AusCERT - Security Bulletins

Subscribe to AusCERT - Security Bulletins hírcsatorna
Latest published security bulletins. See https://www.auscert.org.au/rss/ for feed information.
Frissítve: 10 perc 23 másodperc
2022. november 10.

ESB-2022.3979.2 - UPDATE [Cisco] Cisco Adaptive Security Appliance Software:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3979.2 Cisco Adaptive Security Appliance Software Clientless SSL VPN Client-Side Request Smuggling Vulnerability 10 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cisco Adaptive Security Appliance Software Publisher: Cisco Systems Operating System: Cisco Resolution: Mitigation CVE Names: CVE-2022-20713 Original Bulletin: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-LOeKsNmO Comment: CVSS (Max): 4.3 CVE-2022-20713 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) CVSS Source: Cisco Systems Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Revision History: November 10 2022: Vendor updated bulletin August 11 2022: Initial Release - --------------------------BEGIN INCLUDED TEXT-------------------- Cisco Adaptive Security Appliance and Firepower Threat Defense Software VPN Web Client Services Client-Side Request Smuggling Vulnerability Priority: Medium Advisory ID: cisco-sa-asa-webvpn-LOeKsNmO First Published: 2022 August 10 16:00 GMT Last Updated: 2022 November 9 16:03 GMT Version 2.0: Final Workarounds: No workarounds available Cisco Bug IDs: CSCwa04262 CVE Names: CVE-2022-20713 CWEs: CWE-444 Summary o A vulnerability in the VPN web client services component of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct browser-based attacks against users of an affected device. This vulnerability is due to improper validation of input that is passed to the VPN web client services component before being returned to the browser that is in use. An attacker could exploit this vulnerability by persuading a user to visit a website that is designed to pass malicious requests to a device that is running Cisco ASA Software or Cisco FTD Software and has web services endpoints supporting VPN features enabled. A successful exploit could allow the attacker to reflect malicious input from the affected device to the browser that is in use and conduct browser-based attacks, including cross-site scripting attacks. The attacker could not directly impact the affected device. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-LOeKsNmO Affected Products o Vulnerable Products At the time of publication, this vulnerability affected Cisco products if they were running a vulnerable release of the following Cisco software: ASA Software with Cisco AnyConnect VPN or Clientless SSL VPN enabled FTD Software with Cisco AnyConnect VPN enabled See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. Determine the ASA Software Configuration To determine whether the software has a vulnerable feature enabled, use the show-running-config CLI command. In the following table, the left column lists the Cisco ASA Software features that are vulnerable. The right column indicates the basic configuration for each feature from the show running-config CLI command. If a device is running a vulnerable release and has one of these features enabled, it is vulnerable. Cisco ASA Feature Vulnerable Configuration AnyConnect Internet Key Exchange crypto ikev2 enable client-services port Version 2 Remote Access (with client services) webvpn AnyConnect SSL VPN enable Clientless SSL VPN webvpn enable Determine the FTD Software Configuration To determine whether the software has a vulnerable feature enabled, use the show-running-config CLI command. In the following table, the left column lists the Cisco FTD Software features that are vulnerable. The right column indicates the basic configuration for each feature from the show running-config CLI command. If a device is running a vulnerable release and has one of these features enabled, it is vulnerable. Cisco FTD Feature Vulnerable Configuration AnyConnect Internet Key Exchange crypto ikev2 enable client-services port Version 2 Remote Access (with client services) ^1,2 AnyConnect SSL VPN ^1,2 webvpn enable 1. Remote Access VPN features were introduced in Cisco FTD Software Release 6.2.2. 2. Remote Access VPN features are enabled by using Devices > VPN > Remote Access in Cisco Firepower Management Center (FMC) or by using Device > Remote Access VPN in Cisco Firepower Device Manager (FDM). Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Cisco has confirmed that devices with remote access VPN services that are configured to accept only AnyConnect Internet Key Exchange Version 2 Remote Access VPN with client services disabled are not affected by this vulnerability. Workarounds o There are no workarounds that address this vulnerability. Fixed Software o When considering software upgrades , customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Fixed Releases For information about fixed software releases, see the Details section in the bug ID(s) at the top of this advisory. Exploitation and Public Announcements o The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory. The Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory. Source o Cisco would like to thank James Kettle of Portswigger.net for reporting this vulnerability. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. Related to This Advisory o URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-LOeKsNmO Revision History o +---------+-----------------------+----------------+--------+-------------+ | Version | Description | Section | Status | Date | +---------+-----------------------+----------------+--------+-------------+ | | Added FTD Software as | Title, | | | | | an affected product. | Summary, | | | | | Updated the affected | Vulnerable | | | | | VPN component. | Products, | | | | 2.0 | Clarified affected | Products | Final | 2022-NOV-09 | | | software | Confirmed Not | | | | | configurations. | Vulnerable, | | | | | Removed the | and | | | | | mitigation because it | Workarounds | | | | | no longer applies. | | | | +---------+-----------------------+----------------+--------+-------------+ | 1.0 | Initial public | - | Final | 2022-AUG-10 | | | release. | | | | +---------+-----------------------+----------------+--------+-------------+ - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY2yeSckNZI30y1K9AQhGsA/8CcLoLjgGbzfRz0LwoC8G7AISA0etOvrC 9bn8rBNSDMUvkzHjqTnff1AMrJgQM3mDK1r27HrgVNgSJbxengyd/IxwYF2CuGXl g/S5sxtaeFVJMN/FsbhWIgm3PhOd85E8XhSabAV17SUch5RW853wMHCF+O/RzIIW 3/g3Q4Be12ffRwPx0fKocFKXy0SSWlcrnHHs+aFD2Xsw3kogCgyu2srvjk31yNr6 n633AHnAvWwHB18Xqv885EGGXqvmgMnm1iWtpF6g5m711Fl8EhOQioNARUzJSLBE 4b0POTNuzMEXlV9OiL6/PMIUllPPgvUfqFfBfz5MiPgX9jUUz58wB/jFVA9MeCgh tCkOqUYRv7HTBgvCOgCLfD//E4i6QULBP9HsZbOptysOx3TovDbS0ynNulL6BNNn n9FQY9a9WUnHtbuFx5VoLRiExoxKh/d1Ju668jWIKZKptHVTC/QDR+35m6rn/7eY h6/5l7N5lE1BlaPLbbn8TBjeeJdRXqF9josut5snPenRf8VD7g0zxJ+MgUvVNRD2 t131sR844nM+ekcp3w3mk0eOkIHmdn8Po/4HRj23H3frudrhAK08o3qOyzX3Txtv CR+0wffNmHwLidX6azusP02dgiKe4L7mZKxonIFMqWJ7UquAZEfcPieo8jY4lmnl lwrqYsHjdrU= =UK3D -----END PGP SIGNATURE-----
2022. november 10.

ESB-2022.1912.2 - UPDATE [Cisco] Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.1912.2 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Denial of Service Vulnerability 10 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cisco Adaptive Security Appliance Software Firepower Threat Defense Software Publisher: Cisco Systems Operating System: Cisco Resolution: Patch/Upgrade CVE Names: CVE-2022-20745 Original Bulletin: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-tzPSYern Comment: CVSS (Max): 8.6 CVE-2022-20745 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H) CVSS Source: Cisco Systems Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H Revision History: November 10 2022: Vendor updated bulletin April 29 2022: Initial Release - --------------------------BEGIN INCLUDED TEXT-------------------- Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Denial of Service Vulnerability Priority: High Advisory ID: cisco-sa-asafdt-webvpn-dos-tzPSYern First Published: 2022 April 27 16:00 GMT Last Updated: 2022 November 9 16:02 GMT Version 1.2: Final Workarounds: No workarounds available Cisco Bug IDs: CSCvz70595 CSCwb87950 CSCwb93914 CVE Names: CVE-2022-20745 CWEs: CWE-20 Summary o A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a crafted HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-tzPSYern This advisory is part of the April 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see Cisco Event Response: April 2022 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication . Affected Products o Vulnerable Products This vulnerability affects Cisco products if they are running a vulnerable release of Cisco ASA Software or Cisco FTD Software with a vulnerable remote access VPN configuration. For information about which Cisco software releases are vulnerable, see the Fixed Software section of this advisory. Determine the ASA Software Configuration To determine whether the software has a vulnerable feature configured, use the show running-config CLI command. In the following table, the left column lists the Cisco ASA Software features that are vulnerable. The right column indicates the basic configuration for each feature from the show running-config CLI command. If a device is running a vulnerable release and has one of these features configured, it is vulnerable. Cisco ASA Feature Vulnerable Configuration AnyConnect Internet Key Exchange crypto ikev2 enable client-services port Version 2 Remote Access (with client services) webvpn AnyConnect SSL VPN enable Clientless SSL VPN webvpn enable Determine the FTD Software Configuration To determine whether the software has a vulnerable feature configured, use the show running-config CLI command. In the following table, the left column lists the Cisco FTD Software features that are vulnerable. The right column indicates the basic configuration for each feature from the show running-config CLI command. If a device is running a vulnerable release and has one of these features configured, it is vulnerable. Cisco FTD Feature Vulnerable Configuration AnyConnect Internet Key Exchange crypto ikev2 enable client-services port Version 2 Remote Access (with client services) ^1,2 AnyConnect SSL VPN ^1,2 webvpn enable 1. Remote Access VPN features were introduced in Cisco FTD Software Release 6.2.2. 2. Remote Access VPN features are enabled by using Devices > VPN > Remote Access in Cisco Firepower Management Center (FMC) or by using Device > Remote Access VPN in Cisco Firepower Device Manager (FDM). Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Cisco has confirmed that this vulnerability does not affect Cisco Firepower Management Center (FMC) Software. Workarounds o There are no workarounds that address this vulnerability. Fixed Software o Cisco has released free software updates that address the vulnerability described in this advisory. Customers with service contracts that entitle them to regular software updates should obtain security fixes through their usual update channels. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/end-user-license-agreement.html Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. The Cisco Support and Downloads page on Cisco.com provides information about licensing and downloads. This page can also display customer device support coverage for customers who use the My Devices tool. When considering software upgrades , customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c /en/us/support/web/tsd-cisco-worldwide-contacts.html Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Fixed Releases In the following table(s), the left column lists Cisco software releases. The center column indicates whether a release is affected by the vulnerability described in this advisory and the first release that includes the fix for this vulnerability. The right column indicates whether a release is affected by any of the Critical or High SIR vulnerabilities described in this bundle and which release includes fixes for those vulnerabilities. ASA Software Cisco ASA First Fixed Release for First Fixed Release for Software Release CSCvz70595 CSCwb87950 and CSCwb93914 9.6 and earlier ^ Not vulnerable. Not vulnerable. 1 9.7 ^1 Migrate to a fixed Migrate to a fixed release. release. 9.8 9.8.4.44 9.8.4.46 9.9 ^1 Migrate to a fixed Migrate to a fixed release. release. 9.10 ^1 Migrate to a fixed Migrate to a fixed release. release. 9.12 9.12.4.35 9.12.4.52 9.13 ^1 Migrate to a fixed Migrate to a fixed release. release. 9.14 9.14.3.13 9.14.4.16 9.15 9.15.1.21 Migrate to a fixed release. 9.16 9.16.2.7 9.16.3.15 9.17 Not vulnerable. 9.17.1.16 9.18 Not vulnerable. 9.18.1.3 1. Cisco ASA Software releases 9.7 and earlier, as well as releases 9.9, 9.10, and 9.13, have reached end of software maintenance . Customers are advised to migrate to a supported release that includes the fix for this vulnerability. FTD Software Cisco First Fixed Release for CSCvz70595 First Fixed FTD Release for Software CSCwb87950 and Release CSCwb93914 6.1.0 and Not vulnerable. Not vulnerable. earlier ^1 6.2.2 ^1 Migrate to a fixed release. Migrate to a fixed release. 6.2.3 Migrate to a fixed release. Migrate to a fixed release. 6.3.0 ^1 Migrate to a fixed release. Migrate to a fixed release. 6.4.0 6.4.0.13 6.4.0.16 6.5.0 ^1 Migrate to a fixed release. Migrate to a fixed release. 6.6.0 6.6.5.1 6.6.7.1 Cisco_FTD_Hotfix_AA-6.7.0.4-2.sh.REL.tar 6.7.0 Cisco_FTD_SSP_FP1K_Hotfix_AA-6.7.0.4-2.sh.REL.tar Migrate to a Cisco_FTD_SSP_FP2K_Hotfix_AA-6.7.0.4-2.sh.REL.tar fixed release. Cisco_FTD_SSP_Hotfix_AA-6.7.0.4-2.sh.REL.tar 7.0.0 7.0.2 7.0.4 7.1.0 Not vulnerable. 7.1.0.3 7.2.0 Not vulnerable. 7.2.1 1. Cisco FMC and FTD Software releases 6.2.2 and earlier, as well as releases 6.3.0 and 6.5.0, have reached end of software maintenance . Customers are advised to migrate to a supported release that includes the fix for this vulnerability. For instructions on upgrading your FTD device, see Cisco Firepower Management Center Upgrade Guide . The Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory. Exploitation and Public Announcements o The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o This vulnerability was originally found during the resolution of a Cisco TAC support case. Cisco would like to thank Saleh Iskandar from Indonesia for reporting that the fix for the vulnerability was incomplete. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. Related to This Advisory o Cisco Event Response: April 2022 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-tzPSYern Revision History o +---------+----------------------------+-----------+--------+-------------+ | Version | Description | Section | Status | Date | +---------+----------------------------+-----------+--------+-------------+ | | Updated fixed release | | | | | | tables to reflect | Fixed | | | | 1.2 | additonal fixes for Cisco | Software, | Final | 2022-NOV-09 | | | bugs CSCwb87950 and | Source | | | | | CSCwb93914. Also updated | | | | | | source. | | | | +---------+----------------------------+-----------+--------+-------------+ | 1.1 | Updated ASA 9.8 first | Fixed | Final | 2022-JUN-01 | | | fixed release information. | Software | | | +---------+----------------------------+-----------+--------+-------------+ | 1.0 | Initial public release. | - | Final | 2022-APR-27 | +---------+----------------------------+-----------+--------+-------------+ - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY2ydOskNZI30y1K9AQimBg//TyogwxU7yd7sPkO55Iw36QlpxM5o8sLh TcwwEubm2EYU3rtS9KFPB4DmZg4G7qTHRqEGlA6GU/DYPZCR8PmfmNGq2yMh2X34 /tbdGOSt97bIgscf6CcpBGNPxePE9kagqNa9SCjEfn5tQJ/xAOLmDAe5oS59oNt5 nC2oChwSksZPiHD0uuL2zKZkExEsssyJbrww4hJUvB/eQ1yGyRw7+M9e0Er6g10+ jyfzFGeSsvwn6Vbgf/0dATIa9jSb5s75R6Uj3kRhUkFN0DI6O/zCCfpnWl6us1ML tnVGkieAdQH23NUQstg9lEPJiw3eR+PUwORjyD0D+ASrKVE61bLsBs7wU21URzNk keGY0XU9njRBT2EMK80FcREk0sSKi9mdxdjutzb9fq2HHORZJStZPlAo9ksWimEv oydTjY8FGRU02umMq3y1mKVgDhSVfYgzNvT5a22H+lBq5gghQ3rBCM4WGhq+9Y6o 4YLE7GE4kr9uAlcpd/xqsHD5Bl2tH+ZUGurA81wJ9k+IpawNLvodMuzBVgpL+cv9 bmWfK38H04ozQJ9I9yeQStjQeB5WAvT4ok6O7YLcXsPRLP3pHsmNhCKl+/zDmkd1 cBknkhuKsYMf+1GCN8xHyB4ub3hgJXQdlz12GUKoH2R09f1aYv4InP+tKxG1QBzp C5CXy8a2HAM= =5PGy -----END PGP SIGNATURE-----
2022. november 10.

ESB-2022.5793 - [Mac] macOS Ventura 13.0.1: CVSS (Max): 8.2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5793 APPLE-SA-2022-11-09-2 macOS Ventura 13.0.1 10 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: macOS Ventura 13.0.1 Publisher: Apple Operating System: macOS Resolution: Patch/Upgrade CVE Names: CVE-2022-40304 CVE-2022-40303 Original Bulletin: https://support.apple.com/HT213504 Comment: CVSS (Max): 8.2 CVE-2022-40304 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H) CVSS Source: Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-11-09-2 macOS Ventura 13.0.1 macOS Ventura 13.0.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213504. libxml2 Available for: macOS Ventura Impact: A remote user may be able to cause unexpected app termination or arbitrary code execution Description: An integer overflow was addressed through improved input validation. CVE-2022-40303: Maddie Stone of Google Project Zero libxml2 Available for: macOS Ventura Impact: A remote user may be able to cause unexpected app termination or arbitrary code execution Description: This issue was addressed with improved checks. CVE-2022-40304: Ned Williamson and Nathan Wachholz of Google Project Zero All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ - -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmNsFNQACgkQ4RjMIDke NxkkbBAAsAYMux+v/27NK6+FvyxrTRLkR0yyzp8SorMSfPwZInNGkkEmQxjSzI0+ D3rK9usf/pouEV9LMnR+Uf37pEdlpSDD7uXZ81m1vhN6RPkz2qD5WdM46RaWTbAS /xe3ZEu8+Jpr5SQSWuI+QIBr/vn9Txu/N6l/WQVxnWS+RSWO6tZLLOXMEyVk9vPx XJGyQywt3XYoVksvzwAgm/2yslQ+0OWphWjLp73bjQGrrIiClphxmtyvA0SN8Nds Ah0+X8SRjCErSN4736U1htKtClSHDowdaD2wevGGUrdRSLJQLTPPkqUPF3P/4/8i xW42Zgf9qucN9O89P7ONvHOIe8swtD9vf1AjFXvsDqQvMZQVFDBNXbG138V4LLws f5UdpUmY/0lSnVpAZQlo+xuMJSb3SMWYIB2ozhzDLHgBKTxERFB7uyrEYQgXs9XB 1qg+BbW5uooEoMKbutw36/II/JTFRM34QxWiOJHw4cCypmuaGkSJ/8jsTJDlRvG/ T9BchgHjBvqHFtCVNLGikkVYzEVQnQLXQAZoZMCYV0benebEIFLIaObaciQqA3F2 N7/rvpXd5l6G3sEGwqMPT5aYj6Vm/0LBnxuTlN1xN1wgOQoS+LWL8bW+8/HjtJLa eyWMh8yD0o02Hf6dNIl9RTuoAKwZvmJbeqi/1uEaoL8sAP9gK1s= =CjcG - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY2yVl8kNZI30y1K9AQh66hAAn2fzX4ayGU1CEjBckDBQY8wip0brUlgS If3Ou0Ysb3u5vSQgqzxNG92AZqbzwdxZlgxv/1HNkQIuqp5dr3Wh+R3tAe0ayxPU 2ma/4jT1x4f+nw08htsRuV9bUHcKKutxPweMbyRMwoqI9MQ8g64wjnM6ouJiTME9 rSBfStdvgD6z0ccPOIxtyBx4RDuk7RSVSieElpCAlxqFmsei5OyGWCyoVUkQW/tr Mu+YaiBLpkikQ/EVIHmhsMOYLLPsipE+V/RV6r23rZTW3TkkYotnwC46yaL/vO7V HrnjcXKl830f8IFi/d6Qcy+GcX6TUt2sFXTbtSsQcXg6ikZYPyOuYNl2Xj6oWi2x Kba9VVO6OUR8aOKw8GyNoY4EH7RklSalwhiWYczUvGkh7mY6RBJg92ymLDXuBe5q d16jtZ7XGVEfMLxxgIBGgcJJtt0A7LX53+GQFw1dh304mJl1cXxZWGUqjp7jsnVV QYauntcJ527zJXe+1IML2vIs0Dv37+B//OH6SIeGKFTXK008MRQ/+QS+oZEsb/9l 13a6+dj4PmWKXdu778FojrcUq5glC4qnCJPdaMOKRLY7i3wUxsUZo1ROY8QeqNCK rCsgpzGCJ0QFKy6FNAoOR8cNJaAm0dH7BhgaHzRhxZ/InwgR2iwIun2KHVW0IL6s WtOAQ3B9nqo= =6x7q -----END PGP SIGNATURE-----
2022. november 10.

