AusCERT - Security Bulletins

Latest published security bulletins. See https://www.auscert.org.au/rss/ for feed information.
Frissítve: 2 óra 42 perc
ESB-2022.5861 - [Debian] xorg-server: CVSS (Max): 9.8
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.5861
xorg-server security update
14 November 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: xorg-server
Publisher: Debian
Operating System: Debian GNU/Linux
Resolution: Patch/Upgrade
CVE Names: CVE-2022-3551 CVE-2022-3550
Original Bulletin:
https://lists.debian.org/debian-security-announce/2022/msg00248.html
Comment: CVSS (Max): 9.8 CVE-2022-3550 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: NVD
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- - -------------------------------------------------------------------------
Debian Security Advisory DSA-5278-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
November 13, 2022 https://www.debian.org/security/faq
- - -------------------------------------------------------------------------
Package : xorg-server
CVE ID : CVE-2022-3550 CVE-2022-3551
It was discovered that a buffer overflow in the _getCountedString()
function of the Xorg X server may result in denial of service or
potentially the execution of arbitrary code.
For the stable distribution (bullseye), these problems have been fixed in
version 2:1.20.11-1+deb11u3.
We recommend that you upgrade your xorg-server packages.
For the detailed security status of xorg-server please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/xorg-server
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
- -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmNxPhMACgkQEMKTtsN8
TjYGIw//eDkQaWMUaRzlfNcFJUPkYQJot20IGvCa5UwUgNCcky13/riQ13OedOAZ
n7ORM7vtn28v3WhQkUqO2XJ8ODT0LGKuAFuwbXOLqJd/f1bqkhAVYp0eNMmZm3wr
CLfa8zoTM0lh4eOu5r7ecdFSd/sZ3Dy7ODwL8tuOaTrHo+rJ5epYd2xqrFxVi9NA
EfyeycQb8LY+/OqCbpp8nUq+CpvT22Z7oNTgQpKy4ScQKLe7pqPQDO4VEkSwsBrs
HGInGuNRMMM3uAHTTQts6tn4jK5eou24hws1fYUXSi57zTJc5jwVG75jhIjEtGOm
/UfnEhAbUeEB+o21gP0HAxLy1F20h8Qonasvh3LH1ormzwhl8RqVR/Ny62jb79/k
jlS4IUUQGPK8WYdbkJPrs1GFu/2quW8VWcpYRIE5b/Ylq/XsmLNotSVs29ID10Q2
U91rimYdlTKG3UDsErFzBh6uPqNP2vWUimpPq6nRQgEfX94H2kb96cyE1EpKnDnk
jf1+UINP4Pe2r+XPGglw9krUGWsFMIJoPohCwOsXBSNhkfOJ4bO4huOzz3C1XLy3
9i6BIrhaZRrKASemZSGieoKQyHXfsCBN1JIsoXYqYPxIu6STvyoG4kIv8VlAylXY
9b9F1jtO2G3zGXuVlPEwJacMh5CPKNcUJP/SgpRrcov0iop/X8U=
=gxG8
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY3GxzskNZI30y1K9AQhS5xAAmC+crTw5Kw+yI70QzZw+3tStDatI+yLQ
QQdNHZxHZdZhE5J19gnuZaYMB4Biws5H5JXNOeKehWCHuhEglrQtdUHax2IDfQXk
bvLaMtXayomceu46pgYOHp3X2SLSusvvSXnL//y61pkj5jQRE1bQ4HU+bSyOSfyK
/KTfkfDsguAbxCFT6yeCezC3CXEoTXjnE4CIHpalHHCKVfCnh9CsGIDd075uYNVC
tj1kBDs0IBjwMfNCvSOQ49F0KyUAjq/KOHQjCvGo6h2mGMQ6zwTrLJzeJKIZ/5t1
wtS5xc+voLvjLCcy+tsyXZ7NeGM9riIZMQCCI0KY/QvpjeyuKsVAl1JvXPZhrSfp
YF7fdSR4FeHxcmZtBHqP6S5H3AbUPT0khyupQyrlEhgwIYPYD1/eMGWb3IpYKCIv
B1ddyx+Ml0n7k4Ur2ekk6Sg6kgd1TZ0eKi/lGUU57erdcocHuecI3LUIpPN4/twZ
1NzkZq3MedrhHVm/iRqqRgfmAW4esWwccFIqMaAFTGVOStIFOFNFETW9hXWZ5K41
ZvrOyiHWnrWkWGN+Yc+iS8AD/tHNqIYm5oDML38RtoO+FRcs9wfha+XibKowWjQ3
bwDFXHVrZs99L5hvUvWn6jSM4flPvGQpcSWBROXS2EQB+PC9vlMRz2DKr+7Jau18
yd5mTQej3Rk=
=hOXW
-----END PGP SIGNATURE-----
ESB-2022.5860 - [Debian] php7.4: CVSS (Max): 9.8
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.5860
php7.4 security update
14 November 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: php7.4
Publisher: Debian
Operating System: Debian GNU/Linux
Resolution: Patch/Upgrade
CVE Names: CVE-2022-37454 CVE-2022-31630 CVE-2022-31629
CVE-2022-31628
Original Bulletin:
https://lists.debian.org/debian-security-announce/2022/msg00247.html
Comment: CVSS (Max): 9.8 CVE-2022-37454 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: [NVD], Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- - -------------------------------------------------------------------------
Debian Security Advisory DSA-5277-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
November 13, 2022 https://www.debian.org/security/faq
- - -------------------------------------------------------------------------
Package : php7.4
CVE ID : CVE-2022-31630 CVE-2022-37454 CVE-2022-31629 CVE-2022-31628
Multiple security issues were discovered in PHP, a widely-used open
source general purpose scripting language which could result an denial
of service, information disclosure, insecure cooking handling or
potentially the execution of arbitrary code.
For the stable distribution (bullseye), these problems have been fixed in
version 7.4.33-1+deb11u1.
We recommend that you upgrade your php7.4 packages.
For the detailed security status of php7.4 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/php7.4
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
- -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmNxOm0ACgkQEMKTtsN8
TjYZ7xAAspdPvtpc+Sq8l2NsZlKUew50JSsTb0UbwAYH0G8prnYzEQK898syuP2e
aZsbPHec/aqClyvFfrhnWsrGyWUAwHtQIHmG0lIPXAZuCMawbud95MY3sFY7lidK
+6UvTFxBCx3hbYaZE/Xz+3Zsx6qX3L+eSQSEdVKy4lV4CbZtVBM3iVlg+lB+EXZq
FjdZZsoDSbK5K8pYRD2HQBMa7RMFau/zYc7ZZpcwRjcojUvrLB+2xQHitcCZLxNt
J4IpNqKr3BmDfIe+h9mzY9q22sdTC5H29u9p+s2XssYgNfkS9h6IxBfYbYQAwxZL
fBIDJ3inbmAnHz/OBTEcmt/OufdaBUt0V4otddaZHT/6nhaY/0Hhdd9f5F40ohKG
R4R4nv5zFKVLB9/fONxPjKARj7X81PsBhB7GFzKbrdQtpK+tTek/sxDJTW5TSvN+
tvRtAPBTxzEbvzl+duscIZr7eVlIqfd/tLuspnc/iaeOxBWup1ekx8Eu5voHcC3S
FnLJCFeSdqfA9/qiG8Gj/FYA4a8/S2D7mWH+xQlT1aWVU33b9bgJkzdg1WYj79Dv
6K9Yg64T22CIy0w8EOpQXSJcKlILd6gP6cdz3P5WfCt/51VhBQAJb/+qd4w98c5L
Ahoet75dSWVIbynja1asPTMZ1RhJvIWpYud3LmfOAO8Q/NFGYtc=
=MMQt
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY3GwXskNZI30y1K9AQhHjQ//W1lYaQxH1KTFNLVm7p0BflP2I8EC8o3R
+BGeF11+JriYyCjVgIQ+ieRI3rHYhOpCe+BlwN9RaXocoGSEwF+OHOfqUudFDcHd
J1/K1g/m4OfiHwxBF3rkJq+GKKZZfx2kCn9gluSXtyeBc/j+bvw6jbUinCycFsj0
OgsbeYvOkLJEdKwnAflvMVHMdpf+usVdyIfF5vGGiiPHq5No/Q0jEc9pEVeWKUxm
+uOsV8iDBc8Q27j9XOgDInjEG4qn6C5gskA4vHmWoNXJ4aiRO5+GEh10LUWrqmtV
cIsuXNqUPPTik4mG42gFJczAGV8WiEjeRPCnGxFJ0qrkyTD+mW2b1obIlE0X71IX
HKQUJhPX3Vhu8wv/k4JU/FBmw6S/sB+kk2RXtLfZa/wL1D5e/aSuXnUOxtFskfml
JQxD20Ig5xf5AJs9BWK5rg+An7Dmxtcbz7rArdNuozmctHBODzqY131Gh1XOPvXB
fSCt3NO+kKlzHtWijr7egSUS67fBYID/ypLPgEW8w6KhZ6UaaemZzumnzZ0ULyxz
c+MAOYdslmzbl3GvD+r+lRu7x11nuBbmGDFFj7p710Mv8MIqbv4rk46ue06h6idX
iMa1gFW5jqxglU+gJw18rt6XNcoFw4Qog/iLuXxB12Ntu3gJZmfaLUuRQcZEnsbw
pGPykwmaH4Q=
=ZzoM
-----END PGP SIGNATURE-----
ESB-2022.5859 - [Ubuntu] Thunderbird: CVSS (Max): None
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.5859
USN-5724-1: Thunderbird vulnerabilities
14 November 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Thunderbird
Publisher: Ubuntu
Operating System: Ubuntu
Resolution: Patch/Upgrade
CVE Names: CVE-2022-42932 CVE-2022-42929 CVE-2022-42928
CVE-2022-42927 CVE-2022-40962 CVE-2022-40960
CVE-2022-40959 CVE-2022-40958 CVE-2022-40957
CVE-2022-40956 CVE-2022-39251 CVE-2022-39250
CVE-2022-39249 CVE-2022-39236 CVE-2022-3266
Original Bulletin:
https://ubuntu.com/security/notices/USN-5724-1
Comment: CVSS (Max): None available when published
- --------------------------BEGIN INCLUDED TEXT--------------------
USN-5724-1: Thunderbird vulnerabilities
11 November 2022
Several security issues were fixed in Thunderbird.
Releases
o Ubuntu 22.10
o Ubuntu 22.04 LTS
o Ubuntu 20.04 LTS
o Ubuntu 18.04 LTS
Packages
o thunderbird - Mozilla Open Source mail and newsgroup client
Details
Multiple security issues were discovered in Thunderbird. If a user were
tricked into opening a specially crafted website in a browsing context, an
attacker could potentially exploit these to cause a denial of service,
bypass Content Security Policy (CSP) or other security restrictions, or
execute arbitrary code. These issues only affect Ubuntu 18.04 LTS, Ubuntu
20.04 LTS and Ubuntu 22.04 LTS. ( CVE-2022-3266 , CVE-2022-40956 ,
CVE-2022-40957 , CVE-2022-40958 , CVE-2022-40959 , CVE-2022-40960 ,
CVE-2022-40962 )
Multiple security issues were discovered in the Matrix SDK bundled with
Thunderbird. An attacker could potentially exploit these in order to
impersonate another user. These issues only affect Ubuntu 18.04 LTS,
Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. ( CVE-2022-39236 , CVE-2022-39249 ,
CVE-2022-39250 , CVE-2022-39251 )
Multiple security issues were discovered in Thunderbird. If a user were
tricked into opening a specially crafted website in a browsing context, an
attacker could potentially exploit these to cause a denial of service,
obtain sensitive information, or execute arbitrary code. ( CVE-2022-42927 ,
CVE-2022-42928 , CVE-2022-42929 , CVE-2022-42932 )
Update instructions
The problem can be corrected by updating your system to the following package
versions:
Ubuntu 22.10
o thunderbird - 1:102.4.2+build2-0ubuntu0.22.10.1
Ubuntu 22.04
o thunderbird - 1:102.4.2+build2-0ubuntu0.22.04.1
Ubuntu 20.04
o thunderbird - 1:102.4.2+build2-0ubuntu0.20.04.1
Ubuntu 18.04
o thunderbird - 1:102.4.2+build2-0ubuntu0.18.04.1
After a standard system update you need to restart Thunderbird to make
all the necessary changes.
