Gentoo Linux Security Advisory 202309-13 - A buffer overflow vulnerability has been found in GMP which could result in denial of service. Versions greater than or equal to 6.2.1-r2 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202309-13  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: GMP: Buffer Overflow Vulnerability  
     Date: September 29, 2023  
     Bugs: #823804  
       ID: 202309-13

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
=======  
A buffer overflow vulnerability has been found in GMP which could result  
in denial of service.

Background  
=========  
The GNU Multiple Precision Arithmetic Library is a library forarbitrary-  
precision arithmetic on different types of numbers.

Affected packages  
================  
Package       Vulnerable    Unaffected  
------------  ------------  ------------  
dev-libs/gmp  < 6.2.1-r2    >= 6.2.1-r2

Description  
==========  
There is an integer overflow leading to a buffer overflow when  
processing untrusted input via GMP's mpz_inp_raw function.

Impact  
=====  
Untrusted input can cause a denial of service via segmentation fault.

Workaround  
=========  
Users can ensure no untrusted input is passed into GMP's mpz_inp_raw  
function.

Resolution  
=========  
All GMP users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">Þv-libs/gmp-6.2.1-r2"

References  
=========  
[ 1 ] CVE-2021-43618  
      https://nvd.nist.gov/vuln/detail/CVE-2021-43618

Availability  
===========  
This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202309-13

Concerns?  
========  
Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
======  
Copyright 2023 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202309-13

Gentoo Linux Security Advisory 202309-12 - Multiple vulnerabilities have been found in sudo, the worst of which can result in root privilege escalation. Versions greater than or equal to 1.9.13_p2 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202309-12  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High  
    Title: sudo: Multiple Vulnerabilities  
     Date: September 29, 2023  
     Bugs: #898510, #905322  
       ID: 202309-12

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
=======  
Multiple vulnerabilities have been found in sudo, the worst of which can  
result in root privilege escalation.

Background  
=========  
sudo allows a system administrator to give users the ability to run  
commands as other users.

Affected packages  
================  
Package         Vulnerable    Unaffected  
--------------  ------------  ------------  
app-admin/sudo  < 1.9.13_p2   >= 1.9.13_p2

Description  
==========  
Multiple vulnerabilities have been discovered in sudo. Please review the  
CVE identifiers referenced below for details.

Impact  
=====  
Please review the referenced CVE identifiers for details.

Workaround  
=========  
There is no known workaround at this time.

Resolution  
=========  
All sudo users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=app-admin/sudo-1.9.13_p2"

References  
=========  
[ 1 ] CVE-2023-27320  
      https://nvd.nist.gov/vuln/detail/CVE-2023-27320  
[ 2 ] CVE-2023-28486  
      https://nvd.nist.gov/vuln/detail/CVE-2023-28486  
[ 3 ] CVE-2023-28487  
      https://nvd.nist.gov/vuln/detail/CVE-2023-28487

Availability  
===========  
This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202309-12

Concerns?  
========  
Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
======  
Copyright 2023 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202309-12

Gentoo Linux Security Advisory 202309-11 - Multiple vulnerabilities have been found in libsndfile, the worst of which could result in arbitrary code execution. Versions greater than or equal to 1.1.0 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202309-11  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: libsndfile: Multiple Vulnerabilities  
     Date: September 29, 2023  
     Bugs: #803065  
       ID: 202309-11

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
=======  
Multiple vulnerabilities have been found in libsndfile, the worst of  
which could result in arbitrary code execution.

Background  
=========  
libsndfile is a C library for reading and writing files containing  
sampled sound.

Affected packages  
================  
Package                Vulnerable    Unaffected  
---------------------  ------------  ------------  
media-libs/libsndfile  < 1.1.0       >= 1.1.0

Description  
==========  
Multiple vulnerabilities have been discovered in libsndfile. Please  
review the CVE identifiers referenced below for details.

Impact  
=====  
Please review the referenced CVE identifiers for details.

Workaround  
=========  
There is no known workaround at this time.

