://bugzilla.suse.com/1204482 o https://bugzilla.suse.com/1204485 o https://bugzilla.suse.com/1204487 o https://bugzilla.suse.com/1204488 o https://bugzilla.suse.com/1204489 o https://bugzilla.suse.com/1204490 o https://bugzilla.suse.com/1204494 o https://bugzilla.suse.com/1204496 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3Gv4skNZI30y1K9AQgjWQ/+IFJijGZviBRgJKJykFfysV3WdYOKjMuS vK6oHkfrJgvLFtZcGtXo8jwQ5CwaBCkEQyX9yEVaRLl/13edX8viLLLWoPVtbI8M O00Bh9YqiC84fDoSYzOQe+sV1CdrIqioWr7xMX/aZtUbeXfiz2ixKJTrdY0HgmIi 25VK1OQXc3uRIPfn6mzhYXFS9BQYbynQ5OndILDCRjK/R3MiaJMy46KIul6f2en1 TC35qrXmnW0b6+rzRXJqvsqmDj2mfKdp4s2evOc3Tnz0+fKwgrKFoT+VTnT7t+CY hCxJN/pVzweFxcYzsgsuyfrZKhG+I0Uix/32sA97AOg0DlAAp2rYWNggCiVGBECC 5GWRuJq1fPmP+sFnsD+Ew6cC1tlA4fCjCQ/8gb4ZhGjaF7wYlx1Tgotb3PekxilF k5COxWHybgrjA5+3Pb/xHBApMWLFEPplGp9q9yMMoGGadHGKx6SprdmDwPnBnZjF gPWVMIw4BWs54W3V4PKEQDmofQfIeDLCvX3c2620C6yUExGzfJ+vCdJDDA43WKvu u5CDmjBDtAX6MZP/ynacq/lliC7OFkcrTGinjmWaTlmqHbaFHzXi29INvbwwqR+0 x5inoczdx8fz31H9DK/8x+PK+YEYXfwtkA98NOBlT/SmmvYI6rJ/+RJgzMxJsuNQ ihqxzJAil5o= =Zkuu -----END PGP SIGNATURE-----
2022. november 14.

ESB-2022.5855 - [SUSE] xen: CVSS (Max): 7.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5855 Security update for xen 14 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: xen Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade CVE Names: CVE-2022-42326 CVE-2022-42325 CVE-2022-42323 CVE-2022-42322 CVE-2022-42321 CVE-2022-42320 CVE-2022-42319 CVE-2022-42318 CVE-2022-42317 CVE-2022-42316 CVE-2022-42315 CVE-2022-42314 CVE-2022-42313 CVE-2022-42312 CVE-2022-42311 CVE-2022-42310 CVE-2022-42309 Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20223960-1 Comment: CVSS (Max): 7.5 CVE-2022-42320 (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H) CVSS Source: SUSE Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3960-1 Rating: important References: #1204482 #1204485 #1204487 #1204488 #1204489 #1204490 #1204494 #1204496 Cross-References: CVE-2022-42309 CVE-2022-42310 CVE-2022-42311 CVE-2022-42312 CVE-2022-42313 CVE-2022-42314 CVE-2022-42315 CVE-2022-42316 CVE-2022-42317 CVE-2022-42318 CVE-2022-42319 CVE-2022-42320 CVE-2022-42321 CVE-2022-42322 CVE-2022-42323 CVE-2022-42325 CVE-2022-42326 Affected Products: SUSE Linux Enterprise Server 12-SP3-BCL ______________________________________________________________________________ An update that fixes 17 vulnerabilities is now available. Description: This update for xen fixes the following issues: o CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314, CVE-2022-42315, CVE-2022-42316, CVE-2022-42317, CVE-2022-42318: xen: Xenstore: Guests can let xenstored run out of memory (bsc#1204482) o CVE-2022-42309: xen: Xenstore: Guests can crash xenstored (bsc#1204485) o CVE-2022-42310: xen: Xenstore: Guests can create orphaned Xenstore nodes (bsc#1204487) o CVE-2022-42319: xen: Xenstore: Guests can cause Xenstore to not free temporary memory (bsc#1204488) o CVE-2022-42320: xen: Xenstore: Guests can get access to Xenstore nodes of deleted domains (bsc#1204489) o CVE-2022-42321: xen: Xenstore: Guests can crash xenstored via exhausting the stack (bsc#1204490) o CVE-2022-42322,CVE-2022-42323: xen: Xenstore: cooperating guests can create arbitrary numbers of nodes (bsc#1204494) o CVE-2022-42325,CVE-2022-42326: xen: Xenstore: Guests can create arbitrary number of nodes via transactions (bsc#1204496) Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE Linux Enterprise Server 12-SP3-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2022-3960=1 Package List: o SUSE Linux Enterprise Server 12-SP3-BCL (x86_64): xen-4.9.4_34-3.114.1 xen-debugsource-4.9.4_34-3.114.1 xen-doc-html-4.9.4_34-3.114.1 xen-libs-32bit-4.9.4_34-3.114.1 xen-libs-4.9.4_34-3.114.1 xen-libs-debuginfo-32bit-4.9.4_34-3.114.1 xen-libs-debuginfo-4.9.4_34-3.114.1 xen-tools-4.9.4_34-3.114.1 xen-tools-debuginfo-4.9.4_34-3.114.1 xen-tools-domU-4.9.4_34-3.114.1 xen-tools-domU-debuginfo-4.9.4_34-3.114.1 References: o https://www.suse.com/security/cve/CVE-2022-42309.html o https://www.suse.com/security/cve/CVE-2022-42310.html o https://www.suse.com/security/cve/CVE-2022-42311.html o https://www.suse.com/security/cve/CVE-2022-42312.html o https://www.suse.com/security/cve/CVE-2022-42313.html o https://www.suse.com/security/cve/CVE-2022-42314.html o https://www.suse.com/security/cve/CVE-2022-42315.html o https://www.suse.com/security/cve/CVE-2022-42316.html o https://www.suse.com/security/cve/CVE-2022-42317.html o https://www.suse.com/security/cve/CVE-2022-42318.html o https://www.suse.com/security/cve/CVE-2022-42319.html o https://www.suse.com/security/cve/CVE-2022-42320.html o https://www.suse.com/security/cve/CVE-2022-42321.html o https://www.suse.com/security/cve/CVE-2022-42322.html o https://www.suse.com/security/cve/CVE-2022-42323.html o https://www.suse.com/security/cve/CVE-2022-42325.html o https://www.suse.com/security/cve/CVE-2022-42326.html o https://bugzilla.suse.com/1204482 o https://bugzilla.suse.com/1204485 o https://bugzilla.suse.com/1204487 o https://bugzilla.suse.com/1204488 o https://bugzilla.suse.com/1204489 o https://bugzilla.suse.com/1204490 o https://bugzilla.suse.com/1204494 o https://bugzilla.suse.com/1204496 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3GvzskNZI30y1K9AQgw8A//TsBg4FNJ/8jBpt8vcZredwRDCDIKa9N/ Bx07K0Qr7rntTzTXqJaSpRPfmCfNJixCO3xImIKCLPHdFxZcY3TtCIKvYalX6aad Nmbigi406HgHG/FMZZGYk+Dw1AaH/IG4QL0BVHCiJvxtxvD2rtwZ0ljp24Hk6rX9 dMfWVmN7rKuHjKj4nb8m5rn8QKg5R7WKNcy/Ha8jUIXQDA8OP8t6M9trVjpVvu8e GYU6ic1k2ENXNKviMAAUrpJVX7wJr+tc2yBvHy3TgGJCrjrPpbiRLQZ0unDQWZaa NAAOSCBgLY8i4cDesUqPaFJimSC6uaChIOH6pXkzMlGNGqkC+B6u6kYjjYiPeEzG A5N8S43O8FM9Am0QEsHp6JrLM9oGAvdqixyFOw5AKiVCu+/gOtfoynCZD3SSkssq K/mUsQS4JvNWTPexOdzD+EwbDp61GwKgayO+92inQF2CPp/vhbtHmyWL+h6IZ6OJ gBqhgo4f5hkYwo8v1PiA1u7bjNE8buGlMVLmIoJMbqDNubvxXiGZLRi6P8Oso4tf CcaauSHPO0me2RheSAAPlsWTXT0F5ltG+lSS/qgst5GMik6u/PiyUzocbGkIRMrM zoWYDzPkZmCvrxWJ8aBHbH7SfX4FxaqWh18F49SxHfI9ZkbHVzpI16fdTKDW6zbi +ATbYO5aQBQ= =bPQ+ -----END PGP SIGNATURE-----
2022. november 14.