ESB-2022.5792 - [Apple iOS] Apple: CVSS (Max): 8.2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5792 APPLE-SA-2022-11-09-1 iOS 16.1.1 and iPadOS 16.1.1 10 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: iOS 16.1.1 iPadOS 16.1.1 Publisher: Apple Operating System: Apple iOS Resolution: Patch/Upgrade CVE Names: CVE-2022-40304 CVE-2022-40303 Original Bulletin: https://support.apple.com/HT213505 Comment: CVSS (Max): 8.2 CVE-2022-40304 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H) CVSS Source: Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-11-09-1 iOS 16.1.1 and iPadOS 16.1.1 iOS 16.1.1 and iPadOS 16.1.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213505. libxml2 Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later Impact: A remote user may be able to cause unexpected app termination or arbitrary code execution Description: An integer overflow was addressed through improved input validation. CVE-2022-40303: Maddie Stone of Google Project Zero libxml2 Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later Impact: A remote user may be able to cause unexpected app termination or arbitrary code execution Description: This issue was addressed with improved checks. CVE-2022-40304: Ned Williamson and Nathan Wachholz of Google Project Zero All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ - -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmNsFNIACgkQ4RjMIDke Nxl2og/7Bwq+DwNmc4conLeNZ/4RVZ8Abf2kKMj71ZJrSov1lvW6W9l3NswznKc9 pV0Cack8zm1she6dr+HNMYFcsSbFF/OTPKsf2jlZ3aZY5on7FpDdzB8bLDbw0dvS nO2Oc1mgcsBMIuSJBliUfgF0d6L6Hrj7L8Ja0pQP0W5BhcbWbd91wgj2KAQpaX6r gh7oEy7W5GRPJwLAdOfHmpzWws+PjZ3DMlLuGvGRLwEyizsLbq6rX166KG+asXZz CeWygTuKKcpZHG6FwahogBFnfl1ccTGJv4UV/9Ks3WEaZCGx5lpkgw+5H9Wx2HgX Tr9Sh01CQVADadfeGp/Iat0TE2hscMZaTm2A1ZdmOeyK70r0jXvCCHtna9spbPO7 N0OBERsqS9fC+X/XVHuehIzoUXxFUJAuaXD2weBZHJZBZ7MoUqNm50taDqoYUX0y B2BU0uWOitKfghLRBuFhpuUZtRaZdRfDLSEjSxCTCtGwWnIj4lLlZbE9RAwNNCU1 2+z6pHHlTxZ9c6IiQF8mrIx4IJ0OMIk6oH3gm71l8T5FSMiLCcuInL0XwC5ragJ/ irrxq3GuXL8x+3BjgxnRy4kKy6KUwZsLFp7OI71X/hyjEIyhcXopiRz0PXrooluR UtooyxSCV8M9u3658pFT2+X4WvQASmk3z+ZUnTBQXrfNgWkxyUs= =JERa - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY2yVfskNZI30y1K9AQgxvBAAojcAV9u/QYfsX8HDmTiSXxYiumRRGJbr uZWj7JQnsdpI8OdQYhNTHjy+/kWjynWFBVsUlaF43cEg96dyFy2uyAe6Kk4u8Rcu 24esZhZ9c2L2a08p6zvnZR6+55VhKJ5oeJM63lLJgdNWDCy72smq31MDgm7HT+um cykC9qQ0sPwe6EdLnBq55HJ4VI2mA66OxVJqYgoid0lboadOUvuhU50k6zpE/+0L RW2trcf8z0moV29AFJPTf40bV1smAwTVGVZs8uyQel4b/91orxRYGG/tsiwowsSC dp+cmwRuXk0T/1Q9WFQuUFdM4RgaHZh+S1h9Apw2yLphzJ1hEH0VUKk0LgMRKQ2n e1VLHMfAU9/VlCpJVI5JeEp+7Rf2IrrsxJwwXtBuahlUvueSPOppa/UEBanl5lkU Ur3wapqppMd3q59UWRjOj5tOLb7NU4mBS6ZWzqp5l5waLx0mTw75hOZiPMV1VBza 4OrJWJM9VA9tyDr2U4HeEOsjCAV/aocchzcwsMZ60LMKt+4sftN9xzsGCEJ67OUj Uzl12n5Vo1/VuK9gqPg810970klighuv56Cbbz2lmEKep+JXpoFfVuHi+rvF59NL 7wyvLOFzO87AVPcHoqzWiTwh/X+vBR1FxD3lwPQOxXr8yChNK/rPxq9odSTdBEkT fszxYhG79to= =dmjh -----END PGP SIGNATURE-----
2022. november 10.

ESB-2022.5791 - [Linux] IBM QRadar Network Packet Capture Software: CVSS (Max): 9.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5791 Security Bulletin: IBM QRadar Network Packet Capture includes components with multiple known vulnerabilities. 10 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: IBM QRadar Network Packet Capture Software Publisher: IBM Operating System: Linux variants Resolution: Patch/Upgrade CVE Names: CVE-2022-40674 CVE-2022-38177 CVE-2022-29154 CVE-2022-2526 Original Bulletin: https://www.ibm.com/support/pages/node/6838295 Comment: CVSS (Max): 9.8 CVE-2022-40674 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSS Source: IBM Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- IBM QRadar Network Packet Capture includes components with multiple known vulnerabilities. Document Information Document number : 6838295 Modified date : 09 November 2022 Product : IBM QRadar Network Packet Capture Software Software version : 7.4, 7.5 Operating system(s): Linux Summary The product includes multiple vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools. IBM has addressed the relevant CVEs. Vulnerability Details CVEID: CVE-2022-29154 DESCRIPTION: Rsync could allow a remote attacker to bypass security restrictions, caused by improper validation of file names. By utilize man-in-the-middle attack techniques, an attacker could exploit this vulnerability to write arbitrary files inside the directories of connecting peers. CVSS Base score: 7.5 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 232637 for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) CVEID: CVE-2022-38177 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by a small memory leak in the DNSSEC verification code for the ECDSA algorithm. By spoofing the target resolver with responses that have a malformed ECDSA signature, a remote attacker could exploit this vulnerability to cause named to crash. CVSS Base score: 7.5 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 236705 for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVEID: CVE-2022-40674 DESCRIPTION: libexpat could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in the doContent function in xmlparse.c. An attacker could exploit this vulnerability to execute arbitrary code on the system. CVSS Base score: 9.8 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 236116 for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVEID: CVE-2022-2526 DESCRIPTION: systemd could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free flaw due to the on_stream_io() function and dns_stream_complete() function in "resolved-dns-stream.c" not incrementing the reference counting for the DnsStream object. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system. CVSS Base score: 8.8 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 235161 for the current score. CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) Affected Products and Versions +---------------------------------+------------------------------+ |Affected Product(s) |Version(s) | +---------------------------------+------------------------------+ |IBM QRadar Network Packet Capture|7.4.0 - 7.4.3 Fix Pack 5 | +---------------------------------+------------------------------+ |IBM QRadar Network Packet Capture|7.5.0 - 7.5.0 Update Package 2| +---------------------------------+------------------------------+ Remediation/Fixes IBM encourages customers to update their systems promptly. +-------------------------+-------+-------------------------------------------+ |Product |Version|Fix | +-------------------------+-------+-------------------------------------------+ |IBM QRadar Network Packet|7.4. |IBM QRadar Network Packet Capture 7.4.3 Fix| |Capture | |Pack 6 | +-------------------------+-------+-------------------------------------------+ |IBM QRadar Network Packet|7.5 |IBM QRadar Network Packet Capture 7.5.0 | |Capture | |Update Package 3 | +-------------------------+-------+-------------------------------------------+ Workarounds and Mitigations None Change History 04 Nov 2022: Initial Publication - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY2yRRMkNZI30y1K9AQgMAw//YtpdreJo2xZvkQ9v7LAQFD4kHbjsHBvI NrvfdH7/PBzyAeJqx0Vv9HG2bE7O2EGPFoFbUyYQwZTY24Gmyfgu4GJEbQ0+99ix 2+AqeeNNLUGnENdE3HBQj/o5gcKUjr4oHnnUaGCJ4JHRNcOAxgIrl+WRGETxt+Lt NyGTY9XSfTQ4Jrl7tR4JCVIkQLu5xWe/KAWfgmH7FdEsbyNGarul/xz6m4TLbn92 8005UkTRl0Pm68X4nGjrzRpemzCrhKkO9HOLaf8y8Vehrlcs50swVirm6ZqcMALN vpAtlh6Bz9PpPwGmRNxEvr46iDdBtXkcTX4XHe6TDsj1m8s53OiKpKKBJa4Tefgm Eyp72h2efGniYNOe8s68XYAcULOWLJCSoRMzQHMdwG02MneAL/+oZQQkuPp9ghKA PPlNWVsg48udfnsej/HW3KJ8iuHEFKrTn789ty8SKHjZ3b7Px5Qgq2dTs9rnSvIg PagsErlhVayinME597RahaI0CVl736Q/OqYFEcPAy5b0kOXI9bYQBfRx8FNcM6lK BHDhZPn301tTLxJ9jTmXjooXqQ5WWHE8b/5PYcnRzM3pZGMV6e6HziRJO+celH7H 6FNo1TB2eWx03/yPMpZTz9oiEBycQxK+MUumAbte5Gjx7I/r7jX/qD5wny7JTw+b HdURNB/cRGw= =IDTn -----END PGP SIGNATURE-----
2022. november 10.

ESB-2022.5790 - [Linux] IBM QRadar SIEM: CVSS (Max): 9.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5790 Security Bulletin: IBM QRadar Assistant app for IBM QRadar SIEM includes components with multiple known vulnerabilities 10 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: IBM QRadar SIEM Publisher: IBM Operating System: Linux variants Resolution: Patch/Upgrade CVE Names: CVE-2022-2596 CVE-2022-0536 CVE-2022-0235 CVE-2022-0155 CVE-2021-43307 CVE-2021-42581 CVE-2021-23337 CVE-2021-3795 CVE-2020-28500 CVE-2020-15168 CVE-2020-8203 CVE-2020-7753 CVE-2019-10744 Original Bulletin: https://www.ibm.com/support/pages/node/6838293 Comment: CVSS (Max): 9.8 CVE-2021-42581 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSS Source: IBM Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- IBM QRadar Assistant app for IBM QRadar SIEM includes components with multiple known vulnerabilities Document Information Document number : 6838293 Modified date : 09 November 2022 Product : IBM QRadar SIEM Software version : 3.6.0 Operating system(s): Linux Summary The product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools. IBM has released a new version which addresses the vulnerabilities. Vulnerability Details CVEID: CVE-2021-42581 DESCRIPTION: Ramda could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution in the mapObjIndexed function. By supplying a specially-crafted object using the __proto__ argument, an attacker could exploit this vulnerability to execute arbitrary code on the system. CVSS Base score: 9.8 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 226072 for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVEID: CVE-2022-0536 DESCRIPTION: Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information, caused by a leakage of the Authorization header from the same hostname during HTTPS to HTTP redirection. By utilize man-in-the-middle attack techniques, an attacker could exploit this vulnerability to obtain Authorization header information, and use this information to launch further attacks against the affected system. CVSS Base score: 2.6 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 219551 for the current score. CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N) CVEID: CVE-2022-0155 DESCRIPTION: follow-redirects could allow a remote attacker to obtain sensitive information, caused by an unauthorized actor. By sending a specially-crafted request, a remote authenticated attacker could exploit this vulnerability to obtain private personal information and use this information to launch further attacks against the affected system. CVSS Base score: 8 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 216974 for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H) CVEID: CVE-2022-2596 DESCRIPTION: Node.js node-fetch module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the isOriginPotentiallyTrustworthy() function in the referrer.js script. By sending specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service. CVSS Base score: 7.5 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 232616 for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVEID: CVE-2020-15168 DESCRIPTION: Node.js node-fetch module is vulnerable to a denial of service, caused by the failure to honor the size option after following a redirect. By using a specially-crafted file, a remote attacker could exploit this vulnerability to consume excessive resource on the system. CVSS Base score: 7.5 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 188155 for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVEID: CVE-2022-0235 DESCRIPTION: Node.js node-fetch could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw when fetching a remote url with Cookie. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information. CVSS Base score: 6.5 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 217758 for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) CVEID: CVE-2020-7753 DESCRIPTION: trim is vulnerable to a denial of service. By sending a specially crafted value, a remote attacker could exploit this vulnerability to cause a regular expression denial of service. CVSS Base score: 7.5 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 190630 for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVEID: CVE-2020-28500 DESCRIPTION: Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) in the toNumber, trim and trimEnd functions. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. CVSS Base score: 7.5 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 196972 for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVEID: CVE-2021-23337 DESCRIPTION: Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the template. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. CVSS Base score: 7.2 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 196797 for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) CVEID: CVE-2019-10744 DESCRIPTION: Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution flaw. By sending a specially-crafted request using a constructor payload, a remote attacker could exploit this vulnerability to inject properties onto Object.prototype to cause a denial of service condition. CVSS Base score: 9.1 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 167415 for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H) CVEID: CVE-2020-8203 DESCRIPTION: Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution attack. A remote attacker could exploit this vulnerability using the merge, mergeWith, and defaultsDeep functions to inject properties onto Object.prototype to crash the server and possibly execute arbitrary code on the system. CVSS Base score: 7.5 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 183560 for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVEID: CVE-2021-43307 DESCRIPTION: Node.js semver-regex module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the test() method. By sending specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service. CVSS Base score: 5.9 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 228061 for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) CVEID: CVE-2021-3795 DESCRIPTION: semver-regex is vulnerable to a denial of service, caused by the inefficient regular expression complexity. A remote attacker could exploit this vulnerability to cause a denial of service. CVSS Base score: 7.5 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 209463 for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) Affected Products and Versions +--------------------+-------------+ |Affected Product(s) |Version(s) | +--------------------+-------------+ |IBM QRadar Assistant|1.0.0 - 3.5.2| +--------------------+-------------+ Remediation/Fixes IBM encourages customers to update their systems promptly. Update to 3.6.0 Workarounds and Mitigations None Change History 27 Oct 2022: Initial Publication - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY2yRMMkNZI30y1K9AQiCWw/9EwBvl4o6lHTY120oRA9R9+5qQREgKX7Q F14eTjkJxgfC8GUG+jsCdxZQgD3MXwTJcKp9HBjmoG/3Ukn+5n4/Sq1qlrJt0o59 5OXRYG5ID70gpa/yeEmTDQHUCB9DpKBkklw6ovtzeqqGUsIuuZiStm1xr6dTTgE9 iAk89w8SNyM1KZENuon+rh3O3cxoSsLe4f+LaGIL1dZ0oKP2H2XtsB6H8jLunoij noPaUoalTZOTu35I0QmDtU1vTo4+9T+wT+k5p3cn4aCwam3dC17E2PMh73Yem5F/ LC9UbCHCz1OyyQLksujM8DKZvUoGdyEeKII6wQk3safoNB+1Zua3admgGOc2NADP cvKTiEB7UCB4h+4azYciWq6E6VjGqNKjreFv2NkEOk+8aJn9S7pWyIrySjwJVXud EjCCZzHtChmAN9aGlFrsZt2Y26tOVK/ErTFOP9EG3EOK73y/gqwJvoEdb83mUKE0 P40iNGKPxf2S+QErE8WcTMMNC2ebTVOO/JYeOWdYkNkNmD9KGBSGvZvBxI6aTlnS kfIgtKFDGQHX1GlROswzOgXeoyfpFaSHr9qLZ0z5JCwISxUhE2jpY1Wwkz5XQqbP H3Eu0LWsIRxbjPLGhjRF4ZMUEECW08Pqd7m0UKGeUk5I5rJTneSRrNLZPYuen2Qu 22u42r7jik8= =eUzS -----END PGP SIGNATURE-----
2022. november 10.