References
o CVE-2022-40956
o CVE-2022-39236
o CVE-2022-42928
o CVE-2022-39251
o CVE-2022-40962
o CVE-2022-42927
o CVE-2022-39249
o CVE-2022-3266
o CVE-2022-42932
o CVE-2022-40958
o CVE-2022-40957
o CVE-2022-40960
o CVE-2022-39250
o CVE-2022-42929
o CVE-2022-40959
Related notices
o USN-5649-1 : firefox-locale-cak, firefox-locale-vi, firefox-locale-mn,
firefox-locale-ca, firefox-locale-hsb, firefox-locale-ms,
firefox-locale-my, firefox-locale-kab, firefox-locale-kk,
firefox-locale-en, firefox-locale-uk, firefox-locale-nb, firefox-locale-hr,
firefox-locale-gn, firefox-locale-cs, firefox-locale-sk, firefox-locale-ka,
firefox-locale-zh-hans, firefox-geckodriver, firefox-locale-bn,
firefox-locale-hu, firefox-locale-ml, firefox-locale-cy, firefox-locale-mr,
firefox-locale-sv, firefox-locale-sq, firefox-locale-sl, firefox-locale-hi,
firefox-locale-pa, firefox-locale-zu, firefox-locale-fa, firefox-locale-lv,
firefox-locale-km, firefox-locale-zh-hant, firefox-locale-nl,
firefox-locale-et, firefox-locale-bs, firefox-locale-he, firefox-locale-uz,
firefox-locale-te, firefox-locale-el, firefox, firefox-locale-fy,
firefox-locale-it, firefox-locale-ar, firefox-locale-be, firefox-locale-kn,
firefox-locale-mai, firefox-locale-fi, firefox-locale-ku,
firefox-locale-or, firefox-locale-oc, firefox-locale-es, firefox-locale-ta,
firefox-locale-af, firefox-locale-bg, firefox-locale-gl, firefox-locale-lt,
firefox-locale-ja, firefox-locale-ia, firefox-locale-an, firefox-locale-si,
firefox-locale-ru, firefox-locale-gu, firefox-locale-hy, firefox-locale-th,
firefox-locale-eu, firefox-dev, firefox-locale-da, firefox-locale-xh,
firefox-locale-nn, firefox-locale-sw, firefox-locale-szl,
firefox-locale-ur, firefox-locale-tr, firefox-locale-az, firefox-locale-is,
firefox-locale-de, firefox-mozsymbols, firefox-locale-ko,
firefox-locale-ne, firefox-locale-nso, firefox-locale-fr,
firefox-locale-ga, firefox-locale-lg, firefox-locale-sr, firefox-locale-pl,
firefox-locale-mk, firefox-locale-ro, firefox-locale-pt, firefox-locale-eo,
firefox-locale-gd, firefox-locale-as, firefox-locale-csb,
firefox-locale-br, firefox-locale-id, firefox-locale-ast
o USN-5709-1 : firefox-locale-cak, firefox-locale-vi, firefox-locale-mn,
firefox-locale-ca, firefox-locale-hsb, firefox-locale-ms,
firefox-locale-my, firefox-locale-kab, firefox-locale-kk,
firefox-locale-en, firefox-locale-uk, firefox-locale-nb, firefox-locale-hr,
firefox-locale-gn, firefox-locale-cs, firefox-locale-sk, firefox-locale-ka,
firefox-locale-zh-hans, firefox-geckodriver, firefox-locale-bn,
firefox-locale-hu, firefox-locale-ml, firefox-locale-cy, firefox-locale-mr,
firefox-locale-sv, firefox-locale-sq, firefox-locale-sl, firefox-locale-hi,
firefox-locale-pa, firefox-locale-zu, firefox-locale-fa, firefox-locale-lv,
firefox-locale-km, firefox-locale-zh-hant, firefox-locale-nl,
firefox-locale-et, firefox-locale-bs, firefox-locale-he, firefox-locale-uz,
firefox-locale-te, firefox-locale-el, firefox, firefox-locale-fy,
firefox-locale-it, firefox-locale-ar, firefox-locale-be, firefox-locale-kn,
firefox-locale-mai, firefox-locale-fi, firefox-locale-ku,
firefox-locale-or, firefox-locale-oc, firefox-locale-es, firefox-locale-ta,
firefox-locale-af, firefox-locale-bg, firefox-locale-gl, firefox-locale-lt,
firefox-locale-ja, firefox-locale-ia, firefox-locale-an, firefox-locale-si,
firefox-locale-ru, firefox-locale-gu, firefox-locale-hy, firefox-locale-th,
firefox-locale-eu, firefox-dev, firefox-locale-da, firefox-locale-xh,
firefox-locale-nn, firefox-locale-sw, firefox-locale-szl,
firefox-locale-ur, firefox-locale-tr, firefox-locale-az, firefox-locale-is,
firefox-locale-de, firefox-mozsymbols, firefox-locale-ko,
firefox-locale-ne, firefox-locale-nso, firefox-locale-fr,
firefox-locale-ga, firefox-locale-lg, firefox-locale-sr, firefox-locale-pl,
firefox-locale-mk, firefox-locale-ro, firefox-locale-pt, firefox-locale-eo,
firefox-locale-gd, firefox-locale-as, firefox-locale-csb,
firefox-locale-br, firefox-locale-id, firefox-locale-ast
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY3GwK8kNZI30y1K9AQgE5g/8D/0fljjj8T/5kYncCl8EvX+4ZUujQCLt
JETRf/3VcFQZOdKC9Kiskphg68hS8jGW3yX6KkM9tQdxgRMONuKZibC+onFm04ZM
qoNqk74Por9EeHQG6g4j552IPbBnkSXLE3ryeJ1ifZcMLv6lTbD/5iSciqJKi1YT
avdYQT9ewAETRGdhGv6m8UxyxLy8yx/bzT2uq4aCm5+EmAWWlW3FjZpIGH/DECKP
HzZGBpE7LqZyLF7njF6cIk6v4b6iiqZ0NNFVuKh+vMuc9Uob3A2azM3kBJLCoD/n
i47NdZnEygPHw9kiAMEXvLObLCxtUzPq8hLJ/fb3fBilEiv+LYZIytvAQfcG5ous
7GRiQgu/K1reloIhJWXqf0tH9sq0iPckR0SyiKeLy7s8/IcJNRgJcQInsRfrHcpi
FtCy7o/H/DvrAo44LhO4r3dBCTi/Agjaob85hY0vjsH/3hEWhmyiKYYYfEiFIsIe
n5T4ApcKIhEZxgzTDj8aXe5dKYablj/Cu//9CwnnBphzXBkdIzBvVS52XocWV7C9
Ww8EnjSrMkOFrvzTyXgCvBjiikEQ3F47Cyp9LusSJZSTVRD42MvBXQSexbpxIxrU
GxuvkEZpOy0yv1MTuzWTr4sCR+5q4Kpn5jqKNRjpzB0yL/mCsLwSaVEXi69VDdtC
V9W7RlTylSs=
=EueL
-----END PGP SIGNATURE-----
ESB-2022.5858 - [SUSE] xterm: CVSS (Max): 5.5
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.5858
Security update for xterm
14 November 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: xterm
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2022-24130
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20223952-1
Comment: CVSS (Max): 5.5 CVE-2022-24130 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for xterm
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3952-1
Rating: moderate
References: #1195387
Cross-References: CVE-2022-24130
Affected Products:
SUSE Linux Enterprise Server 12-SP5
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for xterm fixes the following issues:
o CVE-2022-24130: Fixed buffer overflow in set_sixel when Sixel support is
enabled. (bsc#1195387)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise Server 12-SP5:
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-3952=1
Package List:
o SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64):
xterm-308-5.6.1
xterm-debuginfo-308-5.6.1
xterm-debugsource-308-5.6.1
References:
o https://www.suse.com/security/cve/CVE-2022-24130.html
o https://bugzilla.suse.com/1195387
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY3GwDMkNZI30y1K9AQhhoQ/7B1ZAvotiFEq4/NPhbfRIkhzV402ZwF+0
OprBAryN5iNJugkxTUPVaybX4cUj13VJ+vTcaJeBnm9VfFxCK1rgOnVzEvvdXaaf
9HGee1vsj6tbTozB8a5Zj5ifzZ7Oz+Tp1iTosgjbZwCF+FrAzmKvokqKJqJPTjEk
d57Y8Oaw5V3EOIJx+SA1miYRIhGBQBStFpfFJ2izF3jrnkrJPT1Mx3L9W0KBC5ht
JjQK5VGoGdGfU16K1yk7cGGbSIqo8gxBTQ4hOggEkTo5X7KWGQJTTTBUJhHatZGG
ybFxWxnKLv3kpbdG6UbjdNyIqSMGhy0BOP1BttP4wXWhmesL5Nn00uQnww2ld3NM
MgIyX1jE7nEZsgoUpbpWULE/4bshX5llp+SLI5Xdkhs9SUWBV5aztHxj/UnCECGB
g16UhO6N1sLKmv6/A67lhM+dOjMdFn2T23IACJz3vlQGEXUtR0MLUGII9tGKIGAE
MzM3Zvc7frbbqadfT8Z0FnBnH3aF1sUMa+Tu2serGq6ZZAE1+JaGsy+EhhehT19C
eZhgNl+wG1/lJrV1IVeLdOJsksl7ojT3qYLjZJgY9AhdzJm9iyBAku4OE6K/zGsT
/qCXu8ShqDk7Kv+wqJx4VsUooLzjZp8gKbHYVcTRBLMd88iaA7jKO8T8uAwYpHK3
o1xIVx9/tLw=
=agqj
-----END PGP SIGNATURE-----
ESB-2022.5857 - [SUSE] xterm: CVSS (Max): 5.5
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.5857
Security update for xterm
14 November 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: xterm
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2022-24130
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20223953-1
Comment: CVSS (Max): 5.5 CVE-2022-24130 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for xterm
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3953-1
Rating: moderate
References: #1195387
Cross-References: CVE-2022-24130
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for xterm fixes the following issues:
- - CVE-2022-24130: Fixed buffer overflow in set_sixel when Sixel support is
enabled (bsc#1195387).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3953=1
o openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3953=1
o SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3953=1
o SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3953=1
Package List:
o openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
xterm-330-150200.11.6.1
xterm-bin-330-150200.11.6.1
xterm-bin-debuginfo-330-150200.11.6.1
xterm-debugsource-330-150200.11.6.1
o openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
xterm-330-150200.11.6.1
xterm-bin-330-150200.11.6.1
xterm-bin-debuginfo-330-150200.11.6.1
xterm-debugsource-330-150200.11.6.1
o SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x
x86_64):
xterm-330-150200.11.6.1
xterm-bin-330-150200.11.6.1
xterm-bin-debuginfo-330-150200.11.6.1
xterm-debugsource-330-150200.11.6.1
o SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x
x86_64):
xterm-330-150200.11.6.1
xterm-bin-330-150200.11.6.1
xterm-bin-debuginfo-330-150200.11.6.1
xterm-debugsource-330-150200.11.6.1
References:
o https://www.suse.com/security/cve/CVE-2022-24130.html
o https://bugzilla.suse.com/1195387
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY3Gv8skNZI30y1K9AQj6YA//Ug/jKqsg3OxpK8O+SA3JWM64rtkkHnfR
PIkIX27m0BhlttdMLaVqGcpCo/T7nGzhrwRFh/W0aekdP05iPqwLH7SbwRhAhGe1
4jiVVWRl33+2KPlpSbh/hT0yXdD23TcYnmknOcYjVQHOrFzKAdOHitQHv53eFeRQ
w2owGxlJbSQBVmYjhgJcQF6HqGkWcI6XOjqa+ITnz9FdeJQtCsiFWZ+BiMrEqZcM
meIrMuqkajQO06+jeuTFmDXXiJItzpcrPEl9OZ6uWeG8HkFyVevxdChdzcwfatMh
jBHm83jovuNUp4oyuyszQQrZ3VH3Hm4FzuaLFg7TssF5FWKqjp5z7B0CAny26mso
psUmpPnBrj119lvv1DHGehNKMDCpR466DjSCEE/tAD7FPtsCQsOVqebah2iHs0wK
mch9yZzUsDvLqkGgLCQCnvCdJBWuzPTQQTRkZ7Tg/Zix+PIB3wZBBnW6hMhZYQsF
43hjMY2sMWJGef2FhLE1aYTlo5rYK0h/HroLyPfPBZAW3fheUcwHgllZjrNN5PS3
wamRe8AcZEyiIOw7McIMXDPakxfHP9VenZZq1xmFHSJN8K80/bNPgIvYUl/c4m+N
/cGPdxxMCuGqrYu8X/Jp98IoEksA2hqB+//WjdPpwrA7F6efLhwLEb+MpgVnoO6G
jqJYaBKLm7A=
=THE7
-----END PGP SIGNATURE-----
ESB-2022.5856 - [SUSE] xen: CVSS (Max): 7.5
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.5856
Security update for xen
14 November 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: xen
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2022-42326 CVE-2022-42325 CVE-2022-42323
CVE-2022-42322 CVE-2022-42321 CVE-2022-42320
CVE-2022-42319 CVE-2022-42318 CVE-2022-42317
CVE-2022-42316 CVE-2022-42315 CVE-2022-42314
CVE-2022-42313 CVE-2022-42312 CVE-2022-42311
CVE-2022-42310 CVE-2022-42309 CVE-2022-33748
CVE-2022-33747 CVE-2022-33746
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20223947-1
Comment: CVSS (Max): 7.5 CVE-2022-42320 (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H)
CVSS Source: [SUSE], NVD
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for xen
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3947-1
Rating: important
References: #1027519 #1193923 #1203806 #1203807 #1204482 #1204485
#1204487 #1204488 #1204489 #1204490 #1204494 #1204496
Cross-References: CVE-2022-33746 CVE-2022-33747 CVE-2022-33748 CVE-2022-42309
CVE-2022-42310 CVE-2022-42311 CVE-2022-42312 CVE-2022-42313
CVE-2022-42314 CVE-2022-42315 CVE-2022-42316 CVE-2022-42317
CVE-2022-42318 CVE-2022-42319 CVE-2022-42320 CVE-2022-42321
CVE-2022-42322 CVE-2022-42323 CVE-2022-42325 CVE-2022-42326
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that fixes 20 vulnerabilities is now available.