ESB-2022.5854 - [SUSE] samba: CVSS (Max): 7.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5854 Security update for samba 14 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: samba Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade CVE Names: CVE-2022-32743 CVE-2022-1615 Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20223955-1 Comment: CVSS (Max): 7.5 CVE-2022-1615 (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H) CVSS Source: SUSE Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:LI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for samba ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3955-1 Rating: important References: #1200102 #1202803 #1202976 Cross-References: CVE-2022-1615 CVE-2022-32743 Affected Products: SUSE Enterprise Storage 7.1 SUSE Linux Enterprise Desktop 15-SP3 SUSE Linux Enterprise High Availability 15-SP3 SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Module for Basesystem 15-SP3 SUSE Linux Enterprise Module for Python2 15-SP3 SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.2 SUSE Manager Server 4.2 openSUSE Leap 15.3 openSUSE Leap Micro 5.2 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: This update for samba fixes the following issues: o CVE-2022-1615: Fixed error handling in random number generation (bso#15103) (bsc#1202976). o CVE-2022-32743: Implement validated dnsHostName write rights (bso#14833) (bsc#1202803). Bugfixes: o Fixed use after free when iterating smbd_server_connection->connections after tree disconnect failure (bso#15128)(bsc#1200102). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o openSUSE Leap Micro 5.2: zypper in -t patch openSUSE-Leap-Micro-5.2-2022-3955=1 o openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-3955=1 o SUSE Linux Enterprise Module for Python2 15-SP3: zypper in -t patch SUSE-SLE-Module-Python2-15-SP3-2022-3955=1 o SUSE Linux Enterprise Module for Basesystem 15-SP3: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3955=1 o SUSE Linux Enterprise Micro 5.2: zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-3955=1 o SUSE Linux Enterprise High Availability 15-SP3: zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2022-3955=1 o SUSE Enterprise Storage 7.1: zypper in -t patch SUSE-Storage-7.1-2022-3955=1 Package List: o openSUSE Leap Micro 5.2 (aarch64 x86_64): samba-client-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-client-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-debugsource-4.15.8+git.527.8d0c05d313e-150300.3.40.2 o openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): ctdb-4.15.8+git.527.8d0c05d313e-150300.3.40.2 ctdb-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 ctdb-pcp-pmda-4.15.8+git.527.8d0c05d313e-150300.3.40.2 ctdb-pcp-pmda-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 libsamba-policy-devel-4.15.8+git.527.8d0c05d313e-150300.3.40.2 libsamba-policy-python3-devel-4.15.8+git.527.8d0c05d313e-150300.3.40.2 libsamba-policy0-python3-4.15.8+git.527.8d0c05d313e-150300.3.40.2 libsamba-policy0-python3-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-ad-dc-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-ad-dc-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-ad-dc-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-ad-dc-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-client-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-client-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-client-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-client-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-debugsource-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-devel-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-dsdb-modules-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-dsdb-modules-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-gpupdate-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-ldb-ldap-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-ldb-ldap-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-libs-python3-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-libs-python3-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-python3-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-python3-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-test-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-test-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-tool-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-winbind-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-winbind-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-winbind-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-winbind-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 o openSUSE Leap 15.3 (aarch64 x86_64): samba-ceph-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-ceph-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 o openSUSE Leap 15.3 (aarch64_ilp32): libsamba-policy0-python3-64bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2 libsamba-policy0-python3-64bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-client-64bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-client-64bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-libs-64bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-libs-64bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-libs-python3-64bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-libs-python3-64bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 o openSUSE Leap 15.3 (x86_64): libsamba-policy0-python3-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2 libsamba-policy0-python3-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-ad-dc-libs-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-ad-dc-libs-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-client-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-client-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-client-libs-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-client-libs-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-devel-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-libs-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-libs-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-libs-python3-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-libs-python3-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-winbind-libs-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-winbind-libs-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 o openSUSE Leap 15.3 (noarch): samba-doc-4.15.8+git.527.8d0c05d313e-150300.3.40.2 o SUSE Linux Enterprise Module for Python2 15-SP3 (aarch64 ppc64le s390x x86_64): samba-ad-dc-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-ad-dc-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-debugsource-4.15.8+git.527.8d0c05d313e-150300.3.40.2 o SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64): libsamba-policy-devel-4.15.8+git.527.8d0c05d313e-150300.3.40.2 libsamba-policy-python3-devel-4.15.8+git.527.8d0c05d313e-150300.3.40.2 libsamba-policy0-python3-4.15.8+git.527.8d0c05d313e-150300.3.40.2 libsamba-policy0-python3-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-ad-dc-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-ad-dc-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-client-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-client-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-client-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-client-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-debugsource-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-devel-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-dsdb-modules-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-dsdb-modules-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-gpupdate-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-ldb-ldap-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-ldb-ldap-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-libs-python3-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-libs-python3-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-python3-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-python3-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-tool-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-winbind-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-winbind-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-winbind-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-winbind-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 o SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 x86_64): samba-ceph-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-ceph-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 o SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64): samba-ad-dc-libs-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-ad-dc-libs-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-client-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-client-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-client-libs-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-client-libs-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-devel-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-libs-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-libs-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-winbind-libs-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-winbind-libs-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 o SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64): samba-client-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-client-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-debugsource-4.15.8+git.527.8d0c05d313e-150300.3.40.2 o SUSE Linux Enterprise High Availability 15-SP3 (aarch64 ppc64le s390x x86_64): ctdb-4.15.8+git.527.8d0c05d313e-150300.3.40.2 ctdb-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-debugsource-4.15.8+git.527.8d0c05d313e-150300.3.40.2 o SUSE Enterprise Storage 7.1 (aarch64 x86_64): ctdb-4.15.8+git.527.8d0c05d313e-150300.3.40.2 ctdb-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-ceph-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-ceph-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-client-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-client-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-debugsource-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-libs-python3-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-libs-python3-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-winbind-4.15.8+git.527.8d0c05d313e-150300.3.40.2 samba-winbind-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2 References: o https://www.suse.com/security/cve/CVE-2022-1615.html o https://www.suse.com/security/cve/CVE-2022-32743.html o https://bugzilla.suse.com/1200102 o https://bugzilla.suse.com/1202803 o https://bugzilla.suse.com/1202976 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3GttckNZI30y1K9AQjPeQ//Udrs5Ipqo6cDQgyrByy5MqwYlQALMJOB 8842GyOGUr4/EPg5k7FA53vJrVxcU1Kg06GEgfV5GShSA7nqrJLnxbXAbE7nvQo/ 4QX8piV+nBN1OaLSI1pBW48tDadDKsWmqxdVQT+IhjIN9QafDtXeoqb7+qasO1hV kfGUip7TeKxJTArOTHEHgli/NxVaC5BvmlimdrnYSAKNr5w/y/G9srrbRYtf5w2H 3LmzIMZFPIQL45HDzXiDe+3NWiP5d7gCMIzeBrT0LLwDGfhI3w5bLmAjEX8NPXhJ E1/qZaLW06ou6uRUQ7eUWQwoKtzum3ZYYdqJs93QNilCUnMpUAN+xuYxfIS00muC vJA2yCEk4vauZ9HzKFmej+jf/pwaILNj/eUuz47BV8CLp/DV4qT4NvpShdhRdr1n bCydkXoHVccARBWxLclypqJN1dolS2GIMPeflxQGU1+SArMMp6Zy1gf3klEDBC1U yJ1JqyjxUfaQ1NWXMzrNd5SEoYSuno/zXjV7tm6u5ZTVzthE/6/iVG1kyeq2pCzU pvSoI/jf2OdtCXN9oa+OD5I7LH4O8hXIOYfRukvp5nmEtfzL5yUxPEgyejm5OwCL gf+ycAEOwBnc8AKWgl0uM/h1WXxUj9gbyHA5pT7Y2vJcXppKA1Di8KxqLkGhXv2k Y2EXBplbrvU= =v7/A -----END PGP SIGNATURE-----
2022. november 14.

ESB-2022.5853 - [SUSE] rustup: CVSS (Max): 4.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5853 Security update for rustup 14 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: rustup Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade CVE Names: CVE-2022-24713 CVE-2021-45710 Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20223949-1 Comment: CVSS (Max): 4.3 CVE-2022-24713 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) CVSS Source: SUSE Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for rustup ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3949-1 Rating: moderate References: #1194119 #1196972 Cross-References: CVE-2021-45710 CVE-2022-24713 Affected Products: SUSE Enterprise Storage 7.1 SUSE Linux Enterprise Desktop 15-SP3 SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise Module for Development Tools 15-SP3 SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.2 SUSE Manager Server 4.2 openSUSE Leap 15.3 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for rustup fixes the following issues: Updated to version 1.25.1~0: - CVE-2022-24713: Fixed Regex denial of service (bsc#1196972). - CVE-2021-45710: Fixed tokio data race with memory corruption (bsc#1194119). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-3949=1 o SUSE Linux Enterprise Module for Development Tools 15-SP3: zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-3949=1 Package List: o openSUSE Leap 15.3 (aarch64 x86_64): rustup-1.25.1~0-150300.7.13.2 rustup-debuginfo-1.25.1~0-150300.7.13.2 rustup-debugsource-1.25.1~0-150300.7.13.2 o SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 x86_64): rustup-1.25.1~0-150300.7.13.2 rustup-debuginfo-1.25.1~0-150300.7.13.2 rustup-debugsource-1.25.1~0-150300.7.13.2 References: o https://www.suse.com/security/cve/CVE-2021-45710.html o https://www.suse.com/security/cve/CVE-2022-24713.html o https://bugzilla.suse.com/1194119 o https://bugzilla.suse.com/1196972 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3GsN8kNZI30y1K9AQjfvQ//b9o9L2KHNxRViFqVes8yjOCXC0QeyyAl SpNheSW7+ns3X2jyNcWkORvUJ5S/ghVL/OfxddViTeaouyah3AZ9btES6eWnuiCL kWDtTzY/EN+1+ML0MT3EDH8KEBzSdsxs9o5pakv7yTkwgZqWxv0wVgQsTWmRebfK RKS3QKGjg/Qv+ncKAyKKvMHRkgAWrTowqtnHhwXfmQFaCbmPuFEt2C28QNlBeIyf //XdUVUL1tBjvlbR8pQDgu2nAw5JNMhilPWecQbhxQzQuxd5O1BzRP1ZcXVyltNv GeoUAomOf16QmKDCUHACSOU1SYiV/DuxN18SO7NH5ZGSiYAfgkWOdqzN/48Zk+uf qtdMvkLD1kuIhbu+wBNbKnf8fzdsryd6nU0cStKVQdFB0grEcXNHR9VrdA/TCodL dl/eZfDC+jMPe0HddDkEPJMHyQrm9cvJQRjOJq5u8yz5JElVmqHG9rvPGJT4fJ3h dX8aV1m4f2LCPhcLYK38yhzXDjQqdLMD7y08dYxWSobGFPZuJwswbcvgE0EKzpbP ZgaReTrAQHa2eiOdGKBkrsRG7UVOKt9+HKJafmIIaU4f1h1eYmf+gjgksS2QhCTT DT30vy0Auxxp8Ni4R9XdsSru1nNNTfoZWo8pxknnhC9I480KAFgoP1/Pa04Jtdg4 /Fg0rraHK6o= =B0jD -----END PGP SIGNATURE-----
2022. november 14.