ESB-2022.5789 - [Debian] webkit2gtk: CVSS (Max): 8.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5789 webkit2gtk security update 10 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: webkit2gtk Publisher: Debian Operating System: Debian GNU/Linux Resolution: Patch/Upgrade CVE Names: CVE-2022-42824 CVE-2022-42823 CVE-2022-42799 Original Bulletin: https://lists.debian.org/debian-lts-announce/2022/11/msg00010.html Comment: CVSS (Max): 8.8 CVE-2022-42823 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) CVSS Source: NVD Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3183-1 debian-lts@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort November 09, 2022 https://wiki.debian.org/LTS - - ------------------------------------------------------------------------- Package : webkit2gtk Version : 2.38.2-1~deb10u1 CVE ID : CVE-2022-42799 CVE-2022-42823 CVE-2022-42824 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2022-42799 Jihwan Kim and Dohyun Lee discovered that visiting a malicious website may lead to user interface spoofing. CVE-2022-42823 Dohyun Lee discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2022-42824 Abdulrahman Alqabandi, Ryan Shin and Dohyun Lee discovered that processing maliciously crafted web content may disclose sensitive user information. For Debian 10 buster, these problems have been fixed in version 2.38.2-1~deb10u1. We recommend that you upgrade your webkit2gtk packages. For the detailed security status of webkit2gtk please refer to its security tracker page at: https://security-tracker.debian.org/tracker/webkit2gtk Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS - -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmNrYnIACgkQnUbEiOQ2 gwLj3A/9E66Zfw9IOyJLtEJpaSoRXxQDEOybRt8B/7Aj73jP3WvsWrvwE/wY8487 R03nBubqfaQM8ALQC3mnFOF4/iNyppcOPkvTQ7ZbNbkNQOTIvs6S6t3eKlL3V9Xu p5K+U5u5/7J/z/YBmozGvoSTg/l8E5N8V4XVEHjylYYQE716vH5ow8RyTKJcsBf8 YXbrHIYK3cGUSjWjn8gTN8/29DIutkesTWVzRFtViBHIuLjw2XqswQQqDKR+9bCU zn1FNbZ/VoJ1nE0/VLHw+1/w25aaQY3eCEr90+APDOsJIsOljlwOAE3RqpCACym6 hAtnTB9M6SafrxVvwhGg2v2RRCyh+DLp9l1KojSUWRJpglq0ZimV+p2v2W5JpNnV phZVKDinq1OhFZe5UWy3fk43vCiZhWuzZ6LVZTHqoRvcS17lRDAJxY9qJKeH2L00 jZjHqxyue7/ov6T+9P2PeHYxZf2ea+PAex5iwAr6adlP5ZITSG+EHn4JUUjKtvEu V0CL2qdDP3TXMOBaZuNrm+5rLxAmTXh8FkFkPxlyLR8WKeu9j0X73d6ODVcjZhhB BOEchVExA7F8wB4K6U74RRbDzvirhvZV0xqmKzs3apnGGez5YTsGRXG2GRGVfaFU JzE72tdLL3oz+ZgpxICNR2/vf3t7hVSzpf3TK0AkNeS7nx3ltgs= =HXnx - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY2yLKckNZI30y1K9AQjldw//XvFNWQNqRNcSotaZs6Pg3k4JxQPBpyqQ yZ7rFeBscUXwyIvNqhCCri4aVKGcsY4FWZmf4Ojvp/oZO0xuyfXFvn1Vbrrxee30 pGwF+P+Q88IzeU5s4jhtW42vkwqPzyvJMD4z4fK3iVk+EvdYuRM2962RekcuW4Kv RUB7Xovgq11RpyAd1slNxAMWChhx8WCC9emrFevPKL1vAOjbzMx5pn+DAJf+drYj 58rfZRf2bk39Z0PRUw9ZbbnW+ajpv1zvlkAq0zyORxq1vQZGQu6dR5r9ALntLD3/ TjA7yEUH9kWS5PzyrJd/ZA2gMWfSJwS8eFDdDy5vcgEX1vZQA8pe4zRyNDzhqtLj PDleFnO36lgwr02AuWa9qoKB3l0O080aJ5iQ3HpAf3OTocm1rKYuL8YXrwp56Qn2 OWDbp4AO7Ftrdv8MwoQDmKyBPqhVpFcOSbbtokz4CPOLUmCsyWlgFDsj/Ab3H+1o BrLmrBkuPR6myzZ65W3VcY8JdyYcFi6LcXDWTxoxzMGS2sHB+EtAh6E/s27Z67MV s1NR2TkgpVaqcFzFw66tHlqAdTNZVjAqVHdgZMRBWKddXO4fsW4rNffm9It8nqJ4 XjSS7KJ1COsEZx4o9dxlGlaKNC+IybL5uQye0dx5CeH/HY5xwtMPsbVCklASB7bw S2fhSbzW+OA= =E8mz -----END PGP SIGNATURE-----
2022. november 10.

ESB-2022.5788 - [RedHat] Red Hat Integration Debezium 1.9.7: CVSS (Max): 7.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5788 Red Hat Integration Debezium 1.9.7 security update 10 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Red Hat Integration Debezium 1.9.7 Publisher: Red Hat Operating System: Red Hat Resolution: Patch/Upgrade CVE Names: CVE-2022-3171 CVE-2021-22569 Original Bulletin: https://access.redhat.com/errata/RHSA-2022:7896 Comment: CVSS (Max): 7.5 CVE-2022-3171 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVSS Source: Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: Red Hat Integration Debezium 1.9.7 security update Advisory ID: RHSA-2022:7896-01 Product: Red Hat Integration Advisory URL: https://access.redhat.com/errata/RHSA-2022:7896 Issue date: 2022-11-09 CVE Names: CVE-2021-22569 CVE-2022-3171 ===================================================================== 1. Summary: A security update for Debezium is now available for Red Hat Integration. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Debezium is a distributed platform that turns your existing databases into event streams, so applications can see and respond immediately to each row-level change in the databases. Debezium is built on top of Apache Kafka and provides Kafka Connect compatible connectors that monitor specific database management systems. Debezium records the history of data changes in Kafka logs, from where your application consumes them. This makes it possible for your application to easily consume all of the events correctly and completely. Even if your application stops unexpectedly, it will not miss anything: when the application restarts, it will resume consuming the events where it left off. Security Fix(es): * protobuf-java: potential DoS in the parsing procedure for binary data (CVE-2021-22569) * protobuf-java: timeout in parser leads to DoS (CVE-2022-3171) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 3. Solution: To apply this update just follow standard installation procedure https://access.redhat.com/documentation/en-us/red_hat_integration/2022.q4/html/installing_debezium_on_openshift/index https://access.redhat.com/documentation/en-us/red_hat_integration/2022.q4/html/installing_debezium_on_rhel/index 4. Bugs fixed (https://bugzilla.redhat.com/): 2039903 - CVE-2021-22569 protobuf-java: potential DoS in the parsing procedure for binary data 2137645 - CVE-2022-3171 protobuf-java: timeout in parser leads to DoS 5. References: https://access.redhat.com/security/cve/CVE-2021-22569 https://access.redhat.com/security/cve/CVE-2022-3171 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=red.hat.integration&version=2022-Q4 6. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY2v3otzjgjWX9erEAQhmmw/+NujxA03qhV4k8/pvL88Dazs3bt6ZH8ar ELY1Ueri1EgfWROfGB2+SKK2hbFNN+ft4iY2YWHhDX6PUAmVMPiaB0M8NCQkj7GW 17Bo/muRWOti78J03+2314VxLwNHn+s2qCtAR3/Ks4bfcEDUMwsy/u3YTs+wtbK5 tvO5s6uUPB2evIlliJuYKVfUFB9R900tZv44JZ2d+PC3R4S+dUcVTASRX8lDQMhx lOSxVePvV1rNTBJ0e7GaPCWNHR2eNSewpwI/XLhfBOh7ojIgNDUNCi69aEYyVLHW R7uh5R3+PFZvQX+mJ74qcQV2aYVQ4MnhKZrWqbkGyhMqHVRuF7d6DzXd2yMWVDWk vjgnu2NHR0SG/uRdA2Iykm0MGCq9/69KTo3C+nFEoDNg2vVdH155IInpAdpiw/zn iKOXcdQkrLyvClNz/giifooNm9/8HSYhI26ayOj/t+H0AGQfAGLfVHGbNQJ7y00W tSU1OfNPU53KCvbIk/l/3H4SOeXPbOb5pgXaEOM+8ssPk48aBSkQ5Ru7HrJOZwYY fU3652+qceb/IAWoHsGfW2UKOOLeyipD9i4rxhKaAQYtOsETGAoeqxF43e78VFBy y47unTuLhi0DyhZw+ZPKzit3j4VLTUTrB79JxyZQ+WZYXOU/ZUpwSkRwMqwjMm9Q +d4cGdgfQ7Y= =3CJ6 - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY2yLHMkNZI30y1K9AQiw5RAAoRK6satPQGgjf8HpZIBGNL/cGgBkcyTY wTEOQBKpZacD5vkr3rNt/QHoYgzuaF0r6xK/5hMMr+O12ReoRO1neiCaMMjLXE1I UMJtcWgdOS3lrpbBHqtyRmvYmWl2WesYnSoi1HsPARB9s1Tc94oxcVqfVbeF58nS dLtAB6YwR71CjJ+OLzh4YAmZHdKdi/u5iQTXd/y2tb1BwTPz28zCn0+rEFR+90dm /gubvs6dTWJ6I9QxsloJGnbWj0UhqxSReq+JCKydtm6mmjRO+lPQ/LcKXg/VVat3 /tMd7wCznu0qoP+qc77KjGtUNsqWD047f5nADD5UOtyN4kfe4QvvzevSaqfu2bou dKZNeLGGcP7TfkFYRiTcE5MAymMnfrB42gSBlsaE1dv8O4bsntND211Zc++8MtWr kpAX7egSGvRSd27j2i9E4rUInZpPii683zJp7pmn/efHN5g6vTWs+OTCaMtTC5Cs /tLtqpRozK2ZIk7f5ExCbpan6jaXaRLc3hAlBA+PfoQvAzb54d+CV/QtsqPMRhUG SeAPUyPaferiWJpVh1VUNXW7oFkKib7WYEW5Si6jqfCt3bNGFMDmd7mgRNHqrkfr EdJJt1OOXVmD8lqjbr/zKcyRzCGoK9f/is9DBVca9BN58MgVTm5io90QbsAzvoaj mzg0DmVMWr4= =runc -----END PGP SIGNATURE-----
2022. november 10.

ESB-2022.5787 - [RedHat] linux-firmware: CVSS (Max): 8.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5787 linux-firmware security update 10 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: linux-firmware Publisher: Red Hat Operating System: Red Hat Resolution: Patch/Upgrade CVE Names: CVE-2020-12321 Original Bulletin: https://access.redhat.com/errata/RHSA-2022:7887 Comment: CVSS (Max): 8.8 CVE-2020-12321 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSS Source: Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: linux-firmware security update Advisory ID: RHSA-2022:7887-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:7887 Issue date: 2022-11-09 CVE Names: CVE-2020-12321 ===================================================================== 1. Summary: An update for linux-firmware is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 7.7) - noarch Red Hat Enterprise Linux Server E4S (v. 7.7) - noarch Red Hat Enterprise Linux Server TUS (v. 7.7) - noarch 3. Description: The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fix(es): * hardware: buffer overflow in bluetooth firmware (CVE-2020-12321) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1893914 - CVE-2020-12321 hardware: buffer overflow in bluetooth firmware 6. Package List: Red Hat Enterprise Linux Server AUS (v. 7.7): Source: linux-firmware-20190429-73.gitddde598.el7_7.src.rpm noarch: iwl100-firmware-39.31.5.1-73.el7_7.noarch.rpm iwl1000-firmware-39.31.5.1-73.el7_7.noarch.rpm iwl105-firmware-18.168.6.1-73.el7_7.noarch.rpm iwl135-firmware-18.168.6.1-73.el7_7.noarch.rpm iwl2000-firmware-18.168.6.1-73.el7_7.noarch.rpm iwl2030-firmware-18.168.6.1-73.el7_7.noarch.rpm iwl3160-firmware-22.0.7.0-73.el7_7.noarch.rpm iwl3945-firmware-15.32.2.9-73.el7_7.noarch.rpm iwl4965-firmware-228.61.2.24-73.el7_7.noarch.rpm iwl5000-firmware-8.83.5.1_1-73.el7_7.noarch.rpm iwl5150-firmware-8.24.2.2-73.el7_7.noarch.rpm iwl6000-firmware-9.221.4.1-73.el7_7.noarch.rpm iwl6000g2a-firmware-17.168.5.3-73.el7_7.noarch.rpm iwl6000g2b-firmware-17.168.5.2-73.el7_7.noarch.rpm iwl6050-firmware-41.28.5.1-73.el7_7.noarch.rpm iwl7260-firmware-22.0.7.0-73.el7_7.noarch.rpm iwl7265-firmware-22.0.7.0-73.el7_7.noarch.rpm linux-firmware-20190429-73.gitddde598.el7_7.noarch.rpm Red Hat Enterprise Linux Server E4S (v. 7.7): Source: linux-firmware-20190429-73.gitddde598.el7_7.src.rpm noarch: iwl100-firmware-39.31.5.1-73.el7_7.noarch.rpm iwl1000-firmware-39.31.5.1-73.el7_7.noarch.rpm iwl105-firmware-18.168.6.1-73.el7_7.noarch.rpm iwl135-firmware-18.168.6.1-73.el7_7.noarch.rpm iwl2000-firmware-18.168.6.1-73.el7_7.noarch.rpm iwl2030-firmware-18.168.6.1-73.el7_7.noarch.rpm iwl3160-firmware-22.0.7.0-73.el7_7.noarch.rpm iwl3945-firmware-15.32.2.9-73.el7_7.noarch.rpm iwl4965-firmware-228.61.2.24-73.el7_7.noarch.rpm iwl5000-firmware-8.83.5.1_1-73.el7_7.noarch.rpm iwl5150-firmware-8.24.2.2-73.el7_7.noarch.rpm iwl6000-firmware-9.221.4.1-73.el7_7.noarch.rpm iwl6000g2a-firmware-17.168.5.3-73.el7_7.noarch.rpm iwl6000g2b-firmware-17.168.5.2-73.el7_7.noarch.rpm iwl6050-firmware-41.28.5.1-73.el7_7.noarch.rpm iwl7260-firmware-22.0.7.0-73.el7_7.noarch.rpm iwl7265-firmware-22.0.7.0-73.el7_7.noarch.rpm linux-firmware-20190429-73.gitddde598.el7_7.noarch.rpm Red Hat Enterprise Linux Server TUS (v. 7.7): Source: linux-firmware-20190429-73.gitddde598.el7_7.src.rpm noarch: iwl100-firmware-39.31.5.1-73.el7_7.noarch.rpm iwl1000-firmware-39.31.5.1-73.el7_7.noarch.rpm iwl105-firmware-18.168.6.1-73.el7_7.noarch.rpm iwl135-firmware-18.168.6.1-73.el7_7.noarch.rpm iwl2000-firmware-18.168.6.1-73.el7_7.noarch.rpm iwl2030-firmware-18.168.6.1-73.el7_7.noarch.rpm iwl3160-firmware-22.0.7.0-73.el7_7.noarch.rpm iwl3945-firmware-15.32.2.9-73.el7_7.noarch.rpm iwl4965-firmware-228.61.2.24-73.el7_7.noarch.rpm iwl5000-firmware-8.83.5.1_1-73.el7_7.noarch.rpm iwl5150-firmware-8.24.2.2-73.el7_7.noarch.rpm iwl6000-firmware-9.221.4.1-73.el7_7.noarch.rpm iwl6000g2a-firmware-17.168.5.3-73.el7_7.noarch.rpm iwl6000g2b-firmware-17.168.5.2-73.el7_7.noarch.rpm iwl6050-firmware-41.28.5.1-73.el7_7.noarch.rpm iwl7260-firmware-22.0.7.0-73.el7_7.noarch.rpm iwl7265-firmware-22.0.7.0-73.el7_7.noarch.rpm linux-firmware-20190429-73.gitddde598.el7_7.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-12321 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY2ujQ9zjgjWX9erEAQhqAw/+OphS9QKDHty/D7XjsP5WK5u+a6Ri3DlS egdW3yP+wu+9QYeaIvLivGs3JBZdyI538dCEzfWS6ePy6czEqrjKYznkiqqvv1Wl dbrgJEo5F8KMVWjOs2HtRHmM6kf8T9OpWx2S82W9K/K/4UYYAKTZNNzsdWcrU2Bk j9dCFcfbjkpexoJoobLW1PHaYPLtmvRsQAZPGbkTHnCyvWPRlqtvXkFB9O/fCSDB T+w2Dn8DnJCwfbj16wi6BA8je8ZL4mBSR5vh/Uie1B7bRnuHWoG5qBZaBYubawB1 BK/ztdtqy9gLGVHTFTf0KygMXhSFpv0ef+5MT1ZsQoDOGrBlKC/fXVUUQWmaG0hN 4lFqTwgSO83cxt13rfglXXMkTipMTIXJ//kOO5Ko2yrRR2UFMgjnAlaMKzyxSmvf uNBX4JjhdUhWzDesAr7HD9B0pMnHJA8rZqr24QVOHSvK5SmbELyU1YAr2p892QHM f6RzWQeVUZKHrOItjxlRil6RISUVhJD8qq57/J7POpBFLmSipv58J0/jfLevtzcK e7OrIhkkKHir1od+uELDsKZwdlm3Dr3XwIh8RKGpsNqk9xk+EC3zNdDEAtTXn0MV dTVnV8jIGFyDRmI4NMMj1Op52aj3keA5sfHW5UyMNYEwpCFzsHTxImoBq0ueBjO5 C+EAysMTcQM= =W/2L - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY2yLD8kNZI30y1K9AQgdtg/9EvT7shtEzLmYy/uJTceAKQdLN3VsR9wN hu6Aj83Ivdql/STm+bni9YmWjdgy6EZhFB4MYXGXOn9bM5x3aW7OKHDLSh5mGr0D hgYt/dG8pJ8TR3u0WWNwYctM2zIuryR67+5k6GQHMlXku3IOm/IGWnajNDsNEcdH hV4pC65oVZnVL4xoUkiOtqJ5ANQ253/174qunFw2HZWYDxfTyY4+cfCFjrH9oIJA CkAf1uP+zecr+5a/hpn9FZbKx8YL8kRAqpprc7pxOXbMp8mLjDqW6yG3nN2aOZ7y PtC6RA2YkQQ71NGXQXgLaRNncouGObGHW0UKbmM9Rq2sgz3C59u4kzEDZSuyLBaV 333TWuOPI0Oiv5ZaegFmNlbpnMeMjZYZ4+BFqt78OgCnYS7/8dHy7QjVHA2kf+sq eFaVCTmHqpTgDDI1vwqxGT2bp8vr/WKGYhmq992O95FTWjlJ5Em6olsONlX+iWrq 9AZSqXzSk4eHrmlKuTpfepFXKSMRHNkRNRrhMXPR27yNUcWb7Q9h9TDGJ2lDIByC OqDflvSNbb/tI+F1+d8JelDpOB/hN234XS5p5p69H6RWobRZIDdn3MFmKbVucoAZ 9zY72AICaqmPW61/Z6c6UCh0ccZUgMaQX+0cOD20aPrZoCCudvWh6E4+GhCdYwqS JIc9Jn+oIXQ= =dxnV -----END PGP SIGNATURE-----
2022. november 10.