Description:
This update for xen fixes the following issues:
o CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing (bsc#
1203806)
o CVE-2022-33748: Fixed DoS due to race in locking (bsc#1203807)
o CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314,
CVE-2022-42315, CVE-2022-42316, CVE-2022-42317, CVE-2022-42318: xen:
Xenstore: Guests can let xenstored run out of memory (bsc#1204482)
o CVE-2022-42309: xen: Xenstore: Guests can crash xenstored (bsc#1204485)
o CVE-2022-42310: xen: Xenstore: Guests can create orphaned Xenstore nodes
(bsc#1204487)
o CVE-2022-42319: xen: Xenstore: Guests can cause Xenstore to not free
temporary memory (bsc#1204488)
o CVE-2022-42320: xen: Xenstore: Guests can get access to Xenstore nodes of
deleted domains (bsc#1204489)
o CVE-2022-42321: xen: Xenstore: Guests can crash xenstored via exhausting
the stack (bsc#1204490)
o CVE-2022-42322,CVE-2022-42323: xen: Xenstore: cooperating guests can create
arbitrary numbers of nodes (bsc#1204494)
o CVE-2022-42325,CVE-2022-42326: xen: Xenstore: Guests can create arbitrary
number of nodes via transactions (bsc#1204496)
o xen: Frontends vulnerable to backends (bsc#1193923)
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-3947=1
o openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3947=1
o SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-3947=1
o SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3947=1
o SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-3947=1
o SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-3947=1
Package List:
o openSUSE Leap Micro 5.2 (x86_64):
xen-debugsource-4.14.5_08-150300.3.40.1
xen-libs-4.14.5_08-150300.3.40.1
xen-libs-debuginfo-4.14.5_08-150300.3.40.1
o openSUSE Leap 15.3 (aarch64 x86_64):
xen-4.14.5_08-150300.3.40.1
xen-debugsource-4.14.5_08-150300.3.40.1
xen-devel-4.14.5_08-150300.3.40.1
xen-doc-html-4.14.5_08-150300.3.40.1
xen-libs-4.14.5_08-150300.3.40.1
xen-libs-debuginfo-4.14.5_08-150300.3.40.1
xen-tools-4.14.5_08-150300.3.40.1
xen-tools-debuginfo-4.14.5_08-150300.3.40.1
xen-tools-domU-4.14.5_08-150300.3.40.1
xen-tools-domU-debuginfo-4.14.5_08-150300.3.40.1
o openSUSE Leap 15.3 (x86_64):
xen-libs-32bit-4.14.5_08-150300.3.40.1
xen-libs-32bit-debuginfo-4.14.5_08-150300.3.40.1
o openSUSE Leap 15.3 (noarch):
xen-tools-xendomains-wait-disk-4.14.5_08-150300.3.40.1
o SUSE Linux Enterprise Module for Server Applications 15-SP3 (noarch):
xen-tools-xendomains-wait-disk-4.14.5_08-150300.3.40.1
o SUSE Linux Enterprise Module for Server Applications 15-SP3 (x86_64):
xen-4.14.5_08-150300.3.40.1
xen-debugsource-4.14.5_08-150300.3.40.1
xen-devel-4.14.5_08-150300.3.40.1
xen-tools-4.14.5_08-150300.3.40.1
xen-tools-debuginfo-4.14.5_08-150300.3.40.1
o SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64):
xen-debugsource-4.14.5_08-150300.3.40.1
xen-libs-4.14.5_08-150300.3.40.1
xen-libs-debuginfo-4.14.5_08-150300.3.40.1
xen-tools-domU-4.14.5_08-150300.3.40.1
xen-tools-domU-debuginfo-4.14.5_08-150300.3.40.1
o SUSE Linux Enterprise Micro 5.2 (x86_64):
xen-debugsource-4.14.5_08-150300.3.40.1
xen-libs-4.14.5_08-150300.3.40.1
xen-libs-debuginfo-4.14.5_08-150300.3.40.1
o SUSE Linux Enterprise Micro 5.1 (x86_64):
xen-debugsource-4.14.5_08-150300.3.40.1
xen-libs-4.14.5_08-150300.3.40.1
xen-libs-debuginfo-4.14.5_08-150300.3.40.1
References:
o https://www.suse.com/security/cve/CVE-2022-33746.html
o https://www.suse.com/security/cve/CVE-2022-33747.html
o https://www.suse.com/security/cve/CVE-2022-33748.html
o https://www.suse.com/security/cve/CVE-2022-42309.html
o https://www.suse.com/security/cve/CVE-2022-42310.html
o https://www.suse.com/security/cve/CVE-2022-42311.html
o https://www.suse.com/security/cve/CVE-2022-42312.html
o https://www.suse.com/security/cve/CVE-2022-42313.html
o https://www.suse.com/security/cve/CVE-2022-42314.html
o https://www.suse.com/security/cve/CVE-2022-42315.html
o https://www.suse.com/security/cve/CVE-2022-42316.html
o https://www.suse.com/security/cve/CVE-2022-42317.html
o https://www.suse.com/security/cve/CVE-2022-42318.html
o https://www.suse.com/security/cve/CVE-2022-42319.html
o https://www.suse.com/security/cve/CVE-2022-42320.html
o https://www.suse.com/security/cve/CVE-2022-42321.html
o https://www.suse.com/security/cve/CVE-2022-42322.html
o https://www.suse.com/security/cve/CVE-2022-42323.html
o https://www.suse.com/security/cve/CVE-2022-42325.html
o https://www.suse.com/security/cve/CVE-2022-42326.html
o https://bugzilla.suse.com/1027519
o https://bugzilla.suse.com/1193923
o https://bugzilla.suse.com/1203806
o https://bugzilla.suse.com/1203807
o https://bugzilla.suse.com/1204482
o https://bugzilla.suse.com/1204485
o https://bugzilla.suse.com/1204487
o https://bugzilla.suse.com/1204488
o https://bugzilla.suse.com/1204489
o https://bugzilla.suse.com/1204490
o https://bugzilla.suse.com/1204494
o https://bugzilla.suse.com/1204496
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY3Gv4skNZI30y1K9AQgjWQ/+IFJijGZviBRgJKJykFfysV3WdYOKjMuS
vK6oHkfrJgvLFtZcGtXo8jwQ5CwaBCkEQyX9yEVaRLl/13edX8viLLLWoPVtbI8M
O00Bh9YqiC84fDoSYzOQe+sV1CdrIqioWr7xMX/aZtUbeXfiz2ixKJTrdY0HgmIi
25VK1OQXc3uRIPfn6mzhYXFS9BQYbynQ5OndILDCRjK/R3MiaJMy46KIul6f2en1
TC35qrXmnW0b6+rzRXJqvsqmDj2mfKdp4s2evOc3Tnz0+fKwgrKFoT+VTnT7t+CY
hCxJN/pVzweFxcYzsgsuyfrZKhG+I0Uix/32sA97AOg0DlAAp2rYWNggCiVGBECC
5GWRuJq1fPmP+sFnsD+Ew6cC1tlA4fCjCQ/8gb4ZhGjaF7wYlx1Tgotb3PekxilF
k5COxWHybgrjA5+3Pb/xHBApMWLFEPplGp9q9yMMoGGadHGKx6SprdmDwPnBnZjF
gPWVMIw4BWs54W3V4PKEQDmofQfIeDLCvX3c2620C6yUExGzfJ+vCdJDDA43WKvu
u5CDmjBDtAX6MZP/ynacq/lliC7OFkcrTGinjmWaTlmqHbaFHzXi29INvbwwqR+0
x5inoczdx8fz31H9DK/8x+PK+YEYXfwtkA98NOBlT/SmmvYI6rJ/+RJgzMxJsuNQ
ihqxzJAil5o=
=Zkuu
-----END PGP SIGNATURE-----
ESB-2022.5855 - [SUSE] xen: CVSS (Max): 7.5
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.5855
Security update for xen
14 November 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: xen
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2022-42326 CVE-2022-42325 CVE-2022-42323
CVE-2022-42322 CVE-2022-42321 CVE-2022-42320
CVE-2022-42319 CVE-2022-42318 CVE-2022-42317
CVE-2022-42316 CVE-2022-42315 CVE-2022-42314
CVE-2022-42313 CVE-2022-42312 CVE-2022-42311
CVE-2022-42310 CVE-2022-42309
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20223960-1
Comment: CVSS (Max): 7.5 CVE-2022-42320 (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for xen
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3960-1
Rating: important
References: #1204482 #1204485 #1204487 #1204488 #1204489 #1204490
#1204494 #1204496
Cross-References: CVE-2022-42309 CVE-2022-42310 CVE-2022-42311 CVE-2022-42312
CVE-2022-42313 CVE-2022-42314 CVE-2022-42315 CVE-2022-42316
CVE-2022-42317 CVE-2022-42318 CVE-2022-42319 CVE-2022-42320
CVE-2022-42321 CVE-2022-42322 CVE-2022-42323 CVE-2022-42325
CVE-2022-42326
Affected Products:
SUSE Linux Enterprise Server 12-SP3-BCL
______________________________________________________________________________
An update that fixes 17 vulnerabilities is now available.
Description:
This update for xen fixes the following issues:
o CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314,
CVE-2022-42315, CVE-2022-42316, CVE-2022-42317, CVE-2022-42318: xen:
Xenstore: Guests can let xenstored run out of memory (bsc#1204482)
o CVE-2022-42309: xen: Xenstore: Guests can crash xenstored (bsc#1204485)
o CVE-2022-42310: xen: Xenstore: Guests can create orphaned Xenstore nodes
(bsc#1204487)
o CVE-2022-42319: xen: Xenstore: Guests can cause Xenstore to not free
temporary memory (bsc#1204488)
o CVE-2022-42320: xen: Xenstore: Guests can get access to Xenstore nodes of
deleted domains (bsc#1204489)
o CVE-2022-42321: xen: Xenstore: Guests can crash xenstored via exhausting
the stack (bsc#1204490)
o CVE-2022-42322,CVE-2022-42323: xen: Xenstore: cooperating guests can create
arbitrary numbers of nodes (bsc#1204494)
o CVE-2022-42325,CVE-2022-42326: xen: Xenstore: Guests can create arbitrary
number of nodes via transactions (bsc#1204496)
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise Server 12-SP3-BCL:
zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2022-3960=1
Package List:
o SUSE Linux Enterprise Server 12-SP3-BCL (x86_64):
xen-4.9.4_34-3.114.1
xen-debugsource-4.9.4_34-3.114.1
xen-doc-html-4.9.4_34-3.114.1
xen-libs-32bit-4.9.4_34-3.114.1
xen-libs-4.9.4_34-3.114.1
xen-libs-debuginfo-32bit-4.9.4_34-3.114.1
xen-libs-debuginfo-4.9.4_34-3.114.1
xen-tools-4.9.4_34-3.114.1
xen-tools-debuginfo-4.9.4_34-3.114.1
xen-tools-domU-4.9.4_34-3.114.1
xen-tools-domU-debuginfo-4.9.4_34-3.114.1
References:
o https://www.suse.com/security/cve/CVE-2022-42309.html
o https://www.suse.com/security/cve/CVE-2022-42310.html
o https://www.suse.com/security/cve/CVE-2022-42311.html
o https://www.suse.com/security/cve/CVE-2022-42312.html
o https://www.suse.com/security/cve/CVE-2022-42313.html
o https://www.suse.com/security/cve/CVE-2022-42314.html
o https://www.suse.com/security/cve/CVE-2022-42315.html
o https://www.suse.com/security/cve/CVE-2022-42316.html
o https://www.suse.com/security/cve/CVE-2022-42317.html
o https://www.suse.com/security/cve/CVE-2022-42318.html
o https://www.suse.com/security/cve/CVE-2022-42319.html
o https://www.suse.com/security/cve/CVE-2022-42320.html
o https://www.suse.com/security/cve/CVE-2022-42321.html
o https://www.suse.com/security/cve/CVE-2022-42322.html
o https://www.suse.com/security/cve/CVE-2022-42323.html
o https://www.suse.com/security/cve/CVE-2022-42325.html
o https://www.suse.com/security/cve/CVE-2022-42326.html
o https://bugzilla.suse.com/1204482
o https://bugzilla.suse.com/1204485
o https://bugzilla.suse.com/1204487
o https://bugzilla.suse.com/1204488
o https://bugzilla.suse.com/1204489
o https://bugzilla.suse.com/1204490
o https://bugzilla.suse.com/1204494
o https://bugzilla.suse.com/1204496
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY3GvzskNZI30y1K9AQgw8A//TsBg4FNJ/8jBpt8vcZredwRDCDIKa9N/
Bx07K0Qr7rntTzTXqJaSpRPfmCfNJixCO3xImIKCLPHdFxZcY3TtCIKvYalX6aad
Nmbigi406HgHG/FMZZGYk+Dw1AaH/IG4QL0BVHCiJvxtxvD2rtwZ0ljp24Hk6rX9
dMfWVmN7rKuHjKj4nb8m5rn8QKg5R7WKNcy/Ha8jUIXQDA8OP8t6M9trVjpVvu8e
GYU6ic1k2ENXNKviMAAUrpJVX7wJr+tc2yBvHy3TgGJCrjrPpbiRLQZ0unDQWZaa
NAAOSCBgLY8i4cDesUqPaFJimSC6uaChIOH6pXkzMlGNGqkC+B6u6kYjjYiPeEzG
A5N8S43O8FM9Am0QEsHp6JrLM9oGAvdqixyFOw5AKiVCu+/gOtfoynCZD3SSkssq
K/mUsQS4JvNWTPexOdzD+EwbDp61GwKgayO+92inQF2CPp/vhbtHmyWL+h6IZ6OJ
gBqhgo4f5hkYwo8v1PiA1u7bjNE8buGlMVLmIoJMbqDNubvxXiGZLRi6P8Oso4tf
CcaauSHPO0me2RheSAAPlsWTXT0F5ltG+lSS/qgst5GMik6u/PiyUzocbGkIRMrM
zoWYDzPkZmCvrxWJ8aBHbH7SfX4FxaqWh18F49SxHfI9ZkbHVzpI16fdTKDW6zbi
+ATbYO5aQBQ=
=bPQ+
-----END PGP SIGNATURE-----
ESB-2022.5854 - [SUSE] samba: CVSS (Max): 7.5
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.5854
Security update for samba
14 November 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: samba
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2022-32743 CVE-2022-1615
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20223955-1
Comment: CVSS (Max): 7.5 CVE-2022-1615 (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:LI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for samba
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3955-1
Rating: important
References: #1200102 #1202803 #1202976
Cross-References: CVE-2022-1615 CVE-2022-32743
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Availability 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Python2 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that solves two vulnerabilities and has one errata is now available.
Description:
This update for samba fixes the following issues:
o CVE-2022-1615: Fixed error handling in random number generation (bso#15103)
(bsc#1202976).
o CVE-2022-32743: Implement validated dnsHostName write rights (bso#14833)
(bsc#1202803).