ESB-2022.5852 - [SUSE] python-numpy: CVSS (Max): 6.2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5852 Security update for python-numpy 14 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: python-numpy Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade CVE Names: CVE-2017-12852 Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20223954-1 Comment: CVSS (Max): 6.2 CVE-2017-12852 (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVSS Source: SUSE Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for python-numpy ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3954-1 Rating: moderate References: #1053963 #1199500 Cross-References: CVE-2017-12852 Affected Products: SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server for SAP Applications 12-SP5 SUSE Linux Enterprise Software Development Kit 12-SP5 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for python-numpy fixes the following issues: - - CVE-2017-12852: Fixed missing input validation leading to infinite loops (bsc #1053963). Bugfixes: - - Use update-alternatives for /usr/bin/f2py (bsc#1199500). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2022-3954=1 o SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-3954=1 Package List: o SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): python-numpy-debuginfo-1.8.0-5.19.1 python-numpy-debugsource-1.8.0-5.19.1 python-numpy-devel-1.8.0-5.19.1 o SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): python-numpy-1.8.0-5.19.1 python-numpy-debuginfo-1.8.0-5.19.1 python-numpy-debugsource-1.8.0-5.19.1 References: o https://www.suse.com/security/cve/CVE-2017-12852.html o https://bugzilla.suse.com/1053963 o https://bugzilla.suse.com/1199500 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3GsFskNZI30y1K9AQhdqw//bPXoklZbZG40K+lqvQ7JCUmMQwBbOYfi xOc2RU9+uTehhbCMMGpCyGUHG5Yn3qsCW9sQf84GMMPiYYPx5Lid4CIzo7iKpZB8 +y+gHNW9CuM05JbhoZxqDQu62wvkRqPvFikUmWdgpLXfTP+7pVstKPkPgohfQlUw nELaBG3phcCgaYt7VXInqfApmVtdZ55c4QzfsIDwVCzenXJJEf/HOKOPAz3pMezO DjmiNMp3i6JH6fpy/Wk4B3fnbMWCpg5dkPNQmoO6yOdbg8FdYj5vX9MwNDK24qtt SM0XPumRZWOSGR83GRfHqy76/wtmDftyUi6kkiZj8mV/Ce8ekw3g4lSftEeK8U3O JgHzbnB4zLRThH9rCk5oRoPKVGSLHNRl4rm7rZOaWhhA2zHZ41F4hb2zeXY3yOP3 Ze90KuKTPNWviSS2NBFwVkcxmOWnpXltmrNyZquwLzQs4MCEAAW4eXJmwlCjUjPD pnwscU4ydUFKOgNM+T8RH3aeCEugfv2AS2vfpFxPMeA/xIbxHeFxdandG5jnh837 0Z82tjYMagK6k755rMDQkycob++nDXZxewI6BwD3bTjKKOlb9BFRwRb3nuZojhf2 VExyjziU+Fo+/9hZcZVa/7x+MppMjxhqNklofRrXYuDO/SZXtYLFYKW+o1yBMGJe t5Kj9PbLdSg= =oirW -----END PGP SIGNATURE-----
2022. november 14.

ESB-2022.5851 - [SUSE] php72: CVSS (Max): 6.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5851 Security update for php72 14 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: php72 Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade CVE Names: CVE-2022-31629 CVE-2022-31628 Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20223957-1 Comment: CVSS (Max): 6.5 CVE-2022-31629 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) CVSS Source: SUSE, [Red Hat] Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for php72 ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3957-1 Rating: moderate References: #1203867 #1203870 Cross-References: CVE-2022-31628 CVE-2022-31629 Affected Products: SUSE Linux Enterprise High Performance Computing 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Server 12-SP4 SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12-SP3 SUSE Linux Enterprise Server for SAP Applications 12-SP4 SUSE Linux Enterprise Server for SAP Applications 12-SP5 SUSE Linux Enterprise Software Development Kit 12-SP5 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for php72 fixes the following issues: o CVE-2022-31628: Fixed an uncontrolled recursion in the phar uncompressor while decompressing "quines" gzip files. (bsc#1203867) o CVE-2022-31629: Fixed a bug which could lead an attacker to set an insecure cookie that will treated as secure in the victim's browser. (bsc#1203870) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2022-3957=1 o SUSE Linux Enterprise Module for Web Scripting 12: zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2022-3957=1 Package List: o SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): php72-debuginfo-7.2.5-1.84.1 php72-debugsource-7.2.5-1.84.1 php72-devel-7.2.5-1.84.1 o SUSE Linux Enterprise Module for Web Scripting 12 (aarch64 ppc64le s390x x86_64): apache2-mod_php72-7.2.5-1.84.1 apache2-mod_php72-debuginfo-7.2.5-1.84.1 php72-7.2.5-1.84.1 php72-bcmath-7.2.5-1.84.1 php72-bcmath-debuginfo-7.2.5-1.84.1 php72-bz2-7.2.5-1.84.1 php72-bz2-debuginfo-7.2.5-1.84.1 php72-calendar-7.2.5-1.84.1 php72-calendar-debuginfo-7.2.5-1.84.1 php72-ctype-7.2.5-1.84.1 php72-ctype-debuginfo-7.2.5-1.84.1 php72-curl-7.2.5-1.84.1 php72-curl-debuginfo-7.2.5-1.84.1 php72-dba-7.2.5-1.84.1 php72-dba-debuginfo-7.2.5-1.84.1 php72-debuginfo-7.2.5-1.84.1 php72-debugsource-7.2.5-1.84.1 php72-dom-7.2.5-1.84.1 php72-dom-debuginfo-7.2.5-1.84.1 php72-enchant-7.2.5-1.84.1 php72-enchant-debuginfo-7.2.5-1.84.1 php72-exif-7.2.5-1.84.1 php72-exif-debuginfo-7.2.5-1.84.1 php72-fastcgi-7.2.5-1.84.1 php72-fastcgi-debuginfo-7.2.5-1.84.1 php72-fileinfo-7.2.5-1.84.1 php72-fileinfo-debuginfo-7.2.5-1.84.1 php72-fpm-7.2.5-1.84.1 php72-fpm-debuginfo-7.2.5-1.84.1 php72-ftp-7.2.5-1.84.1 php72-ftp-debuginfo-7.2.5-1.84.1 php72-gd-7.2.5-1.84.1 php72-gd-debuginfo-7.2.5-1.84.1 php72-gettext-7.2.5-1.84.1 php72-gettext-debuginfo-7.2.5-1.84.1 php72-gmp-7.2.5-1.84.1 php72-gmp-debuginfo-7.2.5-1.84.1 php72-iconv-7.2.5-1.84.1 php72-iconv-debuginfo-7.2.5-1.84.1 php72-imap-7.2.5-1.84.1 php72-imap-debuginfo-7.2.5-1.84.1 php72-intl-7.2.5-1.84.1 php72-intl-debuginfo-7.2.5-1.84.1 php72-json-7.2.5-1.84.1 php72-json-debuginfo-7.2.5-1.84.1 php72-ldap-7.2.5-1.84.1 php72-ldap-debuginfo-7.2.5-1.84.1 php72-mbstring-7.2.5-1.84.1 php72-mbstring-debuginfo-7.2.5-1.84.1 php72-mysql-7.2.5-1.84.1 php72-mysql-debuginfo-7.2.5-1.84.1 php72-odbc-7.2.5-1.84.1 php72-odbc-debuginfo-7.2.5-1.84.1 php72-opcache-7.2.5-1.84.1 php72-opcache-debuginfo-7.2.5-1.84.1 php72-openssl-7.2.5-1.84.1 php72-openssl-debuginfo-7.2.5-1.84.1 php72-pcntl-7.2.5-1.84.1 php72-pcntl-debuginfo-7.2.5-1.84.1 php72-pdo-7.2.5-1.84.1 php72-pdo-debuginfo-7.2.5-1.84.1 php72-pgsql-7.2.5-1.84.1 php72-pgsql-debuginfo-7.2.5-1.84.1 php72-phar-7.2.5-1.84.1 php72-phar-debuginfo-7.2.5-1.84.1 php72-posix-7.2.5-1.84.1 php72-posix-debuginfo-7.2.5-1.84.1 php72-pspell-7.2.5-1.84.1 php72-pspell-debuginfo-7.2.5-1.84.1 php72-readline-7.2.5-1.84.1 php72-readline-debuginfo-7.2.5-1.84.1 php72-shmop-7.2.5-1.84.1 php72-shmop-debuginfo-7.2.5-1.84.1 php72-snmp-7.2.5-1.84.1 php72-snmp-debuginfo-7.2.5-1.84.1 php72-soap-7.2.5-1.84.1 php72-soap-debuginfo-7.2.5-1.84.1 php72-sockets-7.2.5-1.84.1 php72-sockets-debuginfo-7.2.5-1.84.1 php72-sodium-7.2.5-1.84.1 php72-sodium-debuginfo-7.2.5-1.84.1 php72-sqlite-7.2.5-1.84.1 php72-sqlite-debuginfo-7.2.5-1.84.1 php72-sysvmsg-7.2.5-1.84.1 php72-sysvmsg-debuginfo-7.2.5-1.84.1 php72-sysvsem-7.2.5-1.84.1 php72-sysvsem-debuginfo-7.2.5-1.84.1 php72-sysvshm-7.2.5-1.84.1 php72-sysvshm-debuginfo-7.2.5-1.84.1 php72-tidy-7.2.5-1.84.1 php72-tidy-debuginfo-7.2.5-1.84.1 php72-tokenizer-7.2.5-1.84.1 php72-tokenizer-debuginfo-7.2.5-1.84.1 php72-wddx-7.2.5-1.84.1 php72-wddx-debuginfo-7.2.5-1.84.1 php72-xmlreader-7.2.5-1.84.1 php72-xmlreader-debuginfo-7.2.5-1.84.1 php72-xmlrpc-7.2.5-1.84.1 php72-xmlrpc-debuginfo-7.2.5-1.84.1 php72-xmlwriter-7.2.5-1.84.1 php72-xmlwriter-debuginfo-7.2.5-1.84.1 php72-xsl-7.2.5-1.84.1 php72-xsl-debuginfo-7.2.5-1.84.1 php72-zip-7.2.5-1.84.1 php72-zip-debuginfo-7.2.5-1.84.1 php72-zlib-7.2.5-1.84.1 php72-zlib-debuginfo-7.2.5-1.84.1 o SUSE Linux Enterprise Module for Web Scripting 12 (noarch): php72-pear-7.2.5-1.84.1 php72-pear-Archive_Tar-7.2.5-1.84.1 References: o https://www.suse.com/security/cve/CVE-2022-31628.html o https://www.suse.com/security/cve/CVE-2022-31629.html o https://bugzilla.suse.com/1203867 o https://bugzilla.suse.com/1203870 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3Gr/MkNZI30y1K9AQha7hAAnHe7HHLRP574o9dIbOqsldC1cAUJ2X6L snrRIyGQiyOlva0Q9Jlcp2opcGeSB3A30UBGrBgp4qGKiunOkXB2EHXpnZRXKANR hU3Xf8Z0LrHXnHY7TlUpu5yPuZKK/2G9tyEJJOOL2ZofUvQI2wav5sEZfzvpLwma wAsPqCKpNzq6TF/vPnnamr3EnRAZRQjjFqejWoGQ2iTcRdhd8y/7fSJKWLHFADxs jf29bUBTcHeUurHMZ2DyyR/7e8tTw7mUljSX+DAky1RNSyyH2g1z2nxh3Eqr/+O7 n/1QtuMU+8Y1U2Jxx/BmV/HL5Bmdfo1F/VxH2yEYKt2SYv4Jq0TFBTvlNGtxWeu1 BGziLZUAGkzwT/1GEPhlvHhSr1qrQvqCwxK6BsDfaBV0Byx/GXlvl8TjgLIFHixX oii401Hbmj+9bw5GgOFuhHjsKfIOd4fKz0qVOSAgeMQMtHhqlWBjXc2dQ+GKMWgD N31J1yXFvkwY47mIPRZfIDFXv7ENXKQ61IbRjxQ7V/6YGUcG18edPfBakr9SFdg6 ud6aMlmGROt/aIqBCP7ehHDsm+xNP86fPyxw5AL39M5HOFl8ZeaeczbKmLFAB170 O53oOqT+P9QtdUqEF12EU83EMTs6I4QYAlzlRuJ3exJtGzhxwcoI9knUJXBNz/IV 5dPT6TKxbGc= =q7rE -----END PGP SIGNATURE-----
2022. november 14.

