Ubuntu Security Notice 7043-1 - Simone Margaritelli discovered that the cups-filters cups-browsed component could be used to create arbitrary printers from outside the local network. In combination with issues in other printing components, a remote attacker could possibly use this issue to connect to a system, created manipulated PPD files, and execute arbitrary code when a printer is used. This update disables support for the legacy CUPS printer discovery protocol. Simone Margaritelli discovered that cups-filters incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate PPD files and execute arbitrary code when a printer is used.

    ==========================================================================Ubuntu Security Notice USN-7043-1September 26, 2024cups-filters vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTS- Ubuntu 20.04 LTSSummary:cups-filters could be made to run programs if it received specially craftednetwork traffic.Software Description:- cups-filters: OpenPrinting CUPS FiltersDetails:Simone Margaritelli discovered that the cups-filters cups-browsed componentcould be used to create arbitrary printers from outside the local network.In combination with issues in other printing components, a remote attackercould possibly use this issue to connect to a system, created manipulatedPPD files, and execute arbitrary code when a printer is used. This updatedisables support for the legacy CUPS printer discovery protocol.(CVE-2024-47176)Simone Margaritelli discovered that cups-filters incorrectly sanitized IPPdata when creating PPD files. A remote attacker could possibly use thisissue to manipulate PPD files and execute arbitrary code when a printer isused. (CVE-2024-47076)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTS  cups-browsed                    1.28.15-0ubuntu1.3  cups-filters                    1.28.15-0ubuntu1.3Ubuntu 20.04 LTS  cups-browsed                    1.27.4-1ubuntu0.3  cups-filters                    1.27.4-1ubuntu0.3In general, a standard system update will make all the necessary changes.References:  https://ubuntu.com/security/notices/USN-7043-1  CVE-2024-47076, CVE-2024-47176Package Information:  https://launchpad.net/ubuntu/+source/cups-filters/1.28.15-0ubuntu1.3  https://launchpad.net/ubuntu/+source/cups-filters/1.27.4-1ubuntu0.3

Ubuntu Security Notice USN-7043-1

Ubuntu Security Notice 7042-1 - Simone Margaritelli discovered that cups-browsed could be used to create arbitrary printers from outside the local network. In combination with issues in other printing components, a remote attacker could possibly use this issue to connect to a system, created manipulated PPD files, and execute arbitrary code when a printer is used. This update disables support for the legacy CUPS printer discovery protocol.

    ==========================================================================Ubuntu Security Notice USN-7042-1September 26, 2024cups-browsed vulnerability==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 24.04 LTSSummary:cups-browsed could be made to run programs if it received specially craftednetwork traffic.Software Description:- cups-browsed: OpenPrinting cups-browsedDetails:Simone Margaritelli discovered that cups-browsed could be used to createarbitrary printers from outside the local network. In combination withissues in other printing components, a remote attacker could possibly usethis issue to connect to a system, created manipulated PPD files, andexecute arbitrary code when a printer is used. This update disables supportfor the legacy CUPS printer discovery protocol.Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 24.04 LTS  cups-browsed                    2.0.0-0ubuntu10.1In general, a standard system update will make all the necessary changes.References:  https://ubuntu.com/security/notices/USN-7042-1  CVE-2024-47176Package Information:  https://launchpad.net/ubuntu/+source/cups-browsed/2.0.0-0ubuntu10.1

Ubuntu Security Notice USN-7042-1

Ubuntu Security Notice 7041-1 - Simone Margaritelli discovered that CUPS incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate PPD files and execute arbitrary code when a printer is used.

==========================================================================  
Ubuntu Security Notice USN-7041-1  
September 26, 2024

cups vulnerability  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.04 LTS  
- Ubuntu 22.04 LTS  
- Ubuntu 20.04 LTS

Summary:

CUPS could be made to crash or run programs if it received specially  
crafted network traffic.

Software Description:  
- cups: Common UNIX Printing System(tm)

Details:

Simone Margaritelli discovered that CUPS incorrectly sanitized IPP  
data when creating PPD files. A remote attacker could possibly use this  
issue to manipulate PPD files and execute arbitrary code when a printer is  
used.