Resolution  
=========  
All libsndfile users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=media-libs/libsndfile-1.1.0"

References  
=========  
[ 1 ] CVE-2021-3246  
      https://nvd.nist.gov/vuln/detail/CVE-2021-3246  
[ 2 ] CVE-2021-4156  
      https://nvd.nist.gov/vuln/detail/CVE-2021-4156

Availability  
===========  
This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202309-11

Concerns?  
========  
Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
======  
Copyright 2023 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202309-11

Gentoo Linux Security Advisory 202309-10 - A vulnerability was discovered in Fish when handling git repository configuration that may lead to execution of arbitrary code Versions greater than or equal to 3.4.0 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202309-10  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: Fish: User-assisted execution of arbitrary code  
     Date: September 29, 2023  
     Bugs: #835337  
       ID: 202309-10

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
=======  
A vulnerability was discovered in Fish when handling git repository  
configuration that may lead to execution of arbitrary code

Background  
=========  
Smart and user-friendly command line shell for macOS, Linux, and the  
rest of the family. It includes features like syntax highlighting,  
autosuggest-as-you-type, and fancy tab completions that just work, with  
no configuration required.

Affected packages  
================  
Package          Vulnerable    Unaffected  
---------------  ------------  ------------  
app-shells/fish  < 3.4.0       >= 3.4.0

Description  
==========  
A vulnerability have been discovered in Fish. Please review the CVE  
identifiers referenced below for details.

Impact  
=====  
A user may be enticed to cd into a git repository under control by an  
attacker (e.g. on a shared filesystem or by unpacking an archive) and  
execute arbitrary commands.

Workaround  
=========  
There is no known workaround at this time.

Resolution  
=========  
All fish users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=app-shells/fish-3.4.0"

References  
=========  
[ 1 ] CVE-2022-20001  
      https://nvd.nist.gov/vuln/detail/CVE-2022-20001

Availability  
===========  
This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202309-10

Concerns?  
========  
Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
======  
Copyright 2023 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202309-10

Gentoo Linux Security Advisory 202309-9 - Multiple vulnerabilities have been found in Pacemaker, the worst of which could result in root privilege escalation. Versions greater than or equal to 2.0.5_rc2 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202309-09  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High  
    Title: Pacemaker: Multiple Vulnerabilities  
     Date: September 29, 2023  
     Bugs: #711674, #751430  
       ID: 202309-09

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
=======  
Multiple vulnerabilities have been found in Pacemaker, the worst of  
which could result in root privilege escalation.

Background  
=========  
Pacemaker is an Open Source, High Availability resource manager suitable  
for both small and large clusters.

Affected packages  
================  
Package                Vulnerable    Unaffected  
---------------------  ------------  ------------  
sys-cluster/pacemaker  < 2.0.5_rc2   >= 2.0.5_rc2

Description  
==========  
Multiple vulnerabilities have been discovered in Pacemaker. Please  
review the CVE identifiers referenced below for details.

Impact  
=====  
Please review the referenced CVE identifiers for details.

Workaround  
=========  
There is no known workaround at this time.

Resolution  
=========  
All Pacemaker users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=sys-cluster/pacemaker-2.0.5_rc2"

References  
=========  
[ 1 ] CVE-2018-16877  
      https://nvd.nist.gov/vuln/detail/CVE-2018-16877  
[ 2 ] CVE-2018-16878  
      https://nvd.nist.gov/vuln/detail/CVE-2018-16878  
[ 3 ] CVE-2019-3885  
      https://nvd.nist.gov/vuln/detail/CVE-2019-3885  
[ 4 ] CVE-2020-25654  
      https://nvd.nist.gov/vuln/detail/CVE-2020-25654

Availability  
===========  
This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202309-09

Concerns?  
========  
Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
======  
Copyright 2023 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202309-09

Debian Linux Security Advisory 5507-1 - Multiple security vulnerabilities were found in Jetty, a Java based web server and servlet engine.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5507-1                   security@debian.org  
https://www.debian.org/security/                          Markus Koschany  
September 28, 2023                    https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : jetty9  
CVE ID         : CVE-2023-26048 CVE-2023-26049 CVE-2023-36479 CVE-2023-40167  
                 CVE-2023-41900

Multiple security vulnerabilities were found in Jetty, a Java based web server  
and servlet engine.