ESB-2022.5786 - [RedHat] kpatch-patch: CVSS (Max): 7.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5786 kpatch-patch security update 10 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: kpatch-patch Publisher: Red Hat Operating System: Red Hat Resolution: Patch/Upgrade CVE Names: CVE-2022-2588 Original Bulletin: https://access.redhat.com/errata/RHSA-2022:7885 Comment: CVSS (Max): 7.8 CVE-2022-2588 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) CVSS Source: Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kpatch-patch security update Advisory ID: RHSA-2022:7885-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:7885 Issue date: 2022-11-09 CVE Names: CVE-2022-2588 ===================================================================== 1. Summary: An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS E4S (v. 8.2) - ppc64le, x86_64 3. Description: The kpatch management tool provides a kernel patching infrastructure which allows you to patch a running kernel without rebooting or restarting any processes. Security Fix(es): * kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2114849 - CVE-2022-2588 kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation 6. Package List: Red Hat Enterprise Linux BaseOS E4S (v. 8.2): Source: kpatch-patch-4_18_0-193_80_1-1-2.el8_2.src.rpm kpatch-patch-4_18_0-193_81_1-1-2.el8_2.src.rpm kpatch-patch-4_18_0-193_87_1-1-1.el8_2.src.rpm kpatch-patch-4_18_0-193_90_1-1-1.el8_2.src.rpm kpatch-patch-4_18_0-193_91_1-1-1.el8_2.src.rpm ppc64le: kpatch-patch-4_18_0-193_80_1-1-2.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_80_1-debuginfo-1-2.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_80_1-debugsource-1-2.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_81_1-1-2.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_81_1-debuginfo-1-2.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_81_1-debugsource-1-2.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_87_1-1-1.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_87_1-debuginfo-1-1.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_87_1-debugsource-1-1.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_90_1-1-1.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_90_1-debuginfo-1-1.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_90_1-debugsource-1-1.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_91_1-1-1.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_91_1-debuginfo-1-1.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_91_1-debugsource-1-1.el8_2.ppc64le.rpm x86_64: kpatch-patch-4_18_0-193_80_1-1-2.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_80_1-debuginfo-1-2.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_80_1-debugsource-1-2.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_81_1-1-2.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_81_1-debuginfo-1-2.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_81_1-debugsource-1-2.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_87_1-1-1.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_87_1-debuginfo-1-1.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_87_1-debugsource-1-1.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_90_1-1-1.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_90_1-debuginfo-1-1.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_90_1-debugsource-1-1.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_91_1-1-1.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_91_1-debuginfo-1-1.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_91_1-debugsource-1-1.el8_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-2588 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY2ujRtzjgjWX9erEAQgxZhAAj8EcB5GD5UdWVdH9s9UjFoyQdGq1apG4 Oc9Q3qq93YzUui9PdMeqsY9YIKDh/3N1f5QlLnHJKv2TBd+7IWowNGnxVfyL2Lht YuCYE7PoQ0IIJ9d/XfXq56Z42EJTUCOG0In+pM3KAIs+rPwaKR+u0jEbMISQabDj QAWuChE0qcsdz59+NYiDaDgYEQQQezj59pAuuuPC/W8PaGR93COJ611LWzmgDL+l 17lOs0FFvQe05SMNTSy6ofqfNAKbucQJC+80nmTnTlyMZ8unLa2WeZ1QtDLiDcML F9lijF4qbMcXWzKbZrd378qmw5rkIt9ygrXrCpsqOr7MhsClgxdwQAvOC06lHlqk XP7LWaasq7xqOFk5UihiVloCyxkURWL7uwaGfJzBvfPNnWyaRvVbTrYtimwKlAcc XPEQHscMBOOVEoOCRxGy2V+HPEaGfhShDe0czPAdqF3CnX/qS13VLnbatj/qgRgz eirLyBCij++lIvSwR17ngEov98kpu/OO+9bPl3pLMqQA6oAfjR1M17z5F/8Niv8k nOfpTYbwZv+WR8Y6BJZgw+o6uX1yqZtCTW7qobLmASJB3o8Wq5yL+lytNXYVpKOf cak4umPp3dtvNKpuQT9N3naMn3+DRrs9Lkd/RATTao5sGCO+nFpCsi2wm1vRvb+z AF5BT2DqJ+o= =1SyI - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY2yK/ckNZI30y1K9AQhhhA/9GNv/HvDGAFadpQHXJ/u5OOjuffx69xJq Vs3zskGacMvz9QGGnVgTZOV2s7YsWfSHq7mHKXGkUUJJjaSlgBiPIWxWvsBqgYCb GJn8JuyFURkHM07a36dhyAoROk+vMri4bRTOoOc7NBizxL0J6Yvn1dx6ysgJPb65 7KrNR7jxWNUfW+bCJOGgnSrKf/3rDtvnbLeLvE3KqahHEC2iIQQ7oNk7JjrxwmW/ zqDNuBc7HExT+6EY20LP1EJ5raWUv7omBT0PKJLRhnWJFZIYDG8f98zv1UO+1XC/ Uf0mHERbNx5Y2ywAb5w1lSMioL11H3jA2ieSl09/JqxUHWjyfM1KJesLcHENvKTl zGGMG8SbY3cFQJnEkZWWwoNZ/kzDPJpxR+DKhUYEBa7mPsYrt2njcy77+kLCRpvr /5mzR5a3urN4sHJXdvEQXYVNZXP8v8iu5DXxm8tpmKuhToGbrQtE7waV5PMVvqiG 54cUF5HXMUR/hnq3XqmtfcTuEY5I29tpdGpNS+lelTSJbRSTgaN+AWLOLa3oy2BG S+ATykPS6m/l5RJAzs/TN0JDUOYlHsFMdQtfD6Bj2qWPDl8+u41i0pgQviYICuX+ LRH5IXZnseAY+oGsjUnSo8lpOeqMoRuxooKE50pICj3FB1baOZZLAaUFurDjKalF 9AIaOk2Z/vE= =VFK6 -----END PGP SIGNATURE-----
2022. november 10.

ESB-2022.5785 - [RedHat] OpenShift Logging: CVSS (Max): 9.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5785 Openshift Logging 5.3.13 security and bug fix release 10 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: OpenShift Logging Publisher: Red Hat Operating System: Red Hat Resolution: Patch/Upgrade CVE Names: CVE-2022-40674 CVE-2022-39399 CVE-2022-37434 CVE-2022-32149 CVE-2022-29901 CVE-2022-29900 CVE-2022-23825 CVE-2022-23816 CVE-2022-21628 CVE-2022-21626 CVE-2022-21624 CVE-2022-21619 CVE-2022-21618 CVE-2022-3515 CVE-2022-2588 CVE-2022-2509 CVE-2022-1353 CVE-2022-0494 CVE-2020-35527 CVE-2020-35525 Original Bulletin: https://access.redhat.com/errata/RHSA-2022:6882 Comment: CVSS (Max): 9.8 CVE-2022-40674 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSS Source: Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: Openshift Logging 5.3.13 security and bug fix release Advisory ID: RHSA-2022:6882-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2022:6882 Issue date: 2022-11-09 CVE Names: CVE-2020-35525 CVE-2020-35527 CVE-2022-0494 CVE-2022-1353 CVE-2022-2509 CVE-2022-2588 CVE-2022-3515 CVE-2022-21618 CVE-2022-21619 CVE-2022-21624 CVE-2022-21626 CVE-2022-21628 CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901 CVE-2022-32149 CVE-2022-37434 CVE-2022-39399 CVE-2022-40674 ===================================================================== 1. Summary: An update is now available for OpenShift Logging 5.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Openshift Logging 5.3.13 security and bug fix release Security Fix(es): * golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags (CVE-2022-32149) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 3. Solution: For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly, for detailed release notes: https://docs.openshift.com/container-platform/4.9/logging/cluster-logging-release-notes.html For Red Hat OpenShift Logging 5.3, see the following instructions to apply this update: https://docs.openshift.com/container-platform/4.9/logging/cluster-logging-upgrading.html 4. Bugs fixed (https://bugzilla.redhat.com/): 2134010 - CVE-2022-32149 golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags 5. References: https://access.redhat.com/security/cve/CVE-2020-35525 https://access.redhat.com/security/cve/CVE-2020-35527 https://access.redhat.com/security/cve/CVE-2022-0494 https://access.redhat.com/security/cve/CVE-2022-1353 https://access.redhat.com/security/cve/CVE-2022-2509 https://access.redhat.com/security/cve/CVE-2022-2588 https://access.redhat.com/security/cve/CVE-2022-3515 https://access.redhat.com/security/cve/CVE-2022-21618 https://access.redhat.com/security/cve/CVE-2022-21619 https://access.redhat.com/security/cve/CVE-2022-21624 https://access.redhat.com/security/cve/CVE-2022-21626 https://access.redhat.com/security/cve/CVE-2022-21628 https://access.redhat.com/security/cve/CVE-2022-23816 https://access.redhat.com/security/cve/CVE-2022-23825 https://access.redhat.com/security/cve/CVE-2022-29900 https://access.redhat.com/security/cve/CVE-2022-29901 https://access.redhat.com/security/cve/CVE-2022-32149 https://access.redhat.com/security/cve/CVE-2022-37434 https://access.redhat.com/security/cve/CVE-2022-39399 https://access.redhat.com/security/cve/CVE-2022-40674 https://access.redhat.com/security/updates/classification/#moderate 6. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY2v3pdzjgjWX9erEAQieXA//RS5LPNCMBmQuk2BFdWb8ac7zWMDMh6ia qMmQdkJurPEKzihaFAHCTv8cAjQhydghH48dATJobRXe545sGP2BpLOUrlQj52/u tY80fOTre7ocZqtQPznax7CFeigk3f959PjWzjPztSznxblj/2i52DrPFNg9uvj+ 5BI/kp+tztKTXLFmjUXC+SilR5Q1KLNsEhscIJ6frqz3wIB4acVj2YMNHbFLC3Zu aTH64AFFvfac1IhBFtD51KgS+0p6ReAetCt3KssdEFgv+ajLwvnitzfrBOCnp4y7 rvc/AdhKeQDWYvvFPsjYdD8qRHplMMBSDolshDLq4/Qhxwha80wTJ4282NTpZilY 8zdweut+1H+Wg8o6RYKmoWPbuncdhk3JVoqNFmmYsOdFRyH2Dezeqpe1P3eiT4vY iM8zOfJM8XyCSis3rm1A9hUed2yBl7A1mNMVRke24xmayBfe5cVUHdguKhUQTDyh 4lVvkFY91S6izDLyiVTU5QoPmMHSef6w+uRkumOHDuGCxFctlmBMFHzBiUTYdkmk moPMpZWf4YKzFSMLZuC562uQ2Y7lP/GBkPuVxa0aa04PMXdMb0fLuYyaUzsks8kW r37lN9gtMLVrLaX5tTa4UyHjWy2P2kkH+8ZeHs7RqrDHawISEGoo0NsD8D4LG7FC 2eYvDFN/BO4= =lzPS - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY2yHqckNZI30y1K9AQjGXA//VoZKKL8KAmDyRDghPJHQEMwcd1g6R639 Y6A7v+DCORVdaG/3EFFobwLUyTF+rAae5sGFkWOML3QDW29siQhSSgYIrOJFVgnT QY52S1Mqrm7of/veQ2X6yxtyqrQAmm/Ky4uLc7gpkdtol4v48dQ/70S/g4kSuoy2 xLB1CWrfoO2KM3aybWVxlr+KmHaIz8csoa8gTzmFQ/S0OykiiX3Hwady3eY4hCPv 0Qinh0xoUY9XRD4yWyGdmlQQrIeVaEpv2umZQXM91GpPHlSGLhSq9es9r3LQjqkn HIcZUcMxtXOo/8GbKCp1WT5Sxq0P5emXHJ8lGmNbkp7t8j+CyGvVeRpD6rfvkDLi ZdEeTqYNVP3MPJJKARYfKyHVF5YIN9t2iuZhcqFD9Xt7CxUc0/bnUlHe2JqrQ/bl Lw8CbNB3iT/VWNCjX1vS6vHzeAywIoRCbcLm0oaZxB31QzSKHFOilOMXK7ZZe+yo ShSksgwMpZoMxYrMxIeuOCG4JxPOVGrBaBepStS6PGSqd5LycoRb3ciJjMogqJzG 0j/qWAu36LZyNMDFFPSoznh/s05lWY6PyvpqW98VZA7eOS2+zuhpM4NAQ+amf6xq syc06faDlpL4pMiHIhY2Mt6o2K+YeSfwaw7ZgFiAC3YBhpN0pCwPRfOdoexpGtwm KeNj8i4+f3k= =G+OQ -----END PGP SIGNATURE-----
2022. november 10.

ESB-2022.5784 - [Ubuntu] Zstandard: CVSS (Max): 5.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5784 USN-5720-1: Zstandard vulnerabilities 10 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Zstandard Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade CVE Names: CVE-2021-24032 CVE-2021-24031 Original Bulletin: https://ubuntu.com/security/notices/USN-5720-1 Comment: CVSS (Max): 5.5 CVE-2021-24031 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) CVSS Source: NVD Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- USN-5720-1: Zstandard vulnerabilities 9 November 2022 Zstandard could be made to expose sensitive information Releases o Ubuntu 16.04 ESM Packages o libzstd - fast lossless compression algorithm Details It was discovered that Zstandard was not properly managing file permissions when generating output files. A local attacker could possibly use this issue to cause a race condition and gain unauthorized access to sensitive data. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 o zstd - 1.3.1+dfsg-1~ubuntu0.16.04.1+esm3 Available with Ubuntu Pro (Infra-only) o libzstd1 - 1.3.1+dfsg-1~ubuntu0.16.04.1+esm3 Available with Ubuntu Pro (Infra-only) In general, a standard system update will make all the necessary changes. References o CVE-2021-24031 o CVE-2021-24032 Related notices o USN-4760-1 : libzstd-dev, libzstd, zstd, libzstd1-dev, libzstd1-udeb, libzstd1 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY2yHfskNZI30y1K9AQiIuw//bEP64/GdXGmmU5frMEPhRxKsf2swCv3e LFHsgWTQSTnoRJTteLq6w0+bPhtt5Mvan6cexwAZjFfni31YxL54QWrxiZmH8JSL j6+iMPfOwHUCOwV+CwESVfOODIU8aAqmH4YTHQORC6BhUBP5YA4FMl8lQYh3PeiP 887GK6RynJmGWQhIxRYdUOMGqt2cURsLqJVu6SOxgs40ww1FPwK/BsxiyPYBFhpY 3vWH1B5PZ9gIYXT95DYk1Dedj4PBLm1kEBWsJ0m22IhsaCZ6me7cWs1YLtnmEs9o 7Dh6+8t/eo/3T7lKwxxen27Dnepmq3N1uc1wUKjswDUcxvscXb75Ukn1v5Hs2rnN nIAfCskBwAPnh66OG88Rez/Yrz7DfSoc11F0TJEq2eJOfHADttWV9dI8Oif6ZjwB lD6ZDl3pJC+AWXIUL42hsZ71iGIh4c1krzR+1zmVxrnuMAPU1o39p/ACITYODDOz 8y3iUHLuxePRIjf8jMt2yqrliLWvYa5AhToMNMgmCD+XQzoRRMFNnPu3wM4q8ZaW wTAgg/sOA8IIrHQm6Pfbtufjl0LX+iJ2goDfe7Zv/NZhe9FU1hq2Kb9doHjsRBQt C0rRXFBTVvz/ZWed5+eYDrTegGQXSd24JxTYIXAwMPfgaabUYoUXFeyZJ2bjHWQb UnbS7rPTFYM= =dXOf -----END PGP SIGNATURE-----
2022. november 10.