ESB-2022.5850 - [SUSE] busybox: CVSS (Max): 9.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5850 Security update for busybox 14 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: busybox Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade CVE Names: CVE-2021-42386 CVE-2021-42385 CVE-2021-42384 CVE-2021-42383 CVE-2021-42382 CVE-2021-42381 CVE-2021-42380 CVE-2021-42379 CVE-2021-42378 CVE-2021-42377 CVE-2021-42376 CVE-2021-42375 CVE-2021-42374 CVE-2021-42373 CVE-2021-28831 CVE-2019-5747 CVE-2018-1000517 CVE-2018-1000500 CVE-2018-20679 CVE-2017-16544 CVE-2017-15874 CVE-2017-15873 CVE-2016-6301 CVE-2016-2148 CVE-2016-2147 CVE-2015-9261 CVE-2011-5325 Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20223959-1 Comment: CVSS (Max): 9.8 CVE-2016-2148 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSS Source: SUSE, Red Hat, [NVD] Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for busybox ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3959-1 Rating: important References: #1064976 #1064978 #1069412 #1099260 #1099263 #1102912 #1121426 #1121428 #1184522 #1192869 #951562 #970662 #970663 #991940 Cross-References: CVE-2011-5325 CVE-2015-9261 CVE-2016-2147 CVE-2016-2148 CVE-2016-6301 CVE-2017-15873 CVE-2017-15874 CVE-2017-16544 CVE-2018-1000500 CVE-2018-1000517 CVE-2018-20679 CVE-2019-5747 CVE-2021-28831 CVE-2021-42373 CVE-2021-42374 CVE-2021-42375 CVE-2021-42376 CVE-2021-42377 CVE-2021-42378 CVE-2021-42379 CVE-2021-42380 CVE-2021-42381 CVE-2021-42382 CVE-2021-42383 CVE-2021-42384 CVE-2021-42385 CVE-2021-42386 Affected Products: SUSE Linux Enterprise Desktop 15-SP4 SUSE Linux Enterprise High Performance Computing 15-SP4 SUSE Linux Enterprise Module for Basesystem 15-SP4 SUSE Linux Enterprise Server 15-SP4 SUSE Linux Enterprise Server for SAP Applications 15-SP4 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that fixes 27 vulnerabilities is now available. Description: This update for busybox fixes the following issues: o Enable switch_root With this change virtme --force-initramfs works as expected. o Enable udhcpc busybox was updated to 1.35.0 o Adjust busybox.config for new features in find, date and cpio o Annotate CVEs already fixed in upstream, but not mentioned in .changes yet: o CVE-2017-16544 (bsc#1069412): Insufficient sanitization of filenames when autocompleting o CVE-2015-9261 (bsc#1102912): huft_build misuses a pointer, causing segfaults o CVE-2016-2147 (bsc#970663): out of bounds write (heap) due to integer underflow in udhcpc o CVE-2016-2148 (bsc#970662): heap-based buffer overflow in OPTION_6RD parsing o CVE-2016-6301 (bsc#991940): NTP server denial of service flaw o CVE-2017-15873 (bsc#1064976): The get_next_block function in archival/ libarchive/decompress_bunzip2.c has an Integer Overflow o CVE-2017-15874 (bsc#1064978): archival/libarchive/decompress_unlzma.c has an Integer Underflow o CVE-2019-5747 (bsc#1121428): out of bounds read in udhcp components o CVE-2021-42373, CVE-2021-42374, CVE-2021-42375, CVE-2021-42376, CVE-2021-42377, CVE-2021-42378, CVE-2021-42379, CVE-2021-42380, CVE-2021-42381, CVE-2021-42382, CVE-2021-42383, CVE-2021-42384, CVE-2021-42385, CVE-2021-42386 (bsc#1192869) : v1.34.0 bugfixes o CVE-2021-28831 (bsc#1184522): invalid free or segmentation fault via malformed gzip data o CVE-2018-20679 (bsc#1121426): out of bounds read in udhcp o CVE-2018-1000517 (bsc#1099260): Heap-based buffer overflow in the retrieve_file_data() o CVE-2011-5325 (bsc#951562): tar directory traversal o CVE-2018-1000500 (bsc#1099263): wget: Missing SSL certificate validation Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-3959=1 o SUSE Linux Enterprise Module for Basesystem 15-SP4: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3959=1 Package List: o openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): busybox-1.35.0-150400.3.3.1 busybox-static-1.35.0-150400.3.3.1 busybox-testsuite-1.35.0-150400.3.3.1 o openSUSE Leap 15.4 (aarch64 x86_64): busybox-warewulf3-1.35.0-150400.3.3.1 o SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64): busybox-1.35.0-150400.3.3.1 busybox-static-1.35.0-150400.3.3.1 References: o https://www.suse.com/security/cve/CVE-2011-5325.html o https://www.suse.com/security/cve/CVE-2015-9261.html o https://www.suse.com/security/cve/CVE-2016-2147.html o https://www.suse.com/security/cve/CVE-2016-2148.html o https://www.suse.com/security/cve/CVE-2016-6301.html o https://www.suse.com/security/cve/CVE-2017-15873.html o https://www.suse.com/security/cve/CVE-2017-15874.html o https://www.suse.com/security/cve/CVE-2017-16544.html o https://www.suse.com/security/cve/CVE-2018-1000500.html o https://www.suse.com/security/cve/CVE-2018-1000517.html o https://www.suse.com/security/cve/CVE-2018-20679.html o https://www.suse.com/security/cve/CVE-2019-5747.html o https://www.suse.com/security/cve/CVE-2021-28831.html o https://www.suse.com/security/cve/CVE-2021-42373.html o https://www.suse.com/security/cve/CVE-2021-42374.html o https://www.suse.com/security/cve/CVE-2021-42375.html o https://www.suse.com/security/cve/CVE-2021-42376.html o https://www.suse.com/security/cve/CVE-2021-42377.html o https://www.suse.com/security/cve/CVE-2021-42378.html o https://www.suse.com/security/cve/CVE-2021-42379.html o https://www.suse.com/security/cve/CVE-2021-42380.html o https://www.suse.com/security/cve/CVE-2021-42381.html o https://www.suse.com/security/cve/CVE-2021-42382.html o https://www.suse.com/security/cve/CVE-2021-42383.html o https://www.suse.com/security/cve/CVE-2021-42384.html o https://www.suse.com/security/cve/CVE-2021-42385.html o https://www.suse.com/security/cve/CVE-2021-42386.html o https://bugzilla.suse.com/1064976 o https://bugzilla.suse.com/1064978 o https://bugzilla.suse.com/1069412 o https://bugzilla.suse.com/1099260 o https://bugzilla.suse.com/1099263 o https://bugzilla.suse.com/1102912 o https://bugzilla.suse.com/1121426 o https://bugzilla.suse.com/1121428 o https://bugzilla.suse.com/1184522 o https://bugzilla.suse.com/1192869 o https://bugzilla.suse.com/951562 o https://bugzilla.suse.com/970662 o https://bugzilla.suse.com/970663 o https://bugzilla.suse.com/991940 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3Gr28kNZI30y1K9AQg9cQ//b8ozUWkUW/j5pMaHbYJPocF5sI2c5E7l GHIzoAYoGy8df2GEg0iwNCebiIadJBXFexPQseR5MjKqA2SPEAPTQQr4vLZrwOOg LMkhxFolebvw0HcKwEn58yz6ccn67Vx8cy352jG3kxq583BCXPitvtpLuFcfMLi+ yLn9XkdtBPvnDMqoiCPUnA8r9m4jS8EO+tzvmRU1FFvs6BNP7Nri3PO1I/nP9Mbd w092nlWIghV0v4VWIxpHt6KAMqy6JBpqjkLaeHtJl1aUhp/LbIBPdekaeePG7jbg 0M2GZmMofiIkFjj/vkf4xjLiKdgQBajKMUSpofCG0JFJnfTdJIWs/PZtGASeo8yZ kwRss4Vni7wZaQuQev/VtZW74LwiKg8FEAe0CwkPVFhH6h3ELib92i0pa2AdXtVs /vBY4fTT7z5oRJj0rE5IML8OCYmm6xJXwM+A9Vc/pO9kMd8wgRu7bGkwbrP6eRYp 8MavBpIRNAKtgfISRs1CMbcrpLEUs+iPCvk5Th4LgNnq2voHt13xPOErYe4ZpwpQ gZFGz9E0b+tQASXPvxgGPBYvClTv99JsL+Rrj2U+rRVZtg0jALS1ow3ub/P0LSlu osRmqglTu30Dv6O4dXVzgTBK5ZWCrSfj9sSUjePDo+t0oXZqfswyHmiJKVFp9nbZ r+BDMdkQ4iE= =aRkL -----END PGP SIGNATURE-----
2022. november 14.