The org.eclipse.jetty.servlets.CGI class has been deprecated. It is potentially  
unsafe to use it. The upstream developers of Jetty recommend to use Fast CGI  
instead. See also CVE-2023-36479.

CVE-2023-26048

    In affected versions servlets with multipart support (e.g. annotated with  
    `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or  
    `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the  
    client sends a multipart request with a part that has a name but no  
    filename and very large content. This happens even with the default  
    settings of `fileSizeThreshold=0` which should stream the whole part  
    content to disk.

CVE-2023-26049

    Nonstandard cookie parsing in Jetty may allow an attacker to smuggle  
    cookies within other cookies, or otherwise perform unintended behavior by  
    tampering with the cookie parsing mechanism.

CVE-2023-40167

    Prior to this version Jetty accepted the `+` character proceeding the  
    content-length value in a HTTP/1 header field. This is more permissive than  
    allowed by the RFC and other servers routinely reject such requests with  
    400 responses. There is no known exploit scenario, but it is conceivable  
    that request smuggling could result if jetty is used in combination with a  
    server that does not close the connection after sending such a 400  
    response.

CVE-2023-36479

    Users of the CgiServlet with a very specific command structure may have the  
    wrong command executed. If a user sends a request to a  
    org.eclipse.jetty.servlets.CGI Servlet for a binary with a space in its  
    name, the servlet will escape the command by wrapping it in quotation  
    marks. This wrapped command, plus an optional command prefix, will then be  
    executed through a call to Runtime.exec. If the original binary name  
    provided by the user contains a quotation mark followed by a space, the  
    resulting command line will contain multiple tokens instead of one.

CVE-2023-41900

    Jetty is vulnerable to weak authentication. If a Jetty  
    `OpenIdAuthenticator` uses the optional nested `LoginService`, and that  
    `LoginService` decides to revoke an already authenticated user, then the  
    current request will still treat the user as authenticated. The  
    authentication is then cleared from the session and subsequent requests  
    will not be treated as authenticated. So a request on a previously  
    authenticated session could be allowed to bypass authentication after it  
    had been rejected by the `LoginService`. This impacts usages of the  
    jetty-openid which have configured a nested `LoginService` and where that  
    `LoginService` is capable of rejecting previously authenticated users.

For the oldstable distribution (bullseye), these problems have been fixed  
in version 9.4.39-3+deb11u2.

For the stable distribution (bookworm), these problems have been fixed in  
version 9.4.50-4+deb12u1.

We recommend that you upgrade your jetty9 packages.

For the detailed security status of jetty9 please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/jetty9

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmUV6x5fFIAAAAAALgAo  
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD  
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7  
UeTJGw//a9ZVCC9qHUG/KfAkJJs27UGuL4T1hRM5Azu+8jFxMHwuqKf62FCWlGUE  
xM9fwQdUDvfkSBsrGlp+nAwqegOh+YBvAxh6DBdMpEYhZ+wUDLwZaPdR5iTj7q2e  
JpjKs1hp7QRDfguL6+T/sJmMx9zk7soDwqd3QEjBXBhuYhlVfq7Wm4v5STKj28pD  
Yjv6YmLKIHTv9/HaUWNDCFUjyRGZjmAvYVAIF3gNo9Qn2agq4z3+1Z2EPX4+qbVq  
pp+JKr/vVSVHltaR1D0JyC5zjrHOo+dRFWYwG7K/V7kijyIbciNACTe/W2v6hM6F  
w+0+8C7TMbof22nOHVcgBygukIvxdvnG6BQUUQaVeE36wi8cvBSVgTe0NJb0NIQt  
Gr37tlG+9kJy9d02I+hgX8U90aWmaofTJsn3YbAL6wv2r7Klm6LJN6p8oAmqfEM6  
IOOii4JpHaRDz1VQsjskhjw7Q1UigVX6lmx6BfPHzG2BFSe8v5vG+6OvH4oF+Egy  
VTF3U/lvXcdqaZyNnCKn4NWLJZHVYE4ncgdDp8qomJXnDoMy6V9+DEDADiu9C2ox  
4YvtBHVIZ1uYBRRDjutJw0dkKa7QotSlkmVnAV+oqHa1/Dp2Cytjb+rRhp83QLEw  
kfBWYLpFIq9ARI08AyK4hzX27FFf3ojHp++Lau8ODwb/4s9bKE0=j7dG  
-----END PGP SIGNATURE-----

Debian Security Advisory 5507-1

Red Hat Security Advisory 2023-5405-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include buffer overflow and code execution vulnerabilities.