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 24.04 LTS  
  cups                            2.4.7-1.2ubuntu7.3

Ubuntu 22.04 LTS  
  cups                            2.4.1op1-1ubuntu4.11

Ubuntu 20.04 LTS  
  cups                            2.3.1-9ubuntu1.9

In general, a standard system update will make all the necessary changes.

References:  
  https://ubuntu.com/security/notices/USN-7041-1  
  CVE-2024-47175

Package Information:  
  https://launchpad.net/ubuntu/+source/cups/2.4.7-1.2ubuntu7.3  
  https://launchpad.net/ubuntu/+source/cups/2.4.1op1-1ubuntu4.11  
  https://launchpad.net/ubuntu/+source/cups/2.3.1-9ubuntu1.9

Ubuntu Security Notice USN-7041-1

Red Hat Security Advisory 2024-7312-03 - An update is now available for Red Hat Ansible Automation Platform 2.4. Issues addressed include cross site scripting and html injection vulnerabilities.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_7312.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix UpdateAdvisory ID:        RHSA-2024:7312-03Product:            Red Hat Ansible Automation PlatformAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:7312Issue date:         2024-09-27Revision:           03CVE Names:          CVE-2024-21520====================================================================Summary: An update is now available for Red Hat Ansible Automation Platform 2.4Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.Security Fix(es):* automation-controller: djangorestframework: Cross-site Scripting (XSS) via break_long_headers (CVE-2024-21520)* automation-controller: twisted: Reflected XSS via HTML Injection in Redirect Response (CVE-2024-41810)* automation-controller: urllib3: proxy-authorization request header is not stripped during cross-origin redirects (CVE-2024-37891)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Updates and fixes for automation controller:* Fixed Galaxy credentials to be correctly ordered when assigning them using 'ansible.controller.organization' (AAP-31398)* Fixed gather analytics failure due to missing '_unpartitioned_main_jobevent' table (AAP-31053)* automation-controller has been updated to 4.5.12Solution:CVEs:CVE-2024-21520References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2292788https://bugzilla.redhat.com/show_bug.cgi?id=2294457https://bugzilla.redhat.com/show_bug.cgi?id=2300497

Red Hat Security Advisory 2024-7312-03

Red Hat Security Advisory 2024-7262-03 - An update for osbuild-composer is now available for Red Hat Enterprise Linux 8. Issues addressed include a memory leak vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_7262.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: osbuild-composer security updateAdvisory ID:        RHSA-2024:7262-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:7262Issue date:         2024-09-27Revision:           03CVE Names:          CVE-2024-1394====================================================================Summary: An update for osbuild-composer is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud.  It is compatible with composer-cli and cockpit-composer clients.Security Fix(es):* golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (CVE-2024-1394)* encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-1394References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2262921https://bugzilla.redhat.com/show_bug.cgi?id=2310528

Red Hat Security Advisory 2024-7262-03

Red Hat Security Advisory 2024-7261-03 - An update for osbuild-composer is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_7261.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: osbuild-composer security updateAdvisory ID:        RHSA-2024:7261-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:7261Issue date:         2024-09-26Revision:           03CVE Names:          CVE-2024-34156====================================================================Summary: An update for osbuild-composer is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud.  It is compatible with composer-cli and cockpit-composer clients.Security Fix(es):* encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-34156References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2310528

Red Hat Security Advisory 2024-7261-03

Red Hat Security Advisory 2024-7260-03 - An update for net-snmp is now available for Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and null pointer vulnerabilities.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_7260.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Moderate: net-snmp security update  
Advisory ID:        RHSA-2024:7260-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:7260  
Issue date:         2024-09-26  
Revision:           03  
CVE Names:          CVE-2022-24805  
====================================================================

Summary: 

An update for net-snmp is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol (SNMP), including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base (MIB) browser.

