Hírolvasó
ESB-2023.0938 - [SUSE] haproxy: CVSS (Max): 9.3
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2023.0938
Security update for haproxy
16 February 2023
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: haproxy
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2023-25725 CVE-2023-0056
Original Bulletin:
https://www.suse.com/support/update/announcement/2023/suse-su-20230412-1
Comment: CVSS (Max): 9.3 CVE-2023-25725 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for haproxy
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0412-1
Rating: critical
References: #1207181 #1208132
Cross-References: CVE-2023-0056 CVE-2023-25725
Affected Products:
SUSE Linux Enterprise High Availability 15-SP1
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for haproxy fixes the following issues:
o CVE-2023-25725: Fixed a serious vulnerability in the HTTP/1 parser (bsc#
1208132).
o CVE-2023-0056: Fixed denial of service via crash in http_wait_for_response
() (bsc#1207181).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise High Availability 15-SP1:
zypper in -t patch SUSE-SLE-Product-HA-15-SP1-2023-412=1
Package List:
o SUSE Linux Enterprise High Availability 15-SP1 (aarch64 ppc64le s390x
x86_64):
haproxy-2.0.14-150100.8.27.1
haproxy-debuginfo-2.0.14-150100.8.27.1
haproxy-debugsource-2.0.14-150100.8.27.1
References:
o https://www.suse.com/security/cve/CVE-2023-0056.html
o https://www.suse.com/security/cve/CVE-2023-25725.html
o https://bugzilla.suse.com/1207181
o https://bugzilla.suse.com/1208132
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY+29LMkNZI30y1K9AQhm4g/+LXXmYLwDJiWSHomzc/ixsRsOWnAelEMd
QVOwdlTCLLgaBCJCDuYI3fau3M90vgmG9L1BMFY30SbAbA5rIsAGW6q5dv/oayE3
js1j+9hdyr7hIfClfesBFTpM/5gs5/jJ+br7IAuteT44Pmbu03AbLXSGqbvJeTfn
WCd6F/y8GpYaEHc/Sh4xj2ZAcV4997XUZzyodBDmNL/3UYs2S6NHE90e1BZftcO3
dFNjvnVHBwzfcGUzoZDIdBzMg80jq54yWfuVmGNDEPuZ1IK3jCT6t4w3mWgUZeFz
gX/4MR63swRt2IguslgybVbFSQ6+0uF29OnQkPOGL9O4JWcwZ9w9a5vYpmINLFeu
iWLgLlPV1GrtLEhRe0sJlVEN77UTnXqF+mSgT6btoOQqFG5MhnfA/lGFOhZvWQQu
Qyb/4rJTGPTGAAJAapUHpmMHpiY4dQq/Z/62AnY1F4e4U1CbvxSqU3UODRUMhtlH
dwzA3bttGmTWisTPp/Jc15aIPRbpGhSVTCXBmEhYO/MN+4NGTXUx6hyd1pwdWfKY
0F2jRsKwQ6SkV/nOnTi36j/0k6n1I9V+o/BptAGRlUO8lEfRulurDcDO/DSb9n0F
KaHHN/9pPsTqL8V5K24aSPacJlbQyyc24pWZrhbvgqBvgAwSwMEz0TghY06n+5YU
XwwoaOVSBzo=
=+8S7
-----END PGP SIGNATURE-----
ESB-2023.0937 - [SUSE] haproxy: CVSS (Max): 9.3
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2023.0937
Security update for haproxy
16 February 2023
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: haproxy
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2023-25725 CVE-2023-0056
Original Bulletin:
https://www.suse.com/support/update/announcement/2023/suse-su-20230413-1
Comment: CVSS (Max): 9.3 CVE-2023-25725 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for haproxy
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0413-1
Rating: critical
References: #1207181 #1208132
Cross-References: CVE-2023-0056 CVE-2023-25725
Affected Products:
SUSE Linux Enterprise High Availability 15-SP2
SUSE Linux Enterprise High Availability 15-SP3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for haproxy fixes the following issues:
o CVE-2023-25725: Fixed a serious vulnerability in the HTTP/1 parser (bsc#
1208132).
o CVE-2023-0056: Fixed denial of service via crash in http_wait_for_response
() (bsc#1207181).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise High Availability 15-SP3:
zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2023-413=1
o SUSE Linux Enterprise High Availability 15-SP2:
zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2023-413=1
Package List:
o SUSE Linux Enterprise High Availability 15-SP3 (aarch64 ppc64le s390x
x86_64):
haproxy-2.0.14-150200.11.15.1
haproxy-debuginfo-2.0.14-150200.11.15.1
haproxy-debugsource-2.0.14-150200.11.15.1
o SUSE Linux Enterprise High Availability 15-SP2 (aarch64 ppc64le s390x
x86_64):
haproxy-2.0.14-150200.11.15.1
haproxy-debuginfo-2.0.14-150200.11.15.1
haproxy-debugsource-2.0.14-150200.11.15.1
References:
o https://www.suse.com/security/cve/CVE-2023-0056.html
o https://www.suse.com/security/cve/CVE-2023-25725.html
o https://bugzilla.suse.com/1207181
o https://bugzilla.suse.com/1208132
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY+29B8kNZI30y1K9AQiLBRAAkwNc7+jf7onLUVt0D2kJfUJAfX7RmZiu
lX5cfkK2biA0qJcSFB8WzHhecfy+5CZFWZV8pFF790Q2Z4b2nCFWZX8eeMXaAFoK
xPfhZx+XONQzu8Zq1bmGtjcpcOQbcrvs/JxDEREsnCZBYVJKP5gtgCGJ5SInb14n
8Le1R0/ACVcD1DULDGOMWfb0smL96otU4sODVTxoIa9yr86sMzWwoCDzT3ehDJWV
mDs/JKrb7BWbARqW/3hPOidvgGybe5EhNKW/uPqXaWPo2Z2Tlh+MWlh8KZXDfiHF
0tZ2Jp940bFBCcEcOM4SC60ydGfYduWh4mAYOEd3r4nYIZV2UHm1eRFHX77LtNz1
cJyD9dVhZ68LbMLYjW7QCNzl0nZCaF1dlQrc5R1AFBhbbXSWtVBz9PlmF8mu6MX8
T1VCUWNSbgb+eF9j3ybk8FtjOtq2cNYozHlevhapTmvaejHcD11nw+GcoR//7sSR
+rROR8QlWatKaVqzmenO6JBPUpJLkuOpd//gXPAtARTAXYSFYQo6JC+hhh8gIU6I
REQLZZkOXGqzlpBLzDtsKYQykLAZJlQDBGIC0S8IVM3YeLfmbA/ZULZdI+UMlROi
Bd+SPlT0uQvOXEi5aGAVC5TxW4Hl/QUEL4igVkQa+Pl1uvxT9xS2MLNuiuN9Av55
hFGXaD0z8gA=
=/lGP
-----END PGP SIGNATURE-----
ESB-2023.0936 - [SUSE] git: CVSS (Max): 6.3
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2023.0936
Security update for git
16 February 2023
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: git
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2023-23946 CVE-2023-22490 CVE-2022-39260
CVE-2022-39253
Original Bulletin:
https://www.suse.com/support/update/announcement/2023/suse-su-20230418-1
Comment: CVSS (Max): 6.3 CVE-2022-39260 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for git
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0418-1
Rating: important
References: #1204455 #1204456 #1208027 #1208028
Cross-References: CVE-2022-39253 CVE-2022-39260 CVE-2023-22490 CVE-2023-23946
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 7
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This update for git fixes the following issues:
- - CVE-2023-22490: Fixed incorrectly usable local clone optimization even when
using a non-local transport (bsc#1208027). - CVE-2023-23946: Fixed issue where
a path outside the working tree can be overwritten as the user who is running
"git apply" (bsc#1208028). - CVE-2022-39260: Fixed overflow in `split_cmdline()
`, leading to arbitrary heap writes and remote code execution (bsc#1204456). -
CVE-2022-39253: Fixed dereference issue with symbolic links via the `--local`
clone mechanism (bsc#1204455).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-418=1
o SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-418=1
o SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2023-418=1
o SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-418=1
o SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-418=1
o SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-418=1
o SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-418=1
o SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2023-418=1
o SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. I will
inform you if it detects new updates and let you then trigger updating of
the complete cluster in a controlled way.
Package List:
o openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
git-svn-debuginfo-2.26.2-150000.47.1
o SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
git-2.26.2-150000.47.1
git-arch-2.26.2-150000.47.1
git-core-2.26.2-150000.47.1
git-core-debuginfo-2.26.2-150000.47.1
git-cvs-2.26.2-150000.47.1
git-daemon-2.26.2-150000.47.1
git-daemon-debuginfo-2.26.2-150000.47.1
git-debuginfo-2.26.2-150000.47.1
git-debugsource-2.26.2-150000.47.1
git-email-2.26.2-150000.47.1
git-gui-2.26.2-150000.47.1
git-svn-2.26.2-150000.47.1
git-svn-debuginfo-2.26.2-150000.47.1
git-web-2.26.2-150000.47.1
gitk-2.26.2-150000.47.1
o SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
git-doc-2.26.2-150000.47.1
o SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
git-2.26.2-150000.47.1
git-arch-2.26.2-150000.47.1
git-core-2.26.2-150000.47.1
git-core-debuginfo-2.26.2-150000.47.1
git-cvs-2.26.2-150000.47.1
git-daemon-2.26.2-150000.47.1
git-daemon-debuginfo-2.26.2-150000.47.1
git-debuginfo-2.26.2-150000.47.1
git-debugsource-2.26.2-150000.47.1
git-email-2.26.2-150000.47.1
git-gui-2.26.2-150000.47.1
git-svn-2.26.2-150000.47.1
git-svn-debuginfo-2.26.2-150000.47.1
git-web-2.26.2-150000.47.1
gitk-2.26.2-150000.47.1
o SUSE Linux Enterprise Server for SAP 15-SP1 (noarch):
git-doc-2.26.2-150000.47.1
o SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
git-2.26.2-150000.47.1
git-arch-2.26.2-150000.47.1
git-core-2.26.2-150000.47.1
git-core-debuginfo-2.26.2-150000.47.1
git-cvs-2.26.2-150000.47.1
git-daemon-2.26.2-150000.47.1
git-daemon-debuginfo-2.26.2-150000.47.1
git-debuginfo-2.26.2-150000.47.1
git-debugsource-2.26.2-150000.47.1
git-email-2.26.2-150000.47.1
git-gui-2.26.2-150000.47.1
git-svn-2.26.2-150000.47.1
git-svn-debuginfo-2.26.2-150000.47.1
git-web-2.26.2-150000.47.1
gitk-2.26.2-150000.47.1
o SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
git-doc-2.26.2-150000.47.1
o SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
git-2.26.2-150000.47.1
git-arch-2.26.2-150000.47.1
git-core-2.26.2-150000.47.1
git-core-debuginfo-2.26.2-150000.47.1
git-cvs-2.26.2-150000.47.1
git-daemon-2.26.2-150000.47.1
git-daemon-debuginfo-2.26.2-150000.47.1
git-debuginfo-2.26.2-150000.47.1
git-debugsource-2.26.2-150000.47.1
git-email-2.26.2-150000.47.1
git-gui-2.26.2-150000.47.1
git-svn-2.26.2-150000.47.1
git-svn-debuginfo-2.26.2-150000.47.1
git-web-2.26.2-150000.47.1
gitk-2.26.2-150000.47.1
o SUSE Linux Enterprise Server 15-SP1-LTSS (noarch):
git-doc-2.26.2-150000.47.1
o SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64
x86_64):
git-2.26.2-150000.47.1
git-arch-2.26.2-150000.47.1
git-core-2.26.2-150000.47.1
git-core-debuginfo-2.26.2-150000.47.1
git-cvs-2.26.2-150000.47.1
git-daemon-2.26.2-150000.47.1
git-daemon-debuginfo-2.26.2-150000.47.1
git-debuginfo-2.26.2-150000.47.1
git-debugsource-2.26.2-150000.47.1
git-email-2.26.2-150000.47.1
git-gui-2.26.2-150000.47.1
git-svn-2.26.2-150000.47.1
git-svn-debuginfo-2.26.2-150000.47.1
git-web-2.26.2-150000.47.1
gitk-2.26.2-150000.47.1
o SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
git-doc-2.26.2-150000.47.1
o SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64
x86_64):
git-2.26.2-150000.47.1
git-arch-2.26.2-150000.47.1
git-core-2.26.2-150000.47.1
git-core-debuginfo-2.26.2-150000.47.1
git-cvs-2.26.2-150000.47.1
git-daemon-2.26.2-150000.47.1
git-daemon-debuginfo-2.26.2-150000.47.1
git-debuginfo-2.26.2-150000.47.1
git-debugsource-2.26.2-150000.47.1
git-email-2.26.2-150000.47.1
git-gui-2.26.2-150000.47.1
git-svn-2.26.2-150000.47.1
git-svn-debuginfo-2.26.2-150000.47.1
git-web-2.26.2-150000.47.1
gitk-2.26.2-150000.47.1
o SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch):
git-doc-2.26.2-150000.47.1
o SUSE Enterprise Storage 7 (aarch64 x86_64):
git-2.26.2-150000.47.1
git-arch-2.26.2-150000.47.1
git-core-2.26.2-150000.47.1
git-core-debuginfo-2.26.2-150000.47.1
git-cvs-2.26.2-150000.47.1
git-daemon-2.26.2-150000.47.1
git-daemon-debuginfo-2.26.2-150000.47.1
git-debuginfo-2.26.2-150000.47.1
git-debugsource-2.26.2-150000.47.1
git-email-2.26.2-150000.47.1
git-gui-2.26.2-150000.47.1
git-svn-2.26.2-150000.47.1
git-svn-debuginfo-2.26.2-150000.47.1
git-web-2.26.2-150000.47.1
gitk-2.26.2-150000.47.1
o SUSE Enterprise Storage 7 (noarch):
git-doc-2.26.2-150000.47.1
o SUSE CaaS Platform 4.0 (x86_64):
git-2.26.2-150000.47.1
git-arch-2.26.2-150000.47.1
git-core-2.26.2-150000.47.1
git-core-debuginfo-2.26.2-150000.47.1
git-cvs-2.26.2-150000.47.1
git-daemon-2.26.2-150000.47.1
git-daemon-debuginfo-2.26.2-150000.47.1
git-debuginfo-2.26.2-150000.47.1
git-debugsource-2.26.2-150000.47.1
git-email-2.26.2-150000.47.1
git-gui-2.26.2-150000.47.1
git-svn-2.26.2-150000.47.1
git-svn-debuginfo-2.26.2-150000.47.1
git-web-2.26.2-150000.47.1
gitk-2.26.2-150000.47.1
o SUSE CaaS Platform 4.0 (noarch):
git-doc-2.26.2-150000.47.1
References:
o https://www.suse.com/security/cve/CVE-2022-39253.html
o https://www.suse.com/security/cve/CVE-2022-39260.html
o https://www.suse.com/security/cve/CVE-2023-22490.html
o https://www.suse.com/security/cve/CVE-2023-23946.html
o https://bugzilla.suse.com/1204455
o https://bugzilla.suse.com/1204456
o https://bugzilla.suse.com/1208027
o https://bugzilla.suse.com/1208028
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY+285ckNZI30y1K9AQifRw/+NTIcIs7W9Ol1gcHhPCVHFwTgSr5qfMVC
JVAV0/xBXaUv1QAZBv0Os7yDrsvdo6nh8JKmmeAMmVexaZbbUuJkLzyyR2TPpE+v
T5s19CMcuWLoiPWFN7EMdDXrOgtIC9B4R/IHobNtfUKTDu8/NVXI7p17/xO9Z40T
w5OyE6sR7xWAFNp5z15S+IzSvTh3QO7eWNc75wGfDXLaIuAW+9TPmhChquEA9ROJ
4+OGRrSd/h5H5dG2AdW/MuVwy01jl8oKvpA+BDYJTcYkY3yLLRBkB1YAFG8LVn3N
liFKEthLcQckAG936g5qpGAjsAwQ3mxvqOcQHRRvefixGSeLCFKHJpmJd5Soo+iy
gDGbzSFOhwsSgC3Aga6zSNgvQmmpoVBeXgBG6ciCP9WKHD7NyylShsE2j0RLS8x8
lqUjF/rknSs8HQUpTibBQGUcNR3y+uMa1ztCWCSnXgCbW/HwYNcqo8wWt0AioP4k
WBFb5PatNSAGQcQ7Dk0q9SZNwVN0Fk5EqNbJ1GDezLeW+RINPvPJqnaiXtSm8eqL
2pKQmKNb+jjzT9TpwMkqUtWWhi5Nn98UXidA1mjr849WRxXp+a1tzBFYfMolw8js
+NO4KO0V+Jm/4iV4FleBndJ6PA4lMsxRFxUOfFZXpNzGinFZLDAXaVjkiUAOUrD/
V21Pn6QhWBA=
=VkIR
-----END PGP SIGNATURE-----
ESB-2023.0935 - [Win][Linux][Cisco][Mac] Secure Endpoint Products: CVSS (Max): None
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2023.0935
ClamAV DMG File Parsing XML Entity Expansion Vulnerability
Affecting Cisco Products: February 2023
16 February 2023
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Secure Endpoint
Secure Endpoint Private Cloud
Publisher: Cisco Systems
Operating System: Cisco
Windows
macOS
Linux variants
Resolution: Patch/Upgrade
CVE Names: CVE-2023-20052
Original Bulletin:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-xxe-TcSZduhN
Comment: CVSS (Max): None available when published
- --------------------------BEGIN INCLUDED TEXT--------------------
ClamAV DMG File Parsing XML Entity Expansion Vulnerability Affecting Cisco
Products: February 2023
Priority: Medium
Advisory ID: cisco-sa-clamav-xxe-TcSZduhN
First Published: 2023 February 15 16:00 GMT
Last Updated: 2023 February 15 20:15 GMT
Version 1.1: Final
Workarounds: No workarounds available
Cisco Bug IDs: CSCwd87111 CSCwd87112 CSCwd87113
CVE Names: CVE-2023-20052
Summary
o On Feb 15, 2023, the following vulnerability in the ClamAV scanning library
was disclosed:
A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and
earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an
unauthenticated, remote attacker to access sensitive information on an
affected device.
This vulnerability is due to enabling XML entity substitution that may
result in XML external entity injection. An attacker could exploit this
vulnerability by submitting a crafted DMG file to be scanned by ClamAV on
an affected device. A successful exploit could allow the attacker to leak
bytes from any file that may be read by the ClamAV scanning process.
For a description of this vulnerability, see the ClamAV blog .
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-xxe-TcSZduhN
Affected Products
o Cisco investigated its product line to determine which products may be
affected by this vulnerability.
The Vulnerable Products section includes Cisco bug IDs for each affected
product. The bugs are accessible through the Cisco Bug Search Tool and
contain additional platform-specific information, including workarounds (if
available) and fixed software releases.
Any product not listed in the Vulnerable Products section of this advisory
is to be considered not vulnerable.
Vulnerable Products
The following table lists Cisco products that are affected by the
vulnerability that is described in this advisory. If a future release date
is indicated for software, the date provided represents an estimate based
on all information known to Cisco as of the Last Updated date at the top of
the advisory. Availability dates are subject to change based on a number of
factors, including satisfactory testing results and delivery of other
priority features and fixes.
Cisco Product Cisco Bug Fixed Release
ID Availability
Secure Endpoint, formerly Advanced Malware CSCwd87111 1.20.2 ^1
Protection (AMP) for Endpoints, for Linux
Secure Endpoint, formerly Advanced Malware CSCwd87112 1.21.1 ^1
Protection (AMP) for Endpoints, for MacOS
Secure Endpoint, formerly Advanced Malware 7.5.9 ^1
Protection (AMP) for Endpoints, for CSCwd87113 8.1.5
Windows
Secure Endpoint Private Cloud CSCwe18204 3.6.0 or later with
updated connectors ^2
1. Updated releases of Cisco Secure Endpoint are available through the
Cisco Secure Endpoint portal. Depending on the configured policy, Cisco
Secure Endpoint will automatically update.
2. Affected releases of Cisco Secure Endpoint clients for Cisco Secure
Endpoint Private Cloud have been updated in the connectors repository.
Customers will get these connector updates through normal content update
processes.
Attention: Simplifying the Cisco portfolio includes the renaming of
security products under one brand: Cisco Secure. For more information, see
Meet Cisco Secure .
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect the following
Cisco products:
Secure Email Gateway, formerly Email Security Appliance
Secure Email and Web Manager, formerly Security Management Appliance
Secure Web Appliance, formerly Web Security Appliance
Workarounds
o There are no workarounds that address this vulnerability.
Fixed Software
o For information about fixed software releases, consult the Cisco bugs
identified in the Vulnerable Products section of this advisory.
When considering software upgrades , customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories page , to determine exposure and a complete
upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Exploitation and Public Announcements
o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
any public announcements or malicious use of the vulnerability that is
described in this advisory.
Source
o Cisco would like to thank Simon Scannell for reporting this vulnerability.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
Subscribe to Cisco Security Notifications
o Subscribe
Related to This Advisory
o
URL
o https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-xxe-TcSZduhN
Revision History
o +---------+------------------------------+---------+--------+-------------+
| Version | Description | Section | Status | Date |
+---------+------------------------------+---------+--------+-------------+
| 1.1 | Changed date of ClamAV | Summary | Final | 2023-FEB-15 |
| | disclosure to February 15. | | | |
+---------+------------------------------+---------+--------+-------------+
| 1.0 | Initial public release. | - | Final | 2023-FEB-15 |
+---------+------------------------------+---------+--------+-------------+
Legal Disclaimer
o THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND
OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR
FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT
OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES
THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A standalone copy or paraphrase of the text of this document that omits the
distribution URL is an uncontrolled copy and may lack important information
or contain factual errors. The information in this document is intended for
end users of Cisco products.