ESB-2022.5849 - [SUSE] cni-plugin-dnsname: CVSS (Max): None

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5849 Feature update for cni-plugin-dnsname 14 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: cni-plugin-dnsname Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-fu-20223948-1 Comment: CVSS (Max): None available when published - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Feature Update: Feature update for cni-plugin-dnsname ______________________________________________________________________________ Announcement ID: SUSE-FU-2022:3948-1 Rating: important References: Affected Products: SUSE Linux Enterprise Micro 5.2 openSUSE Leap Micro 5.2 ______________________________________________________________________________ An update that has 0 feature fixes and contains two features can now be installed. Description: This update for cni-plugin-dnsname fixes the following issues: o Provide package cni-plugin-dnsname to SUSE Linux Enteprise Micro 5.2 (jsc# SMO-129, jsc#SMO-63) Patch Instructions: To install this SUSE Feature Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o openSUSE Leap Micro 5.2: zypper in -t patch openSUSE-Leap-Micro-5.2-2022-3948=1 o SUSE Linux Enterprise Micro 5.2: zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-3948=1 Package List: o openSUSE Leap Micro 5.2 (aarch64 ppc64le s390x x86_64): cni-plugin-dnsname-1.3.1-150300.1.3.1 cni-plugin-dnsname-debuginfo-1.3.1-150300.1.3.1 o SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64): cni-plugin-dnsname-1.3.1-150300.1.3.1 cni-plugin-dnsname-debuginfo-1.3.1-150300.1.3.1 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3GruskNZI30y1K9AQg2fQ/+NRl7Fe9cTBe5Sn0hZgfqV/qnU68P1x7j bVFzxuHagLD1QBF7CpvsiC6QNBi8JEQsBWtNWSG8It6xAXjdt4urfyP+ifELLYcT 7/jRk/RaQ7IeI+AxPCDXzllVOVx7POEoM827GJxss14ryJlVDevcXp4T1knHdJEJ jjA2eOEfpEQUMkTIy6/qL303Xo0UenGzoH8LWpDUJxtycj9/TKhuMY86Fo2cwTO/ 8Z8NH9Vd9FEws+NL6ORkng89nSuiUf0FkdPRDBAJ4YjVZPWtDeZPiitQEo/mu23P hWXujp2gc9iSkttnjcdr2hNZlg4BrJc0hdCPYEk7YYZ/5/zCsoEXWgXjRnEBe/Ip ZqMEQTlblNWGZbtttjvJpCUHWDbz2z3c42PN61HUg6OTWUmT4Dn8xlERke6a5Znx AsDW2/nVkSPGj25JjpeJV/oPW0WHmx8T95Vw0Nb0veSc22l9kd3zw1r36tf+LJ6X 5/vVojZ9Yrd0mPmqHAnM55NBcWiV8ZgmiR4CGQY7Ju0MaWXHn8+j1C0QKXcRnDUY Jt5pBoy7eakZTVR6/iuw1nnARJIJTyhVhQJYEYAolTFfFxOWMoiBLlhIAnDupJcR fXb1o+1UaCi9VvFXQraIGE0LX3JDu9MPjmiCukXENePk4ldnHWVErgJQBIEmLqPM b9mUnObyceA= =NPRp -----END PGP SIGNATURE-----
2022. november 14.

ESB-2022.5848 - [Win][UNIX/Linux] Ruby: CVSS (Max): None

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5848 Ruby 3.2.0 Preview 3 Released 14 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Ruby Publisher: Ruby Operating System: UNIX variants (UNIX, Linux, OSX) Windows Resolution: Patch/Upgrade Original Bulletin: https://www.ruby-lang.org/en/news/2022/11/11/ruby-3-2-0-preview3-released/ Comment: CVSS (Max): None available when published - --------------------------BEGIN INCLUDED TEXT-------------------- Ruby 3.2.0 Preview 3 Released Posted by naruse on 11 Nov 2022 We are pleased to announce the release of Ruby 3.2.0-preview3. Ruby 3.2 adds many features and performance improvements. WASI based WebAssembly support This is an initial port of WASI based WebAssembly support. This enables a CRuby binary to be available on Web browser, Serverless Edge environment, and other WebAssembly/WASI embedders. Currently this port passes basic and bootstrap test suites not using Thread API. [opCgKy2] Background WebAssembly (Wasm) is originally introduced to run programs safely and fast in web browsers. But its objective - running programs efficinently with security on various environment - is long wanted not only by web but also by general applications. WASI (The WebAssembly System Interface) is designed for such use cases. Though such applications need to communicate with operating systems, WebAssembly runs on a virtual machine which didn t have a system interface. WASI standardizes it. WebAssembly/WASI Support in Ruby intends to leverage those projects. It enables Ruby developers to write applications which runs on such promised platform. Use case This support encourages developers can utilize CRuby in WebAssembly environment. An example use case of it is TryRuby playground s CRuby support. Now you can try original CRuby in your web browser. Technical points Today s WASI and WebAssembly itself has some missing features to implement Fiber, exception, and GC because it s still evolving and also for security reasons. So CRuby fills the gap by using Asyncify, which is a binary transformation technique to control execution in userland. In addition, we built a VFS on top of WASI so that we can easily pack Ruby apps into a single .wasm file. This makes distribution of Ruby apps a bit easier. Related links o Add WASI based WebAssembly support #5407 o An Update on WebAssembly/WASI Support in Ruby Regexp improvements against ReDoS It is known that Regexp matching may take unexpectedly long. If your code attempts to match an possibly inefficient Regexp against an untrusted input, an attacker may exploit it for efficient Denial of Service (so-called Regular expression DoS, or ReDoS). We have introduced two improvements that significantly mitigate ReDoS. Improved Regexp matching algorithm Since Ruby 3.2, Regexp s matching algorithm has been greatly improved by using memoization technique. # This matching takes 10 sec. in Ruby 3.1, and does 0.003 sec. in Ruby 3.2 /^a*ba*$/ =~ "a" * 50000 + "x" The improved matching algorithm allows most of Regexp matching (about 90% in our experiments) to be completed in linear time. (For preview users: this optimization may consume memory proportional to the input length for each matching. We expect no practical problems to arise because this memory allocation is usually delayed, and a normal Regexp matching should consume at most 10 times as much memory as the input length. If you run out of memory when matching Regexps in a real-world application, please report it.) The original proposal is https://bugs.ruby-lang.org/issues/19104 Regexp timeout The optimization above cannot be applied to some kind of regular expressions, such as including advanced features (e.g., back-references or look-around), or with huge fixed number of repetitions. As a fallback measure, a timeout feature for Regexp matching is also introduced. Regexp.timeout = 1.0 /^a*ba*()\1$/ =~ "a" * 50000 + "x" #=> Regexp::TimeoutError is raised in one second Note that Regexp.timeout is a global configuration. If you want to use different timeout settings for some special Regexps, you may want to use timeout keyword for Regexp.new . Regexp.timeout = 1.0 # This regexp has no timeout long_time_re = Regexp.new("^a*ba*()\1$", timeout: Float::INFINITY) long_time_re =~ "a" * 50000 + "x" # never interrupted The original proposal is https://bugs.ruby-lang.org/issues/17837 Other Notable New Features No longer bundle 3rd party sources o We no longer bundle 3rd party sources like libyaml , libffi . libyaml source has been removed from psych. You may need to install libyaml-dev with Ubuntu/Debian platfrom. The package name is different each platforms. bundled libffi source is also removed from fiddle Language o Anonymous rest and keyword rest arguments can now be passed as arguments, instead of just used in method parameters. [ Feature #18351 ] def foo(*) bar(*) end def baz(**) quux(**) end o A proc that accepts a single positional argument and keywords will no longer autosplat. [ Bug #18633 ] proc{|a, **k| a}.call([1, 2]) # Ruby 3.1 and before # => 1 # Ruby 3.2 and after # => [1, 2] o Constant assignment evaluation order for constants set on explicit objects has been made consistent with single attribute assignment evaluation order. With this code: foo::BAR = baz foo is now called before baz . Similarly, for multiple assignments to constants, left-to-right evaluation order is used. With this code: foo1::BAR1, foo2::BAR2 = baz1, baz2 The following evaluation order is now used: 1. foo1 2. foo2 3. baz1 4. baz2 [ Bug #15928 ] o Find pattern is no longer experimental. [ Feature #18585 ] o Methods taking a rest parameter (like *args ) and wishing to delegate keyword arguments through foo(*args) must now be marked with ruby2_keywords (if not already the case). In other words, all methods wishing to delegate keyword arguments through *args must now be marked with ruby2_keywords , with no exception. This will make it easier to transition to other ways of delegation once a library can require Ruby 3+. Previously, the ruby2_keywords flag was kept if the receiving method took *args , but this was a bug and an inconsistency. A good technique to find the potentially-missing ruby2_keywords is to run the test suite, for where it fails find the last method which must receive keyword arguments, use puts nil, caller, nil there, and check each method/block on the call chain which must delegate keywords is correctly marked as ruby2_keywords . [ Bug #18625 ] [ Bug #16466 ] def target(**kw) end # Accidentally worked without ruby2_keywords in Ruby 2.7-3.1, ruby2_keywords # needed in 3.2+. Just like (*args, **kwargs) or (...) would be needed on # both #foo and #bar when migrating away from ruby2_keywords. ruby2_keywords def bar(*args) target(*args) end ruby2_keywords def foo(*args) bar(*args) end foo(k: 1) Performance improvements YJIT o Support arm64 / aarch64 on UNIX platforms. o Building YJIT requires Rust 1.58.1+. [ Feature #18481 ] Other notable changes since 3.1 o Hash Hash#shift now always returns nil if the hash is empty, instead of returning the default value or calling the default proc. [ Bug #16908 ] o MatchData MatchData#byteoffset has been added. [ Feature #13110 ] o Module Module.used_refinements has been added. [ Feature #14332 ] Module#refinements has been added. [ Feature #12737 ] Module#const_added has been added. [ Feature #17881 ] o Proc Proc#dup returns an instance of subclass. [ Bug #17545 ] Proc#parameters now accepts lambda keyword. [ Feature #15357 ] o Refinement Refinement#refined_class has been added. [ Feature #12737 ] o RubyVM::AbstractSyntaxTree Add error_tolerant option for parse , parse_file and of . [[Feature # 19013]] o Set Set is now available as a builtin class without the need for require "set" . [ Feature #16989 ] It is currently autoloaded via the Set constant or a call to Enumerable#to_set . o String String#byteindex and String#byterindex have been added. [ Feature # 13110 ] Update Unicode to Version 14.0.0 and Emoji Version 14.0. [ Feature # 18037 ] (also applies to Regexp) String#bytesplice has been added. [ Feature #18598 ] o Struct A Struct class can also be initialized with keyword arguments without keyword_init: true on Struct.new [ Feature #16806 ] Compatibility issues Note: Excluding feature bug fixes. Removed constants The following deprecated constants are removed. o Fixnum and Bignum [ Feature #12005 ] o Random::DEFAULT [ Feature #17351 ] o Struct::Group o Struct::Passwd Removed methods The following deprecated methods are removed. o Dir.exists [ Feature #17391 ] o File.exists [ Feature #17391 ] o Kernel#=~ [ Feature #15231 ] o Kernel#taint , Kernel#untaint , Kernel#tainted [ Feature #16131 ] o Kernel#trust , Kernel#untrust , Kernel#untrusted [ Feature #16131 ] Stdlib compatibility issues o Psych no longer bundles libyaml sources. Users need to install the libyaml library themselves via the package system. [ Feature #18571 ] C API updates Updated C APIs The following APIs are updated. o PRNG update rb_random_interface_t updated and versioned. Extension libraries which use this interface and built for older versions. Also init_int32 function needs to be defined. Removed C APIs The following deprecated APIs are removed. o rb_cData variable. o taintedness and trustedness functions. [ Feature #16131 ] Standard libraries updates o SyntaxSuggest The feature of syntax_suggest formerly dead_end is integrated in Ruby. [ Feature #18159 ] o ErrorHighlight Now it points an argument(s) of TypeError and ArgumentError test.rb:2:in `+': nil can't be coerced into Integer (TypeError) sum = ary[0] + ary[1] ^^^^^^ o The following default gems are updated. RubyGems 3.4.0.dev bigdecimal 3.1.2 bundler 2.4.0.dev cgi 0.3.2 date 3.2.3 error_highlight 0.4.0 etc 1.4.0 io-console 0.5.11 io-nonblock 0.1.1 io-wait 0.3.0.pre ipaddr 1.2.4 json 2.6.2 logger 1.5.1 net-http 0.2.2 net-protocol 0.1.3 ostruct 0.5.5 psych 5.0.0.dev reline 0.3.1 securerandom 0.2.0 set 1.0.3 stringio 3.0.3 syntax_suggest 0.0.1 timeout 0.3.0 o The following bundled gems are updated. minitest 5.16.3 net-imap 0.2.3 rbs 2.6.0 typeprof 0.21.3 debug 1.6.2 o The following default gems are now bundled gems. See NEWS or commit logs for more details. With those changes, 2719 files changed, 191269 insertions(+), 120315 deletions (-) since Ruby 3.1.0! Download o https://cache.ruby-lang.org/pub/ruby/3.2/ruby-3.2.0-preview3.tar.gz SIZE: 20086542 SHA1: dafca8116d36ceaa32482ab38359768de8c3ae5e SHA256: c041d1488e62730d3a10dbe7cf7a3b3e4268dc867ec20ec991e7d16146640487 SHA512: 860634d95e4b9c48f18d38146dfbdc3c389666d45454248a4ccdfc3a5d3cd0c71c73533aabf359558117de9add1472af228d8eaec989c9336b1a3a6f03f1ae88 o https://cache.ruby-lang.org/pub/ruby/3.2/ruby-3.2.0-preview3.tar.xz SIZE: 14799804 SHA1: c94e2add05502cb5c39afffc995b7c8f000f7df0 SHA256: d3f5619de544240d92a5d03aa289e71bd1103379622c523a0e80ed029a74b3bb SHA512: c1864e2e07c3711eaa17d0f85dfbcc6e0682b077782bb1c155315af45139ae66dc4567c73682d326975b0f472111eb0a70f949811cb54bed0b3a816ed6ac34df o https://cache.ruby-lang.org/pub/ruby/3.2/ruby-3.2.0-preview3.zip SIZE: 24426893 SHA1: 346c051c4be7ab8d0b551fd2ff8169785697db62 SHA256: cf49aa70e7ebd8abebffd5e49cd3bd92e5b9f3782d587cc7ed88c98dd5f17069 SHA512: 4f22b5ea91be17ef5f68cf0acb1e3a226dcc549ad71cc9b40e623220087c4065ca9bea942710f668e5c94ca0323da8d2ccd565f95a9085c1a0e38e9c0543b22f What is Ruby Ruby was first developed by Matz (Yukihiro Matsumoto) in 1993, and is now developed as Open Source. It runs on multiple platforms and is used all over the world especially for web development. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3GroMkNZI30y1K9AQgaHRAAsM90GsTZ023Pbx4bmU+7nYuPxp6cFTma IYVB1FWVJrG7f37u0uClKX0MjJkFCOlJ6M4gVDD3ZSSSFBXbewGDTd3Dq++qlgpQ QsT1lKMKG8norqLSQsJabFX4PhDHpCxBfwiNUoQHt2UToZvvLXna2Zq2ADuPqPw9 QyH/3NOZLz9W2gHUmxbTHEGeSUC4yE3wALX4/F4+Sdz7ojcpHPsZJGsdL5Rxr7KE 9uMITxQCpMk69O+NfjxC/fuHgotf0LMQ/nUbie2peAbcHWX/2ETSKrJ3ab3QxSSF KQTYhLGYyZgfH+NLne+V5hwlnLk3GH3zfpF/EjGBNpOtZph2Wegb/4aZTc1GQkeo R5elENdAkgrOTtsiTohsUDEWCETfgp4mHRbUAm4bC+pNvsfJXBGC0NJhlyhgthzT +gDAUjGl1ZokOEeYv+V/sbpgete9qjR6BQoVL5lasHXt3ExI9syEpmgqpGzX7oXb xk1rF3+zj/5soCFAxNgM8jDAsLXTIORzG23CbOktWn+QaDYNh18u5Ofmu1kRcdA0 hexARi8YbhhvYH0lTtCwuV0aUf0f7MHI+e3seX5l1FZGsmqD5UqZtRxuD+idteRJ tqIZCEH16aPMCgDsDIn7cbvPfZFPHv3AB3m2Nz5Pi9H06x1mvE4wEWViHt7mp/GC sHMKquZIArM= =+yhV -----END PGP SIGNATURE-----
2022. november 11.