ESB-2022.5783 - [Ubuntu] OpenJDK: CVSS (Max): 5.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5783 USN-5719-1: OpenJDK vulnerabilities 10 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: OpenJDK Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade CVE Names: CVE-2022-39399 CVE-2022-21628 CVE-2022-21626 CVE-2022-21624 CVE-2022-21619 CVE-2022-21618 Original Bulletin: https://ubuntu.com/security/notices/USN-5719-1 Comment: CVSS (Max): 5.3 CVE-2022-21628 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) CVSS Source: NVD Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L - --------------------------BEGIN INCLUDED TEXT-------------------- USN-5719-1: OpenJDK vulnerabilities 9 November 2022 Several security issues were fixed in OpenJDK. Releases o Ubuntu 22.10 o Ubuntu 22.04 LTS o Ubuntu 20.04 LTS o Ubuntu 18.04 LTS o Ubuntu 16.04 ESM Packages o openjdk-17 - Open Source Java implementation o openjdk-19 - Open Source Java implementation o openjdk-8 - Open Source Java implementation o openjdk-lts - Open Source Java implementation Details It was discovered that OpenJDK incorrectly handled long client hostnames. An attacker could possibly use this issue to cause the corruption of sensitive information. ( CVE-2022-21619 ) It was discovered that OpenJDK incorrectly randomized DNS port numbers. A remote attacker could possibly use this issue to perform spoofing attacks. ( CVE-2022-21624 ) It was discovered that OpenJDK did not limit the number of connections accepted from HTTP clients. An attacker could possibly use this issue to cause a denial of service. ( CVE-2022-21628 ) It was discovered that OpenJDK incorrectly handled X.509 certificates. An attacker could possibly use this issue to cause a denial of service. This issue only affected OpenJDK 8 and OpenJDK 11. ( CVE-2022-21626 ) It was discovered that OpenJDK incorrectly handled cached server connections. An attacker could possibly use this issue to perform spoofing attacks. This issue only affected OpenJDK 11, OpenJDK 17 and OpenJDK 19. ( CVE-2022-39399 ) It was discovered that OpenJDK incorrectly handled byte conversions. An attacker could possibly use this issue to obtain sensitive information. This issue only affected OpenJDK 11, OpenJDK 17 and OpenJDK 19. ( CVE-2022-21618 ) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 22.10 o openjdk-8-jre-headless - 8u352-ga-1~22.10 o openjdk-11-jre-headless - 11.0.17+8-1ubuntu2 o openjdk-11-jdk - 11.0.17+8-1ubuntu2 o openjdk-17-jre-headless - 17.0.5+8-2ubuntu1 o openjdk-17-jre - 17.0.5+8-2ubuntu1 o openjdk-17-jdk - 17.0.5+8-2ubuntu1 o openjdk-17-jre-zero - 17.0.5+8-2ubuntu1 o openjdk-8-jre-zero - 8u352-ga-1~22.10 o openjdk-19-jre - 19.0.1+10-1 o openjdk-8-jdk - 8u352-ga-1~22.10 o openjdk-11-jre-zero - 11.0.17+8-1ubuntu2 o openjdk-19-jre-zero - 19.0.1+10-1 o openjdk-8-jre - 8u352-ga-1~22.10 o openjdk-19-jre-headless - 19.0.1+10-1 o openjdk-19-jdk - 19.0.1+10-1 o openjdk-11-jre - 11.0.17+8-1ubuntu2 Ubuntu 22.04 o openjdk-8-jre-headless - 8u352-ga-1~22.04 o openjdk-11-jre-headless - 11.0.17+8-1ubuntu2~22.04 o openjdk-11-jdk - 11.0.17+8-1ubuntu2~22.04 o openjdk-17-jre-headless - 17.0.5+8-2ubuntu1~22.04 o openjdk-17-jre - 17.0.5+8-2ubuntu1~22.04 o openjdk-17-jdk - 17.0.5+8-2ubuntu1~22.04 o openjdk-17-jre-zero - 17.0.5+8-2ubuntu1~22.04 o openjdk-8-jre-zero - 8u352-ga-1~22.04 o openjdk-19-jre - 19.0.1+10-1ubuntu1~22.04 o openjdk-8-jdk - 8u352-ga-1~22.04 o openjdk-11-jre-zero - 11.0.17+8-1ubuntu2~22.04 o openjdk-19-jre-zero - 19.0.1+10-1ubuntu1~22.04 o openjdk-8-jre - 8u352-ga-1~22.04 o openjdk-19-jre-headless - 19.0.1+10-1ubuntu1~22.04 o openjdk-19-jdk - 19.0.1+10-1ubuntu1~22.04 o openjdk-11-jre - 11.0.17+8-1ubuntu2~22.04 Ubuntu 20.04 o openjdk-8-jre-headless - 8u352-ga-1~20.04 o openjdk-8-jre - 8u352-ga-1~20.04 o openjdk-11-jdk - 11.0.17+8-1ubuntu2~20.04 o openjdk-17-jre-headless - 17.0.5+8-2ubuntu1~20.04 o openjdk-17-jre - 17.0.5+8-2ubuntu1~20.04 o openjdk-17-jdk - 17.0.5+8-2ubuntu1~20.04 o openjdk-17-jre-zero - 17.0.5+8-2ubuntu1~20.04 o openjdk-8-jre-zero - 8u352-ga-1~20.04 o openjdk-8-jdk - 8u352-ga-1~20.04 o openjdk-11-jre-zero - 11.0.17+8-1ubuntu2~20.04 o openjdk-11-jre-headless - 11.0.17+8-1ubuntu2~20.04 o openjdk-11-jre - 11.0.17+8-1ubuntu2~20.04 Ubuntu 18.04 o openjdk-8-jre-headless - 8u352-ga-1~18.04 o openjdk-8-jre - 8u352-ga-1~18.04 o openjdk-11-jdk - 11.0.17+8-1ubuntu2~18.04 o openjdk-17-jre-headless - 17.0.5+8-2ubuntu1~18.04 o openjdk-17-jre - 17.0.5+8-2ubuntu1~18.04 o openjdk-17-jdk - 17.0.5+8-2ubuntu1~18.04 o openjdk-17-jre-zero - 17.0.5+8-2ubuntu1~18.04 o openjdk-8-jre-zero - 8u352-ga-1~18.04 o openjdk-8-jdk - 8u352-ga-1~18.04 o openjdk-11-jre-zero - 11.0.17+8-1ubuntu2~18.04 o openjdk-11-jre-headless - 11.0.17+8-1ubuntu2~18.04 o openjdk-11-jre - 11.0.17+8-1ubuntu2~18.04 Ubuntu 16.04 o openjdk-8-jdk - 8u352-ga-1~16.04 Available with Ubuntu Pro (Infra-only) o openjdk-8-jre-headless - 8u352-ga-1~16.04 Available with Ubuntu Pro (Infra-only) o openjdk-8-jre - 8u352-ga-1~16.04 Available with Ubuntu Pro (Infra-only) o openjdk-8-jre-zero - 8u352-ga-1~16.04 Available with Ubuntu Pro (Infra-only) This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any Java applications or applets to make all the necessary changes. References o CVE-2022-21618 o CVE-2022-21626 o CVE-2022-39399 o CVE-2022-21628 o CVE-2022-21619 o CVE-2022-21624 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY2yHYckNZI30y1K9AQh3qQ/+IgvrC+BKt+yGwDVYFVcGapAm8mrHVapR UBZvhEf++1c2Yja/J7LZQ3qPuzJSgSsYP0p6dnj+wUOfBt9XCttPnfVq5PFQU0We q1cnuSF9VZxx0h0iFJi0a6HdDE9h6OT8qA3RRCFSe4pCe5QqAHi/Idh5E8MSC6st n+u1enRZBgkUkNXOwYXESU4aMekLw41aR/QZ2Ud5ea0KSwQzin2jie/mhs7PHZ9/ RYo1pHjNrXQrYI3DmAIYB/8m3JGFXq9sZyt/kq7uX8snIIw0MdfkFoKqqn7KbmUf DJ3UJ5WmDz7O1Jw9KtXetFQRKT8WU7a0onhU9/YP5Ve6JXFnFd+ynPM+zGUK97PW xhrsUYF5B55moAdvMkx/DK9DEEJkuk1IGWeYMgLwxQhJhmITbKGFtm3xSj7xkYyD 9P2s68OriRhyfpVuShze6R5/Jk5SkghPwpG7yngGlwfa706Qt4cKW+gbGiLkTTBV y+0iTDlxITJFzO2stPOuVGASQkY/VpyXueyb+GtNn4Yo2MIvQTXrf1K4R1PdR81L GhwMH5yNAmJmvKoQA1aOuBkohIjnE9GFAYYltg4nuuEApFzS+qs9J4C7zjHzcrrw N4dQT+7l+x+1G/qsJxZHN4G5/P1C3u+gq4CfGam84FnmnBBq+zauYyjiIr0GWLsp aLZEqyCn590= =8gkY -----END PGP SIGNATURE-----
2022. november 10.

ESB-2022.5782 - Nessus: CVSS (Max): 9.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5782 [R1] Nessus Version 8.15.7 Fixes Multiple Vulnerabilities 10 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Nessus Publisher: Tenable Operating System: Windows UNIX variants (UNIX, Linux, OSX) Resolution: Patch/Upgrade CVE Names: CVE-2022-43680 CVE-2022-40674 CVE-2022-37434 CVE-2022-29824 CVE-2022-23308 CVE-2022-2309 Original Bulletin: https://www.tenable.com/security/tns-2022-26 Comment: CVSS (Max): 9.8 CVE-2022-40674 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSS Source: Tenable Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- [R1] Nessus Version 8.15.7 Fixes Multiple Vulnerabilities Critical Synopsis Nessus leverages third-party software to help provide underlying functionality. Several of the third-party components (expat, libxml2, zlib) were found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable has opted to upgrade these components to address the potential impact of the issues. Nessus 8.15.7 updates expat to version 2.5.0, libxml2 to 2.10.3 and zlib to 1.2.13 to address the identified vulnerabilities. Solution Tenable has released Nessus 8.15.7 to address these issues. The installation files can be obtained from the Tenable Downloads Portal (https:// www.tenable.com/downloads/nessus). This page contains information regarding security vulnerabilities that may impact Tenable's products. This may include issues specific to our software, or due to the use of third-party libraries within our software. Tenable strongly encourages users to ensure that they upgrade or apply relevant patches in a timely manner. Tenable takes product security very seriously. If you believe you have found a vulnerability in one of our products, we ask that you please work with us to quickly resolve it in order to protect customers. Tenable believes in responding quickly to such reports, maintaining communication with researchers, and providing a solution in short order. For more details on submitting vulnerability information, please see our Vulnerability Reporting Guidelines page. If you have questions or corrections about this advisory, please email Risk Information CVE ID: CVE-2022-2309 CVE-2022-29824 CVE-2022-23308 CVE-2022-40674 CVE-2022-43680 CVE-2022-37434 Tenable Advisory ID TNS-2022-26 Risk Factor Critical CVSSv3 Base / Temporal Score 7.5 / 6.7 (CVE-2022-2309) 6.5 / 5.7 (CVE-2022-29824) 7.5 / 6.5 (CVE-2022-23308) 9.8 / 8.5 (CVE-2022-40674) 7.5 / 6.5 (CVE-2022-43680) 9.8 / 8.5 (CVE-2022-37434) CVSSv3 Vector AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C (CVE-2022-2309) AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C (CVE-2022-29824) AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C (CVE-2022-23308) AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C (CVE-2022-40674) AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C (CVE-2022-43680) AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C (CVE-2022-37434) Affected Products Nessus 8.15.1 to Nessus 8.15.6 Advisory Timeline 2022-11-09 - [R1] Initial Release - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY2yHSMkNZI30y1K9AQj6aw/7B82swnk+Ihon0K19FYx76eB5XmKRkJrM vlv62Weg0MDNaZWvBDOBTdwjTzWiznZinecb9+hruN8eVigEmRk7lEAY+hCRk9// WRW9MS+7LQicFvA0pNy13SdFM/xkdUmldOq6quB6A2JsUomFZUzEYfi9q31wQ18D GlGyIDaQOQ6Q5N31h+0sGOrqkL4ua9vL95bfNFvbzbtN6WB3IjuOA4RRxmJx0/p6 V4ixbHxezQx1KrEAMEb7/43sqgcg4WyVttv4Nt2iUK6msSgrTAA+Ko3ad65nCKqQ rrbpRfBTxf1usP/pJ/XPyZ3K5w0XMP52XU0zY6kmc53/S8B2Tu6a8/3FiWvG2rPZ WWD35RRrdtlepDwlkvpcrFnZihsm6jkMPIYitHAZhfUyMju+0EucyHRH3aoTF2tI y1hzUwQWAM9wIFyiFbfIbznBr7k8Ll69Hjm+Nj1Q6maMPkybesOHv3ekuQ33YceV H0bh4BjmAPXUDgIo6siv5LMFgcfaztDRUnJl1tPKjQ4/ONlx9W5qOH2IA6Gkvfj0 ZgsQx5g27bt+cQKiQyyZekEKUCW+01T38oj1ig4IKAXol0hgFsu0IWUlEWcFaOnw 7N2G18x8z/F4JGLuILkXXyHdCovpwDafQxRwnUDUhQbok0KlfsAsbPySegnNWoAP Baq/P20u1bY= =ir9h -----END PGP SIGNATURE-----
2022. november 10.

ESB-2022.5781 - [SUSE] xen: CVSS (Max): 7.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5781 Security update for xen 10 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: xen Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade CVE Names: CVE-2022-42326 CVE-2022-42325 CVE-2022-42323 CVE-2022-42322 CVE-2022-42321 CVE-2022-42320 CVE-2022-42319 CVE-2022-42318 CVE-2022-42317 CVE-2022-42316 CVE-2022-42315 CVE-2022-42314 CVE-2022-42313 CVE-2022-42312 CVE-2022-42311 CVE-2022-42310 CVE-2022-42309 CVE-2022-33748 CVE-2022-33746 CVE-2021-28689 Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20223925-1 Comment: CVSS (Max): 7.5 CVE-2022-42320 (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H) CVSS Source: SUSE Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3925-1 Rating: important References: #1185104 #1193923 #1203806 #1203807 #1204482 #1204485 #1204487 #1204488 #1204489 #1204490 #1204494 #1204496 Cross-References: CVE-2021-28689 CVE-2022-33746 CVE-2022-33748 CVE-2022-42309 CVE-2022-42310 CVE-2022-42311 CVE-2022-42312 CVE-2022-42313 CVE-2022-42314 CVE-2022-42315 CVE-2022-42316 CVE-2022-42317 CVE-2022-42318 CVE-2022-42319 CVE-2022-42320 CVE-2022-42321 CVE-2022-42322 CVE-2022-42323 CVE-2022-42325 CVE-2022-42326 Affected Products: SUSE Linux Enterprise High Performance Computing 15-ESPOS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise Server for SAP 15 ______________________________________________________________________________ An update that fixes 20 vulnerabilities is now available. Description: This update for xen fixes the following issues: o CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing (bsc# 1203806). o CVE-2022-33748: Fixed DoS due to race in locking (bsc#1203807). o CVE-2021-28689: Fixed speculative vulnerabilities with bare (non-shim) 32-bit PV guests (bsc#1185104). o CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314, CVE-2022-42315, CVE-2022-42316, CVE-2022-42317, CVE-2022-42318: xen: Xenstore: Guests can let xenstored run out of memory (bsc#1204482) o CVE-2022-42309: xen: Xenstore: Guests can crash xenstored (bsc#1204485) o CVE-2022-42310: xen: Xenstore: Guests can create orphaned Xenstore nodes (bsc#1204487) o CVE-2022-42319: xen: Xenstore: Guests can cause Xenstore to not free temporary memory (bsc#1204488) o CVE-2022-42320: xen: Xenstore: Guests can get access to Xenstore nodes of deleted domains (bsc#1204489) o CVE-2022-42321: xen: Xenstore: Guests can crash xenstored via exhausting the stack (bsc#1204490) o CVE-2022-42322,CVE-2022-42323: xen: Xenstore: cooperating guests can create arbitrary numbers of nodes (bsc#1204494) o CVE-2022-42325,CVE-2022-42326: xen: Xenstore: Guests can create arbitrary number of nodes via transactions (bsc#1204496) o xen: Frontends vulnerable to backends (bsc#1193923) Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE Linux Enterprise Server for SAP 15: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-3925=1 o SUSE Linux Enterprise High Performance Computing 15-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-2022-3925=1 o SUSE Linux Enterprise High Performance Computing 15-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-2022-3925=1 Package List: o SUSE Linux Enterprise Server for SAP 15 (x86_64): xen-4.10.4_40-150000.3.84.1 xen-debugsource-4.10.4_40-150000.3.84.1 xen-devel-4.10.4_40-150000.3.84.1 xen-libs-4.10.4_40-150000.3.84.1 xen-libs-debuginfo-4.10.4_40-150000.3.84.1 xen-tools-4.10.4_40-150000.3.84.1 xen-tools-debuginfo-4.10.4_40-150000.3.84.1 xen-tools-domU-4.10.4_40-150000.3.84.1 xen-tools-domU-debuginfo-4.10.4_40-150000.3.84.1 o SUSE Linux Enterprise High Performance Computing 15-LTSS (x86_64): xen-4.10.4_40-150000.3.84.1 xen-debugsource-4.10.4_40-150000.3.84.1 xen-devel-4.10.4_40-150000.3.84.1 xen-libs-4.10.4_40-150000.3.84.1 xen-libs-debuginfo-4.10.4_40-150000.3.84.1 xen-tools-4.10.4_40-150000.3.84.1 xen-tools-debuginfo-4.10.4_40-150000.3.84.1 xen-tools-domU-4.10.4_40-150000.3.84.1 xen-tools-domU-debuginfo-4.10.4_40-150000.3.84.1 o SUSE Linux Enterprise High Performance Computing 15-ESPOS (x86_64): xen-4.10.4_40-150000.3.84.1 xen-debugsource-4.10.4_40-150000.3.84.1 xen-devel-4.10.4_40-150000.3.84.1 xen-libs-4.10.4_40-150000.3.84.1 xen-libs-debuginfo-4.10.4_40-150000.3.84.1 xen-tools-4.10.4_40-150000.3.84.1 xen-tools-debuginfo-4.10.4_40-150000.3.84.1 xen-tools-domU-4.10.4_40-150000.3.84.1 xen-tools-domU-debuginfo-4.10.4_40-150000.3.84.1 References: o https://www.suse.com/security/cve/CVE-2021-28689.html o https://www.suse.com/security/cve/CVE-2022-33746.html o https://www.suse.com/security/cve/CVE-2022-33748.html o https://www.suse.com/security/cve/CVE-2022-42309.html o https://www.suse.com/security/cve/CVE-2022-42310.html o https://www.suse.com/security/cve/CVE-2022-42311.html o https://www.suse.com/security/cve/CVE-2022-42312.html o https://www.suse.com/security/cve/CVE-2022-42313.html o https://www.suse.com/security/cve/CVE-2022-42314.html o https://www.suse.com/security/cve/CVE-2022-42315.html o https://www.suse.com/security/cve/CVE-2022-42316.html o https://www.suse.com/security/cve/CVE-2022-42317.html o https://www.suse.com/security/cve/CVE-2022-42318.html o https://www.suse.com/security/cve/CVE-2022-42319.html o https://www.suse.com/security/cve/CVE-2022-42320.html o https://www.suse.com/security/cve/CVE-2022-42321.html o https://www.suse.com/security/cve/CVE-2022-42322.html o https://www.suse.com/security/cve/CVE-2022-42323.html o https://www.suse.com/security/cve/CVE-2022-42325.html o https://www.suse.com/security/cve/CVE-2022-42326.html o https://bugzilla.suse.com/1185104 o https://bugzilla.suse.com/1193923 o https://bugzilla.suse.com/1203806 o https://bugzilla.suse.com/1203807 o https://bugzilla.suse.com/1204482 o https://bugzilla.suse.com/1204485 o https://bugzilla.suse.com/1204487 o https://bugzilla.suse.com/1204488 o https://bugzilla.suse.com/1204489 o https://bugzilla.suse.com/1204490 o https://bugzilla.suse.com/1204494 o https://bugzilla.suse.com/1204496 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY2yG58kNZI30y1K9AQjSuA//QYhWBq1/I1hIngfhZtIXRVdHA1i9KbC2 /V0XzdHRhNjrzJYEilbX/QjVQ5bCXU4A+sidayJ3Fg09dXXpT2BoFakCkgBOdTJV PwsDWLmt6vmiUTqYfgGmbCkZX70hXBlKwdRJKjBwtMc/XXWv2KdZN2OfffVvOy98 Fi04WETkm6mXwg7q4Ds/RE2JCInNs5ihhbkpIDs1W/8VvDdjFimmE8Z2I6DoCYKH VZeHq+8MJadjiqa0IMSEtd6ZzSXiqY+vAGPJfyVLIbU+hwxEWBMMEMm51fXFNKOZ WeLau/U2eEX+y45ge5KVBrtzuN+W8M3nLj13ViDrVrgIXPJHrHpXA5qv6PD/wC5C +MfvH3y8cRcISVL6Bx2eCUkIXk8DoU6W+4R/BXEbJkxnu594D/Y75rlB8I985rBG WvkSOfwFnjJMVmkIJnnkLsES1DDkrYrNKaAIZOoRvrUWdZfVlLhc8xVl/jG6sS0J zhVHUPyFCIYOBU+0jB/Xe0NEPpOopDn3dkZM3FbzytQIhfdWhbCCAFUJdbrnSfqr U7Wj4Ko+oEQ3I0jssa51202zHNxRblY3N3aLbxd4sx6laZOU+oPClFM+O7N4L4c7 wUtvcQl9WKaCvczan10zSS/fqMT8ykxQno9iAWc1+2XXid27oYqb4BF0ZM7UVm4Q V0msYdI7k7A= =W/Ia -----END PGP SIGNATURE-----
2022. november 10.