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY+2c/skNZI30y1K9AQhcxhAAtVvueA86fg2UovrX1NzrthxA+Ebd/sD2
VUbLbR+ynUDXX58Y2xJ4I7RvR0rWfncOOPmERqBOGaH0Iig5QrALLn0bCDrPJS8F
LUjrZlB0RtG01052fPdzKONEPvR2y4F2jH1Hwt66ZOTY8S7vEojCetk6nkWpMTSX
/hvyiDq+4mRz+MDtmrtagUN8Gg5/O2e+7ddta1UVZQFGy93TP+3C4EUDMCoRIwCB
pKhkba1gv1sLbjkAkN58mLiz7RUWTq4pn7L5KB72tO1U+n15Yv3teb0wl/ofTTJY
NQqhAZIKQcwYdbv41O8/LHEp8CmRfQe7EQ46vWJV0OsrwElAUJBYZwbR2Ma+DreF
UCyP+NuhmT4eWV9Q5nDnVl+yvMgffLN2QRdK9Q5Mrey7f4L6FGu2OHUG5Df3OrgM
GCqn7tQgpGmTbzEHJZpGlfTISrt5Q3ydeDE/kO7jJYCWQH46KVden7WZ7eiMTEf8
sIjSDH8wDXbVnnQM+/0EvF/oogwt20exka7qWQLRcsPnv4a+0ykXMuaFPJLw5FKT
iXcypUMvipYRPqYbszoIulRMqGX414ugI4f6odnio0uWzkVGFOf2fmjO4QLygFAE
z+egBM26HBGaq4iTe/xYnXsuftXATobeGYqLIJhARyNGfHAaD2cyAJC92p2mW7FY
3x/DLJS+dhU=
=8F5M
-----END PGP SIGNATURE-----
ESB-2023.0934 - [Debian] firefox-esr: CVSS (Max): 8.1*
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2023.0934
firefox-esr security update
16 February 2023
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: firefox-esr
Publisher: Debian
Operating System: Debian GNU/Linux
Resolution: Patch/Upgrade
CVE Names: CVE-2023-25746 CVE-2023-25744 CVE-2023-25742
CVE-2023-25739 CVE-2023-25737 CVE-2023-25735
CVE-2023-25732 CVE-2023-25730 CVE-2023-25729
CVE-2023-25728 CVE-2023-0767
Original Bulletin:
http://www.debian.org/security/2023/dsa-5350
Comment: CVSS (Max): 8.1* CVE-2023-0767 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* Not all CVSS available when published
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- - -------------------------------------------------------------------------
Debian Security Advisory DSA-5350-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
February 15, 2023 https://www.debian.org/security/faq
- - -------------------------------------------------------------------------
Package : firefox-esr
CVE ID : CVE-2023-0767 CVE-2023-25728 CVE-2023-25729 CVE-2023-25730
CVE-2023-25732 CVE-2023-25735 CVE-2023-25737 CVE-2023-25739
CVE-2023-25742 CVE-2023-25744 CVE-2023-25746
Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code, information disclosure or spoofing.
For the stable distribution (bullseye), these problems have been fixed in
version 102.8.0esr-1~deb11u1.
We recommend that you upgrade your firefox-esr packages.
For the detailed security status of firefox-esr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firefox-esr
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmPtV6UACgkQEMKTtsN8
TjaSnw/7BcS79J9DE7PpjEeGnRQWThF2J+5sUve2chr74v8FHb1LAfX0r84BesD6
Vxea1OfeR5mpXwfZGgsa4aFBxwQpDOP/PDI/qeAReklZk9KY9H/DW+ksLlhmhF3t
1vKPe2Fbqh5TRprNjHNT6jvat6VnTDPPVEA9v3But4EqZxDSwrefgOhUdJaGtOrU
CsJzVAvPIBXNF94TamU6e0hIgWNiyMqo9TQvjKYJTJc6sBGZXiHaT+tV+fyKxBm/
SHircg5ebKBbrKy8FI+IAA3KPT4Xqu9walYS59Rdv7C2cOK/Y1B2hY+KJFEfRpjR
X0GokXIYd1vyoj5is82GOacDDfsJCzKCKkoPm8SSvbRvYg3RnN3MckA3XkBZxKoI
34bwOWziq9kaLzvEuOTD7cjMECxv9rgkM265IvKG8WLxm0bP+mehqLVTr8odJd29
37IqJ/wYuZ8dJfXSrw5Jpdyu3FkiH59e5XORLC9gEwUkFNyIXVfw2JqCmBD6yuhm
mKdgii5UfbCc2UsVdeNN+2Za+tM/giyUgkf7N50+3n1SzGDrJ8CoQRB+VN8Zddqk
l0q34PyBZWbmaeWH1YCxKnnpi5sp4Uh2UuRYALzDexomKfSG7KYVnCYWP8vGia3t
IoOZsjEYh6pHDfHJiVJl/3lblZJYmYpTdO63Mqe8wrD1kNnbdV0=
=us1V
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY+2Zt8kNZI30y1K9AQg1BxAAu78mIBPSEwJxndo5eAU0aatHhDF5wA6Q
tFRX0xKy9xfyu+t0d1fgUmq/PCT7CDm4PZaMGUvurMUOTHURx8QNdxHVJhSFTS1w
ENggImajuk5MGnqR+XWsi7xZtJ7C5LUz8qN6GU2Nu5h3soK9nsH7M+vkizuhm2Ts
t3uwXs0l3yDbOtE1cgGVCGjMQwvrOTOIaiCHv4CadpHv9MhTkJJN30WojZ/whEyd
NvMEcM1tZcluQBdpflUgGjyT6B0gceayfyH001hJAifpEliBzz53nmL4//VoElo5
Fd0ozVKv7xgP4daPt+sboQzzrp108HYgiYUbsBWx4rRcYrMF0VhOS2G/7BEyp0pN
xwUtTZUhM0H50kV8WhF9k8862IE2qrCg1inRQiFfwTaF9JGAPKeC8dJiAWCBV0jR
2DZGMoFGJBfP1PmXKUDTACDFKhqLu0/zE/dAXmVCG/7P+Ed04tVPRtyug5GFDMJh
hC2rpnz3Y4ELY+dW27E9iedPD+KUIP3Qxjl5ki9ksGBu34iLRMa9wyykqPiHjoDu
TW8tSoU3aN+dSjZDd5ySdWwg/cHC8cH0CK+O8NT3OJiMwb3+MgVtka/BePS3grDj
DDbJKVFojeLd9WB+wRJiDAI3vbk00BK5NwbSnCnwsUFH8IyEW2VrMN2GhU6dByw6
xpC3zJdCKTY=
=LjKi
-----END PGP SIGNATURE-----
ESB-2023.0933 - [RedHat] RHSA: Submariner: CVSS (Max): 9.8
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2023.0933
RHSA: Submariner 0.13.3 - security updates and bug fixes
16 February 2023
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: RHSA: Submariner
Publisher: Red Hat
Operating System: Red Hat
Resolution: Patch/Upgrade
CVE Names: CVE-2022-43680 CVE-2022-42898 CVE-2022-42012
CVE-2022-42011 CVE-2022-42010 CVE-2022-41974
CVE-2022-40674 CVE-2022-40304 CVE-2022-40303
CVE-2022-37434 CVE-2022-35737 CVE-2022-32149
CVE-2022-30699 CVE-2022-30698 CVE-2022-30293
CVE-2022-26719 CVE-2022-26717 CVE-2022-26716
CVE-2022-26710 CVE-2022-26709 CVE-2022-26700
CVE-2022-22662 CVE-2022-22629 CVE-2022-22628
CVE-2022-22624 CVE-2022-3821 CVE-2022-3787
CVE-2022-3775 CVE-2022-3515 CVE-2022-2601
CVE-2022-2509 CVE-2022-1304 CVE-2021-46848
CVE-2020-35527 CVE-2020-35525 CVE-2016-3709
Original Bulletin:
https://access.redhat.com/errata/RHSA-2023:0795
Comment: CVSS (Max): 9.8 CVE-2022-3515 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: RHSA: Submariner 0.13.3 - security updates and bug fixes
Advisory ID: RHSA-2023:0795-01
Product: Red Hat ACM
Advisory URL: https://access.redhat.com/errata/RHSA-2023:0795
Issue date: 2023-02-15
CVE Names: CVE-2016-3709 CVE-2020-35525 CVE-2020-35527
CVE-2021-46848 CVE-2022-1304 CVE-2022-2509
CVE-2022-2601 CVE-2022-3515 CVE-2022-3775
CVE-2022-3787 CVE-2022-3821 CVE-2022-22624
CVE-2022-22628 CVE-2022-22629 CVE-2022-22662
CVE-2022-26700 CVE-2022-26709 CVE-2022-26710
CVE-2022-26716 CVE-2022-26717 CVE-2022-26719
CVE-2022-30293 CVE-2022-30698 CVE-2022-30699
CVE-2022-32149 CVE-2022-35737 CVE-2022-37434
CVE-2022-40303 CVE-2022-40304 CVE-2022-40674
CVE-2022-41974 CVE-2022-42010 CVE-2022-42011
CVE-2022-42012 CVE-2022-42898 CVE-2022-43680
=====================================================================
1. Summary:
Submariner 0.13.3 packages that fix various bugs and add various
enhancements that are now available for Red Hat Advanced Cluster Management
for Kubernetes version 2.6
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE links in the References section.
2. Description:
Submariner enables direct networking between pods and services on different
Kubernetes clusters that are either on-premises or in the cloud.
For more information about Submariner, see the Submariner open source
community website at: https://submariner.io/.
This advisory contains bug fixes and enhancements to the Submariner
container images.
Security fixes:
* CVE-2022-32149 golang: golang.org/x/text/language: ParseAcceptLanguage
takes a long time to parse complex tags
Bugs addressed:
* Build Submariner 0.13.3 (ACM-2226)
* Verify Submariner with OCP 4.12 (ACM-2435)
* Submariner does not support cluster "kube-proxy ipvs mode" (ACM-2821)
3. Solution:
For details on how to install Submariner, refer to:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.6/html/add-ons/add-ons-overview#submariner-deploy-console
and
https://submariner.io/getting-started/
4. Bugs fixed (https://bugzilla.redhat.com/):
2134010 - CVE-2022-32149 golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags
5. JIRA issues fixed (https://issues.jboss.org/):
ACM-2226 - [ACM 2.6.4] Build Submariner 0.13.3
ACM-2435 - [ACM 2.6.4] Verify Submariner with OCP 4.12
ACM-2821 - [Submariner] - 0.13.3 - Submariner does not support cluster "kube-proxy ipvs mode"
6. References:
https://access.redhat.com/security/cve/CVE-2016-3709
https://access.redhat.com/security/cve/CVE-2020-35525
https://access.redhat.com/security/cve/CVE-2020-35527
https://access.redhat.com/security/cve/CVE-2021-46848
https://access.redhat.com/security/cve/CVE-2022-1304
https://access.redhat.com/security/cve/CVE-2022-2509
https://access.redhat.com/security/cve/CVE-2022-2601
https://access.redhat.com/security/cve/CVE-2022-3515
https://access.redhat.com/security/cve/CVE-2022-3775
https://access.redhat.com/security/cve/CVE-2022-3787
https://access.redhat.com/security/cve/CVE-2022-3821
https://access.redhat.com/security/cve/CVE-2022-22624
https://access.redhat.com/security/cve/CVE-2022-22628
https://access.redhat.com/security/cve/CVE-2022-22629
https://access.redhat.com/security/cve/CVE-2022-22662
https://access.redhat.com/security/cve/CVE-2022-26700
https://access.redhat.com/security/cve/CVE-2022-26709
https://access.redhat.com/security/cve/CVE-2022-26710
https://access.redhat.com/security/cve/CVE-2022-26716
https://access.redhat.com/security/cve/CVE-2022-26717
https://access.redhat.com/security/cve/CVE-2022-26719
https://access.redhat.com/security/cve/CVE-2022-30293
https://access.redhat.com/security/cve/CVE-2022-30698
https://access.redhat.com/security/cve/CVE-2022-30699
https://access.redhat.com/security/cve/CVE-2022-32149
https://access.redhat.com/security/cve/CVE-2022-35737
https://access.redhat.com/security/cve/CVE-2022-37434
https://access.redhat.com/security/cve/CVE-2022-40303
https://access.redhat.com/security/cve/CVE-2022-40304
https://access.redhat.com/security/cve/CVE-2022-40674
https://access.redhat.com/security/cve/CVE-2022-41974
https://access.redhat.com/security/cve/CVE-2022-42010
https://access.redhat.com/security/cve/CVE-2022-42011
https://access.redhat.com/security/cve/CVE-2022-42012
https://access.redhat.com/security/cve/CVE-2022-42898
https://access.redhat.com/security/cve/CVE-2022-43680
https://access.redhat.com/security/updates/classification/#moderate
7. Contact:
The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2023 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBY+14wdzjgjWX9erEAQg+VBAAiiffNuiFJjmFzWkWuJNTUZnhDMxU+Vru
gXNpBfqW5UJSC10TNoscMfRhwxfuHwf69w7Eina9mVVk5GrvRTv7UK2cq1bAq7D4
JZugqW3mRmauRy4iRPeH2GhVZxJta7Dvk6zEVRSqJgOXOU8METGJFTCwqgEdXB7x
ekCO1d+7sGpVOblV4FoPd9VPaSBjxiaW+SQT9oXsrxYaHKwPL10uqyiXUrg1PhrC
bbvLGfZgyTIMWGyyw572PDHUz60jEH1mEHaSe7Y8+fUEV7c6hK1q8U7fufCILyaM
UV/Dn9zQpTWS3WbdDdvc6O+XUxTPTI7jfkmr/XGxGo3hG+3Wp+HUky1fJejayiTk
HWCtVaXFOtf6jAul2VkXD0Z1gqhVYFQv7TynzZe/6JIDj5TZb6wqaGq6grpgnM3+
jJ+DDC5bM9CRqSFsxYGG/Cd8wpXA5FYFWxtUUmDnjCHIm5nH3iiHNGv5DgTloP92
AwGhHuzmkP+yEqUkGwYX1tB+ynnkhbwTLUOKImgih2aYbvKeGRuRdde+KnHp1bBm
Yw6lRdbJGMcuYRc8g/0+33KEmfKeE+usUFJO1Vp1p+j3KIhlpeDFujkM4ywrMsUa
zc+4uRPHGprC8+62UuPlNT1U8G7H6xcmZZGKH6OVo+9AEGOkDSEaykQIs/KtE2GS
k56b0vf5fmc=
=WGSE
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY+2ZmMkNZI30y1K9AQhyRQ/9EijR3x51FVcfxHwgTO5BYmkZYwtZHv6q
KoR+1C2OJk19z/2PoAVq1b1mweWmVzdjCMQ4TiQzLEVfiTfckszCrqk7UMqPfpNn
D6E3qmj4xZ/XpxlzeJxpD+01ZykFjUJDXjz7e02LahOirjy6Q/LJfFYVWUm77ecS
AVlozxL6bMDeLJPIRzI02rjThXeuJAoyzcnNoDEKMwLNOlHqoeLpWzlfrR6jakST
5caP1H0Oaz7PXZ1te/jztoAZ1QUrnd7WNlEg4ujMcOaP8lYbpUaMOzPEScoSBJ7y
FGvX2HXSOuC1hHLUMvpJrO+Ovb3TFGOfDCkThLNrIuIVZhvR0FHO3FSAZGngA/2W
VZjNG9BeIxjSm1LtPGQFrde5HCd9cfOBwYLI5yVGiGG11huuaalzInEBkQDAm5qO
Oa8i0sNyphj2yuz/UManL05BI3EIJKGGi6aLBK3X05dZq762P+F59OP2xSsddwYd
pKN6Rl65T3ChUM8+Tx/UpeztKSOdbKVnneMHacf50RGfjIEgC0en3x7twpwlWY+g
k/VoWoA/byMofzp8LUh5J/niWF/OwtzaMCzqN523oQAhZhoCzZFbjYRqpVxzB4H+
e5QjIa0mgcLKOWwgVKcnNHx0/7o3MGsNGEQGZMhqvMW2+4KWVDOxy8qH+hrwjbTD
dBoOlyIptkM=
=YOKd
-----END PGP SIGNATURE-----
ESB-2023.0932 - [RedHat] Red Hat Advanced Cluster Management: CVSS (Max): 9.8
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2023.0932
Red Hat Advanced Cluster Management 2.6.4 bug fixes and security updates
16 February 2023
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Red Hat Advanced Cluster Management
Publisher: Red Hat
Operating System: Red Hat
Resolution: Patch/Upgrade
CVE Names: CVE-2022-47629 CVE-2022-46285 CVE-2022-44617
CVE-2022-43680 CVE-2022-42012 CVE-2022-42011
CVE-2022-42010 CVE-2022-41903 CVE-2022-40304
CVE-2022-40303 CVE-2022-35737 CVE-2022-24999
CVE-2022-23521 CVE-2022-4883 CVE-2022-4139
CVE-2022-2964 CVE-2022-2953 CVE-2022-2869
CVE-2022-2868 CVE-2022-2867 CVE-2022-2521
CVE-2022-2520 CVE-2022-2519 CVE-2022-2058
CVE-2022-2057 CVE-2022-2056 CVE-2021-46848
Original Bulletin:
https://access.redhat.com/errata/RHSA-2023:0794
Comment: CVSS (Max): 9.8 CVE-2022-47629 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: Red Hat Advanced Cluster Management 2.6.4 bug fixes and security updates
Advisory ID: RHSA-2023:0794-01
Product: Red Hat ACM
Advisory URL: https://access.redhat.com/errata/RHSA-2023:0794
Issue date: 2023-02-15
CVE Names: CVE-2021-46848 CVE-2022-2056 CVE-2022-2057
CVE-2022-2058 CVE-2022-2519 CVE-2022-2520
CVE-2022-2521 CVE-2022-2867 CVE-2022-2868
CVE-2022-2869 CVE-2022-2953 CVE-2022-2964
CVE-2022-4139 CVE-2022-4883 CVE-2022-23521
CVE-2022-24999 CVE-2022-35737 CVE-2022-40303
CVE-2022-40304 CVE-2022-41903 CVE-2022-42010
CVE-2022-42011 CVE-2022-42012 CVE-2022-43680
CVE-2022-44617 CVE-2022-46285 CVE-2022-47629
=====================================================================
1. Summary:
Red Hat Advanced Cluster Management for Kubernetes 2.6.4 General
Availability release images, which fix bugs and update container images.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE links in the References section.
2. Description:
Red Hat Advanced Cluster Management for Kubernetes 2.6.4 images
Red Hat Advanced Cluster Management for Kubernetes provides the
capabilities to address common challenges that administrators and site
reliability engineers face as they work across a range of public and
private cloud environments. Clusters and applications are all visible and
managed from a single console with security policy built in.