ESB-2022.5847 - [Win][UNIX/Linux] Intel WiFi products: CVSS (Max): 4.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5847 Intel PROSet/Wireless WiFi, Intel vPro CSME WiFi and Killer WiFi Advisory 11 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Intel PROSet/Wireless WiFi Intel vPro CSME WiFi Killer WiFi Publisher: Intel Operating System: Windows UNIX variants (UNIX, Linux, OSX) Resolution: Patch/Upgrade CVE Names: CVE-2022-26047 Original Bulletin: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00699.html Comment: CVSS (Max): 4.3 CVE-2022-26047 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) CVSS Source: Intel Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L - --------------------------BEGIN INCLUDED TEXT-------------------- Intel ID: INTEL-SA-00699 Advisory Category: Firmware Impact of vulnerability : Denial of Service Severity rating : MEDIUM Original release: 11/08/2022 Last revised: 11/08/2022 Summary: A potential security vulnerability in some Intel PROSet/Wireless WiFi, Intel vPro CSME WiFi and Killer WiFi products may allow denial of service. Intel is releasing a firmware update to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-26047 Description: Improper input validation for some Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer(TM) WiFi products may allow unauthenticated user to potentially enable denial of service via local access. CVSS Base Score: 4.3 Medium CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: Intel PROSet/Wireless WiFi firmware before version 22.140, Killer WiFi firmware before version 3.1122.3158 and UEFI version 2.2.14.22176.2. +--------------------+--------------------------------------+-----------------------------+ |CVE ID |Affected Products |Affected OS | +--------------------+--------------------------------------+-----------------------------+ |CVE-2022-26047 |Intel Wi-Fi 6E AX411 |Windows 10 & 11 | | | | | | |Intel Wi-Fi 6E AX211 |Linux | | | | | | |Intel Wi-Fi 6E AX210 |Chrome OS | | | | | | |Intel Wi-Fi 6 AX201 |UEFI | | | | | | |Intel Wi-Fi 6 AX200 |CSME | +--------------------+--------------------------------------+-----------------------------+ |CVE-2022-26047 |Killer Wi-Fi 6E AX1690 |Windows 10 & 11 | | | | | | |Killer Wi-Fi 6E AX1675 | | | | | | | |Killer Wi-Fi 6 AX1650 | | +--------------------+--------------------------------------+-----------------------------+ Recommendations: Windows: Intel recommends updating Intel PROSet/Wireless WiFi software to version 22.140 or later. Updates are available for download at this location: https://www.intel.com/content/www/us/en/download/19351/ windows-10-and-windows-11-wi-fi-drivers-for-intel-wireless-adapters.html Intel recommends updating Killer WiFi software to version 3.1122.3158 or later. Updates for Killer products are available for download at this location: https://www.intel.com/content/www/us/en/download/19779/ intel-killer-performance-suite.html?wapkw=killer UEFI: Intel recommends updating Intel PROSet/Wireless WiFi UEFI drivers to version 2.2.14.22176 or later. Please contact your OEM support group to obtain the correct driver version. Chrome OS: Intel PROSet/Wireless WiFi drivers to mitigate this vulnerability will be up streamed to Chromium by November 08, 2022. For any Google Chrome OS solution and schedule, please contact Google directly. Linux OS: Intel PROSet/Wireless WiFi drivers to mitigate this vulnerability will be up streamed by November 08, 2022. Consult the regular open-source channels to obtain this update. Recommendation for Intel vPRO CSME WiFi products: Intel recommends updating Intel vPRO CSME WiFi products to the following versions or newer. +-----------------------------+--------------------------------------+------------------------------+ |Platform |CSME Version |Device | +-----------------------------+--------------------------------------+------------------------------+ |12th Generation Intel Core |16.1.25.1885v2 |Intel Wi-Fi 6E AX211 | |Processor | | | | | |Intel Wi-Fi 6E AX210 | +-----------------------------+--------------------------------------+------------------------------+ |12th Generation Intel Core |16.1.25.1865v6.1 |Intel Wi-Fi 6E AX211 | |Processor - Performance cores| | | | | |Intel Wi-Fi 6E AX210 | +-----------------------------+--------------------------------------+------------------------------+ | | |Intel Wi-Fi 6 AX210 | |11th Generation Intel Core | | | |Processor |15.0.42.2235 |Intel Wi-Fi 6 AX201 | | | | | | | |Intel Wi-Fi 6 AX200 | +-----------------------------+--------------------------------------+------------------------------+ | | |Intel Wi-Fi 6E AX210 | |10th Generation Intel Core | | | |Processor |14.1.67.2046 |Intel Wi-Fi 6 AX201 | | | | | | | |ntel Wi-Fi 6 AX200 | +-----------------------------+--------------------------------------+------------------------------+ |9th Generation Intel Core |12.0.92.2145v3 |Intel Wi-Fi 6 AX200 | |Processor | | | +-----------------------------+--------------------------------------+------------------------------+ |8th Generation Intel Core |12.0.92.2145v3 |Intel Wi-Fi 6 AX200 | |Processor | | | +-----------------------------+--------------------------------------+------------------------------+ Intel recommends that users of Intel vPRO CSME WiFi products update to the latest version provided by the system manufacturer that addresses these issues. Acknowledgements: The following issue was found internally by an Intel employee. Intel would like to thank Julien Lenoir. Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available. Revision History Revision Date Description 1.0 11/08/2022 Initial Release - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY231vskNZI30y1K9AQgf6hAAuBUHpkE6CbXZZQdfqBZ2aGY7+1nDOEpX BRbQR9KWFwHX3r5bAAYXAhnIhKtst35fYYZowoGxzdHESCMLYj+3ZbEjlAzsWukq BfP1+Gqc66oq14UPTFVAREVEHI3fxUKollNeUsv5WzVDpfrAmbtzI+1EG+zEJZbv USrszwNE7xMNW3ORhAEyPaiXuICNjPX5HKmZKUeoy4PYWIuw7NolA128/F/J7hYY s5Yj4r5BvgwlozhndRBncEH2TFr/mU5sD4+IECYGIVVXebF9xcPtazeckQGisgFw NZEH+Jp7QtUoLhwhe4ovavjyUvFZbttpDTdmuDDNXA+IjSl2p9jUa5+71C/Sc2g2 D7bzGwM7zi+38kMdPjTUhEraP/BcTxDMbVF2nUSKBomatikXo4VHbO0cQ/jfR6Iq C7eDkwpgUQAYW1myu4m3z69b9IWrEhsStX5XhGBfXdDds7qK0N2uKjCOPdt5mnqr A1nVZAbTnH+hXkrZAb2JRCI1tl7WzUJw8FeRaewv0ButsGk/hFtp2o4VjP9+2rZJ 6UYp8F+Opp3C+04MfhP4iUUJr3LWkdNBLjspcFwyA+eUkqZIoY5tn0fcQNdcXPDH pqJxHtlNcbv6COQOGJ9FfnOmv/lzJYi27Jj5ceSXN+okPVg6lyyCKU4eBZqsVbNN rHJwqIqRh1s= =B9bl -----END PGP SIGNATURE-----
2022. november 11.