Security Fix(es):

* net-snmp: A buffer overflow in the handling of the INDEX of             NET-SNMP-VACM-MIB can cause an out-of-bounds memory access. (CVE-2022-24805)

* : net-snmp: Improper Input Validation when SETing malformed OIDs in master agent and subagent simultaneously (CVE-2022-24806)

* net-snmp: A malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an out-of-bounds memory access (CVE-2022-24807)

* net-snmp: A malformed OID in a GET-NEXT to the nsVacmAccessTable can cause a NULL pointer dereference. (CVE-2022-24809)

* net-snmp: A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference (CVE-2022-24808)

* net-snmp: A malformed OID in a SET to the nsVacmAccessTable can cause a NULL pointer dereference. (CVE-2022-24810)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2022-24805

References:

https://access.redhat.com/security/updates/classification/#moderate  
https://bugzilla.redhat.com/show_bug.cgi?id=2103225  
https://bugzilla.redhat.com/show_bug.cgi?id=2104759  
https://bugzilla.redhat.com/show_bug.cgi?id=2104763  
https://bugzilla.redhat.com/show_bug.cgi?id=2104766  
https://bugzilla.redhat.com/show_bug.cgi?id=2104768  
https://bugzilla.redhat.com/show_bug.cgi?id=2104769

Red Hat Security Advisory 2024-7260-03

Red Hat Security Advisory 2024-7237-03 - Logging for Red Hat OpenShift - 5.8.13.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_7237.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Moderate: Logging for Red Hat OpenShift - 5.8.13  
Advisory ID:        RHSA-2024:7237-03  
Product:            logging for Red Hat OpenShift  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:7237  
Issue date:         2024-09-26  
Revision:           03  
CVE Names:          CVE-2024-6104  
====================================================================

Summary: 

Logging for Red Hat OpenShift - 5.8.13

Description:

Logging for Red Hat OpenShift - 5.8.13

Solution:

https://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-13-release-notes.html

https://docs.openshift.com/container-platform/4.13/logging/cluster-logging-upgrading.html

CVEs:

CVE-2024-6104

References:

https://access.redhat.com/security/updates/classification/#moderate  
https://issues.redhat.com/browse/LOG-5210  
https://issues.redhat.com/browse/LOG-5966  
https://issues.redhat.com/browse/LOG-6103  
https://issues.redhat.com/browse/LOG-6127  
https://issues.redhat.com/browse/LOG-6134

Red Hat Security Advisory 2024-7237-03

Red Hat Security Advisory 2024-7227-03 - An update for kernel is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_7227.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: kernel security updateAdvisory ID:        RHSA-2024:7227-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:7227Issue date:         2024-09-26Revision:           03CVE Names:          CVE-2024-41071====================================================================Summary: An update for kernel is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Additional Changes:For detailed information on changes in this release, see the Red Hat Enterprise Linux 6-ELS-EXTENSION Release Notes linked from the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-41071References:https://access.redhat.com/security/updates/classification/#importanthttps://docs.redhat.com/en/documentation/red_hat_enterprise_linux/6-ELS-EXTENSION/html/6-ELS-EXTENSION_release_notes/indexhttps://bugzilla.redhat.com/show_bug.cgi?id=2300448

Red Hat Security Advisory 2024-7227-03

Red Hat Security Advisory 2024-7213-03 - Updated service-interconnect container images are now available for Service Interconnect 1.4 LTS for RHEL 9.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_7213.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Low: Updated service-interconnect rhel9 container images for 1.4 LTS  
Advisory ID:        RHSA-2024:7213-03  
Product:            Red Hat Service Interconnect  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:7213  
Issue date:         2024-09-27  
Revision:           03  
CVE Names:          CVE-2024-2398  
====================================================================

Summary: 

Updated service-interconnect container images are now available for Service Interconnect 1.4 LTS for RHEL 9.

Description:

Users of service-interconnect 1.4 LTS rhel9 container images are advised  
to upgrade to these updated images, which contain backported patches to correct security issues and fix bugs.   
Users of these images are also encouraged to rebuild all container images that depend on these images.  
You can find images updated by this advisory the in Red Hat Container Catalog

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2024-2398

References:

https://access.redhat.com/security/updates/classification/#low  
https://bugzilla.redhat.com/show_bug.cgi?id=2270498  
https://bugzilla.redhat.com/show_bug.cgi?id=2279632  
https://bugzilla.redhat.com/show_bug.cgi?id=2294676  
https://bugzilla.redhat.com/show_bug.cgi?id=2294677  
https://bugzilla.redhat.com/show_bug.cgi?id=2297771  
https://bugzilla.redhat.com/show_bug.cgi?id=2302255

Source

Packet Storm