This advisory contains the container images for Red Hat Advanced Cluster
Management for Kubernetes, which fix several bugs. See the following
Release Notes documentation, which will be updated shortly for this
release, for additional details about this release:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.6/html/release_notes/
Issue addressed:
* RHACM 2.6.4 images (BZ# 2153382)
Security fixes:
* CVE-2022-24999 express: "qs" prototype poisoning causes the hang of the
node process
3. Solution:
For Red Hat Advanced Cluster Management for Kubernetes, see the following
documentation, which will be updated shortly for this release, for
important
instructions on installing this release:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.6/html-single/install/index#installing
4. Bugs fixed (https://bugzilla.redhat.com/):
2150323 - CVE-2022-24999 express: "qs" prototype poisoning causes the hang of the node process
2153382 - RHACM 2.6.4 images
5. References:
https://access.redhat.com/security/cve/CVE-2021-46848
https://access.redhat.com/security/cve/CVE-2022-2056
https://access.redhat.com/security/cve/CVE-2022-2057
https://access.redhat.com/security/cve/CVE-2022-2058
https://access.redhat.com/security/cve/CVE-2022-2519
https://access.redhat.com/security/cve/CVE-2022-2520
https://access.redhat.com/security/cve/CVE-2022-2521
https://access.redhat.com/security/cve/CVE-2022-2867
https://access.redhat.com/security/cve/CVE-2022-2868
https://access.redhat.com/security/cve/CVE-2022-2869
https://access.redhat.com/security/cve/CVE-2022-2953
https://access.redhat.com/security/cve/CVE-2022-2964
https://access.redhat.com/security/cve/CVE-2022-4139
https://access.redhat.com/security/cve/CVE-2022-4883
https://access.redhat.com/security/cve/CVE-2022-23521
https://access.redhat.com/security/cve/CVE-2022-24999
https://access.redhat.com/security/cve/CVE-2022-35737
https://access.redhat.com/security/cve/CVE-2022-40303
https://access.redhat.com/security/cve/CVE-2022-40304
https://access.redhat.com/security/cve/CVE-2022-41903
https://access.redhat.com/security/cve/CVE-2022-42010
https://access.redhat.com/security/cve/CVE-2022-42011
https://access.redhat.com/security/cve/CVE-2022-42012
https://access.redhat.com/security/cve/CVE-2022-43680
https://access.redhat.com/security/cve/CVE-2022-44617
https://access.redhat.com/security/cve/CVE-2022-46285
https://access.redhat.com/security/cve/CVE-2022-47629
https://access.redhat.com/security/updates/classification/#moderate
6. Contact:
The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2023 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBY+14w9zjgjWX9erEAQjN6A//dS9FWPlW5LaSH4BBuxC7dSbo7Y/kXt16
dB2Gv8iEe2GD2YcxqYplhNAVHyYL9jlK/UApuVl8QHBSIu1z7GaQQa4FV5HbIOPs
4jI39SqWM/CNtiBB9HLKKQGEyAGhn0EMYD2DXBKOQDcxm4PrhdeZR8hvv5tzq8fb
+C7GgpZ0R4ACyFBnOYouzdZS73pPXRQiA0UHeQ0p4gdhR8fIlIkAELbGP0b1XEQE
kFmODBr1O4k6ZOtyYpNdEXhd0VGoQHKFEBJW6aa37iSaPTumRjuc0wRFDpgL52ps
5GRfkx3cB8yd1WnQZ7jQaj1SUGzYYVM9PNTTkZrDNznrSCR78kfzd0QE+IlPExBW
hA9w7gtFCHP8g4tinE2cMNUZ3pHvMHnIXGF41RzIuSHzjJtIcFPVwlPiQr+BCoGn
B3rLngMGuLhLphzD6j4RfuPDC1QI3HsJTfwW0/56h4OUKkmsE4si2Lina4+WiNVJ
aPPqc4IHupjVHAKmEowT6VsFUQUssFcsX7JqbY9az77/Kckd2JSpGtlhhErXoLkv
v5nQqNMk8ZZEiTNAgIgKsy76B9nFUjuuP36vZcXCOZCV2fnrdrHO/nEjMo3KcSti
JVl3FJjsssfW+2gudURQR4qmUros/rD5KES6lT3w+u6EotthrQWy919RbV2kK3SN
ctzqk57GcUU=
=5hc1
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY+2Ze8kNZI30y1K9AQiilQ//eC4JGSYKnIW9GN1neX3fTDbdfgNFHBh5
3e/fHQWbtw6+VeqP3N88NqkODTEcsDGISnRE93PguSEQw12bsRhvuPO2OqyY31cT
YO4jkeraAxiB4tGZPo2twLQ1RShSo11hsnWrWGL2PTYA3HGIQTC8kBx4Fl9GleFi
ZqPqfADrpeNn3ekdWb9Ak2wuKfASu6b2T+SSTkG0qgOc7Z5spjGTboRB1uecV6ow
Wl1YIQLj9tSL4JryG717AE0PiqYRJvitRMwdhbQLCmFfWTxSilmpgXA5NaZoIYOX
5GmeWU0YKjeeJgRqoKAuhsiTLZs9c23a3yOD6ibGAuCoGUEHiC2hjncp3N0smS2r
ZMnksIVaycK1vWHiz5Ajlh13pBt6EQdrEqW+uUNtaOzNZvxuNnX6Bwz9iprCKxac
ditf4MbIwbKKrG3gUtUO7DwDk8B9FJIhG1Dy+3qdQUNDBXUCyHSDkLHZdVOh6FFc
VOkciBi+qAthVw2q1c4bni1z5dWlyHr1G2Gl2Vg0dpEqs17tKpY4jhCaqGLLwDoA
V++J0Glrjev35jc8dN0fpU8QTpFbpjU/t5mcPdQ1XY0ofT0sVMhzEFqAht06t06R
5pOc5LBt4pPm7tr9/PgbBLA/tDEyGDWxeyZo224S+sLphl5+uY9hFIhSapBGei+P
BtNCix05J5k=
=zIah
-----END PGP SIGNATURE-----
ESB-2023.0931 - [RedHat] OpenShift Container Platform: CVSS (Max): 9.8
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2023.0931
OpenShift Container Platform 4.11.27 security update
16 February 2023
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: OpenShift Container Platform
Publisher: Red Hat
Operating System: Red Hat
Resolution: Patch/Upgrade
CVE Names: CVE-2022-47629 CVE-2022-21698 CVE-2021-38561
Original Bulletin:
https://access.redhat.com/errata/RHSA-2023:0652
Comment: CVSS (Max): 9.8 CVE-2022-47629 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: OpenShift Container Platform 4.11.27 security update
Advisory ID: RHSA-2023:0652-01
Product: Red Hat OpenShift Enterprise
Advisory URL: https://access.redhat.com/errata/RHSA-2023:0652
Issue date: 2023-02-15
CVE Names: CVE-2021-38561 CVE-2022-21698 CVE-2022-47629
=====================================================================
1. Summary:
Red Hat OpenShift Container Platform release 4.11.27 is now available with
updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Description:
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container
Platform 4.11.27. See the following advisory for the container images for
this release:
https://access.redhat.com/errata/RHSA-2023:0651
Security Fix(es):
* golang: out-of-bounds read in golang.org/x/text/language leads to DoS
(CVE-2021-38561)
* prometheus/client_golang: Denial of service using
InstrumentHandlerCounter (CVE-2022-21698)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
3. Solution:
For OpenShift Container Platform 4.11 see the following documentation,
which will be updated shortly for this release, for important instructions
on how to upgrade your cluster and fully apply this asynchronous errata
update:
https://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html
4. Bugs fixed (https://bugzilla.redhat.com/):
2045880 - CVE-2022-21698 prometheus/client_golang: Denial of service using InstrumentHandlerCounter
2100495 - CVE-2021-38561 golang: out-of-bounds read in golang.org/x/text/language leads to DoS
5. JIRA issues fixed (https://issues.jboss.org/):
OCPBUGS-4754 - Race condition between PTP events and AMQ router startup
6. References:
https://access.redhat.com/security/cve/CVE-2021-38561
https://access.redhat.com/security/cve/CVE-2022-21698
https://access.redhat.com/security/cve/CVE-2022-47629
https://access.redhat.com/security/updates/classification/#moderate
7. Contact:
The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2023 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBY+x7oNzjgjWX9erEAQiEOw//fWcLc4zdIR2RqMuYTi1YrzRB8VgPSewl
hf77oNiJ5uoMAXyeMXctFWbmD7gQMjiDLmiVH7nCZjzm9VpbAsZ4SaHtWte+Qnrn
OJlOmkRU6vrjPUxsfSA3mYjEIm5vtRgrG98SBbVKtcCCHao8cHXiJcYc8ZK39Uhr
HvqR5CbOc+v4Vj1fx5CKtadJvLMDPbgGl/SoshaQe1OPa2PDASDU5WIUFa0dVbTS
BJlkdEO/5K2anKedhJ3nfrsipmFb6WI9gEl5R6iS1zkPhlJpRE1tE75teIDTfE7h
OVTZehbg/h2uHcBiPygGMNQtTTpB6U4qXuevW/AJHscaRo/1O4qHxkj0i1W41eV2
6ArkvnICxKmKaGb9UEGnkqkCfZTANRQ1OumdUlcB/aPebcrgrWRGD2p8OMbr2cf3
RA2y4cFCB6aPLZTM19+1sJS2yrBoodENjaNT0IjjtN+qoOgEVyhgxbPJnW4tPD58
/BavTbnsIssQvt8oH/WKeg/1MCur0UlJI0eWue9MjekWDH5BenGCA5PW2wFYPQzo
FcLtMRh82O4nXLB+c1eISN0w4DVaghoZLU7VUKYLFeN5ST776qoccRv9nTbcToQP
Pc7FcKZQgkanFAbt/r0PwtGO8n9dJISaVSGKCmM/d2pAmokpNZbXROnaPjRayy0M
L2+/D+9wqPc=
=m9Cy
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY+2KLMkNZI30y1K9AQh/aRAAucAeepIsNhUpKvcpPGVEzRqETVzRpNRh
O2mgpS/+BCq+nrWzjh6meW8HlxhAETFUMiv/3v276xsONn+MSQoXPWNROS2xcJSZ
CAlSoUagwCi1oTBge/6nIy5b0l0vzIcFrX3Sd5ujKBmix3UE8dzPgZsCqT47+SL+
PDBAS/wy6Plr6EdcGerv3kdTmAZHT8ZsaTUIp/awTrwq1pCHCfzMOOoaVZiWTdTu
OP+aZEdVVJYjsKx1oGhKaQzbQmc2nD9rxhlcLHHmJq/4wfQYktKtZX5N1wNcdR61
N5g8L0nCFdSJP7uybwf6eI6sHPISQD0OH7zRSLdf4zS2IaBJJbijsrRQKos2bq2A
4VNYouBQGM7hz/c1Z//bkJHeW+kfYcZWAzulkDjTsDxUSU2LTI0dueOXqIbpvoa4
HpbeF5Rx16W5IZ4sFee3kUJJw7M+ZoYZQNTk9VTzPdesnw8AVKn4zQQ+6qI5djf3
YNxh3tycsvYJou8fjhpBz4bHBVu9lGEmDwtaQpMZFiWKSvwMWLdBqWCTUj/FXoat
nwed8KcUF2DufxUZi/c6o+9XP4JVJnh3AoDRv+LGuu+XVlssf1sWS/7HM2uNkVv5
ojTdOgIWyFHHS5UpUCgVHMUEyusyK7p2JTRdgzb5Ut9tcNLfOXLZsa8VeYhZmOsv
RBE7Of6s+kg=
=MVkZ
-----END PGP SIGNATURE-----
ESB-2023.0930 - [RedHat] OpenShift Container Platform: CVSS (Max): 9.8
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2023.0930
OpenShift Container Platform 4.11.27 security update
16 February 2023
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: OpenShift Container Platform
Publisher: Red Hat
Operating System: Red Hat
Resolution: Patch/Upgrade
CVE Names: CVE-2022-47629 CVE-2021-4238
Original Bulletin:
https://access.redhat.com/errata/RHSA-2023:0651
Comment: CVSS (Max): 9.8 CVE-2022-47629 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: OpenShift Container Platform 4.11.27 security update
Advisory ID: RHSA-2023:0651-01
Product: Red Hat OpenShift Enterprise
Advisory URL: https://access.redhat.com/errata/RHSA-2023:0651
Issue date: 2023-02-15
CVE Names: CVE-2021-4238 CVE-2022-47629
=====================================================================
1. Summary:
Red Hat OpenShift Container Platform release 4.11.27 is now available with
updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Description:
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution esigned for on-premise or private
cloud deployments.
Security Fix(es):
* goutils: RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as
random as they should be (CVE-2021-4238)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other elated information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
* Networking Day 1 - Bootstrap Doesn't Get External IP when no DHCP Server
(BZ#2048600)
3. Solution:
For OpenShift Container Platform 4.11 see the following documentation,
which will be updated shortly for this release, for important instructions
on how to upgrade your cluster and fully apply this asynchronous errata
update:
https://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html
You can download the oc tool and use it to inspect release image metadata
for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests
can be found at:
https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.
The sha values for the release are:
(For x86_64 architecture)
The image digest is
sha256:65e71a774a18c1c191f28655ce245abeecd653e8215b75f87eb23ceadacd530d
(For s390x architecture)
The image digest is
sha256:cfccfab6abf7cd74cffbc43e4ae38745f258cb28ff6360b0f433c7718d6f144b
(For ppc64le architecture)
The image digest is sha256:
e13089586d2061a41250e2b546259bef0c5c4995c704d0e2220ae516a1a675da
(For aarch64 architecture)
The image digest is
sha256:932754cfa58f41186a48ecff03c6345c59325fc7ff1496e91e57fa34752db142
All OpenShift Container Platform 4.11 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift CLI (oc)
or web console. Instructions for upgrading a cluster are available at:
https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html
4. Bugs fixed (https://bugzilla.redhat.com/):
2048600 - Networking Day 1 - Bootstrap Doesn't Get External IP when no DHCP Server
2156729 - CVE-2021-4238 goutils: RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as random as they should be
5. JIRA issues fixed (https://issues.jboss.org/):
OCPBUGS-3507 - [4.11.z] Incorrect network configuration in worker node with two interfaces
OCPBUGS-4340 - oc get dc fails when AllRequestBodies audit-profile is set in apiserver
OCPBUGS-5459 - Topology sidebar actions doesn't show the latest resource data
OCPBUGS-5926 - NMstate removes egressip in OpenShift cluster with SDN plugin
OCPBUGS-6176 - Tracker: Configure ignored namespaces into multus-admission-controller (4.11)
OCPBUGS-6683 - [4.11]Improve Pod Admission failure for restricted-v2 denials that pass with restricted
OCPBUGS-6837 - Add rpm-build to DTK image
OCPBUGS-6907 - Image registry Operator does not use Proxy when connecting to openstack
OCPBUGS-6920 - Tracker: Configure ignored namespaces into multus-admission-controller (4.11,CNO)
OCPBUGS-7033 - 4.11 error 524 from seccomp(2) when trying to load filter [rhel-8.6.0.z]
OCPBUGS-7034 - 4.11 [iavf] It takes long time to create multiple VF interfaces and the VF interface names are not consistent [rhel-8.6.0.z]
6. References:
https://access.redhat.com/security/cve/CVE-2021-4238
https://access.redhat.com/security/cve/CVE-2022-47629
https://access.redhat.com/security/updates/classification/#important
7. Contact:
The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2023 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBY+zQA9zjgjWX9erEAQjY7Q//YWMAWAjecEvTomhKUA2d5zlkZ+5x85ce
DRlz4l1m8INyBt6/6P7H03ahzq/3v50Zxr+SRL9trJS1V9VS9vD/n+YaIFr65gbG
FivmQwH4tBNVjmxG4Lhn5Al87xXyJbvUHX3SRoluj1C7k8UHZBw2uhXo1bS7SHq7
+K6e/+nXR2UroGdkDU/kB6xpMwSKE0pJrVo/xpaD9QgzGjtVXmbL3b0USEUeU3w1
grQKknqqu7ItZaV3MgcA5DxDlOdl896Btd6/T/2RG20P2Zrf77LM5cAssiwwbDF7
FzuU6Ve8i1oEAvHZlJjrqJyVMwF9oDjBlEdcjJKTTrpn3VeHVnEjv7l0eHcbGSsU
kB1CpMC2UA/uQD3QDZhCpWUfybej3zuhY40lxmz5Tf/NKduX6J8uOb+0RdSYsVWr
7Q5sp6ybngKDTLyzZJwvj/NfVuNqtkhcOXhFDeeoUjsj4ONV0PZakKj2FJfP464J
JfLnyufhgfy03D4CbLqSeQxV9hPwW4CyQ5h46/zLtqKe06yh8LAf8fDsnkayk2h2
I4xdIehgw1txDh8RO2d43y5i2DnSjNmacWhxWy38bNdRGxPUF36pnfjuG9T83Gw4
iLaPQEeIVD/7692QNZO8cGntLtZoM7TkfwPAEEth3QC9JGM+TLtl2YwXQQWtxTNU
wCGZORPJZyw=
=sByk
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY+2KG8kNZI30y1K9AQjlXQ//ZVHheTvvwMSk1JytBe5Met0MM1Mi0eJx
zr5ws2kpjrn5fKH9WiTUCiBDWgGJHG8AASaagxeF8MO+rGIZO3JzTFt0A+BO1c5j
1Yz63QWLcVttniA+Zl7KcjRUWmP7yh7k/ksHDU1ZZpFx3yHJdnZMim6CZOokTd+S
w6FAMidM8K7jgN2lRJOr326/mohMREVfxgMPY67c+mPLsW8MWTPzndVbRlr38WxB
lu4JzFVW9d1mFIyWqiBJ3fqC5w5O3YFyxNRoZG5EIXHheXemIo4U4ytM3fn7yCwD
/akl8w0OB0NrBYnsqM3LoSf408MI7cgFeffRNYar1RqiHPE0L/TnTAQU556nqduN
5/A76KGWD+Sk2qhG2te2G/dgNVEJWwuo4fTcduS6R9o/NefjcNwaOBdbcvcuHKXJ
Hnj/ZoWnWlFhphu29EYRp60VhdyojgF0sTnu/r7F5dfhZLmLymz0eBGNUWt0PLTQ
gIsL24ic2FdcFd95PKUxrMrK7ubvtPLPNAB93KpAKuVi5En0fMUbRdqsKQeelAtf
uuE7IiXu/QY5MUnseiVoc76mKHcOfp9TJoa76h2p/R1lWR/4OPcK2izhRUkjQ/1m
oA5OGoEEgX9+ijLLevVPpngqsl/9lnPk4HJJKr9JXKdODY25DKGzW/4I27ZJWEMs
9d6+h+BcTzg=
=jOwL
-----END PGP SIGNATURE-----
ESB-2023.0929 - [RedHat] Red Hat OpenShift (Logging Subsystem): CVSS (Max): 10.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2023.0929
Red Hat OpenShift (Logging Subsystem) security update
16 February 2023
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Red Hat OpenShift (Logging Subsystem)
Publisher: Red Hat
Operating System: Red Hat
Resolution: Patch/Upgrade
CVE Names: CVE-2023-21843 CVE-2023-21835 CVE-2022-47629
CVE-2022-46285 CVE-2022-44617 CVE-2022-41903
CVE-2022-41717 CVE-2022-40304 CVE-2022-40303
CVE-2022-30123 CVE-2022-23521 CVE-2022-4883
Original Bulletin:
https://access.redhat.com/errata/RHSA-2023:0632
Comment: CVSS (Max): 10.0 CVE-2022-30123 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: Red Hat OpenShift (Logging Subsystem) security update
Advisory ID: RHSA-2023:0632-01
Product: Logging Subsystem for Red Hat OpenShift
Advisory URL: https://access.redhat.com/errata/RHSA-2023:0632
Issue date: 2023-02-15
CVE Names: CVE-2022-4883 CVE-2022-23521 CVE-2022-30123
CVE-2022-40303 CVE-2022-40304 CVE-2022-41717
CVE-2022-41903 CVE-2022-44617 CVE-2022-46285
CVE-2022-47629 CVE-2023-21835 CVE-2023-21843
=====================================================================
1. Summary:
An update is now available for the Logging subsystem for Red Hat OpenShift
5.4.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Description:
Logging Subsystem 5.4.11 - Red Hat OpenShift
Security Fix(es):
* rubygem-rack: crafted requests can cause shell escape sequences
(CVE-2022-30123)
* golang: net/http: An attacker can cause excessive memory growth in a Go
server accepting HTTP/2 requests (CVE-2022-41717)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
3. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
4. Bugs fixed (https://bugzilla.redhat.com/):
2099524 - CVE-2022-30123 rubygem-rack: crafted requests can cause shell escape sequences
2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests
5. References:
https://access.redhat.com/security/cve/CVE-2022-4883
https://access.redhat.com/security/cve/CVE-2022-23521
https://access.redhat.com/security/cve/CVE-2022-30123
https://access.redhat.com/security/cve/CVE-2022-40303
https://access.redhat.com/security/cve/CVE-2022-40304
https://access.redhat.com/security/cve/CVE-2022-41717
https://access.redhat.com/security/cve/CVE-2022-41903
https://access.redhat.com/security/cve/CVE-2022-44617
https://access.redhat.com/security/cve/CVE-2022-46285
https://access.redhat.com/security/cve/CVE-2022-47629
https://access.redhat.com/security/cve/CVE-2023-21835
https://access.redhat.com/security/cve/CVE-2023-21843
https://access.redhat.com/security/updates/classification/#moderate
6. Contact:
The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2023 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBY+zQANzjgjWX9erEAQiH1g//X870GJDPdbNfdY26uTCuTK2PebCDghmn
aHyyZUj1dt0EGxtNsjqcG3ivrgbaSEhEOnQaE3IkRQoEK8XWVFtodr8fw6VnFHSG
rrgKn/Kl4zHaDpIRRFPpImHBEUYJiXYh2AX9+IASkvi8/J90enitS8S1cCYRQmTO
DS3CHnpKa1EmlVZaD5DqZacoQl7n8rHZRXtMQ9oel2FuymSXEUHkBQSYfPLLLjuP
yOTeYi5jn3JWH3xSzCzi65jm0P3n6IzQqKU45Hn8fMbNbcoTrl+Q1QMuCwxQLjQr
mfHO+U8nmGbqoLcvazMcOQ5UFyX/R4WJkef19BxUiCiH2xCsl1k2bmFn7Ofu5Q5E
0s6+DNx2s6BMP2DBTvFggYNoEaz6uP0yPnYuCKX0PPp+lgydMcE4FPO2hLjhOTr/
5nFaQW8tHMJ1zFUmrux8xnPBf5W6ivaa5tKJV1u6BCJSi7PcGcd1a+cq3HaUOpqr
CFZtKsLr+/yQBSZlRDpurbpwK+499/fU/R5M3ya3Rswa7XuA7uEzsYceZ8rsXk34
n94845yMc9OL57rw0Ld5shgH8G8IFULrorcS+Yj0LL6yZa4zKpGdqawsiG2X7E+j
BD9y5xpmQ3tqwcjP7LcIKFq/9Xcc9g4F99bu4BNGV7+DzdMFFIgCGpdkO8JrjNVW
EgMXmUtLcsI=
=cn0O
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY+2KDskNZI30y1K9AQhyLRAAiAe7HVQZ/U5IzFV95O0lOPUSXY/gf7b/
U4hojBi0ScKNFIGGVUz1m6Muc1SKYUf6LZ8FEQ4PYTXZBZiubXfXHZMNoyepcAds
aNfHAhnUG22f5VVzE4bvud83EInIkEarwAMEe9X+XA1dHGPNS43qcvUpSLUfGUxN
dydb3KaUWhiuL/dK+0sHK4OLyHYxE8ACsa6ZBW63x8AUO1OH0049jS3waON9vydU
gXx4yPfZeaDiPOBi8xiaDMK64ixbhZQ/KSSn+MsVWxt5EVJczyF5y+6YbMzbm86l
pEjgMv/dnzZtt8g89FO1IneVIdjNuWuJPQkkFYo31wbCWvh6tdHDYA0ad1RwUAXJ
U1DtG4Bo+NxmQTCSH4eavrBn+H9l+KDgxfxaAVKTzLChgsfIpUa1fwysGxM0vIHT
gEOv1Kx91UXmnIB7Clfez+rCWsSuiPtervS39WX5VhCz9iPJq5wh9ZEhq1rr+hPC
ZFIgWZPUmnWJsohMk0PYftpGZC5AinCtK9ORY3b3CEqJD+BHp6fwfxP1oZp4cuuw
lh8VV1chiJQYSwW0RLp4vChSuX7/8rIBzxsfb7lqfmS1VKGpgAeBHdzAV1l5ASUg
PYfjo5fHitbhhKRRVVZcCM+HfMdmjSRTV4ns59qrFIjf2bTTQBPr9q6yxo7A6ZUy
xEqHw7+zrJM=
=ohyi
-----END PGP SIGNATURE-----
ESB-2023.0928 - [RedHat] OpenShift Container Platform 4.10.52: CVSS (Max): 9.8
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2023.0928
OpenShift Container Platform 4.10.52 security update
16 February 2023
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: OpenShift Container Platform 4.10.52
Publisher: Red Hat
Operating System: Red Hat
Resolution: Patch/Upgrade
CVE Names: CVE-2022-47629 CVE-2022-41903 CVE-2022-38023
CVE-2022-34174 CVE-2022-23521 CVE-2022-3064
CVE-2022-1471
Original Bulletin:
https://access.redhat.com/errata/RHSA-2023:0698
Comment: CVSS (Max): 9.8 CVE-2022-47629 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: OpenShift Container Platform 4.10.52 security update
Advisory ID: RHSA-2023:0698-01
Product: Red Hat OpenShift Enterprise
Advisory URL: https://access.redhat.com/errata/RHSA-2023:0698
Issue date: 2023-02-15
CVE Names: CVE-2022-1471 CVE-2022-3064 CVE-2022-23521
CVE-2022-34174 CVE-2022-38023 CVE-2022-41903
CVE-2022-47629
=====================================================================
1. Summary:
Red Hat OpenShift Container Platform release 4.10.52 is now available with
updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Description:
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container
Platform 4.10.52. See the following advisory for the RPM packages for this
release:
https://access.redhat.com/errata/RHSA-2023:0697
Space precludes documenting all of the container images in this advisory.