Bugfixes:
o Fixed use after free when iterating smbd_server_connection->connections
after tree disconnect failure (bso#15128)(bsc#1200102).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-3955=1
o openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3955=1
o SUSE Linux Enterprise Module for Python2 15-SP3:
zypper in -t patch SUSE-SLE-Module-Python2-15-SP3-2022-3955=1
o SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3955=1
o SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-3955=1
o SUSE Linux Enterprise High Availability 15-SP3:
zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2022-3955=1
o SUSE Enterprise Storage 7.1:
zypper in -t patch SUSE-Storage-7.1-2022-3955=1
Package List:
o openSUSE Leap Micro 5.2 (aarch64 x86_64):
samba-client-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-debugsource-4.15.8+git.527.8d0c05d313e-150300.3.40.2
o openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
ctdb-4.15.8+git.527.8d0c05d313e-150300.3.40.2
ctdb-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
ctdb-pcp-pmda-4.15.8+git.527.8d0c05d313e-150300.3.40.2
ctdb-pcp-pmda-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
libsamba-policy-devel-4.15.8+git.527.8d0c05d313e-150300.3.40.2
libsamba-policy-python3-devel-4.15.8+git.527.8d0c05d313e-150300.3.40.2
libsamba-policy0-python3-4.15.8+git.527.8d0c05d313e-150300.3.40.2
libsamba-policy0-python3-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ad-dc-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ad-dc-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ad-dc-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ad-dc-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-debugsource-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-devel-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-dsdb-modules-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-dsdb-modules-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-gpupdate-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ldb-ldap-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ldb-ldap-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-python3-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-python3-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-python3-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-python3-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-test-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-test-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-tool-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-winbind-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-winbind-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-winbind-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-winbind-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
o openSUSE Leap 15.3 (aarch64 x86_64):
samba-ceph-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ceph-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
o openSUSE Leap 15.3 (aarch64_ilp32):
libsamba-policy0-python3-64bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
libsamba-policy0-python3-64bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-64bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-64bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-64bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-64bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-python3-64bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-python3-64bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
o openSUSE Leap 15.3 (x86_64):
libsamba-policy0-python3-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
libsamba-policy0-python3-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ad-dc-libs-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ad-dc-libs-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-libs-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-libs-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-devel-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-python3-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-python3-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-winbind-libs-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-winbind-libs-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
o openSUSE Leap 15.3 (noarch):
samba-doc-4.15.8+git.527.8d0c05d313e-150300.3.40.2
o SUSE Linux Enterprise Module for Python2 15-SP3 (aarch64 ppc64le s390x
x86_64):
samba-ad-dc-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ad-dc-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-debugsource-4.15.8+git.527.8d0c05d313e-150300.3.40.2
o SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x
x86_64):
libsamba-policy-devel-4.15.8+git.527.8d0c05d313e-150300.3.40.2
libsamba-policy-python3-devel-4.15.8+git.527.8d0c05d313e-150300.3.40.2
libsamba-policy0-python3-4.15.8+git.527.8d0c05d313e-150300.3.40.2
libsamba-policy0-python3-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ad-dc-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ad-dc-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-debugsource-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-devel-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-dsdb-modules-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-dsdb-modules-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-gpupdate-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ldb-ldap-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ldb-ldap-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-python3-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-python3-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-python3-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-python3-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-tool-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-winbind-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-winbind-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-winbind-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-winbind-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
o SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 x86_64):
samba-ceph-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ceph-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
o SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64):
samba-ad-dc-libs-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ad-dc-libs-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-libs-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-libs-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-devel-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-winbind-libs-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-winbind-libs-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
o SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
samba-client-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-debugsource-4.15.8+git.527.8d0c05d313e-150300.3.40.2
o SUSE Linux Enterprise High Availability 15-SP3 (aarch64 ppc64le s390x
x86_64):
ctdb-4.15.8+git.527.8d0c05d313e-150300.3.40.2
ctdb-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-debugsource-4.15.8+git.527.8d0c05d313e-150300.3.40.2
o SUSE Enterprise Storage 7.1 (aarch64 x86_64):
ctdb-4.15.8+git.527.8d0c05d313e-150300.3.40.2
ctdb-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ceph-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ceph-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-debugsource-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-python3-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-python3-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-winbind-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-winbind-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
References:
o https://www.suse.com/security/cve/CVE-2022-1615.html
o https://www.suse.com/security/cve/CVE-2022-32743.html
o https://bugzilla.suse.com/1200102
o https://bugzilla.suse.com/1202803
o https://bugzilla.suse.com/1202976
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY3GttckNZI30y1K9AQjPeQ//Udrs5Ipqo6cDQgyrByy5MqwYlQALMJOB
8842GyOGUr4/EPg5k7FA53vJrVxcU1Kg06GEgfV5GShSA7nqrJLnxbXAbE7nvQo/
4QX8piV+nBN1OaLSI1pBW48tDadDKsWmqxdVQT+IhjIN9QafDtXeoqb7+qasO1hV
kfGUip7TeKxJTArOTHEHgli/NxVaC5BvmlimdrnYSAKNr5w/y/G9srrbRYtf5w2H
3LmzIMZFPIQL45HDzXiDe+3NWiP5d7gCMIzeBrT0LLwDGfhI3w5bLmAjEX8NPXhJ
E1/qZaLW06ou6uRUQ7eUWQwoKtzum3ZYYdqJs93QNilCUnMpUAN+xuYxfIS00muC
vJA2yCEk4vauZ9HzKFmej+jf/pwaILNj/eUuz47BV8CLp/DV4qT4NvpShdhRdr1n
bCydkXoHVccARBWxLclypqJN1dolS2GIMPeflxQGU1+SArMMp6Zy1gf3klEDBC1U
yJ1JqyjxUfaQ1NWXMzrNd5SEoYSuno/zXjV7tm6u5ZTVzthE/6/iVG1kyeq2pCzU
pvSoI/jf2OdtCXN9oa+OD5I7LH4O8hXIOYfRukvp5nmEtfzL5yUxPEgyejm5OwCL
gf+ycAEOwBnc8AKWgl0uM/h1WXxUj9gbyHA5pT7Y2vJcXppKA1Di8KxqLkGhXv2k
Y2EXBplbrvU=
=v7/A
-----END PGP SIGNATURE-----
ESB-2022.5853 - [SUSE] rustup: CVSS (Max): 4.3
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.5853
Security update for rustup
14 November 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: rustup
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2022-24713 CVE-2021-45710
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20223949-1
Comment: CVSS (Max): 4.3 CVE-2022-24713 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for rustup
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3949-1
Rating: moderate
References: #1194119 #1196972
Cross-References: CVE-2021-45710 CVE-2022-24713
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for rustup fixes the following issues:
Updated to version 1.25.1~0: - CVE-2022-24713: Fixed Regex denial of service
(bsc#1196972). - CVE-2021-45710: Fixed tokio data race with memory corruption
(bsc#1194119).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3949=1
o SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-3949=1
Package List:
o openSUSE Leap 15.3 (aarch64 x86_64):
rustup-1.25.1~0-150300.7.13.2
rustup-debuginfo-1.25.1~0-150300.7.13.2
rustup-debugsource-1.25.1~0-150300.7.13.2
o SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 x86_64):
rustup-1.25.1~0-150300.7.13.2
rustup-debuginfo-1.25.1~0-150300.7.13.2
rustup-debugsource-1.25.1~0-150300.7.13.2
References:
o https://www.suse.com/security/cve/CVE-2021-45710.html
o https://www.suse.com/security/cve/CVE-2022-24713.html
o https://bugzilla.suse.com/1194119
o https://bugzilla.suse.com/1196972
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY3GsN8kNZI30y1K9AQjfvQ//b9o9L2KHNxRViFqVes8yjOCXC0QeyyAl
SpNheSW7+ns3X2jyNcWkORvUJ5S/ghVL/OfxddViTeaouyah3AZ9btES6eWnuiCL
kWDtTzY/EN+1+ML0MT3EDH8KEBzSdsxs9o5pakv7yTkwgZqWxv0wVgQsTWmRebfK
RKS3QKGjg/Qv+ncKAyKKvMHRkgAWrTowqtnHhwXfmQFaCbmPuFEt2C28QNlBeIyf
//XdUVUL1tBjvlbR8pQDgu2nAw5JNMhilPWecQbhxQzQuxd5O1BzRP1ZcXVyltNv
GeoUAomOf16QmKDCUHACSOU1SYiV/DuxN18SO7NH5ZGSiYAfgkWOdqzN/48Zk+uf
qtdMvkLD1kuIhbu+wBNbKnf8fzdsryd6nU0cStKVQdFB0grEcXNHR9VrdA/TCodL
dl/eZfDC+jMPe0HddDkEPJMHyQrm9cvJQRjOJq5u8yz5JElVmqHG9rvPGJT4fJ3h
dX8aV1m4f2LCPhcLYK38yhzXDjQqdLMD7y08dYxWSobGFPZuJwswbcvgE0EKzpbP
ZgaReTrAQHa2eiOdGKBkrsRG7UVOKt9+HKJafmIIaU4f1h1eYmf+gjgksS2QhCTT
DT30vy0Auxxp8Ni4R9XdsSru1nNNTfoZWo8pxknnhC9I480KAFgoP1/Pa04Jtdg4
/Fg0rraHK6o=
=B0jD
-----END PGP SIGNATURE-----
ESB-2022.5852 - [SUSE] python-numpy: CVSS (Max): 6.2
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.5852
Security update for python-numpy
14 November 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: python-numpy
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2017-12852
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20223954-1
Comment: CVSS (Max): 6.2 CVE-2017-12852 (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for python-numpy
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3954-1
Rating: moderate
References: #1053963 #1199500
Cross-References: CVE-2017-12852
Affected Products:
SUSE Linux Enterprise Server 12-SP5
SUSE Linux Enterprise Server for SAP Applications 12-SP5
SUSE Linux Enterprise Software Development Kit 12-SP5
______________________________________________________________________________
An update that solves one vulnerability and has one errata is now available.
Description:
This update for python-numpy fixes the following issues:
- - CVE-2017-12852: Fixed missing input validation leading to infinite loops (bsc
#1053963).
Bugfixes:
- - Use update-alternatives for /usr/bin/f2py (bsc#1199500).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise Software Development Kit 12-SP5:
zypper in -t patch SUSE-SLE-SDK-12-SP5-2022-3954=1
o SUSE Linux Enterprise Server 12-SP5:
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-3954=1
Package List:
o SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le
s390x x86_64):
python-numpy-debuginfo-1.8.0-5.19.1
python-numpy-debugsource-1.8.0-5.19.1
python-numpy-devel-1.8.0-5.19.1
o SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64):
python-numpy-1.8.0-5.19.1
python-numpy-debuginfo-1.8.0-5.19.1
python-numpy-debugsource-1.8.0-5.19.1
References:
o https://www.suse.com/security/cve/CVE-2017-12852.html
o https://bugzilla.suse.com/1053963
o https://bugzilla.suse.com/1199500
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY3GsFskNZI30y1K9AQhdqw//bPXoklZbZG40K+lqvQ7JCUmMQwBbOYfi
xOc2RU9+uTehhbCMMGpCyGUHG5Yn3qsCW9sQf84GMMPiYYPx5Lid4CIzo7iKpZB8
+y+gHNW9CuM05JbhoZxqDQu62wvkRqPvFikUmWdgpLXfTP+7pVstKPkPgohfQlUw
nELaBG3phcCgaYt7VXInqfApmVtdZ55c4QzfsIDwVCzenXJJEf/HOKOPAz3pMezO
DjmiNMp3i6JH6fpy/Wk4B3fnbMWCpg5dkPNQmoO6yOdbg8FdYj5vX9MwNDK24qtt
SM0XPumRZWOSGR83GRfHqy76/wtmDftyUi6kkiZj8mV/Ce8ekw3g4lSftEeK8U3O
JgHzbnB4zLRThH9rCk5oRoPKVGSLHNRl4rm7rZOaWhhA2zHZ41F4hb2zeXY3yOP3
Ze90KuKTPNWviSS2NBFwVkcxmOWnpXltmrNyZquwLzQs4MCEAAW4eXJmwlCjUjPD
pnwscU4ydUFKOgNM+T8RH3aeCEugfv2AS2vfpFxPMeA/xIbxHeFxdandG5jnh837
0Z82tjYMagK6k755rMDQkycob++nDXZxewI6BwD3bTjKKOlb9BFRwRb3nuZojhf2
VExyjziU+Fo+/9hZcZVa/7x+MppMjxhqNklofRrXYuDO/SZXtYLFYKW+o1yBMGJe
t5Kj9PbLdSg=
=oirW
-----END PGP SIGNATURE-----
