Red Hat Security Advisory 2024-4520-03 - The Migration Toolkit for Containers 1.7.16 is now available. Issues addressed include a memory exhaustion vulnerability.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_4520.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: Migration Toolkit for Containers (MTC) 1.7.16 security and bug fix update  
Advisory ID:        RHSA-2024:4520-03  
Product:            Red Hat Migration Toolkit  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:4520  
Issue date:         2024-07-11  
Revision:           03  
CVE Names:          CVE-2023-45290  
====================================================================

Summary: 

The Migration Toolkit for Containers (MTC) 1.7.16 is now available.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

Description:

The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.

Security Fix(es) from Bugzilla:

* webpack-dev-middleware: lack of URL validation may lead to file leak (CVE-2024-29180)

* golang: net/http: memory exhaustion in Request.ParseMultipartForm (CVE-2023-45290)

* golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm (CVE-2024-24783)

* golang: net/mail: comments in display names are incorrectly handled (CVE-2024-24784)

* golang: html/template: errors returned from MarshalJSON methods may break template escaping (CVE-2024-24785)

* envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood (CVE-2024-30255)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-45290

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2268017  
https://bugzilla.redhat.com/show_bug.cgi?id=2268019  
https://bugzilla.redhat.com/show_bug.cgi?id=2268021  
https://bugzilla.redhat.com/show_bug.cgi?id=2268022  
https://bugzilla.redhat.com/show_bug.cgi?id=2270863  
https://bugzilla.redhat.com/show_bug.cgi?id=2272986

Red Hat Security Advisory 2024-4520-03

Red Hat Security Advisory 2024-4329-03 - Red Hat OpenShift Container Platform release 4.14.32 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a bypass vulnerability.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_4329.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: OpenShift Container Platform 4.14.32 bug fix and security update  
Advisory ID:        RHSA-2024:4329-03  
Product:            Red Hat OpenShift Enterprise  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:4329  
Issue date:         2024-07-11  
Revision:           03  
CVE Names:          CVE-2023-48795  
====================================================================

Summary: 

Red Hat OpenShift Container Platform release 4.14.32 is now available with updates to packages and images that fix several bugs and add enhancements.

This release includes a security update for Red Hat OpenShift Container Platform 4.14.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

This advisory contains the container images for Red Hat OpenShift Container Platform 4.14.32. See the following advisory for the RPM packages for this release:

https://access.redhat.com/errata/RHBA-2024:4332

Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:

https://docs.openshift.com/container-platform/4.14/release_notes/ocp-4-14-release-notes.html

Security Fix(es):

* openshift/telemeter: iss check during JWT authentication can be bypassed  
(CVE-2024-5037)  
* ssh: Prefix truncation attack on Binary Packet Protocol (BPP)  
(CVE-2023-48795)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.  
All OpenShift Container Platform 4.14 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.14/updating/updating_a_cluster/updating-cluster-cli.html

Solution:

CVEs:

CVE-2023-48795

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2254210  
https://bugzilla.redhat.com/show_bug.cgi?id=2272339  
https://issues.redhat.com/browse/OCPBUGS-30259  
https://issues.redhat.com/browse/OCPBUGS-32472  
https://issues.redhat.com/browse/OCPBUGS-33942  
https://issues.redhat.com/browse/OCPBUGS-33964  
https://issues.redhat.com/browse/OCPBUGS-34885  
https://issues.redhat.com/browse/OCPBUGS-35012  
https://issues.redhat.com/browse/OCPBUGS-35183  
https://issues.redhat.com/browse/OCPBUGS-35290  
https://issues.redhat.com/browse/OCPBUGS-35365  
https://issues.redhat.com/browse/OCPBUGS-35401  
https://issues.redhat.com/browse/OCPBUGS-35475  
https://issues.redhat.com/browse/OCPBUGS-35482  
https://issues.redhat.com/browse/OCPBUGS-35520  
https://issues.redhat.com/browse/OCPBUGS-35549  
https://issues.redhat.com/browse/OCPBUGS-35553  
https://issues.redhat.com/browse/OCPBUGS-35723  
https://issues.redhat.com/browse/OCPBUGS-35750  
https://issues.redhat.com/browse/OCPBUGS-35826  
https://issues.redhat.com/browse/OCPBUGS-35827  
https://issues.redhat.com/browse/OCPBUGS-35877  
https://issues.redhat.com/browse/OCPBUGS-35889  
https://issues.redhat.com/browse/OCPBUGS-35913  
https://issues.redhat.com/browse/OCPBUGS-35957  
https://issues.redhat.com/browse/OCPBUGS-35989  
https://issues.redhat.com/browse/OCPBUGS-36356  
https://issues.redhat.com/browse/OCPBUGS-36369  
https://issues.redhat.com/browse/OCPBUGS-36416  
https://issues.redhat.com/browse/OCPBUGS-36464