See the following Release Notes documentation, which will be updated
shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
Security Fix(es):
* go-yaml: Improve heuristics preventing CPU/memory abuse by parsing
malicious or large YAML documents (CVE-2022-3064)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
* [4.10] Prevent redundant queries of BIOS settings in
HostFirmwareController (BZ#2061794)
* ovn-nbctl.log is never rotated (BZ#2072601)
* [4.10] APIRemovedInNextEUSReleaseInUse alert for OVN poddisruptionbudgets
(BZ#2092193)
All OpenShift Container Platform 4.10 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift CLI (oc)
or web console. Instructions for upgrading a cluster are available at
https://docs.openshift.com/container-platform/4.10/updating/updating-cluster-cli.html
3. Solution:
For OpenShift Container Platform 4.10 see the following documentation,
which will be updated shortly for this release, for important instructions
on how to upgrade your cluster and fully apply this asynchronous errata
update:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
You may download the oc tool and use it to inspect release image metadata
for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests
may be found at
https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.
The sha values for the release are:
(For x86_64 architecture)
The image digest is
sha256:b13ee67469f7f85a1b1daf57424f3c7c02c3a188cb640dc6284742091a7e6d50
(For s390x architecture)
The image digest is
sha256:4c776be05c475ee885829444509258b486d79d8128e12d6d2263ab7cdef83ce8
(For ppc64le architecture)
The image digest is
sha256:2d4e0af6ca2afc8c10d210aa520aba602618f3fad4cb42636bddb57b1f0ce425
(For aarch64 architecture)
The image digest is
sha256:7cadaaf6e0f71645864963e6c47c75852ce68aff80c963dfba2ddf51c0b836c4
All OpenShift Container Platform 4.10 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift CLI (oc)
or web console. Instructions for upgrading a cluster are available at
https://docs.openshift.com/container-platform/4.10/updating/updating-cluster-cli.html
4. Bugs fixed (https://bugzilla.redhat.com/):
2061794 - [4.10] Prevent redundant queries of BIOS settings in HostFirmwareController
2072601 - ovn-nbctl.log is never rotated
2092193 - [4.10] APIRemovedInNextEUSReleaseInUse alert for OVN poddisruptionbudgets
2163037 - CVE-2022-3064 go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents
5. JIRA issues fixed (https://issues.jboss.org/):
OCPBUGS-2106 - intra namespace allow network policy doesn't work after applying ingress&egress deny all network policy
OCPBUGS-2614 - e2e-gcp-builds is permafailing
OCPBUGS-2982 - [release-4.10] Update blueocean-autofavorite to 1.2.5
OCPBUGS-3615 - [4.10] [perf/scale] libovsdb builds transaction logs but throws them away
OCPBUGS-4095 - Various Jenkins CVEs for October 2022 [openshift-4.10.z]
OCPBUGS-4578 - Origin tests for bonds - 4.10 backport
OCPBUGS-4882 - [2117255] Failed to dump flows for flow sync, stderr: "ovs-ofctl: br-ext is not a bridge or a socket"
OCPBUGS-5077 - Service spec value `externalTrafficPolicy` does not trigger rules update in ovnkube-node pod handlers on edit
OCPBUGS-5296 - Developer Topology always blanks with large contents when first rendering
OCPBUGS-5961 - Add support for API version v1beta1 for knativeServing and knativeEventing
OCPBUGS-6690 - OLM details page crashes on incomplete ClusterServiceVersion resource
OCPBUGS-6702 - The MCO can generate a rendered config with old KubeletConfig contents, blocking upgrades
OCPBUGS-6754 - Topology gets stuck loading
OCPBUGS-6886 - [4.10] boot sequence override request fails with Base.1.8.PropertyNotWritable on Lenovo SE450
OCPBUGS-6930 - hack/check-plugins-supply-chain-change.sh is not executable
OCPBUGS-7052 - Sync jenkins-version.txt, base-plugins.txt and bundle-plugins.txt from master branch
6. References:
https://access.redhat.com/security/cve/CVE-2022-1471
https://access.redhat.com/security/cve/CVE-2022-3064
https://access.redhat.com/security/cve/CVE-2022-23521
https://access.redhat.com/security/cve/CVE-2022-34174
https://access.redhat.com/security/cve/CVE-2022-38023
https://access.redhat.com/security/cve/CVE-2022-41903
https://access.redhat.com/security/cve/CVE-2022-47629
https://access.redhat.com/security/updates/classification/#moderate
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
7. Contact:
The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2023 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBY+0kZ9zjgjWX9erEAQjaJxAAqF+IAiwuWfRcYGBXUwA/K3P+44YgTiVo
xISaecxqI5ybSvMPCzFHftDSntW6nhIUFpSC2xIsvzsEIEvT8TFR09NAtGv57kzK
8nbqNMc+orQhRYe8qNE/kadzQOEpDuM/Ni72anrFDoD7/oFMkoLur1TtBhYG067J
AyCiSMYF3IA2K9hPapoa9DmjAF+K6XKHrlP4pmdT3bw152BCfQ0K/wb/4tDGUgym
TH6r7dK3MkKJY+hkx4Rf8O8wRyodMID5tuLeQl9zhsOPHVE+S1T8fWzRkHYMpx1T
p9IL8mXJs6f5hDR+ZyRr6tLlA36Glaqbpk1sfij96USYC8n7AtOtwY092SmHz3GO
+OEwiL5Vnk6VgQIxweZ5SZgLUXsTkUYelXFeLUG2TRqw24kjMUqOpql1S/Ps/R6n
zlnaA2wD+fjYpTv72XKMiaHxsuY36Ys+RWnxOXGDKBrn9yYerwV9iAqKFv3MumkA
LIXGqkXigGEeNFiaxDPyoeCWW4UxFnGTv1J4JDfRHLIuUNU6ETe/a4Lwy4niaF6m
Wqd7GqzHcrI/XTMoQyT1VwbKVYLl80F/mEDbxsxXep8Bxck5UbYjm8ta0U5zDxIB
v3RYCBXm8egt1Y2En6Ul6X4ZM+ePFDlde87cn3wANF6WfikehXenLXwnQBXOebT4
7rSPY9B2p+A=
=wyNJ
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY+2J88kNZI30y1K9AQgw/xAAhbjeZKbF33ebHX9kb6IrnlJEVNlv5bfl
zH3vndR3qkrNayPhR44eURfFZO7+SYq0uM5sqGVgwdp9FM3ZvCQdbEhIJp/3TNCk
7iozSaDFrqiZOjUNjiuy5vTXfut62v2kUsMhefqhivx+bRpwzIR1rsxcmuBV32H9
mBCtkMU9VMJTVUP4QgOIFK94qHWFIH4j+T7oSbeF0d047CbdQ//3PY4hLAc72baR
IZvJu8Lqi/AwezJy71eSfSVq3rYnmTdkvZCAy0MFPHXQccWgAImk7jyp118sgzPR
cA5tOZA2s7XS5Ac1uCzhJ5nMbY96PnoZJwJj3YV+SltfqLaq4ynVvU4Xi5Blz3OT
l7wNDQ8sClPDd2VdBmglQCtvML/3heMXtUISdeo/X24Uc/uBjPKioIJ7wIlmFrP8
Dw1huF4F5XxmEeAjgTKicE1PCEuCEP2+X9tGlrpScHaNyQX6yqWfG6VpIQ7ed5YQ
pI6YrsXiq8nk7j5bR535bThmoSKN5fdz75n2GA84ycHEAP8DG1BKt2ylY+Aa44FL
r4CwbRx2awL4BCVUleGEriG9XhXnoHU3lgMZLHkdNFulBDI36zsIC204+7JvSS7m
iCE0s8EDhTfJoQ/6XL1doV6wjVmlxeAUPAYz3a19Lkrep+yR7iZ8IEC8/+VuFlZ5
aQX1xGkHY2o=
=We2C
-----END PGP SIGNATURE-----
ESB-2023.0927 - [RedHat] OpenShift Container Platform 4.10.52: CVSS (Max): 9.8
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2023.0927
OpenShift Container Platform 4.10.52 security update
16 February 2023
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: OpenShift Container Platform 4.10.52
Publisher: Red Hat
Operating System: Red Hat
Resolution: Patch/Upgrade
CVE Names: CVE-2022-34174 CVE-2022-1471
Original Bulletin:
https://access.redhat.com/errata/RHSA-2023:0697
Comment: CVSS (Max): 9.8 CVE-2022-1471 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: OpenShift Container Platform 4.10.52 security update
Advisory ID: RHSA-2023:0697-01
Product: Red Hat OpenShift Enterprise
Advisory URL: https://access.redhat.com/errata/RHSA-2023:0697
Issue date: 2023-02-15
CVE Names: CVE-2022-1471 CVE-2022-34174
=====================================================================
1. Summary:
Red Hat OpenShift Container Platform release 4.10.52 is now available with
updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat OpenShift Container Platform 4.10 - aarch64, noarch, ppc64le, s390x, x86_64
3. Description:
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container
Platform 4.10.52. See the following advisory for the container images for
this release:
https://access.redhat.com/errata/RHSA-2023:0698
Security Fix(es):
* SnakeYaml: Constructor Deserialization Remote Code Execution
(CVE-2022-1471)
* jenkins: Observable timing discrepancy allows determining username
validity (CVE-2022-34174)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
All OpenShift Container Platform 4.10 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift CLI (oc)
or web console. Instructions for upgrading a cluster are available at
https://docs.openshift.com/container-platform/4.10/updating/updating-cluster-cli.html
4. Solution:
For OpenShift Container Platform 4.10 see the following documentation,
which will be updated shortly for this release, for important instructions
on how to upgrade your cluster and fully apply this asynchronous errata
update:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
5. Bugs fixed (https://bugzilla.redhat.com/):
2119653 - CVE-2022-34174 jenkins: Observable timing discrepancy allows determining username validity
2150009 - CVE-2022-1471 SnakeYaml: Constructor Deserialization Remote Code Execution
6. Package List:
Red Hat OpenShift Container Platform 4.10:
Source:
openshift-4.10.0-202302072053.p0.g8a6bfe4.assembly.stream.el7.src.rpm
openshift-ansible-4.10.0-202302072053.p0.g72c7be6.assembly.stream.el7.src.rpm
openshift-clients-4.10.0-202302072053.p0.gdaed147.assembly.stream.el7.src.rpm
noarch:
openshift-ansible-4.10.0-202302072053.p0.g72c7be6.assembly.stream.el7.noarch.rpm
openshift-ansible-test-4.10.0-202302072053.p0.g72c7be6.assembly.stream.el7.noarch.rpm
x86_64:
openshift-clients-4.10.0-202302072053.p0.gdaed147.assembly.stream.el7.x86_64.rpm
openshift-clients-redistributable-4.10.0-202302072053.p0.gdaed147.assembly.stream.el7.x86_64.rpm
openshift-hyperkube-4.10.0-202302072053.p0.g8a6bfe4.assembly.stream.el7.x86_64.rpm
Red Hat OpenShift Container Platform 4.10:
Source:
atomic-openshift-service-idler-4.10.0-202302072053.p0.ga0f9090.assembly.stream.el8.src.rpm
jenkins-2-plugins-4.10.1675407676-1.el8.src.rpm
jenkins-2.361.1.1675406172-1.el8.src.rpm
openshift-4.10.0-202302072053.p0.g8a6bfe4.assembly.stream.el8.src.rpm
openshift-ansible-4.10.0-202302072053.p0.g72c7be6.assembly.stream.el8.src.rpm
openshift-clients-4.10.0-202302072053.p0.gdaed147.assembly.stream.el8.src.rpm
openshift-kuryr-4.10.0-202302072053.p0.gd4f4d9a.assembly.stream.el8.src.rpm
python-sushy-4.1.5-0.20221125154417.ff95176.el8.src.rpm
aarch64:
atomic-openshift-service-idler-4.10.0-202302072053.p0.ga0f9090.assembly.stream.el8.aarch64.rpm
openshift-clients-4.10.0-202302072053.p0.gdaed147.assembly.stream.el8.aarch64.rpm
openshift-hyperkube-4.10.0-202302072053.p0.g8a6bfe4.assembly.stream.el8.aarch64.rpm
noarch:
jenkins-2-plugins-4.10.1675407676-1.el8.noarch.rpm
jenkins-2.361.1.1675406172-1.el8.noarch.rpm
openshift-ansible-4.10.0-202302072053.p0.g72c7be6.assembly.stream.el8.noarch.rpm
openshift-ansible-test-4.10.0-202302072053.p0.g72c7be6.assembly.stream.el8.noarch.rpm
openshift-kuryr-cni-4.10.0-202302072053.p0.gd4f4d9a.assembly.stream.el8.noarch.rpm
openshift-kuryr-common-4.10.0-202302072053.p0.gd4f4d9a.assembly.stream.el8.noarch.rpm
openshift-kuryr-controller-4.10.0-202302072053.p0.gd4f4d9a.assembly.stream.el8.noarch.rpm
python3-kuryr-kubernetes-4.10.0-202302072053.p0.gd4f4d9a.assembly.stream.el8.noarch.rpm
python3-sushy-4.1.5-0.20221125154417.ff95176.el8.noarch.rpm
python3-sushy-tests-4.1.5-0.20221125154417.ff95176.el8.noarch.rpm
ppc64le:
atomic-openshift-service-idler-4.10.0-202302072053.p0.ga0f9090.assembly.stream.el8.ppc64le.rpm
openshift-clients-4.10.0-202302072053.p0.gdaed147.assembly.stream.el8.ppc64le.rpm
openshift-hyperkube-4.10.0-202302072053.p0.g8a6bfe4.assembly.stream.el8.ppc64le.rpm
s390x:
atomic-openshift-service-idler-4.10.0-202302072053.p0.ga0f9090.assembly.stream.el8.s390x.rpm
openshift-clients-4.10.0-202302072053.p0.gdaed147.assembly.stream.el8.s390x.rpm
openshift-hyperkube-4.10.0-202302072053.p0.g8a6bfe4.assembly.stream.el8.s390x.rpm
x86_64:
atomic-openshift-service-idler-4.10.0-202302072053.p0.ga0f9090.assembly.stream.el8.x86_64.rpm
openshift-clients-4.10.0-202302072053.p0.gdaed147.assembly.stream.el8.x86_64.rpm
openshift-clients-redistributable-4.10.0-202302072053.p0.gdaed147.assembly.stream.el8.x86_64.rpm
openshift-hyperkube-4.10.0-202302072053.p0.g8a6bfe4.assembly.stream.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2022-1471
https://access.redhat.com/security/cve/CVE-2022-34174
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2023 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBY+0kYNzjgjWX9erEAQjG4g/+MCnDpTDzXYC2Tq9v+UObLQHm4n/7OVNc
5csFC1X9TBxbToKQ9JfJDJeJHe2IBKlyYsen0UGw1+9y7IBy2ywwmLf28zbH393M
Bc4LhaIe8tiZ5uJoWnsA6gtTB60vbiIX6BRA2RdD9JuZEh/p6BwSDxBZY1iBlJfK
/+MAgoYyqxaR4s5s30MqX9KK27t67hJcWutKulHggUofKnJGhzqgTFlC+rHuS+xe
QTWxeBt4ubA+KGBgdb6a5+0Mlef4ydAghkJtg6waM9cf8EfwRPfa6UTSRAHnRGzv
AeI6kGXJ0O8BNu8KC28KnwShdpMSxaSEq5yHnReUjVazcXg6F1mOuuD8c2dgc3Wm
NOSUz4VskRS5qzItZTrsLVJ7n5bOYYmG1mg4lh+XC9W9D8hFCLEYFXYTBADSgXfS
6EF9JZ6NX7xPSnz3q67dTsfFSNvqPJnoNHQ1baV9rq1FQeAdbmYBK6xZy4hGO2DN
fbRlGCCNkykdrjl1VQ/6V8d19AAdltcDD6V6ep4fEF4Owx5tj9ZUcDukvYbnp7CG
1jd+jquOh+1PWi0CtJuFaaY0mzgjjaf1OjTaUWNjOhzsHkv4RlmjqJeYKoQ0LKb0
RhS3/Cwig1ITuan2TcZ1t6A+Unk81nVg3thRUUPl34Xr0g9k3NScBTXF98sHL59I
fS/PyK7o5aE=
=XLnM
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY+2J48kNZI30y1K9AQjQSBAAjMwrrNlpd++xw1H4j36cvWH4XJrzhDEI
c7mpmiwxy/rhmpMfOv55kAY9j5vjL7QI3agnXmSh+S0EoH6An3PyBVn/YuZgKSbC
WrJARj34BCLY+aMOXpi+TG1TxCXBWN3ERfVIBQnBEkF3fTqP3y6PD0FywacAlRFw
0+olkkqz6jRY8RsTTVaPV+Q8Z4C8hgzgABItjE8/fbkBErnpxKDTObxpYFC6N3tg
ByLYdRaIaH21XQK9c+K2/ThgS01v9li5etz3QARgLKlSgiGVMWvJilo3vnjWh8f3
B9R2AgirMClKbEja1FfrohYdWt+aGHBFHOfhLmyj7ooRLve7b02rpRk9bUzdeTgW
RqTcbNs5lyaBTrvUuIHC27fwKtZKR+TQRCzFCVzxCo1CkvSGLL6+hJ3jt8PqAeiG
e4x5Y2bf4fC2saP0SGexsLPmdOTGwu4sCc080QdxX7BW0of2H2yY4AyYgkoZflJR
bwz2NpWSrJCpEhOv4T68A84l5m9XEVLnEWlnRIpKrIqZChIDb+PZC0tnf8n0dB4M
n7ZeJ67OXCRDAKh8q3GFeWOItk8LkI/xG8hBW7+fNutt8NF6LE3+4i6xuPYmL3wy
QfFfOIBi5AgQHbhrw5wNYedIWQcfMW8LFihSTmLj/qkt4p8OzDMk1OL2w/4gcrp9
+Uo3Aw7dtmI=
=xLCF
-----END PGP SIGNATURE-----
ESB-2023.0926 - [RedHat] Network observability 1.1.0: CVSS (Max): 9.8
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2023.0926
Network observability 1.1.0 security update
16 February 2023
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Network observability 1.1.0
Publisher: Red Hat
Operating System: Red Hat
Resolution: Patch/Upgrade
CVE Names: CVE-2023-0813 CVE-2022-47629 CVE-2022-42898
CVE-2022-40304 CVE-2022-40303 CVE-2022-35737
CVE-2022-34903 CVE-2022-33099 CVE-2022-3821
CVE-2022-3786 CVE-2022-3715 CVE-2022-3602
CVE-2022-3515 CVE-2022-2509 CVE-2022-1304
CVE-2022-1271 CVE-2021-46848
Original Bulletin:
https://access.redhat.com/errata/RHSA-2023:0786
Comment: CVSS (Max): 9.8 CVE-2022-47629 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: Network observability 1.1.0 security update
Advisory ID: RHSA-2023:0786-01
Product: NETOBSERV
Advisory URL: https://access.redhat.com/errata/RHSA-2023:0786
Issue date: 2023-02-15
CVE Names: CVE-2021-46848 CVE-2022-1271 CVE-2022-1304
CVE-2022-2509 CVE-2022-3515 CVE-2022-3602
CVE-2022-3715 CVE-2022-3786 CVE-2022-3821
CVE-2022-33099 CVE-2022-34903 CVE-2022-35737
CVE-2022-40303 CVE-2022-40304 CVE-2022-42898
CVE-2022-47629 CVE-2023-0813
=====================================================================
1. Summary:
Network observability 1.1.0 release for OpenShift
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Description:
Network observability is an OpenShift operator that provides a monitoring
pipeline to collect and enrich network flows that are produced by the
Network observability eBPF agent.
The operator provides dashboards, metrics, and keeps flows accessible in a
queryable log store, Grafana Loki. When a FlowCollector is deployed, new
dashboards are available in the Console.