ESB-2022.5851 - [SUSE] php72: CVSS (Max): 6.5
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.5851
Security update for php72
14 November 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: php72
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2022-31629 CVE-2022-31628
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20223957-1
Comment: CVSS (Max): 6.5 CVE-2022-31629 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N)
CVSS Source: SUSE, [Red Hat]
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for php72
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3957-1
Rating: moderate
References: #1203867 #1203870
Cross-References: CVE-2022-31628 CVE-2022-31629
Affected Products:
SUSE Linux Enterprise High Performance Computing 12
SUSE Linux Enterprise Module for Web Scripting 12
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12-SP3
SUSE Linux Enterprise Server 12-SP4
SUSE Linux Enterprise Server 12-SP5
SUSE Linux Enterprise Server for SAP Applications 12
SUSE Linux Enterprise Server for SAP Applications 12-SP3
SUSE Linux Enterprise Server for SAP Applications 12-SP4
SUSE Linux Enterprise Server for SAP Applications 12-SP5
SUSE Linux Enterprise Software Development Kit 12-SP5
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for php72 fixes the following issues:
o CVE-2022-31628: Fixed an uncontrolled recursion in the phar uncompressor
while decompressing "quines" gzip files. (bsc#1203867)
o CVE-2022-31629: Fixed a bug which could lead an attacker to set an insecure
cookie that will treated as secure in the victim's browser. (bsc#1203870)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise Software Development Kit 12-SP5:
zypper in -t patch SUSE-SLE-SDK-12-SP5-2022-3957=1
o SUSE Linux Enterprise Module for Web Scripting 12:
zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2022-3957=1
Package List:
o SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le
s390x x86_64):
php72-debuginfo-7.2.5-1.84.1
php72-debugsource-7.2.5-1.84.1
php72-devel-7.2.5-1.84.1
o SUSE Linux Enterprise Module for Web Scripting 12 (aarch64 ppc64le s390x
x86_64):
apache2-mod_php72-7.2.5-1.84.1
apache2-mod_php72-debuginfo-7.2.5-1.84.1
php72-7.2.5-1.84.1
php72-bcmath-7.2.5-1.84.1
php72-bcmath-debuginfo-7.2.5-1.84.1
php72-bz2-7.2.5-1.84.1
php72-bz2-debuginfo-7.2.5-1.84.1
php72-calendar-7.2.5-1.84.1
php72-calendar-debuginfo-7.2.5-1.84.1
php72-ctype-7.2.5-1.84.1
php72-ctype-debuginfo-7.2.5-1.84.1
php72-curl-7.2.5-1.84.1
php72-curl-debuginfo-7.2.5-1.84.1
php72-dba-7.2.5-1.84.1
php72-dba-debuginfo-7.2.5-1.84.1
php72-debuginfo-7.2.5-1.84.1
php72-debugsource-7.2.5-1.84.1
php72-dom-7.2.5-1.84.1
php72-dom-debuginfo-7.2.5-1.84.1
php72-enchant-7.2.5-1.84.1
php72-enchant-debuginfo-7.2.5-1.84.1
php72-exif-7.2.5-1.84.1
php72-exif-debuginfo-7.2.5-1.84.1
php72-fastcgi-7.2.5-1.84.1
php72-fastcgi-debuginfo-7.2.5-1.84.1
php72-fileinfo-7.2.5-1.84.1
php72-fileinfo-debuginfo-7.2.5-1.84.1
php72-fpm-7.2.5-1.84.1
php72-fpm-debuginfo-7.2.5-1.84.1
php72-ftp-7.2.5-1.84.1
php72-ftp-debuginfo-7.2.5-1.84.1
php72-gd-7.2.5-1.84.1
php72-gd-debuginfo-7.2.5-1.84.1
php72-gettext-7.2.5-1.84.1
php72-gettext-debuginfo-7.2.5-1.84.1
php72-gmp-7.2.5-1.84.1
php72-gmp-debuginfo-7.2.5-1.84.1
php72-iconv-7.2.5-1.84.1
php72-iconv-debuginfo-7.2.5-1.84.1
php72-imap-7.2.5-1.84.1
php72-imap-debuginfo-7.2.5-1.84.1
php72-intl-7.2.5-1.84.1
php72-intl-debuginfo-7.2.5-1.84.1
php72-json-7.2.5-1.84.1
php72-json-debuginfo-7.2.5-1.84.1
php72-ldap-7.2.5-1.84.1
php72-ldap-debuginfo-7.2.5-1.84.1
php72-mbstring-7.2.5-1.84.1
php72-mbstring-debuginfo-7.2.5-1.84.1
php72-mysql-7.2.5-1.84.1
php72-mysql-debuginfo-7.2.5-1.84.1
php72-odbc-7.2.5-1.84.1
php72-odbc-debuginfo-7.2.5-1.84.1
php72-opcache-7.2.5-1.84.1
php72-opcache-debuginfo-7.2.5-1.84.1
php72-openssl-7.2.5-1.84.1
php72-openssl-debuginfo-7.2.5-1.84.1
php72-pcntl-7.2.5-1.84.1
php72-pcntl-debuginfo-7.2.5-1.84.1
php72-pdo-7.2.5-1.84.1
php72-pdo-debuginfo-7.2.5-1.84.1
php72-pgsql-7.2.5-1.84.1
php72-pgsql-debuginfo-7.2.5-1.84.1
php72-phar-7.2.5-1.84.1
php72-phar-debuginfo-7.2.5-1.84.1
php72-posix-7.2.5-1.84.1
php72-posix-debuginfo-7.2.5-1.84.1
php72-pspell-7.2.5-1.84.1
php72-pspell-debuginfo-7.2.5-1.84.1
php72-readline-7.2.5-1.84.1
php72-readline-debuginfo-7.2.5-1.84.1
php72-shmop-7.2.5-1.84.1
php72-shmop-debuginfo-7.2.5-1.84.1
php72-snmp-7.2.5-1.84.1
php72-snmp-debuginfo-7.2.5-1.84.1
php72-soap-7.2.5-1.84.1
php72-soap-debuginfo-7.2.5-1.84.1
php72-sockets-7.2.5-1.84.1
php72-sockets-debuginfo-7.2.5-1.84.1
php72-sodium-7.2.5-1.84.1
php72-sodium-debuginfo-7.2.5-1.84.1
php72-sqlite-7.2.5-1.84.1
php72-sqlite-debuginfo-7.2.5-1.84.1
php72-sysvmsg-7.2.5-1.84.1
php72-sysvmsg-debuginfo-7.2.5-1.84.1
php72-sysvsem-7.2.5-1.84.1
php72-sysvsem-debuginfo-7.2.5-1.84.1
php72-sysvshm-7.2.5-1.84.1
php72-sysvshm-debuginfo-7.2.5-1.84.1
php72-tidy-7.2.5-1.84.1
php72-tidy-debuginfo-7.2.5-1.84.1
php72-tokenizer-7.2.5-1.84.1
php72-tokenizer-debuginfo-7.2.5-1.84.1
php72-wddx-7.2.5-1.84.1
php72-wddx-debuginfo-7.2.5-1.84.1
php72-xmlreader-7.2.5-1.84.1
php72-xmlreader-debuginfo-7.2.5-1.84.1
php72-xmlrpc-7.2.5-1.84.1
php72-xmlrpc-debuginfo-7.2.5-1.84.1
php72-xmlwriter-7.2.5-1.84.1
php72-xmlwriter-debuginfo-7.2.5-1.84.1
php72-xsl-7.2.5-1.84.1
php72-xsl-debuginfo-7.2.5-1.84.1
php72-zip-7.2.5-1.84.1
php72-zip-debuginfo-7.2.5-1.84.1
php72-zlib-7.2.5-1.84.1
php72-zlib-debuginfo-7.2.5-1.84.1
o SUSE Linux Enterprise Module for Web Scripting 12 (noarch):
php72-pear-7.2.5-1.84.1
php72-pear-Archive_Tar-7.2.5-1.84.1
References:
o https://www.suse.com/security/cve/CVE-2022-31628.html
o https://www.suse.com/security/cve/CVE-2022-31629.html
o https://bugzilla.suse.com/1203867
o https://bugzilla.suse.com/1203870
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY3Gr/MkNZI30y1K9AQha7hAAnHe7HHLRP574o9dIbOqsldC1cAUJ2X6L
snrRIyGQiyOlva0Q9Jlcp2opcGeSB3A30UBGrBgp4qGKiunOkXB2EHXpnZRXKANR
hU3Xf8Z0LrHXnHY7TlUpu5yPuZKK/2G9tyEJJOOL2ZofUvQI2wav5sEZfzvpLwma
wAsPqCKpNzq6TF/vPnnamr3EnRAZRQjjFqejWoGQ2iTcRdhd8y/7fSJKWLHFADxs
jf29bUBTcHeUurHMZ2DyyR/7e8tTw7mUljSX+DAky1RNSyyH2g1z2nxh3Eqr/+O7
n/1QtuMU+8Y1U2Jxx/BmV/HL5Bmdfo1F/VxH2yEYKt2SYv4Jq0TFBTvlNGtxWeu1
BGziLZUAGkzwT/1GEPhlvHhSr1qrQvqCwxK6BsDfaBV0Byx/GXlvl8TjgLIFHixX
oii401Hbmj+9bw5GgOFuhHjsKfIOd4fKz0qVOSAgeMQMtHhqlWBjXc2dQ+GKMWgD
N31J1yXFvkwY47mIPRZfIDFXv7ENXKQ61IbRjxQ7V/6YGUcG18edPfBakr9SFdg6
ud6aMlmGROt/aIqBCP7ehHDsm+xNP86fPyxw5AL39M5HOFl8ZeaeczbKmLFAB170
O53oOqT+P9QtdUqEF12EU83EMTs6I4QYAlzlRuJ3exJtGzhxwcoI9knUJXBNz/IV
5dPT6TKxbGc=
=q7rE
-----END PGP SIGNATURE-----
ESB-2022.5850 - [SUSE] busybox: CVSS (Max): 9.8
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.5850
Security update for busybox
14 November 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: busybox
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2021-42386 CVE-2021-42385 CVE-2021-42384
CVE-2021-42383 CVE-2021-42382 CVE-2021-42381
CVE-2021-42380 CVE-2021-42379 CVE-2021-42378
CVE-2021-42377 CVE-2021-42376 CVE-2021-42375
CVE-2021-42374 CVE-2021-42373 CVE-2021-28831
CVE-2019-5747 CVE-2018-1000517 CVE-2018-1000500
CVE-2018-20679 CVE-2017-16544 CVE-2017-15874
CVE-2017-15873 CVE-2016-6301 CVE-2016-2148
CVE-2016-2147 CVE-2015-9261 CVE-2011-5325
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20223959-1
Comment: CVSS (Max): 9.8 CVE-2016-2148 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: SUSE, Red Hat, [NVD]
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for busybox
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3959-1
Rating: important
References: #1064976 #1064978 #1069412 #1099260 #1099263 #1102912
#1121426 #1121428 #1184522 #1192869 #951562 #970662 #970663
#991940
Cross-References: CVE-2011-5325 CVE-2015-9261 CVE-2016-2147 CVE-2016-2148
CVE-2016-6301 CVE-2017-15873 CVE-2017-15874 CVE-2017-16544
CVE-2018-1000500 CVE-2018-1000517 CVE-2018-20679
CVE-2019-5747 CVE-2021-28831 CVE-2021-42373 CVE-2021-42374
CVE-2021-42375 CVE-2021-42376 CVE-2021-42377 CVE-2021-42378
CVE-2021-42379 CVE-2021-42380 CVE-2021-42381 CVE-2021-42382
CVE-2021-42383 CVE-2021-42384 CVE-2021-42385 CVE-2021-42386
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 27 vulnerabilities is now available.
Description:
This update for busybox fixes the following issues:
o Enable switch_root With this change virtme --force-initramfs works as
expected.
o Enable udhcpc
busybox was updated to 1.35.0
o Adjust busybox.config for new features in find, date and cpio
o Annotate CVEs already fixed in upstream, but not mentioned in .changes yet:
o CVE-2017-16544 (bsc#1069412): Insufficient sanitization of filenames when
autocompleting
o CVE-2015-9261 (bsc#1102912): huft_build misuses a pointer, causing
segfaults
o CVE-2016-2147 (bsc#970663): out of bounds write (heap) due to integer
underflow in udhcpc
o CVE-2016-2148 (bsc#970662): heap-based buffer overflow in OPTION_6RD
parsing
o CVE-2016-6301 (bsc#991940): NTP server denial of service flaw
o CVE-2017-15873 (bsc#1064976): The get_next_block function in archival/
libarchive/decompress_bunzip2.c has an Integer Overflow
o CVE-2017-15874 (bsc#1064978): archival/libarchive/decompress_unlzma.c has
an Integer Underflow
o CVE-2019-5747 (bsc#1121428): out of bounds read in udhcp components
o CVE-2021-42373, CVE-2021-42374, CVE-2021-42375, CVE-2021-42376,
CVE-2021-42377, CVE-2021-42378, CVE-2021-42379, CVE-2021-42380,
CVE-2021-42381, CVE-2021-42382, CVE-2021-42383, CVE-2021-42384,
CVE-2021-42385, CVE-2021-42386 (bsc#1192869) : v1.34.0 bugfixes
o CVE-2021-28831 (bsc#1184522): invalid free or segmentation fault via
malformed gzip data
o CVE-2018-20679 (bsc#1121426): out of bounds read in udhcp
o CVE-2018-1000517 (bsc#1099260): Heap-based buffer overflow in the
retrieve_file_data()
o CVE-2011-5325 (bsc#951562): tar directory traversal
o CVE-2018-1000500 (bsc#1099263): wget: Missing SSL certificate validation
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3959=1
o SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3959=1
Package List:
o openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
busybox-1.35.0-150400.3.3.1
busybox-static-1.35.0-150400.3.3.1
busybox-testsuite-1.35.0-150400.3.3.1
o openSUSE Leap 15.4 (aarch64 x86_64):
busybox-warewulf3-1.35.0-150400.3.3.1
o SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x
x86_64):
busybox-1.35.0-150400.3.3.1
busybox-static-1.35.0-150400.3.3.1
References:
o https://www.suse.com/security/cve/CVE-2011-5325.html
o https://www.suse.com/security/cve/CVE-2015-9261.html
o https://www.suse.com/security/cve/CVE-2016-2147.html
o https://www.suse.com/security/cve/CVE-2016-2148.html
o https://www.suse.com/security/cve/CVE-2016-6301.html
o https://www.suse.com/security/cve/CVE-2017-15873.html
o https://www.suse.com/security/cve/CVE-2017-15874.html
o https://www.suse.com/security/cve/CVE-2017-16544.html
o https://www.suse.com/security/cve/CVE-2018-1000500.html
o https://www.suse.com/security/cve/CVE-2018-1000517.html
o https://www.suse.com/security/cve/CVE-2018-20679.html
o https://www.suse.com/security/cve/CVE-2019-5747.html
o https://www.suse.com/security/cve/CVE-2021-28831.html
o https://www.suse.com/security/cve/CVE-2021-42373.html
o https://www.suse.com/security/cve/CVE-2021-42374.html
o https://www.suse.com/security/cve/CVE-2021-42375.html
o https://www.suse.com/security/cve/CVE-2021-42376.html
o https://www.suse.com/security/cve/CVE-2021-42377.html
o https://www.suse.com/security/cve/CVE-2021-42378.html
o https://www.suse.com/security/cve/CVE-2021-42379.html
o https://www.suse.com/security/cve/CVE-2021-42380.html
o https://www.suse.com/security/cve/CVE-2021-42381.html
o https://www.suse.com/security/cve/CVE-2021-42382.html
o https://www.suse.com/security/cve/CVE-2021-42383.html
o https://www.suse.com/security/cve/CVE-2021-42384.html
o https://www.suse.com/security/cve/CVE-2021-42385.html
o https://www.suse.com/security/cve/CVE-2021-42386.html
o https://bugzilla.suse.com/1064976
o https://bugzilla.suse.com/1064978
o https://bugzilla.suse.com/1069412
o https://bugzilla.suse.com/1099260
o https://bugzilla.suse.com/1099263
o https://bugzilla.suse.com/1102912
o https://bugzilla.suse.com/1121426
o https://bugzilla.suse.com/1121428
o https://bugzilla.suse.com/1184522
o https://bugzilla.suse.com/1192869
o https://bugzilla.suse.com/951562
o https://bugzilla.suse.com/970662
o https://bugzilla.suse.com/970663
o https://bugzilla.suse.com/991940
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY3Gr28kNZI30y1K9AQg9cQ//b8ozUWkUW/j5pMaHbYJPocF5sI2c5E7l
GHIzoAYoGy8df2GEg0iwNCebiIadJBXFexPQseR5MjKqA2SPEAPTQQr4vLZrwOOg
LMkhxFolebvw0HcKwEn58yz6ccn67Vx8cy352jG3kxq583BCXPitvtpLuFcfMLi+
yLn9XkdtBPvnDMqoiCPUnA8r9m4jS8EO+tzvmRU1FFvs6BNP7Nri3PO1I/nP9Mbd
w092nlWIghV0v4VWIxpHt6KAMqy6JBpqjkLaeHtJl1aUhp/LbIBPdekaeePG7jbg
0M2GZmMofiIkFjj/vkf4xjLiKdgQBajKMUSpofCG0JFJnfTdJIWs/PZtGASeo8yZ
kwRss4Vni7wZaQuQev/VtZW74LwiKg8FEAe0CwkPVFhH6h3ELib92i0pa2AdXtVs
/vBY4fTT7z5oRJj0rE5IML8OCYmm6xJXwM+A9Vc/pO9kMd8wgRu7bGkwbrP6eRYp
8MavBpIRNAKtgfISRs1CMbcrpLEUs+iPCvk5Th4LgNnq2voHt13xPOErYe4ZpwpQ
gZFGz9E0b+tQASXPvxgGPBYvClTv99JsL+Rrj2U+rRVZtg0jALS1ow3ub/P0LSlu
osRmqglTu30Dv6O4dXVzgTBK5ZWCrSfj9sSUjePDo+t0oXZqfswyHmiJKVFp9nbZ
r+BDMdkQ4iE=
=aRkL
-----END PGP SIGNATURE-----
ESB-2022.5849 - [SUSE] cni-plugin-dnsname: CVSS (Max): None
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.5849
Feature update for cni-plugin-dnsname
14 November 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: cni-plugin-dnsname
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-fu-20223948-1
Comment: CVSS (Max): None available when published
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Feature Update: Feature update for cni-plugin-dnsname
______________________________________________________________________________
Announcement ID: SUSE-FU-2022:3948-1
Rating: important
References:
Affected Products:
SUSE Linux Enterprise Micro 5.2
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that has 0 feature fixes and contains two features can now be
installed.