Red Hat Security Advisory 2023-5405-01

Debian Linux Security Advisory 5506-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5506-1                   security@debian.org  
https://www.debian.org/security/                       Moritz Muehlenhoff  
September 28, 2023                    https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : firefox-esr  
CVE ID         : CVE-2023-5169 CVE-2023-5171 CVE-2023-5176

Multiple security issues have been found in the Mozilla Firefox web  
browser, which could potentially result in the execution of arbitrary  
code

Debian follows the extended support releases (ESR) of Firefox. Support  
for the 102.x series has ended, so starting with this update we're now  
following the 115.x releases.

Between 102.x and 115.x, Firefox has seen a number of feature updates.  
For more information please refer to  
https://www.mozilla.org/en-US/firefox/115.0esr/releasenotes/

For the oldstable distribution (bullseye), these problems have been fixed  
in version 115.3.0esr-1~deb11u1.

For the stable distribution (bookworm), these problems have been fixed in  
version 115.3.0esr-1~deb12u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmUVyN4ACgkQEMKTtsN8  
Tjb6BhAAlHXgVwAmpytxSnPKfYdYzOthFK8nch5/y9VzXDTm5UoUKFEIlHHHcFmE  
Y0NlUkHk6M5JY2koB5MBAs6E2XT6QZ/AXUFZ7F7sz3nPdMRtqL6yjrcL7zWRmTFI  
A7GVIuOPpGS//8RlUIXfZ1YBQ3zJxDFg8aCQUv4uMfmk0jlEI/JmI7c8+8j10lpX  
hR4+k4A2XunUB46KbA1dYXU6nbXKpHMdmmZuUjkQJf+DBQo72OEv3ZdqG7aL5Nmr  
9jTZHur2FLpHuxIXLfwTZF7Zw+zjXSr8O89nFWSXIe0ESdlHhTrxy1EOodTZtght  
T+SZR6iJ/RBmJqO7jhg090udq9MXUSLp1LxFNTvxfipewglUntWIooONyyeLTwBO  
8R5uYA0E+NwNlLMuf1Z8V1vbOvv5DZnCkQg0HDORHd9Vvkniq3of6hVJkmO/YVAo  
ITReEwWHee8udu4qyFW3VveR3SigzsnHJLjmNdYJfqFntK655NL0IkhdTCwq+fwQ  
sBw+V46lznsWDkVlMlzGgQsZS+8+ME+zhILUHsyOG9U5JtlXFUwDGWVp0X24A5Fg  
iVqBrnmr2wzZ0ctNpc5SHigQWm4vWj14mG9k4WbiEd5KMpI1WejKLyE0vNmHtLCR  
8K4TiGLK/baigFWJZQAzjCT7df/ndWuEPSwcZgRhEtbpRhlHKhE=Om2J  
-----END PGP SIGNATURE-----

Debian Security Advisory 5506-1

The Microsoft Windows kernel does not reset security cache during self-healing, leading to refcount overflow and use-after-free conditions.

Microsoft Windows Kernel Refcount Overflow / Use-After-Free

Red Hat Security Advisory 2023-5396-01 - Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale. Data Grid 8.4.4 replaces Data Grid 8.4.3 and includes bug fixes and enhancements. Issues addressed include a denial of service vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: Red Hat Data Grid 8.4.4 security update  
Advisory ID:       RHSA-2023:5396-01  
Product:           Red Hat JBoss Data Grid  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:5396  
Issue date:        2023-09-28  
CVE Names:         CVE-2022-45047 CVE-2023-3628 CVE-2023-3629   
                   CVE-2023-5236 CVE-2023-34462 CVE-2023-35116   
                   CVE-2023-35887   
=====================================================================

1. Summary:

An update for Red Hat Data Grid 8 is now available.

 Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Description:

Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution.  
It increases application response times and allows for dramatically  
improving performance while providing availability, reliability, and  
elastic scale.

 Data Grid 8.4.4 replaces Data Grid 8.4.3 and includes bug fixes and  
enhancements. Find out more about Data Grid 8.4.4 in the Release Notes[3].

Security Fix(es):

* infispan: REST bulk ops don't check permissions (CVE-2023-3628)

* infinispan: Non-admins should not be able to get cache config via REST  
API (CVE-2023-3629)

* netty: SniHandler 16MB allocation leads to OOM (CVE-2023-34462)

* jackson-databind: denial of service via cylic dependencies  
(CVE-2023-35116)

* apache-mina: information exposure in SFTP server implementations  
(CVE-2023-35887)

* infinispan: circular reference on marshalling leads to DoS  
(CVE-2023-5236)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

3. Solution:

Before applying this update, make sure all previously released errata  
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

4. Bugs fixed (https://bugzilla.redhat.com/):

2215214 - CVE-2023-35116 jackson-databind: denial of service via cylic dependencies  
2216888 - CVE-2023-34462 netty: SniHandler 16MB allocation leads to OOM  
2217924 - CVE-2023-3628 infispan: REST bulk ops don't check permissions  
2217926 - CVE-2023-3629 infinispan: Non-admins should not be able to get cache config via REST API  
2240036 - CVE-2023-35887 apache-mina-sshd: information exposure in SFTP server implementations  
2240999 - CVE-2023-5236 infinispan: circular reference on marshalling leads to DoS

5. References:

https://access.redhat.com/security/cve/CVE-2022-45047  
https://access.redhat.com/security/cve/CVE-2023-3628  
https://access.redhat.com/security/cve/CVE-2023-3629  
https://access.redhat.com/security/cve/CVE-2023-5236  
https://access.redhat.com/security/cve/CVE-2023-34462  
https://access.redhat.com/security/cve/CVE-2023-35116  
https://access.redhat.com/security/cve/CVE-2023-35887  
https://access.redhat.com/security/updates/classification/#moderate  
https://access.redhat.com/jbossnetwork/restricted/softwareDetail.html?softwareId=70381&product=data.grid&version=8.4&downloadType=patches  
https://access.redhat.com/documentation/en-us/red_hat_data_grid/8.4/html-single/red_hat_data_grid_8.4_release_notes/index

6. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJlFZssAAoJENzjgjWX9erEVBUP/juQ7FbyJjmSmND8oHqZnVVT  
vUTePNV3l/ulRcemJxmCWaQzyxxVBa5vJ2euNZ46iMbesye80ar3g45FuMx8uqtV  
9IWhOUZRQP7NNVkf83zrTLTqwP53Y/0+Q9jx3B4DWTfkB2dmAbrTIrZwCUt8H4nx  
9rINfIgdjlD9R09uI5nYon61WQe5xmF4Qpfpcpwk53aCj3cWBIlI0yfPHikraK8/  
l95618TFdlcMkEzTz/lf/5vNuiBA1jNxnVdAyLsM34i9GIk/mEvTemBOwj0kJPB2  
ZRxY2VOppyMyq3aNefjNah9Uy6v5gw3ny7Wou4syRTjTO+WkuKQQO/+1h5iImdVq  
qXmvnSXPZo0QsMZhpORz2Nt7IUy8K61au4qRR9NN0RuuyriU/ox+Z0e1d9OSFKTe  
9yo8zhyS59/Ljj5Q6s95sv+8hpCCa97Rf7p5DFMmwI7d8Q8Dykc+JwU9nujGTAWE  
vBQCZlj6yrMbyTN5yeCXvDpBM+Lmv6j11eH3lNvLH/6sp4L7yDtutMkXA8lNz4dS  
9QOlHGI1uFqbjsM2jINVZypksJFeUVzhJ5cKmLZ77B9hB/F0cKnqKQtaJnIng2cI  
qKXmWyjD3jZzryn+2mDEsYGMMmstaNXk2s9mJ/ZbxBrD1nUuy/gPpDCG94RJlSjt  
4vHsWOHi6lXZ5+vNcG7h  
=l76w  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Source

Packet Storm