Security Fix(es):
* network-observability-console-plugin-container: setting Loki authToken
configuration to DISABLE or HOST mode leads to authentication longer being
enforced (CVE-2023-0813)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
3. Solution:
Apply this errata by upgrading Network observability operator 1.0 to 1.1
4. Bugs fixed (https://bugzilla.redhat.com/):
2169468 - CVE-2023-0813 network-observability-console-plugin-container: setting Loki authToken configuration to DISABLE or HOST mode leads to authentication longer being enforced
5. References:
https://access.redhat.com/security/cve/CVE-2021-46848
https://access.redhat.com/security/cve/CVE-2022-1271
https://access.redhat.com/security/cve/CVE-2022-1304
https://access.redhat.com/security/cve/CVE-2022-2509
https://access.redhat.com/security/cve/CVE-2022-3515
https://access.redhat.com/security/cve/CVE-2022-3602
https://access.redhat.com/security/cve/CVE-2022-3715
https://access.redhat.com/security/cve/CVE-2022-3786
https://access.redhat.com/security/cve/CVE-2022-3821
https://access.redhat.com/security/cve/CVE-2022-33099
https://access.redhat.com/security/cve/CVE-2022-34903
https://access.redhat.com/security/cve/CVE-2022-35737
https://access.redhat.com/security/cve/CVE-2022-40303
https://access.redhat.com/security/cve/CVE-2022-40304
https://access.redhat.com/security/cve/CVE-2022-42898
https://access.redhat.com/security/cve/CVE-2022-47629
https://access.redhat.com/security/cve/CVE-2023-0813
https://access.redhat.com/security/updates/classification/#important
6. Contact:
The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2023 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBY+0kZNzjgjWX9erEAQhFFQ//QpVfZtURnoqqxWDRomJfU/B5FMK0iGEv
r9lIOIPlCyXNJndORtBR53RPNjOaeDRAMDCLGKyaPMZbrT117nULpIe0glTgNUkM
Lr6ZYeuVRPlUeyZz/siRV6e+IgTGJibZh5EmIOIgTqbZcuR2P1pi5VCgy/UlNbgC
QnPUSvUf0CXS7c87pX1m1aisYxlyiNFiacMGf26hHFx1fdt1GlCCvko4Rz1sLiiN
yc0AZ4sQgt4XJBaTheiueDUx3lJ+AXeJ9IxKwvHYwXzVAZZ43zhYNi93cfcLfk+0
wnpPOVq0sQ3kxe9a02YL5eH2+HvKAJzrw1WAN0SArskk66HgIb4cta1Y9Wqt4++o
hR/9/xJLNt9WrLUJaof0VqlMwlZYocIu747CgbhSYh3f+ITVrP86XgVfacBzhDAm
YeOClak18lzrBjJKqUZv5jEqspO46l+GwpbAwl8nNk6weyWHvIiZP2j/MIN4o3i6
CGr/2JyKN2LgbU+ForWdjKVFojj/XLUlOd142qYlXyUuHrJ65a3dl1Hcoi+p10bw
VXwJDLD45ZUx8VC7CIqG9aVnOAG4JxN77FlU3yFgNvNHdzKs4R8N71B4tk4DRLF2
IfsFlc95Pn/CyNufH9d8+ev5A59qT1wrdwhoXe/Udu7gJZThiRTb0AAXRw0xPdDF
YtiWKaTUBfM=
=wK1Q
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY+2Jv8kNZI30y1K9AQh0YQ//QVffCzRxk5GY0Kp+ev/ux9kEU+u/psAr
Ui2RpbfBOoJCuqEVtN4YpamADP2rw6PxBqwG2w+Xc9m1/IasiW55nBadZ6633nOl
WQZXhSLihsCr4zlXELaMzLfRyWsfFb4aWYUzsU6Qtfp6jEuxf4eS8G44T4dITLkA
mfGIJ3q9nli9YHJj9kGAaQND5k3/xfyaxA+O7dnH0SvEv8wbB3vyeCm8SySOE9eo
oxbpBkpx3OcyR3MJyOW/6NT5YjNu/P+tkpPVAf8ah66xWoyuDnfw3BHSnXB6AtfR
3fPXAZ6NWgrOQQ2jsndWJKgWfQAkNVMc4iwjVrrMGH4Dn2W67qZpgFhRFMWPnGnD
rutrX4fypSy0r1vd0tZ0yOw8/j/tY4e94MCXg6GWJ3MQPaHeDDMAyF0hFTPJadPk
PmdptM/By0+e+XdRj//T4IcM4vj3YFjEwts0KCZ1NuOSweZW8Xi6XvSP9Yhf1+1A
gzL197y2BKAGEbDEu/qsuFPz1k8SAixnABS3kINqiy8v9JjrbkcqsvaIDHfpFDjU
Wi2esc4ltqpqP66d6hNsttLK8IC07BQMctSOKzML3KF7jpcE+9DJIvU0QteCpIR7
WBNj4ZoPU7tNAkOs1stHmKI31Bc1WxHWYAmccyZ/wAk2YlhbLvDAYmeYNAlp4FnH
CjJES8AMJJw=
=wC+h
-----END PGP SIGNATURE-----
ESB-2023.0925 - [RedHat] Red Hat OpenShift (Logging Subsystem): CVSS (Max): 9.8
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2023.0925
Red Hat OpenShift (Logging Subsystem) security update
16 February 2023
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Red Hat OpenShift (Logging Subsystem)
Publisher: Red Hat
Operating System: Red Hat
Resolution: Patch/Upgrade
CVE Names: CVE-2022-47629 CVE-2022-41903 CVE-2022-40304
CVE-2022-40303 CVE-2022-23521
Original Bulletin:
https://access.redhat.com/errata/RHSA-2023:0633
Comment: CVSS (Max): 9.8 CVE-2022-47629 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: Red Hat OpenShift (Logging Subsystem) security update
Advisory ID: RHSA-2023:0633-01
Product: Logging Subsystem for Red Hat OpenShift
Advisory URL: https://access.redhat.com/errata/RHSA-2023:0633
Issue date: 2023-02-15
CVE Names: CVE-2022-23521 CVE-2022-40303 CVE-2022-40304
CVE-2022-41903 CVE-2022-47629
=====================================================================
1. Summary:
Logging Subsystem 5.5.7 - Red Hat OpenShift
2. Description:
Logging Subsystem 5.5.7 - Red Hat OpenShift
3. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
4. JIRA issues fixed (https://issues.jboss.org/):
LOG-3533 - tls.cert, tls.key and passphrase are not passed to the fluentd configuration when forwarding logs using syslog over TLS
LOG-3534 - [release-5.5] [Administrator Console] Seeing "parse error" while using Severity filter for cluster view user
5. References:
https://access.redhat.com/security/cve/CVE-2022-23521
https://access.redhat.com/security/cve/CVE-2022-40303
https://access.redhat.com/security/cve/CVE-2022-40304
https://access.redhat.com/security/cve/CVE-2022-41903
https://access.redhat.com/security/cve/CVE-2022-47629
https://access.redhat.com/security/updates/classification/#moderate
null
6. Contact:
The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2023 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBY+0kYtzjgjWX9erEAQh8tg/+OxUzZUKlGBAcVY2WQ/YrOzOAL73pf5Vs
X5yLUjjK9yBeXtTjnWQIuYst3tDiUtUAq41xC6QJ622opWMtBVH26IwS9o0jE/px
8xR7PaVY7UOxjdRA9JIt7NH1BhH8iv463xVWvXMvTVfHtjva6aaorFXofjGOLs/s
nLikw9Q/9TPDtg955NoXj8YT+aF9jXivWVu/2Z25o0bC9yitGOByvah1NTTYfkGw
86H+2PYkZ2jXyO0O6fES1HG5ATkvnFFUbk5hrE8Q58tBOMWv6vCyPjvrhFBlCIR2
NvsBQWwIj2Lzn/pFji8uTf2x+m3JNOqzGa/M0cHzRPdvwi0YcXYurF/9n5Vgb7sS
n1lrKg8dX2v1i6GAgYx8BFMrcFzw/D8az/q30LwCJauWy+i74/uyM3ukUKbXnvkO
sjl/bT3ztkuO2jlGfZCjirhFNdjShbL06f2elDe5p4A47D7S8oPrd++KuPrh432e
CRZ966edVDP1LLuR6Mz3y26hkF1pYgzNoB2qbgY5se0feyHrSsnh0njYBWQwv3Qu
68w3HXby+O9Rd/azAICbEjTX+Os/UDiAN1+gTkiALdRAYI4yyQPoIp8dB4AuHxmn
UARsqN6glH5GYdkDq6rfVC5fC9pn16OJb6HOTIbCQ5tHJUgjZCElmsRc9kxzZe+6
LGOMFBehEt8=
=Gx1+
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY+2JrMkNZI30y1K9AQhHjw//ZkS0r1Cif6VqHAcDzF0kaiho0cYpYQJy
0tXnF4J2GJ61kgSs6jPK3G0KbpdYL3RDYL2PanLBILTq6goJdUvEfCkbh1Uo43VX
Vg7QEzQLtE4IJRI0eaS1zuVzwcqqVlRGqHouNr3uq5IjtvQnJS5U4uYJsEUi00Sj
SXhtfX+stE04cLhsKH2tsrPXAqeSi/eFgvdKB9m6sqZKcNuexbP8EWH6RhZxuV7M
1NiUg/nlUZ46CsSKCFxseY/agktKZptwF14wYnjnXz/1zFe2gwZdkcwJvYvRd9y7
c51YHsWGjEIdEdutXCCE5CX+waAPi+raWjNXmCtEfiDuz1C15jXLqlGnmzJf216F
hr6eDCy7CIP/S59CCP/1B/MqX6X6prvpyDr9Uq6CzekHNkOc/1ZONaEWoEX8iNe5
tsLx4BOEU2bOefieQnU/YwbAYcUhB2yqTf0HoJJ04PjgnuWajGxFjgfnOn3GIKMH
lyTz2Rb6zR3gy8UE0ERVEOCrIg9RtI+aTqJ70QyjORES5JwSgNnkBGaunGnWIpKr
E1yMLoTB9NXWhNIfUDZP3G+509zcKqy2v2nml4yQpm2shTEbgHoF7PnsymIPWb/F
NIEl2VW4V9YaqLJPkVIy2I5vi0eplX9R3ZT/lTpjbISG6Y6QVVNYXv9Zv2UCe7Gp
bXziiZRpMoE=
=3nXv
-----END PGP SIGNATURE-----
ESB-2023.0924 - [Ubuntu] Linux kernel: CVSS (Max): 8.8
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2023.0924
USN-5876-1: Linux kernel vulnerabilities
16 February 2023
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Linux kernel
Publisher: Ubuntu
Operating System: Ubuntu
Resolution: Patch/Upgrade
CVE Names: CVE-2023-0590 CVE-2022-47940 CVE-2022-42895
CVE-2022-41850 CVE-2022-41849 CVE-2022-3640
CVE-2022-3628 CVE-2022-3623 CVE-2022-3619
CVE-2022-3543
Original Bulletin:
https://ubuntu.com/security/notices/USN-5876-1
Comment: CVSS (Max): 8.8 CVE-2022-3640 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: [NVD], Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
USN-5876-1: Linux kernel vulnerabilities
15 February 2023
Several security issues were fixed in the Linux kernel.
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and
Universe repositories, and it is free for up to five machines.
Learn more about Ubuntu Pro
Releases
o Ubuntu 22.04 LTS
o Ubuntu 20.04 LTS
Packages
o linux-aws - Linux kernel for Amazon Web Services (AWS) systems
o linux-aws-5.15 - Linux kernel for Amazon Web Services (AWS) systems
o linux-azure-fde - Linux kernel for Microsoft Azure CVM cloud systems
o linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
o linux-gcp-5.15 - Linux kernel for Google Cloud Platform (GCP) systems
o linux-intel-iotg - Linux kernel for Intel IoT platforms
Details
It was discovered that a memory leak existed in the Unix domain socket
implementation of the Linux kernel. A local attacker could use this to
cause a denial of service (memory exhaustion). ( CVE-2022-3543 )
It was discovered that the Bluetooth HCI implementation in the Linux kernel
did not properly deallocate memory in some situations. An attacker could
possibly use this cause a denial of service (memory exhaustion).
( CVE-2022-3619 )
It was discovered that the hugetlb implementation in the Linux kernel
contained a race condition in some situations. A local attacker could use
this to cause a denial of service (system crash) or expose sensitive
information (kernel memory). ( CVE-2022-3623 )
It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux
kernel did not properly perform bounds checking in some situations. A
physically proximate attacker could use this to craft a malicious USB
device that when inserted, could cause a denial of service (system crash)
or possibly execute arbitrary code. ( CVE-2022-3628 )
It was discovered that a use-after-free vulnerability existed in the
Bluetooth stack in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. ( CVE-2022-3640 )
It was discovered that a race condition existed in the SMSC UFX USB driver
implementation in the Linux kernel, leading to a use-after-free
vulnerability. A physically proximate attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
( CVE-2022-41849 )
It was discovered that a race condition existed in the Roccat HID driver in
the Linux kernel, leading to a use-after-free vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. ( CVE-2022-41850 )
Tamas Koczka discovered that the Bluetooth L2CAP implementation in the
Linux kernel did not properly initialize memory in some situations. A
physically proximate attacker could possibly use this to expose sensitive
information (kernel memory). ( CVE-2022-42895 )
Arnaud Gatignol, Quentin Minster, Florent Saudel and Guillaume Teissier
discovered that the KSMBD implementation in the Linux kernel did not
properly validate user-supplied data in some situations. An authenticated
attacker could use this to cause a denial of service (system crash), expose
sensitive information (kernel memory) or possibly execute arbitrary code.
( CVE-2022-47940 )
It was discovered that a race condition existed in the qdisc implementation
in the Linux kernel, leading to a use-after-free vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. ( CVE-2023-0590 )
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and
Universe repositories, and it is free for up to five machines.
Learn more about Ubuntu Pro
Update instructions
The problem can be corrected by updating your system to the following package
versions:
Ubuntu 22.04
o linux-image-azure-fde - 5.15.0.1033.40.10
o linux-image-aws - 5.15.0.1030.28
o linux-image-intel-iotg - 5.15.0.1025.24
o linux-image-5.15.0-1030-aws - 5.15.0-1030.34
o linux-image-5.15.0-1029-gcp - 5.15.0-1029.36
o linux-image-5.15.0-1033-azure-fde - 5.15.0-1033.40.1
o linux-image-5.15.0-1025-intel-iotg - 5.15.0-1025.30
o linux-image-aws-lts-22.04 - 5.15.0.1030.28
o linux-image-gcp - 5.15.0.1029.24
Ubuntu 20.04
o linux-image-5.15.0-1030-aws - 5.15.0-1030.34~20.04.1
o linux-image-5.15.0-1029-gcp - 5.15.0-1029.36~20.04.1
o linux-image-aws - 5.15.0.1030.34~20.04.19
o linux-image-gcp - 5.15.0.1029.36~20.04.1
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References
o CVE-2022-41850
o CVE-2022-41849
o CVE-2022-3623
o CVE-2022-3619
o CVE-2022-42895
o CVE-2023-0590
o CVE-2022-3628
o CVE-2022-3543
o CVE-2022-3640
o CVE-2022-47940
Related notices
o USN-5793-1 : linux-modules-extra-aws, linux-cloud-tools-virtual,
linux-headers-generic-hwe-22.04-edge, linux-lowlatency-64k-hwe-20.04-edge,
linux-tools-generic-hwe-22.04, linux-image-unsigned-5.19.0-28-generic-64k,
linux-headers-oem-22.04, linux-image-raspi,
linux-image-unsigned-5.19.0-1014-lowlatency-64k, linux-tools-raspi-nolpae,
linux-lowlatency-hwe-22.04-edge, linux-modules-5.19.0-1015-kvm,
linux-image-5.19.0-1016-aws, linux-tools-kvm,
linux-headers-5.19.0-28-generic-64k, linux-modules-extra-5.19.0-1016-aws,
linux-headers-lowlatency-hwe-22.04-edge, linux-image-generic-64k-hwe-22.04,
linux-headers-lowlatency-64k, linux-headers-generic-lpae-hwe-22.04-edge,
linux-image-unsigned-5.19.0-1015-kvm, linux-generic-hwe-22.04-edge,
linux-buildinfo-5.19.0-1011-raspi-nolpae,
linux-tools-lowlatency-64k-hwe-20.04, linux-generic-lpae-hwe-22.04-edge,
linux-modules-iwlwifi-generic-hwe-22.04-edge,
linux-image-generic-hwe-22.04, linux-cloud-tools-generic-hwe-22.04-edge,
linux-virtual, linux-headers-lowlatency-64k-hwe-20.04-edge,
linux-headers-generic-64k-hwe-22.04-edge,
linux-headers-lowlatency-64k-hwe-22.04, linux-headers-lowlatency-hwe-22.04,
linux-image-5.19.0-28-generic, linux-lowlatency-64k,
linux-headers-5.19.0-1014-lowlatency-64k,
linux-image-extra-virtual-hwe-22.04-edge,
linux-cloud-tools-virtual-hwe-22.04, linux-generic-lpae,
linux-tools-generic-lpae, linux-aws, linux-kvm-tools-5.19.0-1015,
linux-headers-raspi, linux-headers-generic-64k, linux-image-virtual,
linux-lowlatency-hwe-20.04, linux-tools-5.19.0-1011-raspi,
linux-tools-raspi, linux-image-5.19.0-1011-raspi,
linux-buildinfo-5.19.0-28-generic-lpae, linux-cloud-tools-lowlatency,
linux-modules-5.19.0-28-generic-lpae, linux-image-lowlatency-hwe-22.04,
linux-tools-host, linux-modules-5.19.0-1011-raspi-nolpae,
linux-headers-lowlatency-hwe-20.04, linux-modules-5.19.0-1014-lowlatency,
linux-buildinfo-5.19.0-1014-lowlatency, linux-image-generic-64k,
linux-headers-virtual-hwe-22.04-edge,
linux-tools-lowlatency-64k-hwe-22.04-edge,
linux-image-lowlatency-hwe-20.04-edge, linux-lowlatency,
linux-modules-5.19.0-1014-lowlatency-64k, linux-generic-64k-hwe-22.04,
linux-image-5.19.0-28-generic-lpae, linux-modules-extra-raspi, linux-doc,
linux-modules-iwlwifi-generic, linux-image-5.19.0-28-generic-64k,
linux-modules-5.19.0-28-generic-64k, linux-source,
linux-image-5.19.0-1015-kvm, linux-lowlatency-cloud-tools-common,
linux-image-generic-lpae-hwe-22.04-edge, linux-lowlatency-tools-common,
linux-aws-tools-5.19.0-1016, linux-source-5.19.0,
linux-tools-lowlatency-hwe-22.04, linux-image-5.19.0-1011-raspi-nolpae,
linux-image-extra-virtual-hwe-22.04, linux-image-extra-virtual,
linux-image-lowlatency-hwe-20.04,
linux-modules-iwlwifi-5.19.0-1014-lowlatency,
linux-buildinfo-5.19.0-28-generic, linux-tools-lowlatency-hwe-20.04-edge,
linux-image-kvm, linux-tools-generic,
linux-lowlatency-cloud-tools-5.19.0-1014,
linux-tools-5.19.0-1014-lowlatency, linux-tools-5.19.0-28-generic,
linux-headers-5.19.0-1016-aws, linux-modules-5.19.0-1011-raspi,
linux-image-lowlatency-64k, linux-tools-5.19.0-1016-aws,
linux-lowlatency-64k-hwe-20.04, linux-tools-5.19.0-28-generic-64k,
linux-tools-generic-64k-hwe-22.04, linux-lowlatency-tools-host,
linux-image-generic, linux-image-unsigned-5.19.0-28-generic,
linux-tools-lowlatency-64k-hwe-20.04-edge,
linux-headers-5.19.0-28-generic-lpae,
linux-headers-lowlatency-hwe-20.04-edge,
linux-image-5.19.0-1014-lowlatency,
linux-cloud-tools-5.19.0-1014-lowlatency,
linux-headers-lowlatency-64k-hwe-20.04, linux-raspi-nolpae,
linux-image-lowlatency-64k-hwe-22.04-edge, linux-headers-virtual,
linux-tools-lowlatency-hwe-20.04, linux-tools-5.19.0-28-generic-lpae,
linux-buildinfo-5.19.0-1011-raspi, linux-cloud-tools-common,
linux-generic-lpae-hwe-22.04, linux-modules-extra-raspi-nolpae,
linux-tools-lowlatency, linux-raspi, linux-lowlatency-64k-hwe-22.04-edge,
linux-image-lowlatency, linux-crashdump, linux-generic-64k-hwe-22.04-edge,