Description:
This update for cni-plugin-dnsname fixes the following issues:
o Provide package cni-plugin-dnsname to SUSE Linux Enteprise Micro 5.2 (jsc#
SMO-129, jsc#SMO-63)
Patch Instructions:
To install this SUSE Feature Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-3948=1
o SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-3948=1
Package List:
o openSUSE Leap Micro 5.2 (aarch64 ppc64le s390x x86_64):
cni-plugin-dnsname-1.3.1-150300.1.3.1
cni-plugin-dnsname-debuginfo-1.3.1-150300.1.3.1
o SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
cni-plugin-dnsname-1.3.1-150300.1.3.1
cni-plugin-dnsname-debuginfo-1.3.1-150300.1.3.1
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY3GruskNZI30y1K9AQg2fQ/+NRl7Fe9cTBe5Sn0hZgfqV/qnU68P1x7j
bVFzxuHagLD1QBF7CpvsiC6QNBi8JEQsBWtNWSG8It6xAXjdt4urfyP+ifELLYcT
7/jRk/RaQ7IeI+AxPCDXzllVOVx7POEoM827GJxss14ryJlVDevcXp4T1knHdJEJ
jjA2eOEfpEQUMkTIy6/qL303Xo0UenGzoH8LWpDUJxtycj9/TKhuMY86Fo2cwTO/
8Z8NH9Vd9FEws+NL6ORkng89nSuiUf0FkdPRDBAJ4YjVZPWtDeZPiitQEo/mu23P
hWXujp2gc9iSkttnjcdr2hNZlg4BrJc0hdCPYEk7YYZ/5/zCsoEXWgXjRnEBe/Ip
ZqMEQTlblNWGZbtttjvJpCUHWDbz2z3c42PN61HUg6OTWUmT4Dn8xlERke6a5Znx
AsDW2/nVkSPGj25JjpeJV/oPW0WHmx8T95Vw0Nb0veSc22l9kd3zw1r36tf+LJ6X
5/vVojZ9Yrd0mPmqHAnM55NBcWiV8ZgmiR4CGQY7Ju0MaWXHn8+j1C0QKXcRnDUY
Jt5pBoy7eakZTVR6/iuw1nnARJIJTyhVhQJYEYAolTFfFxOWMoiBLlhIAnDupJcR
fXb1o+1UaCi9VvFXQraIGE0LX3JDu9MPjmiCukXENePk4ldnHWVErgJQBIEmLqPM
b9mUnObyceA=
=NPRp
-----END PGP SIGNATURE-----
ESB-2022.5848 - [Win][UNIX/Linux] Ruby: CVSS (Max): None
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.5848
Ruby 3.2.0 Preview 3 Released
14 November 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Ruby
Publisher: Ruby
Operating System: UNIX variants (UNIX, Linux, OSX)
Windows
Resolution: Patch/Upgrade
Original Bulletin:
https://www.ruby-lang.org/en/news/2022/11/11/ruby-3-2-0-preview3-released/
Comment: CVSS (Max): None available when published
- --------------------------BEGIN INCLUDED TEXT--------------------
Ruby 3.2.0 Preview 3 Released
Posted by naruse on 11 Nov 2022
We are pleased to announce the release of Ruby 3.2.0-preview3. Ruby 3.2 adds
many features and performance improvements.
WASI based WebAssembly support
This is an initial port of WASI based WebAssembly support. This enables a CRuby
binary to be available on Web browser, Serverless Edge environment, and other
WebAssembly/WASI embedders. Currently this port passes basic and bootstrap test
suites not using Thread API.
[opCgKy2]
Background
WebAssembly (Wasm) is originally introduced to run programs safely and fast in
web browsers. But its objective - running programs efficinently with security
on various environment - is long wanted not only by web but also by general
applications.
WASI (The WebAssembly System Interface) is designed for such use cases. Though
such applications need to communicate with operating systems, WebAssembly runs
on a virtual machine which didn t have a system interface. WASI standardizes
it.
WebAssembly/WASI Support in Ruby intends to leverage those projects. It enables
Ruby developers to write applications which runs on such promised platform.
Use case
This support encourages developers can utilize CRuby in WebAssembly
environment. An example use case of it is TryRuby playground s CRuby support.
Now you can try original CRuby in your web browser.
Technical points
Today s WASI and WebAssembly itself has some missing features to implement
Fiber, exception, and GC because it s still evolving and also for security
reasons. So CRuby fills the gap by using Asyncify, which is a binary
transformation technique to control execution in userland.
In addition, we built a VFS on top of WASI so that we can easily pack Ruby apps
into a single .wasm file. This makes distribution of Ruby apps a bit easier.
Related links
o Add WASI based WebAssembly support #5407
o An Update on WebAssembly/WASI Support in Ruby
Regexp improvements against ReDoS
It is known that Regexp matching may take unexpectedly long. If your code
attempts to match an possibly inefficient Regexp against an untrusted input, an
attacker may exploit it for efficient Denial of Service (so-called Regular
expression DoS, or ReDoS).
We have introduced two improvements that significantly mitigate ReDoS.
Improved Regexp matching algorithm
Since Ruby 3.2, Regexp s matching algorithm has been greatly improved by using
memoization technique.
# This matching takes 10 sec. in Ruby 3.1, and does 0.003 sec. in Ruby 3.2
/^a*ba*$/ =~ "a" * 50000 + "x"
The improved matching algorithm allows most of Regexp matching (about 90% in
our experiments) to be completed in linear time.
(For preview users: this optimization may consume memory proportional to the
input length for each matching. We expect no practical problems to arise
because this memory allocation is usually delayed, and a normal Regexp matching
should consume at most 10 times as much memory as the input length. If you run
out of memory when matching Regexps in a real-world application, please report
it.)
The original proposal is https://bugs.ruby-lang.org/issues/19104
Regexp timeout
The optimization above cannot be applied to some kind of regular expressions,
such as including advanced features (e.g., back-references or look-around), or
with huge fixed number of repetitions. As a fallback measure, a timeout feature
for Regexp matching is also introduced.
Regexp.timeout = 1.0
/^a*ba*()\1$/ =~ "a" * 50000 + "x"
#=> Regexp::TimeoutError is raised in one second
Note that Regexp.timeout is a global configuration. If you want to use
different timeout settings for some special Regexps, you may want to use
timeout keyword for Regexp.new .
Regexp.timeout = 1.0
# This regexp has no timeout
long_time_re = Regexp.new("^a*ba*()\1$", timeout: Float::INFINITY)
long_time_re =~ "a" * 50000 + "x" # never interrupted
The original proposal is https://bugs.ruby-lang.org/issues/17837
Other Notable New Features
No longer bundle 3rd party sources
o We no longer bundle 3rd party sources like libyaml , libffi .
libyaml source has been removed from psych. You may need to install
libyaml-dev with Ubuntu/Debian platfrom. The package name is different
each platforms.
bundled libffi source is also removed from fiddle
Language
o Anonymous rest and keyword rest arguments can now be passed as arguments,
instead of just used in method parameters. [ Feature #18351 ]
def foo(*)
bar(*)
end
def baz(**)
quux(**)
end
o A proc that accepts a single positional argument and keywords will no
longer autosplat. [ Bug #18633 ]
proc{|a, **k| a}.call([1, 2])
# Ruby 3.1 and before
# => 1
# Ruby 3.2 and after
# => [1, 2]
o Constant assignment evaluation order for constants set on explicit objects
has been made consistent with single attribute assignment evaluation order.
With this code:
foo::BAR = baz
foo is now called before baz . Similarly, for multiple assignments to
constants, left-to-right evaluation order is used. With this code:
foo1::BAR1, foo2::BAR2 = baz1, baz2
The following evaluation order is now used:
1. foo1
2. foo2
3. baz1
4. baz2
[ Bug #15928 ]
o Find pattern is no longer experimental. [ Feature #18585 ]
o Methods taking a rest parameter (like *args ) and wishing to delegate
keyword arguments through foo(*args) must now be marked with ruby2_keywords
(if not already the case). In other words, all methods wishing to delegate
keyword arguments through *args must now be marked with ruby2_keywords ,
with no exception. This will make it easier to transition to other ways of
delegation once a library can require Ruby 3+. Previously, the
ruby2_keywords flag was kept if the receiving method took *args , but this
was a bug and an inconsistency. A good technique to find the
potentially-missing ruby2_keywords is to run the test suite, for where it
fails find the last method which must receive keyword arguments, use puts
nil, caller, nil there, and check each method/block on the call chain which
must delegate keywords is correctly marked as ruby2_keywords . [ Bug #18625
] [ Bug #16466 ]
def target(**kw)
end
# Accidentally worked without ruby2_keywords in Ruby 2.7-3.1, ruby2_keywords
# needed in 3.2+. Just like (*args, **kwargs) or (...) would be needed on
# both #foo and #bar when migrating away from ruby2_keywords.
ruby2_keywords def bar(*args)
target(*args)
end
ruby2_keywords def foo(*args)
bar(*args)
end
foo(k: 1)
Performance improvements
YJIT
o Support arm64 / aarch64 on UNIX platforms.
o Building YJIT requires Rust 1.58.1+. [ Feature #18481 ]
Other notable changes since 3.1
o Hash
Hash#shift now always returns nil if the hash is empty, instead of
returning the default value or calling the default proc. [ Bug #16908 ]
o MatchData
MatchData#byteoffset has been added. [ Feature #13110 ]
o Module
Module.used_refinements has been added. [ Feature #14332 ]
Module#refinements has been added. [ Feature #12737 ]
Module#const_added has been added. [ Feature #17881 ]
o Proc
Proc#dup returns an instance of subclass. [ Bug #17545 ]
Proc#parameters now accepts lambda keyword. [ Feature #15357 ]
o Refinement
Refinement#refined_class has been added. [ Feature #12737 ]
o RubyVM::AbstractSyntaxTree
Add error_tolerant option for parse , parse_file and of . [[Feature #
19013]]
o Set
Set is now available as a builtin class without the need for require
"set" . [ Feature #16989 ] It is currently autoloaded via the Set
constant or a call to Enumerable#to_set .
o String
String#byteindex and String#byterindex have been added. [ Feature #
13110 ]
Update Unicode to Version 14.0.0 and Emoji Version 14.0. [ Feature #
18037 ] (also applies to Regexp)
String#bytesplice has been added. [ Feature #18598 ]
o Struct
A Struct class can also be initialized with keyword arguments without
keyword_init: true on Struct.new [ Feature #16806 ]
Compatibility issues
Note: Excluding feature bug fixes.
Removed constants
The following deprecated constants are removed.
o Fixnum and Bignum [ Feature #12005 ]
o Random::DEFAULT [ Feature #17351 ]
o Struct::Group
o Struct::Passwd
Removed methods
The following deprecated methods are removed.
o Dir.exists [ Feature #17391 ]
o File.exists [ Feature #17391 ]
o Kernel#=~ [ Feature #15231 ]
o Kernel#taint , Kernel#untaint , Kernel#tainted [ Feature #16131 ]
o Kernel#trust , Kernel#untrust , Kernel#untrusted [ Feature #16131 ]
Stdlib compatibility issues
o Psych no longer bundles libyaml sources. Users need to install the libyaml
library themselves via the package system. [ Feature #18571 ]
C API updates
Updated C APIs
The following APIs are updated.
o PRNG update rb_random_interface_t updated and versioned. Extension
libraries which use this interface and built for older versions. Also
init_int32 function needs to be defined.
Removed C APIs
The following deprecated APIs are removed.
o rb_cData variable.
o taintedness and trustedness functions. [ Feature #16131 ]
Standard libraries updates
o SyntaxSuggest
The feature of syntax_suggest formerly dead_end is integrated in Ruby.
[ Feature #18159 ]
o ErrorHighlight
Now it points an argument(s) of TypeError and ArgumentError
test.rb:2:in `+': nil can't be coerced into Integer (TypeError)
sum = ary[0] + ary[1]
^^^^^^
o The following default gems are updated.
RubyGems 3.4.0.dev
bigdecimal 3.1.2
bundler 2.4.0.dev
cgi 0.3.2
date 3.2.3
error_highlight 0.4.0
etc 1.4.0
io-console 0.5.11
io-nonblock 0.1.1
io-wait 0.3.0.pre
ipaddr 1.2.4
json 2.6.2
logger 1.5.1
net-http 0.2.2
net-protocol 0.1.3
ostruct 0.5.5
psych 5.0.0.dev
reline 0.3.1
securerandom 0.2.0
set 1.0.3
stringio 3.0.3
syntax_suggest 0.0.1
timeout 0.3.0
o The following bundled gems are updated.
minitest 5.16.3
net-imap 0.2.3
rbs 2.6.0
typeprof 0.21.3
debug 1.6.2
o The following default gems are now bundled gems.
See NEWS or commit logs for more details.
With those changes, 2719 files changed, 191269 insertions(+), 120315 deletions
(-) since Ruby 3.1.0!
Download
o https://cache.ruby-lang.org/pub/ruby/3.2/ruby-3.2.0-preview3.tar.gz
SIZE: 20086542
SHA1: dafca8116d36ceaa32482ab38359768de8c3ae5e
SHA256: c041d1488e62730d3a10dbe7cf7a3b3e4268dc867ec20ec991e7d16146640487
SHA512: 860634d95e4b9c48f18d38146dfbdc3c389666d45454248a4ccdfc3a5d3cd0c71c73533aabf359558117de9add1472af228d8eaec989c9336b1a3a6f03f1ae88
o https://cache.ruby-lang.org/pub/ruby/3.2/ruby-3.2.0-preview3.tar.xz
SIZE: 14799804
SHA1: c94e2add05502cb5c39afffc995b7c8f000f7df0
SHA256: d3f5619de544240d92a5d03aa289e71bd1103379622c523a0e80ed029a74b3bb
SHA512: c1864e2e07c3711eaa17d0f85dfbcc6e0682b077782bb1c155315af45139ae66dc4567c73682d326975b0f472111eb0a70f949811cb54bed0b3a816ed6ac34df
o https://cache.ruby-lang.org/pub/ruby/3.2/ruby-3.2.0-preview3.zip
SIZE: 24426893
SHA1: 346c051c4be7ab8d0b551fd2ff8169785697db62
SHA256: cf49aa70e7ebd8abebffd5e49cd3bd92e5b9f3782d587cc7ed88c98dd5f17069
SHA512: 4f22b5ea91be17ef5f68cf0acb1e3a226dcc549ad71cc9b40e623220087c4065ca9bea942710f668e5c94ca0323da8d2ccd565f95a9085c1a0e38e9c0543b22f
What is Ruby
Ruby was first developed by Matz (Yukihiro Matsumoto) in 1993, and is now
developed as Open Source. It runs on multiple platforms and is used all over
the world especially for web development.