ESB-2022.5780 - [SUSE] python3: CVSS (Max): 8.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5780 Security update for python3 10 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: python3 Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade CVE Names: CVE-2022-37454 CVE-2020-10735 Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20223924-1 Comment: CVSS (Max): 8.1 CVE-2022-37454 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSS Source: SUSE Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for python3 ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3924-1 Rating: important References: #1203125 #1204577 Cross-References: CVE-2020-10735 CVE-2022-37454 Affected Products: SUSE CaaS Platform 4.0 SUSE Enterprise Storage 6 SUSE Enterprise Storage 7 SUSE Linux Enterprise High Performance Computing 15-ESPOS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server 15-SP1-BCL SUSE Linux Enterprise Server 15-SP1-LTSS SUSE Linux Enterprise Server 15-SP2-BCL SUSE Linux Enterprise Server 15-SP2-LTSS SUSE Linux Enterprise Server for SAP 15 SUSE Linux Enterprise Server for SAP 15-SP1 SUSE Linux Enterprise Server for SAP 15-SP2 SUSE Manager Proxy 4.1 SUSE Manager Retail Branch Server 4.1 SUSE Manager Server 4.1 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for python3 fixes the following issues: o CVE-2022-37454: Fixed a buffer overflow in hashlib.sha3_* implementations. (bsc#1204577) o CVE-2020-10735: Fixed a bug to limit amount of digits converting text to int and vice vera. (bsc#1203125) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE Manager Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-3924=1 o SUSE Manager Retail Branch Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-3924=1 o SUSE Manager Proxy 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-3924=1 o SUSE Linux Enterprise Server for SAP 15-SP2: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-3924=1 o SUSE Linux Enterprise Server for SAP 15-SP1: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-3924=1 o SUSE Linux Enterprise Server for SAP 15: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-3924=1 o SUSE Linux Enterprise Server 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-3924=1 o SUSE Linux Enterprise Server 15-SP2-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-3924=1 o SUSE Linux Enterprise Server 15-SP1-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-3924=1 o SUSE Linux Enterprise Server 15-SP1-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-3924=1 o SUSE Linux Enterprise Server 15-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-2022-3924=1 o SUSE Linux Enterprise Micro 5.1: zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-3924=1 o SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-3924=1 o SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-3924=1 o SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-3924=1 o SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-3924=1 o SUSE Linux Enterprise High Performance Computing 15-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-2022-3924=1 o SUSE Linux Enterprise High Performance Computing 15-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-2022-3924=1 o SUSE Enterprise Storage 7: zypper in -t patch SUSE-Storage-7-2022-3924=1 o SUSE Enterprise Storage 6: zypper in -t patch SUSE-Storage-6-2022-3924=1 o SUSE CaaS Platform 4.0: To install this update, use the SUSE CaaS Platform 'skuba' tool. I will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. Package List: o SUSE Manager Server 4.1 (ppc64le s390x x86_64): libpython3_6m1_0-3.6.15-150000.3.116.1 libpython3_6m1_0-debuginfo-3.6.15-150000.3.116.1 python3-3.6.15-150000.3.116.1 python3-base-3.6.15-150000.3.116.1 python3-base-debuginfo-3.6.15-150000.3.116.1 python3-core-debugsource-3.6.15-150000.3.116.1 python3-curses-3.6.15-150000.3.116.1 python3-curses-debuginfo-3.6.15-150000.3.116.1 python3-dbm-3.6.15-150000.3.116.1 python3-dbm-debuginfo-3.6.15-150000.3.116.1 python3-debuginfo-3.6.15-150000.3.116.1 python3-debugsource-3.6.15-150000.3.116.1 python3-devel-3.6.15-150000.3.116.1 python3-devel-debuginfo-3.6.15-150000.3.116.1 python3-idle-3.6.15-150000.3.116.1 python3-tk-3.6.15-150000.3.116.1 python3-tk-debuginfo-3.6.15-150000.3.116.1 python3-tools-3.6.15-150000.3.116.1 o SUSE Manager Retail Branch Server 4.1 (x86_64): libpython3_6m1_0-3.6.15-150000.3.116.1 libpython3_6m1_0-debuginfo-3.6.15-150000.3.116.1 python3-3.6.15-150000.3.116.1 python3-base-3.6.15-150000.3.116.1 python3-base-debuginfo-3.6.15-150000.3.116.1 python3-core-debugsource-3.6.15-150000.3.116.1 python3-curses-3.6.15-150000.3.116.1 python3-curses-debuginfo-3.6.15-150000.3.116.1 python3-dbm-3.6.15-150000.3.116.1 python3-dbm-debuginfo-3.6.15-150000.3.116.1 python3-debuginfo-3.6.15-150000.3.116.1 python3-debugsource-3.6.15-150000.3.116.1 python3-devel-3.6.15-150000.3.116.1 python3-devel-debuginfo-3.6.15-150000.3.116.1 python3-idle-3.6.15-150000.3.116.1 python3-tk-3.6.15-150000.3.116.1 python3-tk-debuginfo-3.6.15-150000.3.116.1 python3-tools-3.6.15-150000.3.116.1 o SUSE Manager Proxy 4.1 (x86_64): libpython3_6m1_0-3.6.15-150000.3.116.1 libpython3_6m1_0-debuginfo-3.6.15-150000.3.116.1 python3-3.6.15-150000.3.116.1 python3-base-3.6.15-150000.3.116.1 python3-base-debuginfo-3.6.15-150000.3.116.1 python3-core-debugsource-3.6.15-150000.3.116.1 python3-curses-3.6.15-150000.3.116.1 python3-curses-debuginfo-3.6.15-150000.3.116.1 python3-dbm-3.6.15-150000.3.116.1 python3-dbm-debuginfo-3.6.15-150000.3.116.1 python3-debuginfo-3.6.15-150000.3.116.1 python3-debugsource-3.6.15-150000.3.116.1 python3-devel-3.6.15-150000.3.116.1 python3-devel-debuginfo-3.6.15-150000.3.116.1 python3-idle-3.6.15-150000.3.116.1 python3-tk-3.6.15-150000.3.116.1 python3-tk-debuginfo-3.6.15-150000.3.116.1 python3-tools-3.6.15-150000.3.116.1 o SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64): libpython3_6m1_0-3.6.15-150000.3.116.1 libpython3_6m1_0-debuginfo-3.6.15-150000.3.116.1 python3-3.6.15-150000.3.116.1 python3-base-3.6.15-150000.3.116.1 python3-base-debuginfo-3.6.15-150000.3.116.1 python3-core-debugsource-3.6.15-150000.3.116.1 python3-curses-3.6.15-150000.3.116.1 python3-curses-debuginfo-3.6.15-150000.3.116.1 python3-dbm-3.6.15-150000.3.116.1 python3-dbm-debuginfo-3.6.15-150000.3.116.1 python3-debuginfo-3.6.15-150000.3.116.1 python3-debugsource-3.6.15-150000.3.116.1 python3-devel-3.6.15-150000.3.116.1 python3-devel-debuginfo-3.6.15-150000.3.116.1 python3-idle-3.6.15-150000.3.116.1 python3-tk-3.6.15-150000.3.116.1 python3-tk-debuginfo-3.6.15-150000.3.116.1 python3-tools-3.6.15-150000.3.116.1 o SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64): libpython3_6m1_0-3.6.15-150000.3.116.1 libpython3_6m1_0-debuginfo-3.6.15-150000.3.116.1 python3-3.6.15-150000.3.116.1 python3-base-3.6.15-150000.3.116.1 python3-base-debuginfo-3.6.15-150000.3.116.1 python3-core-debugsource-3.6.15-150000.3.116.1 python3-curses-3.6.15-150000.3.116.1 python3-curses-debuginfo-3.6.15-150000.3.116.1 python3-dbm-3.6.15-150000.3.116.1 python3-dbm-debuginfo-3.6.15-150000.3.116.1 python3-debuginfo-3.6.15-150000.3.116.1 python3-debugsource-3.6.15-150000.3.116.1 python3-devel-3.6.15-150000.3.116.1 python3-devel-debuginfo-3.6.15-150000.3.116.1 python3-idle-3.6.15-150000.3.116.1 python3-testsuite-3.6.15-150000.3.116.1 python3-tk-3.6.15-150000.3.116.1 python3-tk-debuginfo-3.6.15-150000.3.116.1 python3-tools-3.6.15-150000.3.116.1 o SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64): libpython3_6m1_0-3.6.15-150000.3.116.1 libpython3_6m1_0-debuginfo-3.6.15-150000.3.116.1 python3-3.6.15-150000.3.116.1 python3-base-3.6.15-150000.3.116.1 python3-base-debuginfo-3.6.15-150000.3.116.1 python3-core-debugsource-3.6.15-150000.3.116.1 python3-curses-3.6.15-150000.3.116.1 python3-curses-debuginfo-3.6.15-150000.3.116.1 python3-dbm-3.6.15-150000.3.116.1 python3-dbm-debuginfo-3.6.15-150000.3.116.1 python3-debuginfo-3.6.15-150000.3.116.1 python3-debugsource-3.6.15-150000.3.116.1 python3-devel-3.6.15-150000.3.116.1 python3-devel-debuginfo-3.6.15-150000.3.116.1 python3-idle-3.6.15-150000.3.116.1 python3-tk-3.6.15-150000.3.116.1 python3-tk-debuginfo-3.6.15-150000.3.116.1 python3-tools-3.6.15-150000.3.116.1 o SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64): libpython3_6m1_0-3.6.15-150000.3.116.1 libpython3_6m1_0-debuginfo-3.6.15-150000.3.116.1 python3-3.6.15-150000.3.116.1 python3-base-3.6.15-150000.3.116.1 python3-base-debuginfo-3.6.15-150000.3.116.1 python3-core-debugsource-3.6.15-150000.3.116.1 python3-curses-3.6.15-150000.3.116.1 python3-curses-debuginfo-3.6.15-150000.3.116.1 python3-dbm-3.6.15-150000.3.116.1 python3-dbm-debuginfo-3.6.15-150000.3.116.1 python3-debuginfo-3.6.15-150000.3.116.1 python3-debugsource-3.6.15-150000.3.116.1 python3-devel-3.6.15-150000.3.116.1 python3-devel-debuginfo-3.6.15-150000.3.116.1 python3-idle-3.6.15-150000.3.116.1 python3-tk-3.6.15-150000.3.116.1 python3-tk-debuginfo-3.6.15-150000.3.116.1 python3-tools-3.6.15-150000.3.116.1 o SUSE Linux Enterprise Server 15-SP2-BCL (x86_64): libpython3_6m1_0-3.6.15-150000.3.116.1 libpython3_6m1_0-debuginfo-3.6.15-150000.3.116.1 python3-3.6.15-150000.3.116.1 python3-base-3.6.15-150000.3.116.1 python3-base-debuginfo-3.6.15-150000.3.116.1 python3-core-debugsource-3.6.15-150000.3.116.1 python3-curses-3.6.15-150000.3.116.1 python3-curses-debuginfo-3.6.15-150000.3.116.1 python3-dbm-3.6.15-150000.3.116.1 python3-dbm-debuginfo-3.6.15-150000.3.116.1 python3-debuginfo-3.6.15-150000.3.116.1 python3-debugsource-3.6.15-150000.3.116.1 python3-devel-3.6.15-150000.3.116.1 python3-devel-debuginfo-3.6.15-150000.3.116.1 python3-idle-3.6.15-150000.3.116.1 python3-tk-3.6.15-150000.3.116.1 python3-tk-debuginfo-3.6.15-150000.3.116.1 python3-tools-3.6.15-150000.3.116.1 o SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64): libpython3_6m1_0-3.6.15-150000.3.116.1 libpython3_6m1_0-debuginfo-3.6.15-150000.3.116.1 python3-3.6.15-150000.3.116.1 python3-base-3.6.15-150000.3.116.1 python3-base-debuginfo-3.6.15-150000.3.116.1 python3-core-debugsource-3.6.15-150000.3.116.1 python3-curses-3.6.15-150000.3.116.1 python3-curses-debuginfo-3.6.15-150000.3.116.1 python3-dbm-3.6.15-150000.3.116.1 python3-dbm-debuginfo-3.6.15-150000.3.116.1 python3-debuginfo-3.6.15-150000.3.116.1 python3-debugsource-3.6.15-150000.3.116.1 python3-devel-3.6.15-150000.3.116.1 python3-devel-debuginfo-3.6.15-150000.3.116.1 python3-idle-3.6.15-150000.3.116.1 python3-testsuite-3.6.15-150000.3.116.1 python3-tk-3.6.15-150000.3.116.1 python3-tk-debuginfo-3.6.15-150000.3.116.1 python3-tools-3.6.15-150000.3.116.1 o SUSE Linux Enterprise Server 15-SP1-BCL (x86_64): libpython3_6m1_0-3.6.15-150000.3.116.1 libpython3_6m1_0-debuginfo-3.6.15-150000.3.116.1 python3-3.6.15-150000.3.116.1 python3-base-3.6.15-150000.3.116.1 python3-base-debuginfo-3.6.15-150000.3.116.1 python3-core-debugsource-3.6.15-150000.3.116.1 python3-curses-3.6.15-150000.3.116.1 python3-curses-debuginfo-3.6.15-150000.3.116.1 python3-dbm-3.6.15-150000.3.116.1 python3-dbm-debuginfo-3.6.15-150000.3.116.1 python3-debuginfo-3.6.15-150000.3.116.1 python3-debugsource-3.6.15-150000.3.116.1 python3-devel-3.6.15-150000.3.116.1 python3-devel-debuginfo-3.6.15-150000.3.116.1 python3-idle-3.6.15-150000.3.116.1 python3-testsuite-3.6.15-150000.3.116.1 python3-tk-3.6.15-150000.3.116.1 python3-tk-debuginfo-3.6.15-150000.3.116.1 python3-tools-3.6.15-150000.3.116.1 o SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x): libpython3_6m1_0-3.6.15-150000.3.116.1 libpython3_6m1_0-debuginfo-3.6.15-150000.3.116.1 python3-3.6.15-150000.3.116.1 python3-base-3.6.15-150000.3.116.1 python3-base-debuginfo-3.6.15-150000.3.116.1 python3-core-debugsource-3.6.15-150000.3.116.1 python3-curses-3.6.15-150000.3.116.1 python3-curses-debuginfo-3.6.15-150000.3.116.1 python3-dbm-3.6.15-150000.3.116.1 python3-dbm-debuginfo-3.6.15-150000.3.116.1 python3-debuginfo-3.6.15-150000.3.116.1 python3-debugsource-3.6.15-150000.3.116.1 python3-devel-3.6.15-150000.3.116.1 python3-devel-debuginfo-3.6.15-150000.3.116.1 python3-idle-3.6.15-150000.3.116.1 python3-tk-3.6.15-150000.3.116.1 python3-tk-debuginfo-3.6.15-150000.3.116.1 python3-tools-3.6.15-150000.3.116.1 o SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64): libpython3_6m1_0-3.6.15-150000.3.116.1 libpython3_6m1_0-debuginfo-3.6.15-150000.3.116.1 python3-3.6.15-150000.3.116.1 python3-base-3.6.15-150000.3.116.1 python3-base-debuginfo-3.6.15-150000.3.116.1 python3-core-debugsource-3.6.15-150000.3.116.1 python3-debuginfo-3.6.15-150000.3.116.1 python3-debugsource-3.6.15-150000.3.116.1 o SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64): libpython3_6m1_0-3.6.15-150000.3.116.1 libpython3_6m1_0-debuginfo-3.6.15-150000.3.116.1 python3-3.6.15-150000.3.116.1 python3-base-3.6.15-150000.3.116.1 python3-base-debuginfo-3.6.15-150000.3.116.1 python3-core-debugsource-3.6.15-150000.3.116.1 python3-curses-3.6.15-150000.3.116.1 python3-curses-debuginfo-3.6.15-150000.3.116.1 python3-dbm-3.6.15-150000.3.116.1 python3-dbm-debuginfo-3.6.15-150000.3.116.1 python3-debuginfo-3.6.15-150000.3.116.1 python3-debugsource-3.6.15-150000.3.116.1 python3-devel-3.6.15-150000.3.116.1 python3-devel-debuginfo-3.6.15-150000.3.116.1 python3-idle-3.6.15-150000.3.116.1 python3-tk-3.6.15-150000.3.116.1 python3-tk-debuginfo-3.6.15-150000.3.116.1 python3-tools-3.6.15-150000.3.116.1 o SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64): libpython3_6m1_0-3.6.15-150000.3.116.1 libpython3_6m1_0-debuginfo-3.6.15-150000.3.116.1 python3-3.6.15-150000.3.116.1 python3-base-3.6.15-150000.3.116.1 python3-base-debuginfo-3.6.15-150000.3.116.1 python3-core-debugsource-3.6.15-150000.3.116.1 python3-curses-3.6.15-150000.3.116.1 python3-curses-debuginfo-3.6.15-150000.3.116.1 python3-dbm-3.6.15-150000.3.116.1 python3-dbm-debuginfo-3.6.15-150000.3.116.1 python3-debuginfo-3.6.15-150000.3.116.1 python3-debugsource-3.6.15-150000.3.116.1 python3-devel-3.6.15-150000.3.116.1 python3-devel-debuginfo-3.6.15-150000.3.116.1 python3-idle-3.6.15-150000.3.116.1 python3-tk-3.6.15-150000.3.116.1 python3-tk-debuginfo-3.6.15-150000.3.116.1 python3-tools-3.6.15-150000.3.116.1 o SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64): libpython3_6m1_0-3.6.15-150000.3.116.1 libpython3_6m1_0-debuginfo-3.6.15-150000.3.116.1 python3-3.6.15-150000.3.116.1 python3-base-3.6.15-150000.3.116.1 python3-base-debuginfo-3.6.15-150000.3.116.1 python3-core-debugsource-3.6.15-150000.3.116.1 python3-curses-3.6.15-150000.3.116.1 python3-curses-debuginfo-3.6.15-150000.3.116.1 python3-dbm-3.6.15-150000.3.116.1 python3-dbm-debuginfo-3.6.15-150000.3.116.1 python3-debuginfo-3.6.15-150000.3.116.1 python3-debugsource-3.6.15-150000.3.116.1 python3-devel-3.6.15-150000.3.116.1 python3-devel-debuginfo-3.6.15-150000.3.116.1 python3-idle-3.6.15-150000.3.116.1 python3-testsuite-3.6.15-150000.3.116.1 python3-tk-3.6.15-150000.3.116.1 python3-tk-debuginfo-3.6.15-150000.3.116.1 python3-tools-3.6.15-150000.3.116.1 o SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64): libpython3_6m1_0-3.6.15-150000.3.116.1 libpython3_6m1_0-debuginfo-3.6.15-150000.3.116.1 python3-3.6.15-150000.3.116.1 python3-base-3.6.15-150000.3.116.1 python3-base-debuginfo-3.6.15-150000.3.116.1 python3-core-debugsource-3.6.15-150000.3.116.1 python3-curses-3.6.15-150000.3.116.1 python3-curses-debuginfo-3.6.15-150000.3.116.1 python3-dbm-3.6.15-150000.3.116.1 python3-dbm-debuginfo-3.6.15-150000.3.116.1 python3-debuginfo-3.6.15-150000.3.116.1 python3-debugsource-3.6.15-150000.3.116.1 python3-devel-3.6.15-150000.3.116.1 python3-devel-debuginfo-3.6.15-150000.3.116.1 python3-idle-3.6.15-150000.3.116.1 python3-testsuite-3.6.15-150000.3.116.1 python3-tk-3.6.15-150000.3.116.1 python3-tk-debuginfo-3.6.15-150000.3.116.1 python3-tools-3.6.15-150000.3.116.1 o SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64): libpython3_6m1_0-3.6.15-150000.3.116.1 libpython3_6m1_0-debuginfo-3.6.15-150000.3.116.1 python3-3.6.15-150000.3.116.1 python3-base-3.6.15-150000.3.116.1 python3-base-debuginfo-3.6.15-150000.3.116.1 python3-core-debugsource-3.6.15-150000.3.116.1 python3-curses-3.6.15-150000.3.116.1 python3-curses-debuginfo-3.6.15-150000.3.116.1 python3-dbm-3.6.15-150000.3.116.1 python3-dbm-debuginfo-3.6.15-150000.3.116.1 python3-debuginfo-3.6.15-150000.3.116.1 python3-debugsource-3.6.15-150000.3.116.1 python3-devel-3.6.15-150000.3.116.1 python3-devel-debuginfo-3.6.15-150000.3.116.1 python3-idle-3.6.15-150000.3.116.1 python3-tk-3.6.15-150000.3.116.1 python3-tk-debuginfo-3.6.15-150000.3.116.1 python3-tools-3.6.15-150000.3.116.1 o SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64): libpython3_6m1_0-3.6.15-150000.3.116.1 libpython3_6m1_0-debuginfo-3.6.15-150000.3.116.1 python3-3.6.15-150000.3.116.1 python3-base-3.6.15-150000.3.116.1 python3-base-debuginfo-3.6.15-150000.3.116.1 python3-core-debugsource-3.6.15-150000.3.116.1 python3-curses-3.6.15-150000.3.116.1 python3-curses-debuginfo-3.6.15-150000.3.116.1 python3-dbm-3.6.15-150000.3.116.1 python3-dbm-debuginfo-3.6.15-150000.3.116.1 python3-debuginfo-3.6.15-150000.3.116.1 python3-debugsource-3.6.15-150000.3.116.1 python3-devel-3.6.15-150000.3.116.1 python3-devel-debuginfo-3.6.15-150000.3.116.1 python3-idle-3.6.15-150000.3.116.1 python3-tk-3.6.15-150000.3.116.1 python3-tk-debuginfo-3.6.15-150000.3.116.1 python3-tools-3.6.15-150000.3.116.1 o SUSE Enterprise Storage 7 (aarch64 x86_64): libpython3_6m1_0-3.6.15-150000.3.116.1 libpython3_6m1_0-debuginfo-3.6.15-150000.3.116.1 python3-3.6.15-150000.3.116.1 python3-base-3.6.15-150000.3.116.1 python3-base-debuginfo-3.6.15-150000.3.116.1 python3-core-debugsource-3.6.15-150000.3.116.1 python3-curses-3.6.15-150000.3.116.1 python3-curses-debuginfo-3.6.15-150000.3.116.1 python3-dbm-3.6.15-150000.3.116.1 python3-dbm-debuginfo-3.6.15-150000.3.116.1 python3-debuginfo-3.6.15-150000.3.116.1 python3-debugsource-3.6.15-150000.3.116.1 python3-devel-3.6.15-150000.3.116.1 python3-devel-debuginfo-3.6.15-150000.3.116.1 python3-idle-3.6.15-150000.3.116.1 python3-tk-3.6.15-150000.3.116.1 python3-tk-debuginfo-3.6.15-150000.3.116.1 python3-tools-3.6.15-150000.3.116.1 o SUSE Enterprise Storage 6 (aarch64 x86_64): libpython3_6m1_0-3.6.15-150000.3.116.1 libpython3_6m1_0-debuginfo-3.6.15-150000.3.116.1 python3-3.6.15-150000.3.116.1 python3-base-3.6.15-150000.3.116.1 python3-base-debuginfo-3.6.15-150000.3.116.1 python3-core-debugsource-3.6.15-150000.3.116.1 python3-curses-3.6.15-150000.3.116.1 python3-curses-debuginfo-3.6.15-150000.3.116.1 python3-dbm-3.6.15-150000.3.116.1 python3-dbm-debuginfo-3.6.15-150000.3.116.1 python3-debuginfo-3.6.15-150000.3.116.1 python3-debugsource-3.6.15-150000.3.116.1 python3-devel-3.6.15-150000.3.116.1 python3-devel-debuginfo-3.6.15-150000.3.116.1 python3-idle-3.6.15-150000.3.116.1 python3-testsuite-3.6.15-150000.3.116.1 python3-tk-3.6.15-150000.3.116.1 python3-tk-debuginfo-3.6.15-150000.3.116.1 python3-tools-3.6.15-150000.3.116.1 o SUSE CaaS Platform 4.0 (x86_64): libpython3_6m1_0-3.6.15-150000.3.116.1 libpython3_6m1_0-debuginfo-3.6.15-150000.3.116.1 python3-3.6.15-150000.3.116.1 python3-base-3.6.15-150000.3.116.1 python3-base-debuginfo-3.6.15-150000.3.116.1 python3-core-debugsource-3.6.15-150000.3.116.1 python3-curses-3.6.15-150000.3.116.1 python3-curses-debuginfo-3.6.15-150000.3.116.1 python3-dbm-3.6.15-150000.3.116.1 python3-dbm-debuginfo-3.6.15-150000.3.116.1 python3-debuginfo-3.6.15-150000.3.116.1 python3-debugsource-3.6.15-150000.3.116.1 python3-devel-3.6.15-150000.3.116.1 python3-devel-debuginfo-3.6.15-150000.3.116.1 python3-idle-3.6.15-150000.3.116.1 python3-testsuite-3.6.15-150000.3.116.1 python3-tk-3.6.15-150000.3.116.1 python3-tk-debuginfo-3.6.15-150000.3.116.1 python3-tools-3.6.15-150000.3.116.1 References: o https://www.suse.com/security/cve/CVE-2020-10735.html o https://www.suse.com/security/cve/CVE-2022-37454.html o https://bugzilla.suse.com/1203125 o https://bugzilla.suse.com/1204577 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY2yG0ckNZI30y1K9AQiiaw/+LPHOcQsZV5OYxAOW88524poMBxJmAmIg WkmmKezjsIVLu03xDH3m0wssKh+uDA+jtMZ7d+zljH3xqi6EdOzTXUeoVGXX2csH brBL8aXRzn/OtffkjguO79uv9k6ZTV789xK6WywNH8CkTQEVl3KJT53TH6LDXRY2 LCtch8LpDBw8kw87uTVn4v2JygLeclarB5uaFNRkeHQVW2mRdjMzlMHqXlZ2ajeu H6hBvsr57pY2BicUuuDgSD2R8kjTOghTtERtNzLZ0bVo2pMzQhKdPR1NJtVCU/QS MNggx4ncjlrjFJYz7vE+yFQhZXJMOnk9s+ikN7TnfVo/Z8F4l0L0flLuvdVv3EfZ QJKvht7gGAKUm7PvkzQMCBT3fnLUtGazOsinf7UqM8BinLXKX04Q/9kWoKNuvr5C 5/By0I0LE66+uzW8aj+3PQZbGZFOoQpuwcPU7pEtJE3U8JKdy4KAMQRo19pZc6W1 qVoNN0nuGR2nn9cSXB/E/W/IVZv45Mw2A1DuANSL8hJjk/8u6kWd9ufJKU4J8pG1 X+WtSBm1NiSJfaQBycxBrZ9PSE4pHoEB4QZ3AIInResn4duYaJCk8sPkIePxN/yu ME5WR9vnc+bbvRd3yf3NuURB0QLe53fM6inrO3ii2WjgUmT8kv5ZOxcUzYEQrexQ 0V+tfcN9iW8= =pp0V -----END PGP SIGNATURE-----
2022. november 10.