linux-cloud-tools-lowlatency-hwe-22.04,
linux-image-lowlatency-hwe-22.04-edge, linux-cloud-tools-5.19.0-1016-aws,
linux-image-aws, linux-tools-generic-64k-hwe-22.04-edge,
linux-cloud-tools-virtual-hwe-22.04-edge,
linux-cloud-tools-lowlatency-hwe-20.04-edge, linux-generic-hwe-22.04,
linux-lowlatency-headers-5.19.0-1014, linux-headers-aws,
linux-headers-generic, linux-headers-generic-hwe-22.04,
linux-tools-5.19.0-28, linux-buildinfo-5.19.0-28-generic-64k,
linux-buildinfo-5.19.0-1014-lowlatency-64k,
linux-tools-generic-lpae-hwe-22.04-edge, linux-lowlatency-64k-hwe-22.04,
linux-tools-virtual-hwe-22.04, linux-buildinfo-5.19.0-1015-kvm,
linux-cloud-tools-lowlatency-hwe-20.04,
linux-image-5.19.0-1014-lowlatency-64k,
linux-image-unsigned-5.19.0-1016-aws, linux-image-virtual-hwe-22.04-edge,
linux-libc-dev, linux-generic-64k, linux-raspi-headers-5.19.0-1011,
linux-cloud-tools-5.19.0-28-generic, linux-headers-generic-lpae-hwe-22.04,
linux-image-generic-lpae, linux-image-lowlatency-64k-hwe-22.04,
linux-generic, linux-aws-cloud-tools-5.19.0-1016,
linux-cloud-tools-generic, linux-image-lowlatency-64k-hwe-20.04,
linux-cloud-tools-generic-hwe-22.04, linux-kvm, linux-lowlatency-hwe-22.04,
linux-headers-5.19.0-1011-raspi-nolpae, linux-headers-5.19.0-1015-kvm,
linux-virtual-hwe-22.04-edge, linux-headers-5.19.0-1011-raspi,
linux-modules-5.19.0-1016-aws, linux-tools-5.19.0-1015-kvm,
linux-image-raspi-nolpae, linux-tools-generic-64k,
linux-modules-extra-5.19.0-1011-raspi-nolpae,
linux-headers-5.19.0-1014-lowlatency, linux-tools-lowlatency-64k-hwe-22.04,
linux-lowlatency-hwe-20.04-edge, linux-headers-5.19.0-28-generic,
linux-modules-extra-5.19.0-28-generic, linux-headers-kvm,
linux-raspi-tools-5.19.0-1011, linux-tools-5.19.0-1014-lowlatency-64k,
linux-image-lowlatency-64k-hwe-20.04-edge, linux-kvm-headers-5.19.0-1015,
linux-headers-lowlatency-64k-hwe-22.04-edge,
linux-modules-iwlwifi-generic-hwe-22.04, linux-headers-5.19.0-28,
linux-headers-generic-lpae, linux-image-virtual-hwe-22.04,
linux-tools-lowlatency-64k, linux-headers-generic-64k-hwe-22.04,
linux-headers-virtual-hwe-22.04,
linux-cloud-tools-lowlatency-hwe-22.04-edge,
linux-modules-5.19.0-28-generic, linux-tools-aws,
linux-buildinfo-5.19.0-1016-aws, linux-tools-generic-hwe-22.04-edge,
linux-tools-generic-lpae-hwe-22.04, linux-headers-lowlatency,
linux-image-generic-hwe-22.04-edge,
linux-modules-iwlwifi-5.19.0-28-generic,
linux-modules-extra-5.19.0-1011-raspi, linux-tools-virtual-hwe-22.04-edge,
linux-image-unsigned-5.19.0-1014-lowlatency,
linux-image-generic-64k-hwe-22.04-edge, linux-virtual-hwe-22.04,
linux-image-oem-22.04, linux-headers-raspi-nolpae, linux-oem-22.04, linux,
linux-tools-virtual, linux-image-generic-lpae-hwe-22.04,
linux-tools-lowlatency-hwe-22.04-edge, linux-aws-headers-5.19.0-1016,
linux-tools-common, linux-lowlatency-tools-5.19.0-1014,
linux-tools-5.19.0-1011-raspi-nolpae, linux-tools-oem-22.04,
linux-cloud-tools-5.19.0-28
o USN-5793-2 : linux-azure-headers-5.19.0-1016,
linux-image-5.19.0-1016-azure, linux-azure-cloud-tools-5.19.0-1016,
linux-modules-extra-azure, linux-azure-tools-5.19.0-1016,
linux-modules-extra-5.19.0-1016-azure, linux-tools-5.19.0-1016-azure,
linux-image-azure, linux-modules-5.19.0-1016-azure,
linux-headers-5.19.0-1016-azure, linux-headers-azure,
linux-image-unsigned-5.19.0-1016-azure, linux-buildinfo-5.19.0-1016-azure,
linux-tools-azure, linux-cloud-tools-5.19.0-1016-azure,
linux-cloud-tools-azure, linux-azure
o USN-5793-3 : linux-buildinfo-5.19.0-1014-oracle,
linux-modules-5.19.0-1014-oracle, linux-oracle-tools-5.19.0-1014,
linux-modules-extra-5.19.0-1014-gcp, linux-tools-gcp,
linux-image-5.19.0-1014-gcp, linux-image-oracle, linux-oracle,
linux-oracle-headers-5.19.0-1014, linux-buildinfo-5.19.0-1014-gcp,
linux-modules-extra-5.19.0-1014-oracle, linux-headers-5.19.0-1014-oracle,
linux-modules-extra-gcp, linux-tools-5.19.0-1014-gcp,
linux-tools-5.19.0-1014-oracle, linux-tools-oracle,
linux-gcp-tools-5.19.0-1014, linux-headers-5.19.0-1014-gcp, linux-gcp,
linux-image-gcp, linux-image-unsigned-5.19.0-1014-gcp,
linux-modules-5.19.0-1014-gcp, linux-modules-iwlwifi-5.19.0-1014-gcp,
linux-headers-gcp, linux-image-5.19.0-1014-oracle,
linux-image-unsigned-5.19.0-1014-oracle, linux-headers-oracle,
linux-gcp-headers-5.19.0-1014, linux-modules-iwlwifi-5.19.0-1014-oracle
o USN-5793-4 : linux-modules-5.19.0-1014-ibm, linux-image-5.19.0-1014-ibm,
linux-modules-iwlwifi-5.19.0-1014-ibm, linux-tools-5.19.0-1014-ibm,
linux-ibm-source-5.19.0, linux-headers-ibm,
linux-modules-extra-5.19.0-1014-ibm, linux-tools-ibm, linux-image-ibm,
linux-buildinfo-5.19.0-1014-ibm, linux-image-unsigned-5.19.0-1014-ibm,
linux-headers-5.19.0-1014-ibm, linux-ibm-tools-common, linux-ibm,
linux-ibm-headers-5.19.0-1014, linux-ibm-tools-5.19.0-1014,
linux-ibm-cloud-tools-common
o USN-5851-1 : linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-60,
linux-oracle-tools-5.15.0-1029, linux-lowlatency-64k-hwe-20.04-edge,
linux-oracle-5.15, linux-modules-extra-5.15.0-1015-gkeop,
linux-headers-5.15.0-1029-oracle, linux-image-gkeop,
linux-tools-raspi-nolpae, linux-tools-generic-lpae-hwe-20.04,
linux-image-generic-64k-hwe-22.04, linux-headers-5.15.0-1033-azure,
linux-tools-lowlatency-64k-hwe-20.04, linux-tools-generic-hwe-20.04,
linux-modules-extra-azure, linux-virtual,
linux-buildinfo-5.15.0-60-lowlatency-64k, linux-headers-virtual-hwe-20.04,
linux-modules-5.15.0-60-lowlatency, linux-buildinfo-5.15.0-60-lowlatency,
linux-tools-generic-lpae, linux-image-5.15.0-1024-raspi,
linux-tools-5.15.0-60-lowlatency, linux-tools-azure-edge,
linux-hwe-5.15-tools-common, linux-image-generic-hwe-20.04-edge,
linux-tools-5.15.0-60-lowlatency-64k, linux-modules-5.15.0-1025-ibm,
linux-gkeop-tools-5.15.0-1015, linux-image-5.15.0-60-lowlatency-64k,
linux-lowlatency-hwe-5.15-tools-5.15.0-60,
linux-tools-generic-64k-hwe-22.04, linux-image-oem-20.04,
linux-lowlatency-tools-host, linux-gkeop-cloud-tools-5.15.0-1015,
linux-headers-5.15.0-1025-ibm, linux-tools-5.15.0-60, linux-raspi-nolpae,
linux-image-azure, linux-cloud-tools-common, linux-tools-lowlatency,
linux-image-5.15.0-1033-azure, linux-raspi,
linux-modules-5.15.0-60-generic-lpae, linux-buildinfo-5.15.0-1025-ibm,
linux-cloud-tools-azure, linux-lowlatency-headers-5.15.0-60,
linux-lowlatency-64k-hwe-22.04, linux-tools-virtual-hwe-22.04,
linux-lowlatency-hwe-5.15-tools-common, linux-cloud-tools-generic,
linux-tools-virtual-hwe-20.04-edge, linux-headers-oracle-edge,
linux-image-raspi-nolpae, linux-image-extra-virtual-hwe-20.04-edge,
linux-image-oracle, linux-azure-cloud-tools-5.15.0-1033,
linux-lowlatency-hwe-20.04-edge, linux-tools-lowlatency-64k-hwe-22.04,
linux-cloud-tools-generic-hwe-20.04-edge, linux-ibm-tools-5.15.0-1025,
linux-modules-extra-gkeop-5.15, linux-image-virtual-hwe-22.04,
linux-headers-generic-64k-hwe-22.04, linux-headers-virtual-hwe-22.04,
linux-headers-5.15.0-1028-kvm, linux-modules-5.15.0-1028-kvm,
linux-headers-5.15.0-1024-raspi-nolpae, linux-tools-azure,
linux-image-5.15.0-60-generic, linux-cloud-tools-5.15.0-1033-azure,
linux-image-generic-lpae-hwe-22.04, linux-raspi-headers-5.15.0-1024,
linux-tools-generic-hwe-22.04, linux-cloud-tools-5.15.0-60,
linux-modules-extra-5.15.0-1024-raspi-nolpae, linux-image-raspi,
linux-image-azure-edge, linux-modules-iwlwifi-5.15.0-60-generic,
linux-tools-ibm, linux-buildinfo-5.15.0-60-generic,
linux-tools-5.15.0-1025-ibm, linux-headers-generic-hwe-20.04-edge,
linux-image-generic-lpae-hwe-20.04, linux-virtual-hwe-20.04,
linux-image-generic-hwe-22.04, linux-headers-lowlatency-64k-hwe-20.04-edge,
linux-headers-5.15.0-60-generic-lpae,
linux-headers-lowlatency-64k-hwe-22.04,
linux-tools-generic-64k-hwe-20.04-edge,
linux-cloud-tools-virtual-hwe-22.04, linux-image-5.15.0-60-generic-lpae,
linux-tools-5.15.0-1033-azure, linux-generic-hwe-20.04-edge,
linux-headers-generic-64k-hwe-20.04-edge,
linux-oracle-5.15-tools-5.15.0-1029, linux-image-lowlatency-hwe-20.04-edge,
linux-generic-64k-hwe-22.04, linux-doc, linux-tools-5.15.0-60-generic-lpae,
linux-modules-extra-azure-edge, linux-generic-hwe-20.04,
linux-modules-extra-5.15.0-1024-raspi, linux-azure-5.15,
linux-buildinfo-5.15.0-1033-azure, linux-image-lowlatency-64k,
linux-headers-generic-hwe-20.04, linux-headers-5.15.0-1015-gkeop,
linux-azure-5.15-tools-5.15.0-1033,
linux-headers-lowlatency-hwe-20.04-edge, linux-generic-64k-hwe-20.04,
linux-modules-extra-gkeop, linux-headers-lowlatency-64k-hwe-20.04,
linux-source-5.15.0, linux-image-lowlatency,
linux-headers-5.15.0-60-lowlatency, linux-azure-lts-22.04, linux-crashdump,
linux-ibm-source-5.15.0, linux-cloud-tools-lowlatency-hwe-20.04-edge,
linux-headers-generic-64k-hwe-20.04, linux-modules-extra-5.15.0-1025-ibm,
linux-headers-5.15.0-60, linux-tools-5.15.0-1024-raspi, linux-libc-dev,
linux-buildinfo-5.15.0-1028-kvm, linux-kvm,
linux-image-lowlatency-64k-hwe-20.04, linux-cloud-tools-generic-hwe-22.04,
linux-tools-gkeop-5.15, linux-virtual-hwe-20.04-edge,
linux-modules-5.15.0-60-lowlatency-64k,
linux-buildinfo-5.15.0-1024-raspi-nolpae,
linux-modules-iwlwifi-generic-hwe-20.04, linux-image-5.15.0-1029-oracle,
linux-image-virtual-hwe-20.04, linux-tools-generic-lpae-hwe-22.04,
linux-gkeop-headers-5.15.0-1015, linux-modules-extra-5.15.0-60-generic,
linux-virtual-hwe-22.04, linux-headers-raspi-nolpae,
linux-image-5.15.0-1025-ibm, linux-hwe-5.15-source-5.15.0,
linux-modules-5.15.0-1029-oracle, linux-azure-edge,
linux-image-unsigned-5.15.0-1025-ibm, linux-cloud-tools-virtual,
linux-headers-5.15.0-60-generic, linux-modules-5.15.0-1015-gkeop,
linux-headers-lowlatency-64k, linux-modules-extra-5.15.0-1029-oracle,
linux-image-virtual-hwe-20.04-edge, linux-image-unsigned-5.15.0-60-generic,
linux-headers-lowlatency-hwe-22.04,
linux-image-unsigned-5.15.0-60-lowlatency, linux-gkeop-5.15,
linux-headers-raspi, linux-headers-generic-64k,
linux-ibm-headers-5.15.0-1025, linux-image-virtual,
linux-lowlatency-hwe-20.04, linux-tools-oem-20.04, linux-tools-raspi,
linux-headers-azure-lts-22.04, linux-headers-generic-lpae-hwe-20.04-edge,
linux-cloud-tools-lowlatency, linux-headers-azure,
linux-headers-lowlatency-hwe-20.04, linux-kvm-tools-5.15.0-1028,
linux-cloud-tools-gkeop-5.15, linux-lowlatency,
linux-modules-iwlwifi-generic, linux-source,
linux-image-generic-64k-hwe-20.04-edge,
linux-modules-extra-5.15.0-1033-azure, linux-tools-oracle-edge,
linux-tools-5.15.0-60-generic-64k, linux-image-azure-lts-22.04,
linux-image-extra-virtual-hwe-22.04, linux-image-lowlatency-hwe-20.04,
linux-cloud-tools-azure-lts-22.04, linux-gkeop, linux-image-gkeop-5.15,
linux-lowlatency-64k-hwe-20.04, linux-hwe-5.15-tools-5.15.0-60,
linux-tools-lowlatency-64k-hwe-20.04-edge, linux-headers-ibm,
linux-lowlatency-hwe-5.15-cloud-tools-common,
linux-image-5.15.0-60-lowlatency, linux-image-5.15.0-1028-kvm,
linux-tools-5.15.0-1029-oracle, linux-ibm-cloud-tools-common,
linux-cloud-tools-virtual-hwe-20.04, linux-modules-5.15.0-60-generic,
linux-tools-oracle, linux-ibm-tools-common, linux-tools-5.15.0-60-generic,
linux-image-5.15.0-1024-raspi-nolpae, linux-hwe-5.15,
linux-generic-hwe-22.04, linux-hwe-5.15-cloud-tools-common,
linux-headers-generic, linux-buildinfo-5.15.0-60-generic-64k,
linux-image-unsigned-5.15.0-1033-azure,
linux-image-unsigned-5.15.0-1029-oracle, linux-generic-64k-hwe-20.04-edge,
linux-image-extra-virtual-hwe-20.04, linux-tools-5.15.0-1024-raspi-nolpae,
linux-image-generic-lpae-hwe-20.04-edge,
linux-buildinfo-5.15.0-60-generic-lpae, linux-tools-generic-64k,
linux-azure-5.15-cloud-tools-5.15.0-1033, linux-tools-virtual-hwe-20.04,
linux-headers-kvm, linux-modules-5.15.0-60-generic-64k,
linux-hwe-5.15-cloud-tools-5.15.0-60, linux-azure-headers-5.15.0-1033,
linux-modules-iwlwifi-generic-hwe-22.04, linux-headers-generic-lpae,
linux-cloud-tools-5.15.0-60-lowlatency,
linux-modules-extra-azure-lts-22.04, linux-oracle-headers-5.15.0-1029,
linux-tools-5.15.0-1028-kvm, linux-generic-lpae-hwe-20.04-edge,
linux-buildinfo-5.15.0-1029-oracle, linux, linux-tools-common,
linux-modules-iwlwifi-generic-hwe-20.04-edge,
linux-image-generic-64k-hwe-20.04, linux-headers-gkeop,
linux-hwe-5.15-headers-5.15.0-60, linux-tools-kvm,
linux-headers-azure-edge, linux-headers-oracle,
linux-azure-5.15-headers-5.15.0-1033, linux-cloud-tools-generic-hwe-20.04,
linux-lowlatency-hwe-5.15, linux-lowlatency-64k, linux-generic-lpae,
linux-generic-lpae-hwe-20.04, linux-hwe-5.15-tools-host, linux-oem-20.04,
linux-raspi-tools-5.15.0-1024, linux-tools-5.15.0-1015-gkeop,
linux-image-lowlatency-hwe-22.04, linux-lowlatency-cloud-tools-5.15.0-60,
linux-tools-host, linux-image-oracle-edge, linux-oracle-edge,
linux-image-generic-64k, linux-lowlatency-hwe-5.15-tools-host, linux-azure,
linux-modules-extra-raspi, linux-headers-generic-lpae-hwe-20.04,
linux-headers-virtual-hwe-20.04-edge,
linux-image-unsigned-5.15.0-1015-gkeop,
linux-image-unsigned-5.15.0-1028-kvm, linux-headers-oem-20.04,
linux-lowlatency-cloud-tools-common,
linux-image-unsigned-5.15.0-60-generic-64k, linux-lowlatency-tools-common,
linux-tools-lowlatency-hwe-22.04, linux-image-extra-virtual,
linux-cloud-tools-azure-edge, linux-kvm-headers-5.15.0-1028,
linux-tools-lowlatency-hwe-20.04-edge, linux-image-kvm,
linux-buildinfo-5.15.0-1024-raspi, linux-tools-generic,
linux-cloud-tools-5.15.0-60-generic, linux-image-ibm,
linux-image-5.15.0-1015-gkeop, linux-tools-azure-lts-22.04,
linux-image-generic, linux-cloud-tools-gkeop,
linux-image-unsigned-5.15.0-60-lowlatency-64k, linux-headers-virtual,
linux-tools-lowlatency-hwe-20.04, linux-tools-generic-lpae-hwe-20.04-edge,
linux-oracle, linux-oracle-5.15-headers-5.15.0-1029,
linux-generic-lpae-hwe-22.04, linux-modules-extra-raspi-nolpae,
linux-azure-tools-5.15.0-1033, linux-cloud-tools-lowlatency-hwe-22.04,
linux-headers-generic-hwe-22.04,
linux-modules-iwlwifi-5.15.0-60-lowlatency,
linux-cloud-tools-lowlatency-hwe-20.04,
linux-headers-5.15.0-60-lowlatency-64k, linux-image-generic-hwe-20.04,
linux-generic-64k, linux-headers-generic-lpae-hwe-22.04, linux-ibm,
linux-modules-5.15.0-1024-raspi, linux-image-generic-lpae,
linux-image-lowlatency-64k-hwe-22.04, linux-generic,
linux-lowlatency-hwe-22.04, linux-tools-gkeop,
linux-tools-generic-64k-hwe-20.04, linux-headers-5.15.0-1024-raspi,
linux-lowlatency-hwe-5.15-headers-5.15.0-60,
linux-cloud-tools-virtual-hwe-20.04-edge,
linux-headers-5.15.0-60-generic-64k,
linux-image-lowlatency-64k-hwe-20.04-edge,
linux-cloud-tools-5.15.0-1015-gkeop, linux-buildinfo-5.15.0-1015-gkeop,
linux-image-5.15.0-60-generic-64k, linux-tools-generic-hwe-20.04-edge,
linux-tools-lowlatency-64k, linux-headers-lowlatency,
linux-headers-gkeop-5.15, linux-modules-5.15.0-1024-raspi-nolpae,
linux-lowlatency-tools-5.15.0-60, linux-tools-virtual,
linux-modules-5.15.0-1033-azure
o USN-5853-1 : linux-headers-raspi2, linux-signed-image-azure,
linux-tools-virtual-hwe-18.04-edge, linux-headers-virtual-hwe-18.04-edge,
linux-image-unsigned-5.4.0-1064-gkeop,
linux-cloud-tools-generic-hwe-18.04-edge, linux-headers-virtual-hwe-18.04,
linux-gkeop-headers-5.4.0-1064, linux-cloud-tools-virtual,
linux-modules-5.4.0-139-generic, linux-virtual-hwe-18.04,
linux-cloud-tools-generic-hwe-18.04, linux-oracle-tools-5.4.0-1093,
linux-tools-raspi2, linux-oem-osp1, linux-modules-extra-gkeop-5.4,
linux-azure-lts-20.04, linux-headers-generic-hwe-18.04-edge,
linux-image-gkeop, linux-image-raspi, linux-image-azure-edge,
linux-tools-oem, linux-headers-gkeop, linux-raspi-5.4-headers-5.4.0-1080,
linux-tools-kvm, linux-headers-oem-osp1, linux-generic-hwe-18.04,
linux-tools-5.4.0-1093-oracle, linux-tools-5.4.0-139,
linux-raspi-headers-5.4.0-1080, linux-tools-raspi2-hwe-18.04,
linux-buildinfo-5.4.0-139-generic-lpae,
linux-cloud-tools-virtual-hwe-18.04, linux-buildinfo-5.4.0-1096-aws,