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY3GroMkNZI30y1K9AQgaHRAAsM90GsTZ023Pbx4bmU+7nYuPxp6cFTma
IYVB1FWVJrG7f37u0uClKX0MjJkFCOlJ6M4gVDD3ZSSSFBXbewGDTd3Dq++qlgpQ
QsT1lKMKG8norqLSQsJabFX4PhDHpCxBfwiNUoQHt2UToZvvLXna2Zq2ADuPqPw9
QyH/3NOZLz9W2gHUmxbTHEGeSUC4yE3wALX4/F4+Sdz7ojcpHPsZJGsdL5Rxr7KE
9uMITxQCpMk69O+NfjxC/fuHgotf0LMQ/nUbie2peAbcHWX/2ETSKrJ3ab3QxSSF
KQTYhLGYyZgfH+NLne+V5hwlnLk3GH3zfpF/EjGBNpOtZph2Wegb/4aZTc1GQkeo
R5elENdAkgrOTtsiTohsUDEWCETfgp4mHRbUAm4bC+pNvsfJXBGC0NJhlyhgthzT
+gDAUjGl1ZokOEeYv+V/sbpgete9qjR6BQoVL5lasHXt3ExI9syEpmgqpGzX7oXb
xk1rF3+zj/5soCFAxNgM8jDAsLXTIORzG23CbOktWn+QaDYNh18u5Ofmu1kRcdA0
hexARi8YbhhvYH0lTtCwuV0aUf0f7MHI+e3seX5l1FZGsmqD5UqZtRxuD+idteRJ
tqIZCEH16aPMCgDsDIn7cbvPfZFPHv3AB3m2Nz5Pi9H06x1mvE4wEWViHt7mp/GC
sHMKquZIArM=
=+yhV
-----END PGP SIGNATURE-----
ESB-2022.5847 - [Win][UNIX/Linux] Intel WiFi products: CVSS (Max): 4.3
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.5847
Intel PROSet/Wireless WiFi, Intel vPro CSME WiFi and Killer WiFi Advisory
11 November 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Intel PROSet/Wireless WiFi
Intel vPro CSME WiFi
Killer WiFi
Publisher: Intel
Operating System: Windows
UNIX variants (UNIX, Linux, OSX)
Resolution: Patch/Upgrade
CVE Names: CVE-2022-26047
Original Bulletin:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00699.html
Comment: CVSS (Max): 4.3 CVE-2022-26047 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVSS Source: Intel
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
- --------------------------BEGIN INCLUDED TEXT--------------------
Intel ID: INTEL-SA-00699
Advisory Category: Firmware
Impact of vulnerability : Denial of Service
Severity rating : MEDIUM
Original release: 11/08/2022
Last revised: 11/08/2022
Summary:
A potential security vulnerability in some Intel PROSet/Wireless WiFi, Intel
vPro CSME WiFi and Killer WiFi products may allow denial of service. Intel is
releasing a firmware update to mitigate this potential vulnerability.
Vulnerability Details:
CVEID: CVE-2022-26047
Description: Improper input validation for some Intel(R) PROSet/Wireless WiFi,
Intel vPro(R) CSME WiFi and Killer(TM) WiFi products may allow unauthenticated
user to potentially enable denial of service via local access.
CVSS Base Score: 4.3 Medium
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected Products:
Intel PROSet/Wireless WiFi firmware before version 22.140, Killer WiFi firmware
before version 3.1122.3158 and UEFI version 2.2.14.22176.2.
+--------------------+--------------------------------------+-----------------------------+
|CVE ID |Affected Products |Affected OS |
+--------------------+--------------------------------------+-----------------------------+
|CVE-2022-26047 |Intel Wi-Fi 6E AX411 |Windows 10 & 11 |
| | | |
| |Intel Wi-Fi 6E AX211 |Linux |
| | | |
| |Intel Wi-Fi 6E AX210 |Chrome OS |
| | | |
| |Intel Wi-Fi 6 AX201 |UEFI |
| | | |
| |Intel Wi-Fi 6 AX200 |CSME |
+--------------------+--------------------------------------+-----------------------------+
|CVE-2022-26047 |Killer Wi-Fi 6E AX1690 |Windows 10 & 11 |
| | | |
| |Killer Wi-Fi 6E AX1675 | |
| | | |
| |Killer Wi-Fi 6 AX1650 | |
+--------------------+--------------------------------------+-----------------------------+
Recommendations:
Windows:
Intel recommends updating Intel PROSet/Wireless WiFi software to version 22.140
or later.
Updates are available for download at this location:
https://www.intel.com/content/www/us/en/download/19351/
windows-10-and-windows-11-wi-fi-drivers-for-intel-wireless-adapters.html
Intel recommends updating Killer WiFi software to version 3.1122.3158 or later.
Updates for Killer products are available for download at this location:
https://www.intel.com/content/www/us/en/download/19779/
intel-killer-performance-suite.html?wapkw=killer
UEFI:
Intel recommends updating Intel PROSet/Wireless WiFi UEFI drivers to version
2.2.14.22176 or later.
Please contact your OEM support group to obtain the correct driver version.
Chrome OS:
Intel PROSet/Wireless WiFi drivers to mitigate this vulnerability will be up
streamed to Chromium by November 08, 2022.
For any Google Chrome OS solution and schedule, please contact Google directly.
Linux OS:
Intel PROSet/Wireless WiFi drivers to mitigate this vulnerability will be up
streamed by November 08, 2022.
Consult the regular open-source channels to obtain this update.
Recommendation for Intel vPRO CSME WiFi products:
Intel recommends updating Intel vPRO CSME WiFi products to the following
versions or newer.
+-----------------------------+--------------------------------------+------------------------------+
|Platform |CSME Version |Device |
+-----------------------------+--------------------------------------+------------------------------+
|12th Generation Intel Core |16.1.25.1885v2 |Intel Wi-Fi 6E AX211 |
|Processor | | |
| | |Intel Wi-Fi 6E AX210 |
+-----------------------------+--------------------------------------+------------------------------+
|12th Generation Intel Core |16.1.25.1865v6.1 |Intel Wi-Fi 6E AX211 |
|Processor - Performance cores| | |
| | |Intel Wi-Fi 6E AX210 |
+-----------------------------+--------------------------------------+------------------------------+
| | |Intel Wi-Fi 6 AX210 |
|11th Generation Intel Core | | |
|Processor |15.0.42.2235 |Intel Wi-Fi 6 AX201 |
| | | |
| | |Intel Wi-Fi 6 AX200 |
+-----------------------------+--------------------------------------+------------------------------+
| | |Intel Wi-Fi 6E AX210 |
|10th Generation Intel Core | | |
|Processor |14.1.67.2046 |Intel Wi-Fi 6 AX201 |
| | | |
| | |ntel Wi-Fi 6 AX200 |
+-----------------------------+--------------------------------------+------------------------------+
|9th Generation Intel Core |12.0.92.2145v3 |Intel Wi-Fi 6 AX200 |
|Processor | | |
+-----------------------------+--------------------------------------+------------------------------+
|8th Generation Intel Core |12.0.92.2145v3 |Intel Wi-Fi 6 AX200 |
|Processor | | |
+-----------------------------+--------------------------------------+------------------------------+
Intel recommends that users of Intel vPRO CSME WiFi products update to the
latest version provided by the system manufacturer that addresses these issues.
Acknowledgements:
The following issue was found internally by an Intel employee. Intel would like
to thank Julien Lenoir.
Intel, and nearly the entire technology industry, follows a disclosure practice
called Coordinated Disclosure, under which a cybersecurity vulnerability is
generally publicly disclosed only after mitigations are available.
Revision History
Revision Date Description
1.0 11/08/2022 Initial Release
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY231vskNZI30y1K9AQgf6hAAuBUHpkE6CbXZZQdfqBZ2aGY7+1nDOEpX
BRbQR9KWFwHX3r5bAAYXAhnIhKtst35fYYZowoGxzdHESCMLYj+3ZbEjlAzsWukq
BfP1+Gqc66oq14UPTFVAREVEHI3fxUKollNeUsv5WzVDpfrAmbtzI+1EG+zEJZbv
USrszwNE7xMNW3ORhAEyPaiXuICNjPX5HKmZKUeoy4PYWIuw7NolA128/F/J7hYY
s5Yj4r5BvgwlozhndRBncEH2TFr/mU5sD4+IECYGIVVXebF9xcPtazeckQGisgFw
NZEH+Jp7QtUoLhwhe4ovavjyUvFZbttpDTdmuDDNXA+IjSl2p9jUa5+71C/Sc2g2
D7bzGwM7zi+38kMdPjTUhEraP/BcTxDMbVF2nUSKBomatikXo4VHbO0cQ/jfR6Iq
C7eDkwpgUQAYW1myu4m3z69b9IWrEhsStX5XhGBfXdDds7qK0N2uKjCOPdt5mnqr
A1nVZAbTnH+hXkrZAb2JRCI1tl7WzUJw8FeRaewv0ButsGk/hFtp2o4VjP9+2rZJ
6UYp8F+Opp3C+04MfhP4iUUJr3LWkdNBLjspcFwyA+eUkqZIoY5tn0fcQNdcXPDH
pqJxHtlNcbv6COQOGJ9FfnOmv/lzJYi27Jj5ceSXN+okPVg6lyyCKU4eBZqsVbNN
rHJwqIqRh1s=
=B9bl
-----END PGP SIGNATURE-----
ESB-2022.5846 - [Win][UNIX/Linux] Intel Server Boards and Server Systems: CVSS (Max): 8.2
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.5846
Intel Server Boards and Server Systems Advisory
11 November 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Intel Server Boards and Server Systems
Publisher: Intel
Operating System: UNIX variants (UNIX, Linux, OSX)
Windows
Resolution: Patch/Upgrade
CVE Names: CVE-2022-30542 CVE-2022-25917 CVE-2021-0185
Original Bulletin:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00708.html
Comment: CVSS (Max): 8.2 CVE-2022-30542 (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)
CVSS Source: Intel
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
Intel ID: INTEL-SA-00708
Advisory Category: Firmware
Impact of vulnerability : Escalation of Privilege, Denial of Service
Severity rating : HIGH
Original release: 11/08/2022
Last revised: 11/08/2022
Summary:
Potential security vulnerabilities in some Intel Server Boards and Server
Systems may allow escalation of privilege or denial of service. Intel is
releasing firmware updates to mitigate these potential vulnerabilities
Vulnerability Details:
CVEID: CVE-2022-30542
Description: Improper input validation in the firmware for some Intel(R) Server
Board S2600WF, Intel(R) Server System R1000WF and Intel(R) Server System
R2000WF families before version R02.01.0014 may allow a privileged user to
potentially enable an escalation of privilege via local access.
CVSS Base Score: 8.2 High
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CVEID: CVE-2021-0185
Description: Improper input validation in the firmware for some Intel(R) Server
Board M10JNP Family before version 7.216 may allow a privileged user to
potentially enable an escalation of privilege via local access.
CVSS Base Score: 7.5 High
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVEID: CVE-2022-25917
Description: Uncaught exception in the firmware for some Intel(R) Server Board
M50CYP Family before version R01.01.0005 may allow a privileged user to
potentially enable a denial of service via local access.
CVSS Base Score: 6.0 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
Affected Products:
o Intel Server Board S2600WF Family.
o Intel Server Board M50CYP Family.
o Intel Server Board M10JNP Family.
o Intel Server System R1000WF Family.
o Intel Server System R2000WF Family.
Recommendations:
Intel recommends updating the firmware for the affected Intel Server Boards and
Server Systems to the latest version:
Intel(R) Server System R1000WF, R200WF and Intel(R) Server Board S2600WF Family
updates are available here .
Intel(R) Server Board M50CYP Family updates are available here .
Intel(R) Server Board M10JNP Family updates are available here .
Acknowledgements:
The following issues were found internally by Intel employees; CVE-2022-30542
and CVE-2022-25917. Intel would like to thank Jorge E. Gonzalez Diaz.
Intel would like to thank Dmitry Frolov (CVE-2021-0185) for reporting this
issue.
Intel, and nearly the entire technology industry, follows a disclosure practice
called Coordinated Disclosure, under which a cybersecurity vulnerability is
generally publicly disclosed only after mitigations are available.
Revision History
Revision Date Description
1.0 11/08/2022 Initial Release
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY231r8kNZI30y1K9AQhg5g//Z26hq+1iKHm3XkoR/hOIihW9o/f2r9eW
LOmN8EB2N3gsOIxxFckeYVVGR9+HSNR0oxqgdUZ2QpK7Q4kX2vf6acM1K3VD6JrT
G25KMPz8OhvoHTyoEBy2mO+X5JMKuEuannP6tiWe/dq5IORftiKbzza+0vFEW/x0
GuadHc77gmBdBzRbRRlDfT3bFVNhz4lsfdiN1rp1jvAnLq+U5IyVCQ2LBU48es4e
adVtuWfd2/GAf9aQO39X4zpIYDpkxWycFagL8aS3yigzONxIWupH2dRC0hsOrP3d
hFYMC4/O6SuTlldsW6TFUF56F30uyjGHupolLUozd2dBz4RkuK/b2KUBgQvKEAFM
J/IJKzK/HPCUdrDyIMp/BZMj5NCOTw7eammfQENNgndbhEBlTde/kHEna7PvhCyp
7tYnTOtIhIiV6gazHV+nHRs3BQ8XJbUbl7McLJxK05D/3YnrZ4+zQhBtxiYBo5/4
9yGaL96KoIZknq3EUyyG9Z/nlTzeKoLD2IXvhCwLRPiJNlZtXuNxj8pDCnPTWy82
RATnZ9GSjQqtpZ4OWM9a86wh5G4Die9CnSO9gkfMimNQNhKTLIlGmoEsBLqijvXM
f+ZtHHklzQYVE89H9SQ3EiMHQwVJ+w8z2G3ryAyvjEcdYpVpwojzbYv2ZgIJt2vl
Jh6sTRkq+5g=
=tD8N
-----END PGP SIGNATURE-----
ESB-2022.5845 - [UNIX/Linux] Intel SDP Tool: CVSS (Max): 4.3
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.5845
Intel SDP Tool Advisory
11 November 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Intel SDP Tool
Publisher: Intel
Operating System: UNIX variants (UNIX, Linux, OSX)
Resolution: Patch/Upgrade
CVE Names: CVE-2022-26508
Original Bulletin:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00710.html
Comment: CVSS (Max): 4.3 CVE-2022-26508 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)
CVSS Source: Intel
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
- --------------------------BEGIN INCLUDED TEXT--------------------
Intel ID: INTEL-SA-00710
Advisory Category: Software
Impact of vulnerability : Information Disclosure
Severity rating : MEDIUM
Original release: 11/08/2022
Last revised: 11/08/2022
Summary:
A potential security vulnerability in the Intel Server Debug and Provisioning
(SDP) Tool may allow information disclosure. Intel is releasing software
updates to mitigate this potential vulnerability.