ESB-2022.5846 - [Win][UNIX/Linux] Intel Server Boards and Server Systems: CVSS (Max): 8.2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5846 Intel Server Boards and Server Systems Advisory 11 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Intel Server Boards and Server Systems Publisher: Intel Operating System: UNIX variants (UNIX, Linux, OSX) Windows Resolution: Patch/Upgrade CVE Names: CVE-2022-30542 CVE-2022-25917 CVE-2021-0185 Original Bulletin: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00708.html Comment: CVSS (Max): 8.2 CVE-2022-30542 (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H) CVSS Source: Intel Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- Intel ID: INTEL-SA-00708 Advisory Category: Firmware Impact of vulnerability : Escalation of Privilege, Denial of Service Severity rating : HIGH Original release: 11/08/2022 Last revised: 11/08/2022 Summary: Potential security vulnerabilities in some Intel Server Boards and Server Systems may allow escalation of privilege or denial of service. Intel is releasing firmware updates to mitigate these potential vulnerabilities Vulnerability Details: CVEID: CVE-2022-30542 Description: Improper input validation in the firmware for some Intel(R) Server Board S2600WF, Intel(R) Server System R1000WF and Intel(R) Server System R2000WF families before version R02.01.0014 may allow a privileged user to potentially enable an escalation of privilege via local access. CVSS Base Score: 8.2 High CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H CVEID: CVE-2021-0185 Description: Improper input validation in the firmware for some Intel(R) Server Board M10JNP Family before version 7.216 may allow a privileged user to potentially enable an escalation of privilege via local access. CVSS Base Score: 7.5 High CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H CVEID: CVE-2022-25917 Description: Uncaught exception in the firmware for some Intel(R) Server Board M50CYP Family before version R01.01.0005 may allow a privileged user to potentially enable a denial of service via local access. CVSS Base Score: 6.0 Medium CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H Affected Products: o Intel Server Board S2600WF Family. o Intel Server Board M50CYP Family. o Intel Server Board M10JNP Family. o Intel Server System R1000WF Family. o Intel Server System R2000WF Family. Recommendations: Intel recommends updating the firmware for the affected Intel Server Boards and Server Systems to the latest version: Intel(R) Server System R1000WF, R200WF and Intel(R) Server Board S2600WF Family updates are available here . Intel(R) Server Board M50CYP Family updates are available here . Intel(R) Server Board M10JNP Family updates are available here . Acknowledgements: The following issues were found internally by Intel employees; CVE-2022-30542 and CVE-2022-25917. Intel would like to thank Jorge E. Gonzalez Diaz. Intel would like to thank Dmitry Frolov (CVE-2021-0185) for reporting this issue. Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available. Revision History Revision Date Description 1.0 11/08/2022 Initial Release - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY231r8kNZI30y1K9AQhg5g//Z26hq+1iKHm3XkoR/hOIihW9o/f2r9eW LOmN8EB2N3gsOIxxFckeYVVGR9+HSNR0oxqgdUZ2QpK7Q4kX2vf6acM1K3VD6JrT G25KMPz8OhvoHTyoEBy2mO+X5JMKuEuannP6tiWe/dq5IORftiKbzza+0vFEW/x0 GuadHc77gmBdBzRbRRlDfT3bFVNhz4lsfdiN1rp1jvAnLq+U5IyVCQ2LBU48es4e adVtuWfd2/GAf9aQO39X4zpIYDpkxWycFagL8aS3yigzONxIWupH2dRC0hsOrP3d hFYMC4/O6SuTlldsW6TFUF56F30uyjGHupolLUozd2dBz4RkuK/b2KUBgQvKEAFM J/IJKzK/HPCUdrDyIMp/BZMj5NCOTw7eammfQENNgndbhEBlTde/kHEna7PvhCyp 7tYnTOtIhIiV6gazHV+nHRs3BQ8XJbUbl7McLJxK05D/3YnrZ4+zQhBtxiYBo5/4 9yGaL96KoIZknq3EUyyG9Z/nlTzeKoLD2IXvhCwLRPiJNlZtXuNxj8pDCnPTWy82 RATnZ9GSjQqtpZ4OWM9a86wh5G4Die9CnSO9gkfMimNQNhKTLIlGmoEsBLqijvXM f+ZtHHklzQYVE89H9SQ3EiMHQwVJ+w8z2G3ryAyvjEcdYpVpwojzbYv2ZgIJt2vl Jh6sTRkq+5g= =tD8N -----END PGP SIGNATURE-----
2022. november 11.

ESB-2022.5845 - [UNIX/Linux] Intel SDP Tool: CVSS (Max): 4.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5845 Intel SDP Tool Advisory 11 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Intel SDP Tool Publisher: Intel Operating System: UNIX variants (UNIX, Linux, OSX) Resolution: Patch/Upgrade CVE Names: CVE-2022-26508 Original Bulletin: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00710.html Comment: CVSS (Max): 4.3 CVE-2022-26508 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) CVSS Source: Intel Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- Intel ID: INTEL-SA-00710 Advisory Category: Software Impact of vulnerability : Information Disclosure Severity rating : MEDIUM Original release: 11/08/2022 Last revised: 11/08/2022 Summary: A potential security vulnerability in the Intel Server Debug and Provisioning (SDP) Tool may allow information disclosure. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-26508 Description: Improper authentication in the Intel(R) SDP Tool before version 3.0.0 may allow an unauthenticated user to potentially enable information disclosure via network access. CVSS Base Score: 4.3 Medium CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N Affected Products: Intel SDP Tool software before version 3.0.0. Recommendations: Intel recommends updating the Intel SDP Tool software to version 3.0.0 or later. Updates are available for download at this location: https://www.intel.com/content/www/us/en/download/19092/ intel-server-debug-and-provisioning-tool-intel-sdp-tool.html Acknowledgements: The following issue was found internally by Intel employees. Intel would like to thank Xu, Qianjin, Ul Islam and Mohammed Mujahid. Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available. Revision History Revision Date Description 1.0 11/08/2022 Initial Release - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY231o8kNZI30y1K9AQgzqBAAjFna9x/4uIsAyGY7zGmJH3oQxZDc3irf v6M6SaWOpmeytbnyBBpwP1MFs4JyhvRffbB9MyIYb6qrGQcOcNcd0pAxYkpBbWM8 dC/NuvyzSsxWbvqllMN6B7sPha7jUQuKu6J8gOlKpWuSyuwk+cjk8HPn3WKGYeJb ogaA+TnNHAwUAtb9XUTVceDDUyKwtoEvlRbHKHcLghXCUHiHcCC3wICEg3047sKJ bLgDhvabnO0a3u0uKUp8YFmzlVUklJ05XEjlezmjbjlSMBHZg4pSSEgSllRLj9J2 zvRttUMQt/pfWgWxEC9aGZ0E0rziFslQrveIqoKyckyZbKw6exeWgsSuYiQWsUP7 VYDapnRb3jYGdA8Wg0TxJBy8gGYaI5KUjzhOoag+xISjT2pYgsciseoFaB3uYETu uU4ZTwbINH232DReGLOeb1TJyGqybadVopafG11dlOLZSvAMTiuiSg+EByuFGjQ9 21z5ZbpZ//dkv2DI2r5+gLGiWhcW6obzYyqgD9JH4N8Uni0u0ItkHUAQCKO+XkD4 EB9SLP6l+Brp/NurNay/2r3j0lRSWQ4sIbUuCr//4EZ6avjNgXrkXsw6wHjHeD3P nwicqscl16S2sOsgerkiuiwJqaVYnMDY8/juNe+3kprqozqnFM5P8j6FtY1xlwPW tgThgQ+57ys= =ExAw -----END PGP SIGNATURE-----
2022. november 11.