linux-cloud-tools-gkeop-5.4, linux-image-5.4.0-1103-azure,
linux-image-5.4.0-139-generic, linux-image-extra-virtual-hwe-18.04-edge,
linux-image-generic-lpae-hwe-18.04-edge, linux-image-azure-lts-20.04,
linux-headers-azure-edge, linux-modules-extra-azure,
linux-cloud-tools-azure-lts-20.04, linux-virtual,
linux-tools-raspi-hwe-18.04, linux-oracle-lts-20.04,
linux-tools-lowlatency-hwe-18.04, linux-azure-cloud-tools-5.4.0-1103,
linux-tools-generic-lpae-hwe-18.04, linux-generic-lpae,
linux-tools-generic-lpae, linux-aws, linux-image-oem, linux-headers-raspi,
linux-image-virtual, linux-tools-lowlatency-hwe-18.04-edge,
linux-tools-raspi, linux-image-5.4.0-1086-kvm,
linux-kvm-headers-5.4.0-1086, linux-tools-aws-lts-20.04,
linux-image-generic-hwe-18.04, linux-headers-5.4.0-1093-oracle,
linux-headers-5.4.0-1086-kvm, linux-cloud-tools-lowlatency,
linux-tools-host, linux-image-oracle-lts-20.04, linux-headers-azure,
linux-headers-lowlatency-hwe-18.04-edge, linux-raspi2-hwe-18.04,
linux-headers-raspi-hwe-18.04, linux-cloud-tools-5.4.0-139,
linux-kvm-tools-5.4.0-1086, linux-image-unsigned-5.4.0-1103-azure,
linux-azure-tools-5.4.0-1103, linux-modules-5.4.0-139-lowlatency,
linux-tools-5.4.0-139-lowlatency, linux-raspi-hwe-18.04-edge,
linux-tools-5.4.0-1103-azure, linux-tools-azure-edge, linux-azure,
linux-cloud-tools-lowlatency-hwe-18.04-edge,
linux-buildinfo-5.4.0-139-generic, linux-cloud-tools-5.4.0-1096-aws,
linux-lowlatency, linux-tools-5.4.0-1086-kvm,
linux-buildinfo-5.4.0-1080-raspi, linux-doc,
linux-gkeop-cloud-tools-5.4.0-1064, linux-image-raspi2-hwe-18.04-edge,
linux-image-unsigned-5.4.0-1086-kvm, linux-source, linux-gkeop-5.4,
linux-image-raspi2-hwe-18.04, linux-headers-raspi2-hwe-18.04,
linux-modules-extra-azure-edge, linux-azure-5.4-headers-5.4.0-1103,
linux-tools-raspi2-hwe-18.04-edge, linux-image-5.4.0-1096-aws,
linux-image-extra-virtual, linux-cloud-tools-azure-edge,
linux-headers-5.4.0-139-lowlatency, linux-image-gkeop-5.4,
linux-modules-extra-5.4.0-1096-aws, linux-headers-5.4.0-139-generic,
linux-headers-lowlatency-hwe-18.04, linux-gkeop,
linux-cloud-tools-5.4.0-139-generic, linux-image-kvm,
linux-modules-extra-5.4.0-139-generic, linux-oracle-headers-5.4.0-1093,
linux-tools-generic, linux-image-5.4.0-139-lowlatency, linux-oem,
linux-modules-5.4.0-1093-oracle, linux-buildinfo-5.4.0-1064-gkeop,
linux-image-generic, linux-lowlatency-hwe-18.04,
linux-modules-extra-5.4.0-1093-oracle, linux-modules-extra-azure-lts-20.04,
linux-headers-gkeop-5.4, linux-azure-headers-5.4.0-1103,
linux-image-5.4.0-139-generic-lpae, linux-image-oem-osp1,
linux-tools-oracle-lts-20.04, linux-cloud-tools-gkeop,
linux-headers-azure-lts-20.04, linux-image-generic-hwe-18.04-edge,
linux-modules-extra-gkeop, linux-tools-gkeop-5.4,
linux-headers-raspi-hwe-18.04-edge, linux-image-azure,
linux-modules-extra-5.4.0-1103-azure, linux-tools-5.4.0-1080-raspi,
linux-tools-virtual-hwe-18.04, linux-headers-virtual, linux-signed-azure,
linux-tools-5.4.0-1096-aws, linux-tools-generic-hwe-18.04, linux-oracle,
linux-cloud-tools-common, linux-image-5.4.0-1064-gkeop,
linux-tools-lowlatency, linux-image-lowlatency-hwe-18.04-edge,
linux-modules-extra-5.4.0-1064-gkeop, linux-raspi, linux-image-lowlatency,
linux-crashdump, linux-buildinfo-5.4.0-1103-azure,
linux-headers-generic-lpae-hwe-18.04-edge,
linux-cloud-tools-5.4.0-139-lowlatency, linux-azure-5.4-tools-5.4.0-1103,
linux-image-lowlatency-hwe-18.04, linux-modules-5.4.0-1080-raspi,
linux-aws-tools-5.4.0-1096, linux-headers-5.4.0-1080-raspi,
linux-image-raspi-hwe-18.04-edge, linux-headers-generic, linux-azure-5.4,
linux-image-unsigned-5.4.0-1096-aws, linux-signed-image-azure-edge,
linux-cloud-tools-azure, linux-cloud-tools-5.4.0-1064-gkeop,
linux-signed-azure-edge, linux-headers-generic-lpae-hwe-18.04,
linux-image-unsigned-5.4.0-1093-oracle, linux-modules-5.4.0-1064-gkeop,
linux-libc-dev, linux-modules-5.4.0-139-generic-lpae,
linux-raspi-5.4-tools-5.4.0-1080, linux-image-generic-lpae,
linux-generic-lpae-hwe-18.04, linux-raspi2, linux-generic,
linux-image-5.4.0-1080-raspi, linux-image-virtual-hwe-18.04,
linux-cloud-tools-generic, linux-kvm, linux-modules-5.4.0-1103-azure,
linux-modules-extra-aws-lts-20.04, linux-oem-osp1-tools-host,
linux-raspi-tools-5.4.0-1080, linux-tools-generic-lpae-hwe-18.04-edge,
linux-aws-headers-5.4.0-1096, linux-tools-oem-osp1,
linux-buildinfo-5.4.0-139-lowlatency, linux-buildinfo-5.4.0-1086-kvm,
linux-headers-5.4.0-139, linux-image-raspi-hwe-18.04,
linux-headers-generic-hwe-18.04, linux-tools-gkeop,
linux-tools-5.4.0-139-generic-lpae, linux-azure-5.4-cloud-tools-5.4.0-1103,
linux-image-5.4.0-1093-oracle, linux-aws-lts-20.04,
linux-headers-5.4.0-139-generic-lpae, linux-headers-kvm, linux-raspi-5.4,
linux-tools-azure-lts-20.04, linux-virtual-hwe-18.04-edge,
linux-headers-generic-lpae, linux-gkeop-source-5.4.0,
linux-generic-lpae-hwe-18.04-edge, linux-headers-5.4.0-1096-aws,
linux-tools-raspi-hwe-18.04-edge, linux-cloud-tools-lowlatency-hwe-18.04,
linux-gkeop-tools-5.4.0-1064, linux-headers-oracle-lts-20.04,
linux-image-unsigned-5.4.0-139-generic, linux-image-aws-lts-20.04,
linux-aws-cloud-tools-5.4.0-1096, linux-raspi-hwe-18.04, linux-headers-oem,
linux-tools-5.4.0-1064-gkeop, linux-tools-5.4.0-139-generic,
linux-source-5.4.0, linux-headers-lowlatency,
linux-image-unsigned-5.4.0-139-lowlatency,
linux-headers-raspi2-hwe-18.04-edge, linux-generic-hwe-18.04-edge,
linux-tools-generic-hwe-18.04-edge, linux-image-extra-virtual-hwe-18.04,
linux-tools-azure, linux-headers-aws-lts-20.04,
linux-image-generic-lpae-hwe-18.04, linux-modules-5.4.0-1086-kvm,
linux-buildinfo-5.4.0-1093-oracle, linux-headers-5.4.0-1064-gkeop,
linux-cloud-tools-5.4.0-1103-azure, linux, linux-lowlatency-hwe-18.04-edge,
linux-image-raspi2, linux-tools-virtual, linux-headers-5.4.0-1103-azure,
linux-image-virtual-hwe-18.04-edge,
linux-cloud-tools-virtual-hwe-18.04-edge, linux-oem-tools-host,
linux-tools-common, linux-raspi2-hwe-18.04-edge,
linux-modules-5.4.0-1096-aws, linux-azure-edge
o USN-5854-1 : linux-headers-raspi2, linux-headers-4.15.0-1150-aws,
linux-image-unsigned-4.15.0-1114-oracle,
linux-buildinfo-4.15.0-1127-raspi2, linux-cloud-tools-virtual,
linux-tools-4.15.0-1114-oracle, linux-tools-raspi2,
linux-signed-generic-hwe-16.04, linux-source-4.15.0,
linux-modules-4.15.0-1145-gcp, linux-tools-lowlatency-hwe-16.04-edge,
linux-image-generic-hwe-16.04, linux-tools-kvm, linux-image-aws-lts-18.04,
linux-cloud-tools-lowlatency-hwe-16.04-edge,
linux-tools-generic-hwe-16.04-edge, linux-image-oracle-lts-18.04,
linux-cloud-tools-4.15.0-204-generic, linux-image-4.15.0-204-generic,
linux-image-4.15.0-1150-aws, linux-signed-lowlatency-hwe-16.04-edge,
linux-cloud-tools-virtual-hwe-16.04, linux-signed-image-generic,
linux-modules-extra-4.15.0-1145-gcp, linux-virtual, linux-aws-lts-18.04,
linux-image-4.15.0-1135-kvm, linux-tools-4.15.0-204-generic,
linux-signed-oracle-lts-18.04, linux-image-4.15.0-1114-oracle,
linux-generic-lpae, linux-tools-generic-lpae, linux-aws,
linux-image-virtual, linux-buildinfo-4.15.0-1145-gcp,
linux-headers-4.15.0-204, linux-gcp-4.15, linux-image-4.15.0-1127-raspi2,
linux-modules-4.15.0-204-generic, linux-tools-gcp-lts-18.04,
linux-cloud-tools-lowlatency, linux-tools-host,
linux-image-unsigned-4.15.0-1145-gcp,
linux-image-generic-lpae-hwe-16.04-edge, linux-lowlatency-hwe-16.04,
linux-headers-generic-lpae-hwe-16.04-edge, linux-image-4.15.0-1145-gcp,
linux-signed-image-generic-hwe-16.04, linux-lowlatency,
linux-cloud-tools-virtual-hwe-16.04-edge, linux-lowlatency-hwe-16.04-edge,
linux-generic-hwe-16.04, linux-cloud-tools-4.15.0-204-lowlatency,
linux-doc, linux-image-unsigned-4.15.0-204-generic, linux-oracle-lts-18.04,
linux-source, linux-image-extra-virtual-hwe-16.04,
linux-tools-4.15.0-204-lowlatency, linux-modules-extra-4.15.0-204-generic,
linux-image-lowlatency-hwe-16.04-edge,
linux-cloud-tools-generic-hwe-16.04-edge, linux-headers-generic-hwe-16.04,
linux-tools-virtual-hwe-16.04-edge, linux-headers-4.15.0-204-generic-lpae,
linux-image-extra-virtual, linux-modules-extra-gcp-lts-18.04,
linux-buildinfo-4.15.0-204-generic-lpae, linux-image-kvm,
linux-tools-generic, linux-aws-cloud-tools-4.15.0-1150,
linux-modules-4.15.0-1150-aws, linux-image-unsigned-4.15.0-204-lowlatency,
linux-cloud-tools-4.15.0-204, linux-image-gcp-lts-18.04,
linux-image-generic-lpae-hwe-16.04, linux-image-generic,
linux-kvm-headers-4.15.0-1135, linux-tools-4.15.0-204-generic-lpae,
linux-tools-oracle-lts-18.04, linux-image-virtual-hwe-16.04-edge,
linux-headers-lowlatency-hwe-16.04, linux-modules-4.15.0-204-generic-lpae,
linux-image-4.15.0-204-generic-lpae,
linux-tools-generic-lpae-hwe-16.04-edge, linux-gcp-lts-18.04,
linux-raspi2-tools-4.15.0-1127, linux-headers-virtual, linux-oracle,
linux-oracle-headers-4.15.0-1114, linux-raspi2-headers-4.15.0-1127,
linux-cloud-tools-common, linux-cloud-tools-generic-hwe-16.04,
linux-tools-aws-lts-18.04, linux-kvm-tools-4.15.0-1135,
linux-oracle-tools-4.15.0-1114, linux-tools-generic-hwe-16.04,
linux-image-lowlatency, linux-tools-lowlatency,
linux-headers-generic-lpae-hwe-16.04, linux-crashdump,
linux-headers-generic-hwe-16.04-edge,
linux-signed-image-lowlatency-hwe-16.04, linux-aws-tools-4.15.0-1150,
linux-gcp-4.15-tools-4.15.0-1145, linux-aws-headers-4.15.0-1150,
linux-headers-virtual-hwe-16.04, linux-tools-4.15.0-1135-kvm,
linux-headers-generic, linux-headers-oracle-lts-18.04,
linux-modules-4.15.0-1135-kvm, linux-headers-virtual-hwe-16.04-edge,
linux-headers-4.15.0-204-lowlatency, linux-generic-lpae-hwe-16.04,
linux-modules-4.15.0-1114-oracle, linux-image-4.15.0-204-lowlatency,
linux-libc-dev, linux-tools-4.15.0-1145-gcp,
linux-tools-4.15.0-1127-raspi2, linux-headers-aws-lts-18.04,
linux-modules-4.15.0-1127-raspi2, linux-image-generic-lpae, linux-raspi2,
linux-generic, linux-cloud-tools-generic, linux-kvm,
linux-image-unsigned-4.15.0-1150-aws, linux-modules-4.15.0-204-lowlatency,
linux-tools-virtual-hwe-16.04, linux-image-lowlatency-hwe-16.04,
linux-signed-image-lowlatency-hwe-16.04-edge,
linux-headers-lowlatency-hwe-16.04-edge, linux-tools-lowlatency-hwe-16.04,
linux-buildinfo-4.15.0-1135-kvm, linux-headers-4.15.0-1135-kvm,
linux-tools-4.15.0-204, linux-modules-extra-4.15.0-1150-aws,
linux-buildinfo-4.15.0-1150-aws, linux-headers-kvm,
linux-buildinfo-4.15.0-204-generic, linux-modules-extra-4.15.0-1114-oracle,
linux-signed-image-oracle-lts-18.04, linux-signed-generic,
linux-generic-hwe-16.04-edge, linux-headers-generic-lpae,
linux-image-virtual-hwe-16.04, linux-virtual-hwe-16.04-edge,
linux-headers-4.15.0-1114-oracle, linux-cloud-tools-4.15.0-1150-aws,
linux-signed-lowlatency, linux-signed-image-generic-hwe-16.04-edge,
linux-signed-lowlatency-hwe-16.04, linux-generic-lpae-hwe-16.04-edge,
linux-headers-lowlatency, linux-virtual-hwe-16.04,
linux-signed-image-lowlatency, linux-buildinfo-4.15.0-1114-oracle,
linux-cloud-tools-lowlatency-hwe-16.04, linux-tools-generic-lpae-hwe-16.04,
linux-buildinfo-4.15.0-204-lowlatency, linux-image-generic-hwe-16.04-edge,
linux-headers-gcp-lts-18.04, linux, linux-image-raspi2,
linux-gcp-4.15-headers-4.15.0-1145, linux-tools-virtual,
linux-headers-4.15.0-1145-gcp, linux-headers-4.15.0-1127-raspi2,
linux-modules-extra-aws-lts-18.04, linux-tools-common,
linux-image-extra-virtual-hwe-16.04-edge, linux-headers-4.15.0-204-generic,
linux-signed-generic-hwe-16.04-edge, linux-tools-4.15.0-1150-aws
o USN-5860-1 : linux-gke-tools-5.15.0-1027, linux-headers-gke,
linux-modules-5.15.0-1027-gke, linux-gke,
linux-modules-extra-5.15.0-1027-gke, linux-gke-5.15,
linux-headers-5.15.0-1027-gke, linux-image-gke,
linux-tools-5.15.0-1027-gke, linux-gke-headers-5.15.0-1027,
linux-buildinfo-5.15.0-1027-gke, linux-image-5.15.0-1027-gke,
linux-image-gke-5.15, linux-headers-gke-5.15,
linux-modules-iwlwifi-5.15.0-1027-gke,
linux-image-unsigned-5.15.0-1027-gke, linux-tools-gke, linux-tools-gke-5.15
o USN-5861-1 : linux-dell300x-tools-4.15.0-1060,
linux-buildinfo-4.15.0-1060-dell300x, linux-tools-4.15.0-1060-dell300x,
linux-image-unsigned-4.15.0-1060-dell300x, linux-headers-dell300x,
linux-image-4.15.0-1060-dell300x, linux-modules-4.15.0-1060-dell300x,
linux-dell300x, linux-headers-4.15.0-1060-dell300x, linux-tools-dell300x,
linux-image-dell300x, linux-dell300x-headers-4.15.0-1060
o USN-5862-1 : linux-image-snapdragon, linux-snapdragon,
linux-headers-4.15.0-1145-snapdragon, linux-image-4.15.0-1145-snapdragon,
linux-headers-snapdragon, linux-modules-4.15.0-1145-snapdragon,
linux-tools-4.15.0-1145-snapdragon, linux-snapdragon-headers-4.15.0-1145,
linux-tools-snapdragon, linux-buildinfo-4.15.0-1145-snapdragon,
linux-snapdragon-tools-4.15.0-1145
o USN-5865-1 : linux-headers-azure-lts-18.04, linux-tools-4.15.0-1161-azure,
linux-buildinfo-4.15.0-1161-azure, linux-azure-lts-18.04,
linux-image-azure-lts-18.04, linux-tools-azure-lts-18.04,
linux-cloud-tools-4.15.0-1161-azure, linux-azure-4.15,
linux-signed-image-azure-lts-18.04, linux-modules-extra-azure-lts-18.04,
linux-modules-4.15.0-1161-azure, linux-headers-4.15.0-1161-azure,
linux-signed-azure-lts-18.04, linux-azure-4.15-cloud-tools-4.15.0-1161,
linux-azure-4.15-headers-4.15.0-1161, linux-cloud-tools-azure-lts-18.04,
linux-modules-extra-4.15.0-1161-azure, linux-azure-4.15-tools-4.15.0-1161,
linux-image-4.15.0-1161-azure, linux-image-unsigned-4.15.0-1161-azure
o USN-5874-1 : linux-image-unsigned-5.4.0-1100-gcp,
linux-tools-virtual-hwe-18.04-edge, linux-modules-extra-aws,
linux-headers-virtual-hwe-18.04-edge,
linux-cloud-tools-generic-hwe-18.04-edge, linux-aws-5.4, linux-gcp-edge,
linux-headers-virtual-hwe-18.04, linux-modules-5.4.0-139-generic,
linux-virtual-hwe-18.04, linux-cloud-tools-generic-hwe-18.04,
linux-ibm-source-5.4.0, linux-oem-osp1,
linux-hwe-5.4-cloud-tools-5.4.0-139, linux-headers-generic-hwe-18.04-edge,
linux-hwe-5.4-cloud-tools-common, linux-ibm-5.4-tools-common,
linux-tools-oem, linux-hwe-5.4-headers-5.4.0-139,
linux-ibm-5.4-headers-5.4.0-1044, linux-tools-ibm,
linux-tools-snapdragon-hwe-18.04-edge, linux-headers-oem-osp1,
linux-generic-hwe-18.04, linux-tools-5.4.0-1093-oracle,
linux-tools-5.4.0-1044-ibm, linux-hwe-5.4-source-5.4.0,
linux-modules-extra-ibm-lts-20.04, linux-buildinfo-5.4.0-139-generic-lpae,
linux-cloud-tools-virtual-hwe-18.04, linux-buildinfo-5.4.0-1096-aws,
linux-image-5.4.0-139-generic, linux-image-extra-virtual-hwe-18.04-edge,
linux-gcp-5.4-tools-5.4.0-1100, linux-modules-5.4.0-1100-gcp,
linux-image-generic-lpae-hwe-18.04-edge, linux-modules-extra-oracle,
linux-tools-ibm-lts-20.04, linux-hwe-5.4-tools-common,
linux-headers-oracle, linux-tools-snapdragon-hwe-18.04,
linux-tools-lowlatency-hwe-18.04, linux-tools-generic-lpae-hwe-18.04,
linux-buildinfo-5.4.0-1100-gcp, linux-modules-extra-ibm-edge, linux-aws,
linux-headers-aws-edge, linux-image-oem,
linux-modules-extra-virtual-hwe-18.04-edge, linux-tools-5.4.0-1100-gcp,
linux-tools-lowlatency-hwe-18.04-edge, linux-image-generic-hwe-18.04,
linux-buildinfo-5.4.0-1044-ibm, linux-headers-5.4.0-1093-oracle,
linux-headers-lowlatency-hwe-18.04-edge, linux-image-oracle-edge,
linux-modules-5.4.0-139-lowlatency, linux-oracle-5.4-tools-5.4.0-1093,
linux-gcp-lts-20.04, linux-oracle-edge, linux-tools-5.4.0-139-lowlatency,
linux-gcp-5.4-headers-5.4.0-1100,
linux-cloud-tools-lowlatency-hwe-18.04-edge,
linux-buildinfo-5.4.0-139-generic, linux-cloud-tools-5.4.0-1096-aws,
linux-image-unsigned-5.4.0-1044-ibm, linux-ibm-tools-5.4.0-1044,
linux-modules-extra-gcp, linux-image-snapdragon-hwe-18.04-edge,
linux-gcp-5.4, linux-headers-5.4.0-1100-gcp, linux-tools-oracle-edge,
linux-image-5.4.0-1096-aws, linux-aws-edge,
linux-headers-5.4.0-139-lowlatency, linux-modules-extra-5.4.0-1096-aws,
linux-headers-5.4.0-139-generic, linux-headers-lowlatency-hwe-18.04,