Vulnerability Details:
CVEID: CVE-2022-26508
Description: Improper authentication in the Intel(R) SDP Tool before version
3.0.0 may allow an unauthenticated user to potentially enable information
disclosure via network access.
CVSS Base Score: 4.3 Medium
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Affected Products:
Intel SDP Tool software before version 3.0.0.
Recommendations:
Intel recommends updating the Intel SDP Tool software to version 3.0.0 or
later.
Updates are available for download at this location:
https://www.intel.com/content/www/us/en/download/19092/
intel-server-debug-and-provisioning-tool-intel-sdp-tool.html
Acknowledgements:
The following issue was found internally by Intel employees. Intel would like
to thank Xu, Qianjin, Ul Islam and Mohammed Mujahid.
Intel, and nearly the entire technology industry, follows a disclosure practice
called Coordinated Disclosure, under which a cybersecurity vulnerability is
generally publicly disclosed only after mitigations are available.
Revision History
Revision Date Description
1.0 11/08/2022 Initial Release
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY231o8kNZI30y1K9AQgzqBAAjFna9x/4uIsAyGY7zGmJH3oQxZDc3irf
v6M6SaWOpmeytbnyBBpwP1MFs4JyhvRffbB9MyIYb6qrGQcOcNcd0pAxYkpBbWM8
dC/NuvyzSsxWbvqllMN6B7sPha7jUQuKu6J8gOlKpWuSyuwk+cjk8HPn3WKGYeJb
ogaA+TnNHAwUAtb9XUTVceDDUyKwtoEvlRbHKHcLghXCUHiHcCC3wICEg3047sKJ
bLgDhvabnO0a3u0uKUp8YFmzlVUklJ05XEjlezmjbjlSMBHZg4pSSEgSllRLj9J2
zvRttUMQt/pfWgWxEC9aGZ0E0rziFslQrveIqoKyckyZbKw6exeWgsSuYiQWsUP7
VYDapnRb3jYGdA8Wg0TxJBy8gGYaI5KUjzhOoag+xISjT2pYgsciseoFaB3uYETu
uU4ZTwbINH232DReGLOeb1TJyGqybadVopafG11dlOLZSvAMTiuiSg+EByuFGjQ9
21z5ZbpZ//dkv2DI2r5+gLGiWhcW6obzYyqgD9JH4N8Uni0u0ItkHUAQCKO+XkD4
EB9SLP6l+Brp/NurNay/2r3j0lRSWQ4sIbUuCr//4EZ6avjNgXrkXsw6wHjHeD3P
nwicqscl16S2sOsgerkiuiwJqaVYnMDY8/juNe+3kprqozqnFM5P8j6FtY1xlwPW
tgThgQ+57ys=
=ExAw
-----END PGP SIGNATURE-----
ESB-2022.5844 - [Win][UNIX/Linux] Intel PresentMon: CVSS (Max): 6.7
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.5844
PresentMon Advisory
11 November 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Intel PresentMon
Publisher: Intel
Operating System: UNIX variants (UNIX, Linux, OSX)
Windows
Resolution: Patch/Upgrade
CVE Names: CVE-2022-26086
Original Bulletin:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00711.html
Comment: CVSS (Max): 6.7 CVE-2022-26086 (CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H)
CVSS Source: Intel
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
Intel ID: INTEL-SA-00711
Advisory Category: Software
Impact of vulnerability : Escalation of Privilege
Severity rating : MEDIUM
Original release: 11/08/2022
Last revised: 11/08/2022
Summary:
A potential security vulnerability in the PresentMon software maintained by
Intel may allow escalation of privilege. Intel is releasing software updates to
mitigate this potential vulnerability.
Vulnerability Details:
CVEID: CVE-2022-26086
Description: Uncontrolled search path element in the PresentMon software
maintained by Intel(R) before version 1.7.1 may allow an authenticated user to
potentially enable escalation of privilege via local access.
CVSS Base Score: 6.7 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Affected Products:
PresentMon software maintained by Intel before version 1.7.1.
Recommendations:
Intel recommends updating the PresentMon software maintained by Intel to
version 1.7.1 or later.
Updates are available for download at this location:
https://github.com/GameTechDev/PresentMon/releases
Acknowledgements:
Intel would like to thank avivanoa for reporting this issue.
Intel, and nearly the entire technology industry, follows a disclosure practice
called Coordinated Disclosure, under which a cybersecurity vulnerability is
generally publicly disclosed only after mitigations are available.
Revision History
Revision Date Description
1.0 11/08/2022 Initial Release
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY231NMkNZI30y1K9AQiN/BAAmUkAilWBCkiyVxHwFIQkhLy59mWX848o
yQkY3wWqX7t+FIO8amjRIBizQvHYb0/uFe6KrPq8ryFQwK8y8MZapxHSuExi5Us9
Uz4tQqCNCd5uhv2T2ikgc0zsOFysfbDg6R1Q27Hn0whQ3NXTPJq6B5NpJXAn7Npn
VA47LBif1w20xb/P0HJMwIHyAhIz9CHTyFVibkQkyPw3x0zLUF+cZ8wA1QxAi0hV
UZdMalZ3N5zZeGhLqxqqvYfNsTpSO4WIL+kv1SxAnJuAHAYxIYk//zaTXZYtpFy5
1AiQxfrjkmwnIZZ3W2bYTBfoCLNj6oJeqDIG3briNrasQVxTaF6x56mbxY9XI7e3
zLyuKVlhmSWER3I3ovg3GMvLCBhbGA/XPsOX7UlOvYxrYlT3mAuW2EDT16W7bMic
9Wxzmg9guf0IkwNgEPX9ysxzrhVJ1D9W8fIqfh08EN93Hvejw0WQoYbgbq2GkfHO
LefnX6jKkS2ET9+ihCY199J5itC5nf6OMZ/kND3LqMOXyPSChTHyOtIVwqe8//b5
AWcdFElAHjvHbr8ZfEHS1D5BZYzNgWatZxQFljCr+WTN1BuT4CNxce7hehGZhwQJ
nM2/fRbQia1zQpJkUJ7jg9XaOrhZnIokZ9/3MRuUylNatOBv+kwAbEMXkmIgvno8
c7NOKfvLzqU=
=ewBG
-----END PGP SIGNATURE-----
ESB-2022.5843 - [Win][UNIX/Linux] Intel DCM: CVSS (Max): 8.8
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.5843
Intel DCM Advisory
11 November 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Intel DCM
Publisher: Intel
Operating System: Windows
UNIX variants (UNIX, Linux, OSX)
Resolution: Patch/Upgrade
CVE Names: CVE-2022-33942
Original Bulletin:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00713.html
Comment: CVSS (Max): 8.8 CVE-2022-33942 (CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)
CVSS Source: Intel
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
Intel ID: INTEL-SA-00713
Advisory Category: Software
Impact of vulnerability : Escalation of Privilege
Severity rating : HIGH
Original release: 11/08/2022
Last revised: 11/08/2022
Summary:
A potential security vulnerability in the Intel Data Center Manager (DCM)
software may allow escalation of privilege. Intel is releasing software updates
to mitigate this potential vulnerability.
Vulnerability Details:
CVEID: CVE-2022-33942
Description: Protection mechanism failure in the Intel(R) DCM software before
version 5.0 may allow an unauthenticated user to potentially enable escalation
of privilege via adjacent access.
CVSS Base Score: 8.8 High
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Affected Products:
Intel DCM software before version 5.0.
Recommendation:
Intel recommends updating the Intel DCM software to version 5.0 or later.
Updates are available for download at this location: https://www.intel.com/
content/www/us/en/download/645992
Acknowledgements:
Intel would like to thank Julien Ahrens from RCE Security for reporting this
issue.
Intel, and nearly the entire technology industry, follows a disclosure practice
called Coordinated Disclosure, under which a cybersecurity vulnerability is
generally publicly disclosed only after mitigations are available.
Revision History
Revision Date Description
1.0 11/08/2022 Initial Release
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY231GskNZI30y1K9AQgKIQ/9ExnLbsMqJc2gh7UOKHOob9OgdkIPn8al
rnsBPiUxyHFymeNrrcKs/KW92H/ggOEnWguUu74XqURjKQxC/CrRPJQuzuFAfz34
lUKhdrQOEpiqLxxHDI3P17jD59aRXRknDs5/Z3SG7mf2P+2OeR9xP4RKqP2Oz8KR
/kRUQUuAvLZqG1AU7psmdLPbkfraFOo98+nbyHWLuZy46Lm1G9WHmDASw04ePqIw
XYl24Lt/R5OX6G5NbEcdNldTwqSLmMaBHmdtv40DMm9LSgkqItUcXouMde1GgiXW
B4HkgqBl2banJffkSQ06pEgpEjKwe0f0dBKWDYNOUPI1Q0iReggk4HsV4aid7lFf
TDlDeuTM2F7cqBo3hVYH95BAsRlJoTNSQqapg3kLsJiA22qviWjw8qM7CNOKPJdt
08joTMB6T6vvRq5lvDKiGW7PmyFp2wyYw/FmMcUIpvc0cLuuJ5769gInAM/OKrg1
eZhDL92hAF1m5VEljtfc18R+bOlCiNeQIX7zUR4+fTrqwlsAsbbDqWeW1Sh/hQY2
CR2mcv99w4vW1kqf+X9VuzaP3oUBtgH7LmPbu+6L2EWf2g01ZlIjmGz2Nw+UASln
nIrKEnaiGfnexpKGTGwQGA/uSwdtlfFwDdH2sSGT+2gjaXc22HBERstjSGK40hNT
sAsJhnV8Aa0=
=XaKO
-----END PGP SIGNATURE-----
ESB-2022.5842 - [Win] Intel Advanced Link Analyzer: CVSS (Max): 6.7
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.5842
Intel Advanced Link Analyzer Advisory
11 November 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Intel Advanced Link Analyzer
Publisher: Intel
Operating System: Windows
Resolution: Patch/Upgrade
CVE Names: CVE-2022-27638
Original Bulletin:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00715.html
Comment: CVSS (Max): 6.7 CVE-2022-27638 (CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H)
CVSS Source: Intel
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
Intel ID: INTEL-SA-00715
Advisory Category: Software
Impact of vulnerability : Escalation of Privilege
Severity rating : MEDIUM
Original release: 11/08/2022
Last revised: 11/08/2022
Summary:
A potential security vulnerability in the Intel Advanced Link Analyzer Pro and
Standard edition software may allow escalation of privilege. Intel is releasing
software updates to mitigate this potential vulnerability.
Vulnerability Details:
CVEID: CVE-2022-27638
Description: Uncontrolled search path element in the Intel(R) Advanced Link
Analyzer Pro before version 22.2 and Standard edition software before version
22.1.1 STD may allow an authenticated user to potentially enable escalation of
privilege via local access.
CVSS Base Score: 6.7 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Affected Products:
Intel Advanced Link Analyzer Pro edition software before version 22.2.
Intel Advanced Link Analyzer Standard edition software before version 22.1.1
STD.
Recommendations:
Intel recommends updating the Intel Advanced Link Analyzer Pro edition software
to version 22.2 or later.
Intel recommends updating the Intel Advanced Link Analyzer Standard edition
software to version 22.1.1 STD or later.
Updates are available for download at these locations:
Pro edition: https://www.intel.com/content/www/us/en/software-kit/727932
Standard edition: https://www.intel.com/content/www/us/en/software-kit/684357
Acknowledgements:
Intel would like to thank Amin Saidani for reporting this issue.
Intel, and nearly the entire technology industry, follows a disclosure practice
called Coordinated Disclosure, under which a cybersecurity vulnerability is
generally publicly disclosed only after mitigations are available.
Revision History
Revision Date Description
1.0 11/08/2022 Initial Release
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY231BMkNZI30y1K9AQgUKRAAnvweQ+8Q0RBg/jLsqeryJWIhtCVmRGUr
PZXGX8WetizU59Po9YK6zoxeMe8raQQgWgEYRcXIC+dGw1kkCSBbuDZX+jiL7+/V
fWl/Kco9o6AQU876Qv2dQes/rgcOd8VbiifCC55VlP2lWbktzjloaRoGs+KBFGCU
fYeKzRnvjtRMBnQrxf/ZM0YL3JAm8Ljh9UcNxvhErkXjBrszdI8Cqu/YbMhPT65a
QQ5RU6Ls4jMCbs350/Llt3SXhYlUk1yGoA+FTUoxAg2zpE44lyDFea8CKgkY+xV/
Lvum1WfirRBmA10MFO4FfFsAh5NMw3CtxxBGdByxgQePN5TUlaSeMneoWLC7+O8K
Z/Rs79k7lGp+NFC3cHRcOlxUCrKLjaPx8NLj0pTNM2tlA73/xn9yyooxLzG6Ip6w
SeGc11+QtBKxznnRAVL1/V/YVvpndpGyqkNlLqXj9NHPPJcvZFO+X8Zs1LCw0Trc
iJboP5Ga63Kx12W++FMQ8l0P960eJdYYG5JZKJGS2nQ5WzA1/8Y7wjTTP/YVL9pW
wRgS2ydvHZA0PetiYjxWa6w6vXv3sSabjt1V6PN4TUU6w7YDeB6FgOuv/P5Bbsut
yiybadXHysydNh0PF62TcVjpPdwgMULLQGnIsguBbUtUwMfzVy05N0LqtVc7GJOP
/4LoeXYkzA4=
=1lGG
-----END PGP SIGNATURE-----