ESB-2022.5779 - [SUSE] protobuf: CVSS (Max): 7.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5779 Security update for protobuf 10 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: protobuf Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade CVE Names: CVE-2022-3171 CVE-2022-1941 CVE-2021-22569 Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20223922-1 Comment: CVSS (Max): 7.5 CVE-2022-3171 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVSS Source: SUSE Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for protobuf ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3922-1 Rating: important References: #1194530 #1203681 #1204256 Cross-References: CVE-2021-22569 CVE-2022-1941 CVE-2022-3171 Affected Products: SUSE Enterprise Storage 7 SUSE Enterprise Storage 7.1 SUSE Linux Enterprise Desktop 15-SP2 SUSE Linux Enterprise Desktop 15-SP3 SUSE Linux Enterprise Desktop 15-SP4 SUSE Linux Enterprise High Performance Computing 15-SP2 SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise High Performance Computing 15-SP4 SUSE Linux Enterprise Installer 15-SP2 SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Module for Basesystem 15-SP3 SUSE Linux Enterprise Module for Basesystem 15-SP4 SUSE Linux Enterprise Module for Development Tools 15-SP3 SUSE Linux Enterprise Module for Development Tools 15-SP4 SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 SUSE Linux Enterprise Module for Public Cloud 15-SP2 SUSE Linux Enterprise Module for Public Cloud 15-SP3 SUSE Linux Enterprise Module for Public Cloud 15-SP4 SUSE Linux Enterprise Module for SUSE Manager Server 4.1 SUSE Linux Enterprise Module for SUSE Manager Server 4.2 SUSE Linux Enterprise Module for SUSE Manager Server 4.3 SUSE Linux Enterprise Server 15-SP2 SUSE Linux Enterprise Server 15-SP2-BCL SUSE Linux Enterprise Server 15-SP2-LTSS SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server 15-SP4 SUSE Linux Enterprise Server for SAP 15-SP2 SUSE Linux Enterprise Server for SAP Applications 15-SP2 SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Linux Enterprise Server for SAP Applications 15-SP4 SUSE Manager Proxy 4.1 SUSE Manager Proxy 4.2 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.1 SUSE Manager Retail Branch Server 4.2 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.1 SUSE Manager Server 4.2 SUSE Manager Server 4.3 openSUSE Leap 15.3 openSUSE Leap 15.4 openSUSE Leap Micro 5.2 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for protobuf fixes the following issues: o CVE-2021-22569: Fixed Denial of Service in protobuf-java in the parsing procedure for binary data (bsc#1194530). o CVE-2022-1941: Fix a potential DoS issue in protobuf-cpp and protobuf-python (bsc#1203681) o CVE-2022-3171: Fix a potential DoS issue when parsing with binary data in protobuf-java (bsc#1204256) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o openSUSE Leap Micro 5.2: zypper in -t patch openSUSE-Leap-Micro-5.2-2022-3922=1 o openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-3922=1 o openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-3922=1 o SUSE Manager Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-3922=1 o SUSE Manager Retail Branch Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-3922=1 o SUSE Manager Proxy 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-3922=1 o SUSE Linux Enterprise Server for SAP 15-SP2: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-3922=1 o SUSE Linux Enterprise Server 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-3922=1 o SUSE Linux Enterprise Server 15-SP2-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-3922=1 o SUSE Linux Enterprise Module for SUSE Manager Server 4.3: zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2022-3922=1 o SUSE Linux Enterprise Module for SUSE Manager Server 4.2: zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.2-2022-3922=1 o SUSE Linux Enterprise Module for SUSE Manager Server 4.1: zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.1-2022-3922=1 o SUSE Linux Enterprise Module for Public Cloud 15-SP4: zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2022-3922=1 o SUSE Linux Enterprise Module for Public Cloud 15-SP3: zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2022-3922=1 o SUSE Linux Enterprise Module for Public Cloud 15-SP2: zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2022-3922=1 o SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4: zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-3922= 1 o SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3: zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-3922= 1 o SUSE Linux Enterprise Module for Development Tools 15-SP4: zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-3922=1 o SUSE Linux Enterprise Module for Development Tools 15-SP3: zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-3922=1 o SUSE Linux Enterprise Module for Basesystem 15-SP4: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3922=1 o SUSE Linux Enterprise Module for Basesystem 15-SP3: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3922=1 o SUSE Linux Enterprise Micro 5.3: zypper in -t patch SUSE-SLE-Micro-5.3-2022-3922=1 o SUSE Linux Enterprise Micro 5.2: zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-3922=1 o SUSE Linux Enterprise Micro 5.1: zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-3922=1 o SUSE Linux Enterprise Installer 15-SP2: zypper in -t patch SUSE-SLE-INSTALLER-15-SP2-2022-3922=1 o SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-3922=1 o SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-3922=1 o SUSE Enterprise Storage 7: zypper in -t patch SUSE-Storage-7-2022-3922=1 Package List: o openSUSE Leap Micro 5.2 (aarch64 x86_64): libprotobuf-lite20-3.9.2-150200.4.19.2 libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2 protobuf-debugsource-3.9.2-150200.4.19.2 o openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): libprotobuf-lite20-3.9.2-150200.4.19.2 libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2 libprotobuf20-3.9.2-150200.4.19.2 libprotobuf20-debuginfo-3.9.2-150200.4.19.2 libprotoc20-3.9.2-150200.4.19.2 libprotoc20-debuginfo-3.9.2-150200.4.19.2 protobuf-debugsource-3.9.2-150200.4.19.2 protobuf-devel-3.9.2-150200.4.19.2 protobuf-devel-debuginfo-3.9.2-150200.4.19.2 protobuf-java-3.9.2-150200.4.19.2 python3-protobuf-3.9.2-150200.4.19.2 o openSUSE Leap 15.4 (noarch): protobuf-source-3.9.2-150200.4.19.2 o openSUSE Leap 15.4 (x86_64): libprotobuf-lite20-32bit-3.9.2-150200.4.19.2 libprotobuf-lite20-32bit-debuginfo-3.9.2-150200.4.19.2 libprotobuf20-32bit-3.9.2-150200.4.19.2 libprotobuf20-32bit-debuginfo-3.9.2-150200.4.19.2 libprotoc20-32bit-3.9.2-150200.4.19.2 libprotoc20-32bit-debuginfo-3.9.2-150200.4.19.2 o openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): libprotobuf-lite20-3.9.2-150200.4.19.2 libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2 libprotobuf20-3.9.2-150200.4.19.2 libprotobuf20-debuginfo-3.9.2-150200.4.19.2 libprotoc20-3.9.2-150200.4.19.2 libprotoc20-debuginfo-3.9.2-150200.4.19.2 protobuf-debugsource-3.9.2-150200.4.19.2 protobuf-devel-3.9.2-150200.4.19.2 protobuf-devel-debuginfo-3.9.2-150200.4.19.2 protobuf-java-3.9.2-150200.4.19.2 python2-protobuf-3.9.2-150200.4.19.2 python3-protobuf-3.9.2-150200.4.19.2 o openSUSE Leap 15.3 (x86_64): libprotobuf-lite20-32bit-3.9.2-150200.4.19.2 libprotobuf-lite20-32bit-debuginfo-3.9.2-150200.4.19.2 libprotobuf20-32bit-3.9.2-150200.4.19.2 libprotobuf20-32bit-debuginfo-3.9.2-150200.4.19.2 libprotoc20-32bit-3.9.2-150200.4.19.2 libprotoc20-32bit-debuginfo-3.9.2-150200.4.19.2 o openSUSE Leap 15.3 (noarch): protobuf-source-3.9.2-150200.4.19.2 o SUSE Manager Server 4.1 (ppc64le s390x x86_64): libprotobuf-lite20-3.9.2-150200.4.19.2 libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2 libprotobuf20-3.9.2-150200.4.19.2 libprotobuf20-debuginfo-3.9.2-150200.4.19.2 libprotoc20-3.9.2-150200.4.19.2 libprotoc20-debuginfo-3.9.2-150200.4.19.2 protobuf-debugsource-3.9.2-150200.4.19.2 protobuf-devel-3.9.2-150200.4.19.2 protobuf-devel-debuginfo-3.9.2-150200.4.19.2 o SUSE Manager Retail Branch Server 4.1 (x86_64): libprotobuf-lite20-3.9.2-150200.4.19.2 libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2 libprotobuf20-3.9.2-150200.4.19.2 libprotobuf20-debuginfo-3.9.2-150200.4.19.2 libprotoc20-3.9.2-150200.4.19.2 libprotoc20-debuginfo-3.9.2-150200.4.19.2 protobuf-debugsource-3.9.2-150200.4.19.2 protobuf-devel-3.9.2-150200.4.19.2 protobuf-devel-debuginfo-3.9.2-150200.4.19.2 o SUSE Manager Proxy 4.1 (x86_64): libprotobuf-lite20-3.9.2-150200.4.19.2 libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2 libprotobuf20-3.9.2-150200.4.19.2 libprotobuf20-debuginfo-3.9.2-150200.4.19.2 libprotoc20-3.9.2-150200.4.19.2 libprotoc20-debuginfo-3.9.2-150200.4.19.2 protobuf-debugsource-3.9.2-150200.4.19.2 protobuf-devel-3.9.2-150200.4.19.2 protobuf-devel-debuginfo-3.9.2-150200.4.19.2 o SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64): libprotobuf-lite20-3.9.2-150200.4.19.2 libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2 libprotobuf20-3.9.2-150200.4.19.2 libprotobuf20-debuginfo-3.9.2-150200.4.19.2 libprotoc20-3.9.2-150200.4.19.2 libprotoc20-debuginfo-3.9.2-150200.4.19.2 protobuf-debugsource-3.9.2-150200.4.19.2 protobuf-devel-3.9.2-150200.4.19.2 protobuf-devel-debuginfo-3.9.2-150200.4.19.2 o SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64): libprotobuf-lite20-3.9.2-150200.4.19.2 libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2 libprotobuf20-3.9.2-150200.4.19.2 libprotobuf20-debuginfo-3.9.2-150200.4.19.2 libprotoc20-3.9.2-150200.4.19.2 libprotoc20-debuginfo-3.9.2-150200.4.19.2 protobuf-debugsource-3.9.2-150200.4.19.2 protobuf-devel-3.9.2-150200.4.19.2 protobuf-devel-debuginfo-3.9.2-150200.4.19.2 o SUSE Linux Enterprise Server 15-SP2-BCL (x86_64): libprotobuf-lite20-3.9.2-150200.4.19.2 libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2 libprotobuf20-3.9.2-150200.4.19.2 libprotobuf20-debuginfo-3.9.2-150200.4.19.2 libprotoc20-3.9.2-150200.4.19.2 libprotoc20-debuginfo-3.9.2-150200.4.19.2 protobuf-debugsource-3.9.2-150200.4.19.2 protobuf-devel-3.9.2-150200.4.19.2 protobuf-devel-debuginfo-3.9.2-150200.4.19.2 o SUSE Linux Enterprise Module for SUSE Manager Server 4.3 (aarch64 ppc64le s390x x86_64): protobuf-debugsource-3.9.2-150200.4.19.2 protobuf-java-3.9.2-150200.4.19.2 o SUSE Linux Enterprise Module for SUSE Manager Server 4.2 (aarch64 ppc64le s390x x86_64): protobuf-debugsource-3.9.2-150200.4.19.2 protobuf-java-3.9.2-150200.4.19.2 o SUSE Linux Enterprise Module for SUSE Manager Server 4.1 (aarch64 ppc64le s390x x86_64): protobuf-debugsource-3.9.2-150200.4.19.2 protobuf-java-3.9.2-150200.4.19.2 o SUSE Linux Enterprise Module for Public Cloud 15-SP4 (aarch64 ppc64le s390x x86_64): protobuf-debugsource-3.9.2-150200.4.19.2 python3-protobuf-3.9.2-150200.4.19.2 o SUSE Linux Enterprise Module for Public Cloud 15-SP3 (aarch64 ppc64le s390x x86_64): protobuf-debugsource-3.9.2-150200.4.19.2 python3-protobuf-3.9.2-150200.4.19.2 o SUSE Linux Enterprise Module for Public Cloud 15-SP2 (aarch64 ppc64le s390x x86_64): python3-protobuf-3.9.2-150200.4.19.2 o SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x x86_64): protobuf-debugsource-3.9.2-150200.4.19.2 python2-protobuf-3.9.2-150200.4.19.2 python3-protobuf-3.9.2-150200.4.19.2 o SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x x86_64): protobuf-debugsource-3.9.2-150200.4.19.2 python2-protobuf-3.9.2-150200.4.19.2 python3-protobuf-3.9.2-150200.4.19.2 o SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64): libprotoc20-3.9.2-150200.4.19.2 libprotoc20-debuginfo-3.9.2-150200.4.19.2 protobuf-debugsource-3.9.2-150200.4.19.2 protobuf-devel-3.9.2-150200.4.19.2 protobuf-devel-debuginfo-3.9.2-150200.4.19.2 o SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64): libprotobuf-lite20-3.9.2-150200.4.19.2 libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2 libprotoc20-3.9.2-150200.4.19.2 libprotoc20-debuginfo-3.9.2-150200.4.19.2 protobuf-debugsource-3.9.2-150200.4.19.2 protobuf-devel-3.9.2-150200.4.19.2 protobuf-devel-debuginfo-3.9.2-150200.4.19.2 o SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64): libprotobuf-lite20-3.9.2-150200.4.19.2 libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2 libprotobuf20-3.9.2-150200.4.19.2 libprotobuf20-debuginfo-3.9.2-150200.4.19.2 protobuf-debugsource-3.9.2-150200.4.19.2 o SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64): libprotobuf-lite20-3.9.2-150200.4.19.2 libprotobuf20-3.9.2-150200.4.19.2 libprotobuf20-debuginfo-3.9.2-150200.4.19.2 protobuf-debugsource-3.9.2-150200.4.19.2 o SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64): libprotobuf-lite20-3.9.2-150200.4.19.2 libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2 protobuf-debugsource-3.9.2-150200.4.19.2 o SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64): libprotobuf-lite20-3.9.2-150200.4.19.2 libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2 protobuf-debugsource-3.9.2-150200.4.19.2 o SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64): libprotobuf-lite20-3.9.2-150200.4.19.2 o SUSE Linux Enterprise Installer 15-SP2 (aarch64 ppc64le s390x x86_64): libprotobuf-lite20-3.9.2-150200.4.19.2 o SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64): libprotobuf-lite20-3.9.2-150200.4.19.2 libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2 libprotobuf20-3.9.2-150200.4.19.2 libprotobuf20-debuginfo-3.9.2-150200.4.19.2 libprotoc20-3.9.2-150200.4.19.2 libprotoc20-debuginfo-3.9.2-150200.4.19.2 protobuf-debugsource-3.9.2-150200.4.19.2 protobuf-devel-3.9.2-150200.4.19.2 protobuf-devel-debuginfo-3.9.2-150200.4.19.2 o SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64): libprotobuf-lite20-3.9.2-150200.4.19.2 libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2 libprotobuf20-3.9.2-150200.4.19.2 libprotobuf20-debuginfo-3.9.2-150200.4.19.2 libprotoc20-3.9.2-150200.4.19.2 libprotoc20-debuginfo-3.9.2-150200.4.19.2 protobuf-debugsource-3.9.2-150200.4.19.2 protobuf-devel-3.9.2-150200.4.19.2 protobuf-devel-debuginfo-3.9.2-150200.4.19.2 o SUSE Enterprise Storage 7 (aarch64 x86_64): libprotobuf-lite20-3.9.2-150200.4.19.2 libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2 libprotobuf20-3.9.2-150200.4.19.2 libprotobuf20-debuginfo-3.9.2-150200.4.19.2 libprotoc20-3.9.2-150200.4.19.2 libprotoc20-debuginfo-3.9.2-150200.4.19.2 protobuf-debugsource-3.9.2-150200.4.19.2 protobuf-devel-3.9.2-150200.4.19.2 protobuf-devel-debuginfo-3.9.2-150200.4.19.2 References: o https://www.suse.com/security/cve/CVE-2021-22569.html o https://www.suse.com/security/cve/CVE-2022-1941.html o https://www.suse.com/security/cve/CVE-2022-3171.html o https://bugzilla.suse.com/1194530 o https://bugzilla.suse.com/1203681 o https://bugzilla.suse.com/1204256 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY2yGuckNZI30y1K9AQi6Xw/+LDO77p15tRogHhwcR4CLrRAp7wXdBwFt 0ayc/LVCtYsseHtUBOi/74uPkcNj1CkHqd8bS943ZpAlLvT2haB4WK8rmxCrr1gE ipfFbOuTT08fk/RaY9oFc0Pu/ziI5TFvqgbN0o39ow61FgA9nooDjJcPSwtPfRQf VeiUH9/NsTKQ5JfvZHe3Widk8AwEKzUOFO16igNlkW8rqQKemlbysehcm2efQGED wwj3vP5JERHD1T8EEH1YA3/0p1floKNz6YJBYW6pxTxKPr28djYlb8RIe1rT4K8R jSbf/z8gznZSIl01wtx9kov7CwJiTzYJRvusRaA1htOIZpcSobGysQwHgXrraHMc xJmp4TUUSB045pVBWsuXR067EMlkWDbAsSug4R+Swi76OSwLdKU8A4/e6y6AtMhf GgT5m/pA/n8i7YRFkmPI+fk1uFj4he8KBliQNEVZ2HWhmyzVh1rM3HR9Be6/WoTC aKZ69GALai5sIq9YDQDlbIXAZK7dC9s31YzpwRRgd/5gud5dPwQHVNCXzfMINf4F +B7XN/rWN9VDUhgcxuuIu6hWtSQBrcUM9i2f6enxmJ+0rewdfojHo+zWqgWIK1vj sZmQ6nZMc5cbmQy4E+Kmar7Jfez3g1fo/OqUY4Azu5l348fyJOtVIW0V0cXF+ddq pNzcA5cK0TQ= =6F9K -----END PGP SIGNATURE-----
2022. november 10.