linux-modules-extra-5.4.0-139-generic, linux-cloud-tools-5.4.0-139-generic,
linux-headers-gcp, linux-image-5.4.0-139-lowlatency,
linux-modules-extra-gcp-edge, linux-image-gcp-lts-20.04, linux-image-ibm,
linux-signed-oracle-edge, linux-ibm-5.4-tools-5.4.0-1044,
linux-image-5.4.0-1100-gcp, linux-modules-5.4.0-1093-oracle,
linux-lowlatency-hwe-18.04, linux-modules-extra-ibm,
linux-modules-extra-5.4.0-1093-oracle, linux-modules-extra-5.4.0-1100-gcp,
linux-headers-ibm, linux-image-5.4.0-139-generic-lpae,
linux-image-oem-osp1, linux-snapdragon-hwe-18.04,
linux-signed-image-oracle-edge, linux-headers-snapdragon-hwe-18.04,
linux-image-generic-hwe-18.04-edge, linux-tools-gcp, linux-tools-ibm-edge,
linux-ibm-cloud-tools-common, linux-image-aws-edge,
linux-tools-virtual-hwe-18.04, linux-hwe-5.4, linux-tools-5.4.0-1096-aws,
linux-headers-5.4.0-1044-ibm, linux-ibm-5.4-cloud-tools-common,
linux-oracle, linux-tools-generic-hwe-18.04, linux-gcp-tools-5.4.0-1100,
linux-image-lowlatency-hwe-18.04-edge, linux-gcp-headers-5.4.0-1100,
linux-tools-oracle, linux-aws-5.4-headers-5.4.0-1096,
linux-ibm-tools-common, linux-oracle-5.4-headers-5.4.0-1093,
linux-image-aws, linux-headers-generic-lpae-hwe-18.04-edge,
linux-cloud-tools-5.4.0-139-lowlatency, linux-image-gcp,
linux-image-lowlatency-hwe-18.04, linux-headers-aws,
linux-modules-extra-virtual-hwe-18.04, linux-image-unsigned-5.4.0-1096-aws,
linux-ibm-lts-20.04, linux-signed-image-oracle, linux-image-ibm-lts-20.04,
linux-headers-generic-lpae-hwe-18.04,
linux-image-unsigned-5.4.0-1093-oracle, linux-modules-extra-aws-edge,
linux-signed-oracle, linux-modules-5.4.0-139-generic-lpae, linux-ibm,
linux-generic-lpae-hwe-18.04, linux-image-virtual-hwe-18.04,
linux-tools-generic-lpae-hwe-18.04-edge, linux-tools-oem-osp1,
linux-oracle-5.4, linux-buildinfo-5.4.0-139-lowlatency,
linux-headers-ibm-lts-20.04, linux-image-gcp-edge,
linux-hwe-5.4-tools-5.4.0-139, linux-ibm-5.4,
linux-snapdragon-hwe-18.04-edge, linux-headers-generic-hwe-18.04,
linux-headers-oracle-edge, linux-tools-aws-edge,
linux-aws-5.4-cloud-tools-5.4.0-1096, linux-image-snapdragon-hwe-18.04,
linux-modules-extra-5.4.0-1044-ibm, linux-modules-extra-oracle-edge,
linux-modules-5.4.0-1096-aws, linux-image-oracle,
linux-tools-5.4.0-139-generic-lpae, linux-image-5.4.0-1093-oracle,
linux-headers-ibm-edge, linux-headers-snapdragon-hwe-18.04-edge,
linux-tools-gcp-lts-20.04, linux-headers-5.4.0-139-generic-lpae,
linux-virtual-hwe-18.04-edge, linux-modules-extra-gcp-lts-20.04,
linux-image-5.4.0-1044-ibm, linux-generic-lpae-hwe-18.04-edge,
linux-headers-5.4.0-1096-aws, linux-cloud-tools-lowlatency-hwe-18.04,
linux-headers-gcp-lts-20.04, linux-ibm-5.4-source-5.4.0,
linux-image-unsigned-5.4.0-139-generic, linux-tools-aws, linux-headers-oem,
linux-gcp, linux-tools-5.4.0-139-generic, linux-aws-5.4-tools-5.4.0-1096,
linux-headers-gcp-edge, linux-image-unsigned-5.4.0-139-lowlatency,
linux-generic-hwe-18.04-edge, linux-tools-generic-hwe-18.04-edge,
linux-tools-gcp-edge, linux-image-extra-virtual-hwe-18.04,
linux-image-generic-lpae-hwe-18.04, linux-buildinfo-5.4.0-1093-oracle,
linux-lowlatency-hwe-18.04-edge, linux-ibm-edge, linux-image-ibm-edge,
linux-image-virtual-hwe-18.04-edge,
linux-cloud-tools-virtual-hwe-18.04-edge, linux-modules-5.4.0-1044-ibm,
linux-ibm-headers-5.4.0-1044, linux-oem
o USN-5875-1 : linux-headers-gke, linux-gke, linux-gke-headers-5.4.0-1094,
linux-modules-extra-gke-5.4, linux-image-gke-5.4,
linux-modules-5.4.0-1094-gke, linux-modules-extra-gke,
linux-image-unsigned-5.4.0-1094-gke, linux-image-gke,
linux-headers-5.4.0-1094-gke, linux-modules-extra-5.4.0-1094-gke,
linux-gke-5.4, linux-tools-5.4.0-1094-gke, linux-gke-tools-5.4.0-1094,
linux-tools-gke, linux-image-5.4.0-1094-gke, linux-tools-gke-5.4,
linux-buildinfo-5.4.0-1094-gke, linux-headers-gke-5.4
o USN-5877-1 : linux-modules-5.15.0-1027-gke,
linux-gke-5.15-headers-5.15.0-1027, linux-modules-extra-5.15.0-1027-gke,
linux-tools-gke-edge, linux-gke-5.15, linux-headers-5.15.0-1027-gke,
linux-headers-gke-edge, linux-gke-edge, linux-tools-5.15.0-1027-gke,
linux-buildinfo-5.15.0-1027-gke, linux-image-5.15.0-1027-gke,
linux-image-gke-5.15, linux-gke-5.15-tools-5.15.0-1027,
linux-headers-gke-5.15, linux-modules-iwlwifi-5.15.0-1027-gke,
linux-tools-gke-5.15, linux-image-unsigned-5.15.0-1027-gke,
linux-image-gke-edge
o USN-5780-1 : linux-image-unsigned-6.0.0-1008-oem,
linux-tools-6.0.0-1008-oem, linux-modules-6.0.0-1008-oem, linux-oem-22.04b,
linux-buildinfo-6.0.0-1008-oem, linux-tools-oem-22.04b,
linux-image-oem-22.04b, linux-modules-iwlwifi-oem-22.04b,
linux-image-6.0.0-1008-oem, linux-headers-oem-22.04b,
linux-headers-6.0.0-1008-oem, linux-modules-iwlwifi-6.0.0-1008-oem,
linux-oem-6.0, linux-oem-6.0-headers-6.0.0-1008,
linux-oem-6.0-tools-6.0.0-1008, linux-oem-6.0-tools-host
o USN-5850-1 : linux-gcp-headers-5.19.0-1017, linux-modules-extra-aws,
linux-image-unsigned-5.19.0-1017-gcp, linux-modules-5.19.0-31-generic,
linux-cloud-tools-virtual, linux-headers-generic-hwe-22.04-edge,
linux-lowlatency-64k-hwe-20.04-edge, linux-tools-5.19.0-31-generic-64k,
linux-tools-generic-hwe-22.04, linux-image-5.19.0-1013-raspi,
linux-image-5.19.0-1019-aws, linux-image-5.19.0-1013-raspi-nolpae,
linux-image-unsigned-5.19.0-1017-oracle, linux-headers-5.19.0-1018-kvm,
linux-modules-5.19.0-31-generic-lpae, linux-headers-5.19.0-31-generic,
linux-headers-oem-22.04, linux-image-raspi,
linux-image-unsigned-5.19.0-1018-kvm, linux-tools-5.19.0-31-generic-lpae,
linux-modules-extra-5.19.0-1019-aws, linux-tools-ibm,
linux-lowlatency-cloud-tools-5.19.0-1017,
linux-modules-extra-5.19.0-1013-raspi, linux-lowlatency-hwe-22.04-edge,
linux-tools-raspi-nolpae, linux-tools-kvm, linux-tools-5.19.0-1019-aws,
linux-modules-5.19.0-31-generic-64k,
linux-headers-lowlatency-hwe-22.04-edge, linux-image-generic-64k-hwe-22.04,
linux-headers-lowlatency-64k, linux-headers-generic-lpae-hwe-22.04-edge,
linux-generic-hwe-22.04-edge, linux-modules-5.19.0-1013-raspi-nolpae,
linux-tools-lowlatency-64k-hwe-20.04, linux-cloud-tools-5.19.0-31-generic,
linux-generic-lpae-hwe-22.04-edge, linux-headers-5.19.0-31-generic-lpae,
linux-modules-iwlwifi-generic-hwe-22.04-edge,
linux-buildinfo-5.19.0-1013-raspi-nolpae, linux-image-generic-hwe-22.04,
linux-cloud-tools-generic-hwe-22.04-edge, linux-headers-oracle,
linux-headers-lowlatency-64k-hwe-20.04-edge,
linux-buildinfo-5.19.0-31-generic-lpae,
linux-headers-generic-64k-hwe-22.04-edge, linux-image-5.19.0-1017-ibm,
linux-modules-ivsc-5.19.0-31-generic, linux-virtual,
linux-headers-lowlatency-64k-hwe-22.04, linux-headers-lowlatency-hwe-22.04,
linux-lowlatency-64k, linux-headers-5.19.0-1017-ibm,
linux-image-extra-virtual-hwe-22.04-edge,
linux-cloud-tools-5.19.0-1019-aws, linux-cloud-tools-virtual-hwe-22.04,
linux-generic-lpae, linux-tools-generic-lpae, linux-aws,
linux-oracle-tools-5.19.0-1017, linux-headers-raspi,
linux-headers-generic-64k, linux-image-virtual, linux-lowlatency-hwe-20.04,
linux-modules-ivsc-5.19.0-1017-lowlatency,
linux-modules-iwlwifi-5.19.0-1017-lowlatency, linux-tools-raspi,
linux-tools-5.19.0-1017-lowlatency-64k, linux-lowlatency-tools-5.19.0-1017,
linux-buildinfo-5.19.0-1017-ibm, linux-cloud-tools-lowlatency,
linux-ibm-tools-5.19.0-1017, linux-image-lowlatency-hwe-22.04,
linux-raspi-tools-5.19.0-1013, linux-modules-5.19.0-1013-raspi,
linux-tools-host, linux-headers-lowlatency-hwe-20.04,
linux-raspi-headers-5.19.0-1013, linux-modules-ipu6-5.19.0-31-generic,
linux-image-generic-64k, linux-headers-virtual-hwe-22.04-edge,
linux-tools-lowlatency-64k-hwe-22.04-edge,
linux-image-lowlatency-hwe-20.04-edge, linux-lowlatency,
linux-modules-extra-raspi, linux-generic-64k-hwe-22.04,
linux-modules-ivsc-generic-hwe-22.04, linux-modules-iwlwifi-generic,
linux-doc, linux-ibm-source-5.19.0, linux-buildinfo-5.19.0-31-generic,
linux-image-unsigned-5.19.0-31-generic, linux-modules-extra-gcp,
linux-source, linux-modules-extra-5.19.0-31-generic,
linux-lowlatency-cloud-tools-common,
linux-image-generic-lpae-hwe-22.04-edge,
linux-buildinfo-5.19.0-1017-lowlatency-64k, linux-lowlatency-tools-common,
linux-source-5.19.0, linux-tools-lowlatency-hwe-22.04,
linux-image-extra-virtual-hwe-22.04,
linux-modules-ipu6-5.19.0-1017-lowlatency, linux-image-extra-virtual,
linux-aws-cloud-tools-5.19.0-1019, linux-image-lowlatency-hwe-20.04,
linux-modules-5.19.0-1017-lowlatency-64k,
linux-tools-lowlatency-hwe-20.04-edge, linux-image-5.19.0-1018-kvm,
linux-image-kvm, linux-headers-gcp, linux-tools-5.19.0-1017-gcp,
linux-tools-generic, linux-modules-iwlwifi-5.19.0-31-generic,
linux-modules-extra-5.19.0-1017-ibm, linux-buildinfo-5.19.0-1018-kvm,
linux-modules-5.19.0-1017-lowlatency,
linux-buildinfo-5.19.0-1017-lowlatency, linux-image-lowlatency-64k,
linux-image-unsigned-5.19.0-1019-aws, linux-image-ibm,
linux-buildinfo-5.19.0-31-generic-64k, linux-lowlatency-64k-hwe-20.04,
linux-tools-generic-64k-hwe-22.04, linux-image-5.19.0-1017-oracle,
linux-lowlatency-tools-host, linux-modules-5.19.0-1017-oracle,
linux-lowlatency-headers-5.19.0-1017, linux-image-generic,
linux-headers-5.19.0-1017-oracle, linux-image-5.19.0-31-generic-64k,
linux-tools-lowlatency-64k-hwe-20.04-edge, linux-headers-ibm,
linux-headers-lowlatency-hwe-20.04-edge, linux-kvm-tools-5.19.0-1018,
linux-tools-5.19.0-1017-oracle, linux-modules-5.19.0-1019-aws,
linux-cloud-tools-5.19.0-1017-lowlatency, linux-tools-gcp,
linux-headers-lowlatency-64k-hwe-20.04, linux-raspi-nolpae,
linux-ibm-cloud-tools-common, linux-image-lowlatency-64k-hwe-22.04-edge,
linux-headers-virtual, linux-headers-5.19.0-31,
linux-image-unsigned-5.19.0-1017-lowlatency, linux-tools-5.19.0-1017-ibm,
linux-oracle, linux-tools-lowlatency-hwe-20.04,
linux-headers-5.19.0-1017-lowlatency-64k, linux-kvm-headers-5.19.0-1018,
linux-image-5.19.0-1017-lowlatency-64k, linux-cloud-tools-common,
linux-generic-lpae-hwe-22.04, linux-modules-extra-raspi-nolpae,
linux-modules-ivsc-generic-hwe-22.04-edge, linux-modules-ivsc-generic,
linux-raspi, linux-lowlatency-64k-hwe-22.04-edge, linux-image-lowlatency,
linux-tools-5.19.0-31, linux-ibm-tools-common, linux-tools-lowlatency,
linux-tools-oracle, linux-crashdump, linux-generic-64k-hwe-22.04-edge,
linux-cloud-tools-lowlatency-hwe-22.04,
linux-image-lowlatency-hwe-22.04-edge,
linux-image-unsigned-5.19.0-31-generic-64k, linux-image-aws,
linux-headers-5.19.0-1013-raspi-nolpae,
linux-tools-generic-64k-hwe-22.04-edge, linux-image-5.19.0-31-generic,
linux-cloud-tools-virtual-hwe-22.04-edge,
linux-cloud-tools-lowlatency-hwe-20.04-edge, linux-image-gcp,
linux-buildinfo-5.19.0-1019-aws, linux-oracle-headers-5.19.0-1017,
linux-generic-hwe-22.04, linux-ibm-headers-5.19.0-1017,
linux-image-5.19.0-1017-gcp, linux-headers-5.19.0-31-generic-64k,
linux-headers-aws, linux-headers-generic,
linux-modules-extra-5.19.0-1017-gcp, linux-tools-5.19.0-1017-lowlatency,
linux-buildinfo-5.19.0-1017-oracle, linux-headers-generic-hwe-22.04,
linux-modules-extra-5.19.0-1017-oracle, linux-tools-5.19.0-1013-raspi,
linux-image-unsigned-5.19.0-1017-lowlatency-64k,
linux-modules-5.19.0-1017-gcp, linux-tools-generic-lpae-hwe-22.04-edge,
linux-lowlatency-64k-hwe-22.04, linux-tools-virtual-hwe-22.04,
linux-cloud-tools-lowlatency-hwe-20.04, linux-image-virtual-hwe-22.04-edge,
linux-aws-headers-5.19.0-1019, linux-libc-dev, linux-generic-64k,
linux-headers-5.19.0-1013-raspi, linux-headers-generic-lpae-hwe-22.04,
linux-image-5.19.0-31-generic-lpae, linux-ibm, linux-image-generic-lpae,
linux-image-lowlatency-64k-hwe-22.04, linux-generic,
linux-cloud-tools-generic, linux-image-lowlatency-64k-hwe-20.04,
linux-cloud-tools-generic-hwe-22.04, linux-kvm,
linux-buildinfo-5.19.0-1017-gcp, linux-lowlatency-hwe-22.04,
linux-modules-extra-5.19.0-1013-raspi-nolpae, linux-virtual-hwe-22.04-edge,
linux-cloud-tools-5.19.0-31, linux-image-raspi-nolpae,
linux-tools-generic-64k, linux-image-oracle,
linux-tools-lowlatency-64k-hwe-22.04, linux-lowlatency-hwe-20.04-edge,
linux-modules-ipu6-generic-hwe-22.04, linux-headers-5.19.0-1017-lowlatency,
linux-tools-5.19.0-1018-kvm, linux-headers-kvm,
linux-image-unsigned-5.19.0-1017-ibm, linux-tools-5.19.0-31-generic,
linux-image-lowlatency-64k-hwe-20.04-edge,
linux-headers-lowlatency-64k-hwe-22.04-edge,
linux-modules-iwlwifi-generic-hwe-22.04, linux-buildinfo-5.19.0-1013-raspi,
linux-headers-generic-lpae, linux-image-virtual-hwe-22.04,
linux-tools-lowlatency-64k, linux-headers-generic-64k-hwe-22.04,
linux-headers-virtual-hwe-22.04,
linux-cloud-tools-lowlatency-hwe-22.04-edge,
linux-modules-ipu6-generic-hwe-22.04-edge, linux-tools-aws,
linux-tools-generic-hwe-22.04-edge, linux-gcp-tools-5.19.0-1017, linux-gcp,
linux-tools-generic-lpae-hwe-22.04, linux-headers-lowlatency,
linux-image-generic-hwe-22.04-edge, linux-modules-5.19.0-1017-ibm,
linux-tools-5.19.0-1013-raspi-nolpae, linux-tools-virtual-hwe-22.04-edge,
linux-image-generic-64k-hwe-22.04-edge, linux-headers-5.19.0-1017-gcp,
linux-virtual-hwe-22.04, linux-image-oem-22.04,
linux-headers-5.19.0-1019-aws, linux-modules-ipu6-generic,
linux-headers-raspi-nolpae, linux-oem-22.04, linux-modules-5.19.0-1018-kvm,
linux-aws-tools-5.19.0-1019, linux, linux-tools-virtual,
linux-image-generic-lpae-hwe-22.04, linux-tools-lowlatency-hwe-22.04-edge,
linux-tools-common, linux-tools-oem-22.04,
linux-image-5.19.0-1017-lowlatency
o USN-5858-1 : linux-oem-5.17, linux-image-oem-22.04a, linux-oem-22.04a,
linux-headers-oem-22.04, linux-modules-ipu6-5.17.0-1027-oem,
linux-tools-oem-22.04a, linux-image-5.17.0-1027-oem,
linux-buildinfo-5.17.0-1027-oem, linux-tools-5.17.0-1027-oem,
linux-modules-ipu6-oem-22.04a, linux-modules-ivsc-oem-22.04,
linux-modules-ipu6-oem-22.04, linux-modules-iwlwifi-5.17.0-1027-oem,
linux-oem-5.17-tools-5.17.0-1027, linux-image-unsigned-5.17.0-1027-oem,
linux-oem-5.17-tools-host, linux-modules-5.17.0-1027-oem,
linux-headers-oem-22.04a, linux-image-oem-22.04,
linux-modules-ivsc-oem-22.04a, linux-oem-5.17-headers-5.17.0-1027,
linux-oem-22.04, linux-modules-iwlwifi-oem-22.04,
linux-modules-iwlwifi-oem-22.04a, linux-tools-oem-22.04,
linux-headers-5.17.0-1027-oem, linux-modules-ivsc-5.17.0-1027-oem
o USN-5859-1 : linux-tools-oem-20.04, linux-modules-iwlwifi-oem-20.04,
linux-image-oem-20.04b, linux-oem-20.04, linux-oem-20.04d,
linux-tools-oem-20.04d, linux-headers-5.14.0-1057-oem,
linux-oem-5.14-tools-5.14.0-1057, linux-buildinfo-5.14.0-1057-oem,
linux-modules-iwlwifi-5.14.0-1057-oem, linux-headers-oem-20.04,
linux-oem-5.14, linux-tools-oem-20.04c, linux-oem-5.14-tools-host,
linux-image-5.14.0-1057-oem, linux-image-unsigned-5.14.0-1057-oem,
linux-tools-oem-20.04b, linux-image-oem-20.04d,
linux-modules-5.14.0-1057-oem, linux-headers-oem-20.04b,
linux-headers-oem-20.04d, linux-tools-5.14.0-1057-oem,
linux-image-oem-20.04c, linux-oem-20.04b, linux-image-oem-20.04,
linux-oem-20.04c, linux-headers-oem-20.04c,
linux-oem-5.14-headers-5.14.0-1057, linux-modules-iwlwifi-oem-20.04d
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY+2Jl8kNZI30y1K9AQjjAQ//Z5FFzKMuvOr3xqjAuk81Q/FIzMT8IykV
c17hTk8dPYZQHQG2uE/Zasn19/Kp/i+GH7Eq+wNsb3kLsOvzCrly/Yy2TaGU5TY9
yoCwoI4P7AOYAuUox9fcsqc3C4xBSBrC9EQC183McbSVNxPJdn0aAWFXyhAu83nF
qpyI0fsRUt6Ei+3cRyhAY52KVQQEneFlZ0RE1c9eYyz2aaJ5+ds5FmiKS0wbnU0u
nIBLqSVsGc3R4yguz1FqQIzqHPC1vzbXPe6MxGfdGXIqX2s0b/ZvFds0jI1guup2
8LRoWjLD8EkEewwhFpjInZAOhMoFfP0+/5m8HUbM/7Lt4ei+jFMlceuS4TCH5YDp
4FynxAtB9IG7MVvbXQ7Y6u3gCJeU2yiT5uKLGoth4nPY8ffD2kPrWA1sCRu1fqhv
kimPqensAYLevsYZ1dB7J4Omg1YLiermlKVZBp70ZyrQ2dxNkxzob/WBOSX+bSZ+
6KCUgs24bdh/Ww1qyLxiUc0daYWkS1bpWvSSE0lPx+XuQO+dLZDSLDZjMvHF2lIo
0p74BZ2gDsS0A7NKerxvNQ374atWdJ+JBdLp8urPmzKFA7UUy7yyxFNvnspw741a
X37bMNCa2SBY0yf5cCCoVU+RtRPLCkPUpjKjaX+Vw6wHFqIwcPhWMxsPQ99omME7
Rwi/DOCt+2o=
=vLDp
-----END PGP SIGNATURE-----