ESB-2022.5844 - [Win][UNIX/Linux] Intel PresentMon: CVSS (Max): 6.7

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5844 PresentMon Advisory 11 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Intel PresentMon Publisher: Intel Operating System: UNIX variants (UNIX, Linux, OSX) Windows Resolution: Patch/Upgrade CVE Names: CVE-2022-26086 Original Bulletin: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00711.html Comment: CVSS (Max): 6.7 CVE-2022-26086 (CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H) CVSS Source: Intel Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- Intel ID: INTEL-SA-00711 Advisory Category: Software Impact of vulnerability : Escalation of Privilege Severity rating : MEDIUM Original release: 11/08/2022 Last revised: 11/08/2022 Summary: A potential security vulnerability in the PresentMon software maintained by Intel may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-26086 Description: Uncontrolled search path element in the PresentMon software maintained by Intel(R) before version 1.7.1 may allow an authenticated user to potentially enable escalation of privilege via local access. CVSS Base Score: 6.7 Medium CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H Affected Products: PresentMon software maintained by Intel before version 1.7.1. Recommendations: Intel recommends updating the PresentMon software maintained by Intel to version 1.7.1 or later. Updates are available for download at this location: https://github.com/GameTechDev/PresentMon/releases Acknowledgements: Intel would like to thank avivanoa for reporting this issue. Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available. Revision History Revision Date Description 1.0 11/08/2022 Initial Release - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY231NMkNZI30y1K9AQiN/BAAmUkAilWBCkiyVxHwFIQkhLy59mWX848o yQkY3wWqX7t+FIO8amjRIBizQvHYb0/uFe6KrPq8ryFQwK8y8MZapxHSuExi5Us9 Uz4tQqCNCd5uhv2T2ikgc0zsOFysfbDg6R1Q27Hn0whQ3NXTPJq6B5NpJXAn7Npn VA47LBif1w20xb/P0HJMwIHyAhIz9CHTyFVibkQkyPw3x0zLUF+cZ8wA1QxAi0hV UZdMalZ3N5zZeGhLqxqqvYfNsTpSO4WIL+kv1SxAnJuAHAYxIYk//zaTXZYtpFy5 1AiQxfrjkmwnIZZ3W2bYTBfoCLNj6oJeqDIG3briNrasQVxTaF6x56mbxY9XI7e3 zLyuKVlhmSWER3I3ovg3GMvLCBhbGA/XPsOX7UlOvYxrYlT3mAuW2EDT16W7bMic 9Wxzmg9guf0IkwNgEPX9ysxzrhVJ1D9W8fIqfh08EN93Hvejw0WQoYbgbq2GkfHO LefnX6jKkS2ET9+ihCY199J5itC5nf6OMZ/kND3LqMOXyPSChTHyOtIVwqe8//b5 AWcdFElAHjvHbr8ZfEHS1D5BZYzNgWatZxQFljCr+WTN1BuT4CNxce7hehGZhwQJ nM2/fRbQia1zQpJkUJ7jg9XaOrhZnIokZ9/3MRuUylNatOBv+kwAbEMXkmIgvno8 c7NOKfvLzqU= =ewBG -----END PGP SIGNATURE-----
2022. november 11.

ESB-2022.5843 - [Win][UNIX/Linux] Intel DCM: CVSS (Max): 8.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5843 Intel DCM Advisory 11 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Intel DCM Publisher: Intel Operating System: Windows UNIX variants (UNIX, Linux, OSX) Resolution: Patch/Upgrade CVE Names: CVE-2022-33942 Original Bulletin: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00713.html Comment: CVSS (Max): 8.8 CVE-2022-33942 (CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H) CVSS Source: Intel Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- Intel ID: INTEL-SA-00713 Advisory Category: Software Impact of vulnerability : Escalation of Privilege Severity rating : HIGH Original release: 11/08/2022 Last revised: 11/08/2022 Summary: A potential security vulnerability in the Intel Data Center Manager (DCM) software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-33942 Description: Protection mechanism failure in the Intel(R) DCM software before version 5.0 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. CVSS Base Score: 8.8 High CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H Affected Products: Intel DCM software before version 5.0. Recommendation: Intel recommends updating the Intel DCM software to version 5.0 or later. Updates are available for download at this location: https://www.intel.com/ content/www/us/en/download/645992 Acknowledgements: Intel would like to thank Julien Ahrens from RCE Security for reporting this issue. Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available. Revision History Revision Date Description 1.0 11/08/2022 Initial Release - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY231GskNZI30y1K9AQgKIQ/9ExnLbsMqJc2gh7UOKHOob9OgdkIPn8al rnsBPiUxyHFymeNrrcKs/KW92H/ggOEnWguUu74XqURjKQxC/CrRPJQuzuFAfz34 lUKhdrQOEpiqLxxHDI3P17jD59aRXRknDs5/Z3SG7mf2P+2OeR9xP4RKqP2Oz8KR /kRUQUuAvLZqG1AU7psmdLPbkfraFOo98+nbyHWLuZy46Lm1G9WHmDASw04ePqIw XYl24Lt/R5OX6G5NbEcdNldTwqSLmMaBHmdtv40DMm9LSgkqItUcXouMde1GgiXW B4HkgqBl2banJffkSQ06pEgpEjKwe0f0dBKWDYNOUPI1Q0iReggk4HsV4aid7lFf TDlDeuTM2F7cqBo3hVYH95BAsRlJoTNSQqapg3kLsJiA22qviWjw8qM7CNOKPJdt 08joTMB6T6vvRq5lvDKiGW7PmyFp2wyYw/FmMcUIpvc0cLuuJ5769gInAM/OKrg1 eZhDL92hAF1m5VEljtfc18R+bOlCiNeQIX7zUR4+fTrqwlsAsbbDqWeW1Sh/hQY2 CR2mcv99w4vW1kqf+X9VuzaP3oUBtgH7LmPbu+6L2EWf2g01ZlIjmGz2Nw+UASln nIrKEnaiGfnexpKGTGwQGA/uSwdtlfFwDdH2sSGT+2gjaXc22HBERstjSGK40hNT sAsJhnV8Aa0= =XaKO -----END PGP SIGNATURE-----
2022. november 11.

ESB-2022.5842 - [Win] Intel Advanced Link Analyzer: CVSS (Max): 6.7

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5842 Intel Advanced Link Analyzer Advisory 11 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Intel Advanced Link Analyzer Publisher: Intel Operating System: Windows Resolution: Patch/Upgrade CVE Names: CVE-2022-27638 Original Bulletin: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00715.html Comment: CVSS (Max): 6.7 CVE-2022-27638 (CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H) CVSS Source: Intel Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- Intel ID: INTEL-SA-00715 Advisory Category: Software Impact of vulnerability : Escalation of Privilege Severity rating : MEDIUM Original release: 11/08/2022 Last revised: 11/08/2022 Summary: A potential security vulnerability in the Intel Advanced Link Analyzer Pro and Standard edition software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-27638 Description: Uncontrolled search path element in the Intel(R) Advanced Link Analyzer Pro before version 22.2 and Standard edition software before version 22.1.1 STD may allow an authenticated user to potentially enable escalation of privilege via local access. CVSS Base Score: 6.7 Medium CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H Affected Products: Intel Advanced Link Analyzer Pro edition software before version 22.2. Intel Advanced Link Analyzer Standard edition software before version 22.1.1 STD. Recommendations: Intel recommends updating the Intel Advanced Link Analyzer Pro edition software to version 22.2 or later. Intel recommends updating the Intel Advanced Link Analyzer Standard edition software to version 22.1.1 STD or later. Updates are available for download at these locations: Pro edition: https://www.intel.com/content/www/us/en/software-kit/727932 Standard edition: https://www.intel.com/content/www/us/en/software-kit/684357 Acknowledgements: Intel would like to thank Amin Saidani for reporting this issue. Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available. Revision History Revision Date Description 1.0 11/08/2022 Initial Release - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY231BMkNZI30y1K9AQgUKRAAnvweQ+8Q0RBg/jLsqeryJWIhtCVmRGUr PZXGX8WetizU59Po9YK6zoxeMe8raQQgWgEYRcXIC+dGw1kkCSBbuDZX+jiL7+/V fWl/Kco9o6AQU876Qv2dQes/rgcOd8VbiifCC55VlP2lWbktzjloaRoGs+KBFGCU fYeKzRnvjtRMBnQrxf/ZM0YL3JAm8Ljh9UcNxvhErkXjBrszdI8Cqu/YbMhPT65a QQ5RU6Ls4jMCbs350/Llt3SXhYlUk1yGoA+FTUoxAg2zpE44lyDFea8CKgkY+xV/ Lvum1WfirRBmA10MFO4FfFsAh5NMw3CtxxBGdByxgQePN5TUlaSeMneoWLC7+O8K Z/Rs79k7lGp+NFC3cHRcOlxUCrKLjaPx8NLj0pTNM2tlA73/xn9yyooxLzG6Ip6w SeGc11+QtBKxznnRAVL1/V/YVvpndpGyqkNlLqXj9NHPPJcvZFO+X8Zs1LCw0Trc iJboP5Ga63Kx12W++FMQ8l0P960eJdYYG5JZKJGS2nQ5WzA1/8Y7wjTTP/YVL9pW wRgS2ydvHZA0PetiYjxWa6w6vXv3sSabjt1V6PN4TUU6w7YDeB6FgOuv/P5Bbsut yiybadXHysydNh0PF62TcVjpPdwgMULLQGnIsguBbUtUwMfzVy05N0LqtVc7GJOP /4LoeXYkzA4= =1lGG -----END PGP SIGNATURE-----