ESB-2022.5778 - [SUSE] kubevirt: CVSS (Max): None

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5778 Security update for kubevirt 10 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: kubevirt Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20223919-1 Comment: CVSS (Max): None available when published - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for kubevirt ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3919-1 Rating: important References: Affected Products: SUSE Enterprise Storage 7.1 SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise Module for Containers 15-SP3 SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.2 SUSE Manager Server 4.2 openSUSE Leap 15.3 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update rebuilds the kubevirt stack to include recent security updates in its basecontainers. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-3919=1 o SUSE Linux Enterprise Module for Containers 15-SP3: zypper in -t patch SUSE-SLE-Module-Containers-15-SP3-2022-3919=1 Package List: o openSUSE Leap 15.3 (x86_64): kubevirt-container-disk-0.49.0-150300.8.15.1 kubevirt-container-disk-debuginfo-0.49.0-150300.8.15.1 kubevirt-manifests-0.49.0-150300.8.15.1 kubevirt-tests-0.49.0-150300.8.15.1 kubevirt-tests-debuginfo-0.49.0-150300.8.15.1 kubevirt-virt-api-0.49.0-150300.8.15.1 kubevirt-virt-api-debuginfo-0.49.0-150300.8.15.1 kubevirt-virt-controller-0.49.0-150300.8.15.1 kubevirt-virt-controller-debuginfo-0.49.0-150300.8.15.1 kubevirt-virt-handler-0.49.0-150300.8.15.1 kubevirt-virt-handler-debuginfo-0.49.0-150300.8.15.1 kubevirt-virt-launcher-0.49.0-150300.8.15.1 kubevirt-virt-launcher-debuginfo-0.49.0-150300.8.15.1 kubevirt-virt-operator-0.49.0-150300.8.15.1 kubevirt-virt-operator-debuginfo-0.49.0-150300.8.15.1 kubevirt-virtctl-0.49.0-150300.8.15.1 kubevirt-virtctl-debuginfo-0.49.0-150300.8.15.1 obs-service-kubevirt_containers_meta-0.49.0-150300.8.15.1 o SUSE Linux Enterprise Module for Containers 15-SP3 (x86_64): kubevirt-manifests-0.49.0-150300.8.15.1 kubevirt-virtctl-0.49.0-150300.8.15.1 kubevirt-virtctl-debuginfo-0.49.0-150300.8.15.1 References: - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY2yGp8kNZI30y1K9AQgE7hAApWsU/N3qQG1bZ6C5DA5Tns/N2VF3PGpX OVkfxLS08Y12WqtB2HQfDHM/0UwQWlGI9hJlobQCRb07w8kjJ54zFBYPk+fI5SF4 lm7yZryQbEriX6jUxdVqiAawn26Hg27g+Y/J8TLikPKsVt5zPtaJ08wflXbOhhhe jHp8aZP1lHpuzpks+UY0YrxCaKAq4Lof8F+ZsqKWsxiWNTObx7GYrt8it+1me9YF js5lgM9Tx0RYJPKu27ZOru77gBCPGSZXzHCksq1L8mGyiOXj14R6hMklB4lpaSgM R5m36o2TY3sP9Wxd6kvnfZsp5qbRH/7ngprsSkbVPWeQTMSEyV8ZlbiC/cS+gbrR zXgsbgbyFMju/dYuuZbNXAKcIMVta0SMAS88V8zzHVSTqDggAQgmYCaeNHp0dV2P WWp8M1z79ueFWHXcOFxyLPpCoSCHsQQRQSPLA45VxVrRNyE6liqY6KrOqzrLpRN5 GYq1Lnbep9CxfwBvUw5wzaxVp1lYj5yocJD3CZ6JVJAuiz8+DakCSjW3p0hIZesx UL4DX+7OzD+gjMy6OaDn8G0090qeCPiud4NvsTMiqGyPl6jl4Z8kPah7M9JKKsE9 KYJfXH2xFR4h0GUppMBanxlDNXMGxINHm8ppfwV2bMO1T//eluZnYSqTXip/cmLX kPnxfw3AvhQ= =hcI4 -----END PGP SIGNATURE-----
2022. november 10.

ESB-2022.5777 - [SUSE] containerized data importer: CVSS (Max): None

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5777 Security update for containerized data importer 10 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: containerized data importer Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20223920-1 Comment: CVSS (Max): None available when published - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for containerized data importer ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3920-1 Rating: important References: Affected Products: SUSE Enterprise Storage 7.1 SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise Module for Containers 15-SP3 SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.2 SUSE Manager Server 4.2 openSUSE Leap 15.3 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update of containerized data importer images rebases the containers against the current base images to resolve security issues. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-3920=1 o SUSE Linux Enterprise Module for Containers 15-SP3: zypper in -t patch SUSE-SLE-Module-Containers-15-SP3-2022-3920=1 Package List: o openSUSE Leap 15.3 (x86_64): containerized-data-importer-api-1.43.2-150300.8.11.1 containerized-data-importer-api-debuginfo-1.43.2-150300.8.11.1 containerized-data-importer-cloner-1.43.2-150300.8.11.1 containerized-data-importer-cloner-debuginfo-1.43.2-150300.8.11.1 containerized-data-importer-controller-1.43.2-150300.8.11.1 containerized-data-importer-controller-debuginfo-1.43.2-150300.8.11.1 containerized-data-importer-importer-1.43.2-150300.8.11.1 containerized-data-importer-importer-debuginfo-1.43.2-150300.8.11.1 containerized-data-importer-manifests-1.43.2-150300.8.11.1 containerized-data-importer-operator-1.43.2-150300.8.11.1 containerized-data-importer-operator-debuginfo-1.43.2-150300.8.11.1 containerized-data-importer-uploadproxy-1.43.2-150300.8.11.1 containerized-data-importer-uploadproxy-debuginfo-1.43.2-150300.8.11.1 containerized-data-importer-uploadserver-1.43.2-150300.8.11.1 containerized-data-importer-uploadserver-debuginfo-1.43.2-150300.8.11.1 obs-service-cdi_containers_meta-1.43.2-150300.8.11.1 o SUSE Linux Enterprise Module for Containers 15-SP3 (x86_64): containerized-data-importer-manifests-1.43.2-150300.8.11.1 References: - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY2yGi8kNZI30y1K9AQjO9w/9HL4u8ns9X5eee7854ecGRzDGXIq+2UX7 wK1/WQcgZ3bDGlej3HEKIx5H/BjECQIycU61rHAofQS/V1dnjXDV7OwvO2JajVVp SJLmF89ggCS8N7FNpTTOmlF6XcP+QvwDa8ba7Pm4W0N60OkO5eEKl3vKKD2iAtTc PsVcLxDiqipshbN13OghjcRx1tbYT+2DNIPYQwi2FIUuqXy/FmJY7N/E4ymKOZxQ 62eWs5UKluqZP0maBwxXT03nNMOrGc7DDHJFehizMPlBAPqxP1UcJWYG0ne85bD8 W1FWI7lcohjO74SjPGCc1Wss2F8Vam0W40rFTikfsnskgeOWWCLLU0HRwQ4Tiuco CJWqxUOV9rGH/cJisIP2H5VNcpffrlB37+TG+eoPA4a1MM3NNDtSICpQtJRl63fL V9XIV6Rj+l4AxKImFEC6Xq35dBQjtU6FGo2EgPM+4bmwgaqhdNp8gJBcDzEkfdP4 wjiploawJ52o4vGUw58xue81oStCAHP2GWhGw0EjDv/ePkvvPqMBZn+yhTIIb2e7 vBHFFUjhFZ72GLt5KvNrBhRWSFTJlScnaSNfPok5+a8dfgYnTN5lZfgkMILEoA74 esDsX0JiUkylGTY8XcJhda+SnUSJxP+tW1ZPNYrPUg72yMcGStf/vMqMKo2kP4xS h9IvmypuYT4= =7PN4 -----END PGP SIGNATURE-----
2022. november 10.

ESB-2022.5776 - Palo Alto Products: CVSS (Max): 9.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5776 CVE-2022-42889 Impact of Apache Text Commons Vulnerability CVE-2022-42889 10 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Palo Alto Products Publisher: Palo Alto Networks Operating System: Windows UNIX variants (UNIX, Linux, OSX) Network Appliance Virtualisation Resolution: Mitigation CVE Names: CVE-2022-42889 Original Bulletin: https://securityadvisories.paloaltonetworks.com/CVE-2022-42889 Comment: CVSS (Max): 9.8 CVE-2022-42889 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSS Source: NVD Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- Palo Alto Networks Security Advisories / CVE-2022-42889 CVE-2022-42889 Impact of Apache Text Commons Vulnerability CVE-2022-42889 [INFO] Informational NVD JSON Published 2022-11-09 Updated 2022-11-09 Reference CVE-2022-42889 Discovered externally Description Palo Alto Networks has evaluated the Apache Commons Text library vulnerability CVE-2022-42889, known as Text4Shell, for all products and services. The Palo Alto Networks Product Security Assurance team has confirmed that all products and services are not impacted by this vulnerability. Product Status Versions Affected Unaffected AutoFocus None all Bridgecrew None all Cloud NGFW None all Cortex Data Lake None all Cortex XDR None all Cortex XDR Agent None all Cortex Xpanse None all Cortex XSOAR None all Enterprise Data Loss Prevention None all Exact Data Matching CLI None all Expanse None all Expedition Migration Tool None all GlobalProtect App None all IoT Security None all Okyo Garde None all Palo Alto Networks App for Splunk None all PAN-OS None all Prisma Access None all Prisma Cloud None all Prisma Cloud Compute None all Prisma SD-WAN (CloudGenix) None all Prisma SD-WAN ION None all SaaS Security None all User-ID Agent None all WildFire Appliance (WF-500) None all WildFire Cloud None all Exploitation Status Palo Alto Networks is not aware of any malicious exploitation of this issue on any of our products. Weakness Type CWE-94 Improper Control of Generation of Code ('Code Injection') Solution No software updates are required at this time. Workarounds and Mitigations Customers with a Threat Prevention subscription can block known attacks for CVE-2022-42889 by enabling Threat ID 93157 (Applications and Threats content update 8632). This mitigation reduces the risk of exploitation from known exploits. Timeline 2022-11-09 Initial publication Terms of usePrivacyProduct Security Assurance and Vulnerability Disclosure Policy Report vulnerabilitiesManage subscriptions (C) 2022 Palo Alto Networks, Inc. All rights reserved. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY2yFWckNZI30y1K9AQianA/7BnRPOP+mGDw+2kSPFv40tY8o4vlRPid8 hrLArFHjaoygN9S07kOeQKWAEQEY9vJR1AeqDtMn3Pfuwymi+5IZ9Aniid/QVlIY /jD2N4PJQWyk2N0Zp/7YlC9XwWp5ws82o0/qh4xEn16RHn0V3y9CMrnRUP0ymzxh 92dV54F6l6dLdGVbLdOKBjzs6MbtYVkkzpdNFYQzEFBWUX/sTaebwgEp/U0hhRGz oFKi4hw0jqoT9qPbNZ5HjrtM7Ub1xyHSEW5tiYVpPq48a/hwKXcH7L0AZFLvENyd dGl0LM93ua8c5jje47buPG0gv8u6cFRf8oBe7oI3OdXqa/ItwIJeWhGk8z7eFX69 8dTKDB9c7AjV6N7GYknDTSi2gqhF51LEyNNdMOWa9IqEw/XLvo+iUtQRYYQthNfU llsBGIKiGxvkeVlnMJwf0Rv77Dsd6SDvkrHiKBhVf/V/b0Ir7aJ4Vvs/2Ev8yasp 67bibA12ROmFSNjZE3wuy5yGIUXTgg+b6xG4J3l9rnb0jpCDFV9ubXAlq+SY/yDK nVw8bjX/23Mi485h3/yj/AEl0Zgr0Qd/rXwXT1xDZnkyQyp5pGYtyMHqFsYGqh+k vm1CKw55B1u0hvNwVVP/EVD7d0oAmU4CyYmR+kYFs7xCJoI+GRXOQwMjjt4EyvCG EU9WF6WHMHo= =Ze+o -----END PGP SIGNATURE-----