Red Hat Security Advisory 2024-4329-03

### Summary
Denial of service vulnerability.

### Details
See: https://github.com/advisories/GHSA-447r-wph3-92pm and https://github.com/dotnet/announcements/issues/312

### PoC
Update System.Security.Cryptography.Pkcs to 8.0.1 so that the transitive dependency with the issue gets updated

### Impact
Denial of service vulnerability. Affects MimeKit (>= v3.0.0 and <= v4.7.0) when used to decrypt or verify incoming S/MIME messages as well as importing 3rd-party X.509 certificates for use with encrypting outgoing S/MIME messages.


**Package**

nuget MimeKit (NuGet)

**Affected versions**

\>= 3.0.0, < 4.7.1

**Patched versions**

4.7.1

**Description**

**Summary**

Denial of service vulnerability.

**Details**

See: GHSA-447r-wph3-92pm and dotnet/announcements#312

**PoC**

Update System.Security.Cryptography.Pkcs to 8.0.1 so that the transitive dependency with the issue gets updated

**Impact**

Denial of service vulnerability. Affects MimeKit (>= v3.0.0 and <= v4.7.0) when used to decrypt or verify incoming S/MIME messages as well as importing 3rd-party X.509 certificates for use with encrypting outgoing S/MIME messages.

**References**

*   GHSA-gmc6-fwg3-75m5
*   dotnet/announcements#312
*   jstedfast/MimeKit@aef4eda
*   GHSA-447r-wph3-92pm

 jstedfast published to jstedfast/MimeKit

Jul 11, 2024

Published to the GitHub Advisory Database

Jul 11, 2024

Reviewed

Jul 11, 2024

Last updated

Jul 11, 2024

GHSA-gmc6-fwg3-75m5: Mimekit has vulnerable dependency that can lead to denial of service

LumisXP versions 15.0.x through 16.1.x suffer from a cross site scripting vulnerability in XsltResultControllerHtml.jsp.

=====[ Tempest Security Intelligence - ADV-6/2024  
]==========================

LumisXP v15.0.x to v16.1.x

Author: Rodolfo Tavares

Tempest Security Intelligence - Recife, Pernambuco - Brazil

=====[ Table of Contents]==================================================  
 * Overview  
 * Detailed description  
 * Timeline of disclosure  
 * Thanks & Acknowledgements  
 * References

=====[ Vulnerability  
Information]=============================================  
 * Class: Improper Neutralization of Input During Web Page Generation  
('Cross-site Scripting')  
 ('Improper Neutralization of Input During Web Page Generation ('Cross-site  
Scripting')') [CWE-79]

 * CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N - 5.4

=====[ Overview]========================================================  
 * System affected : LumisXP  
 * Software Version : Version - v15.0.x to v16.1.x  
 * Impacts :  
 * Vulnerability: A cross-site scripting (XSS) vulnerability in the  
component XsltResultControllerHtml.jsp of Lumisxp v15.0.x to v16.1.x allows  
attackers to execute arbitrary web scripts or HTML via a crafted payload  
injected into the lumPageID parameter

=====[ Detailed  
description]=================================================  
* XSS [GET  
/portal/XsltResultControllerHtml.jsp?xslContent=&interfaceInstanceId=&lumPageId=%3cscript%3econfirm(1)%3c%2fscript%3e&xslContentFilePath=]:

1 - Send the link by inserting the XSS payload into the lumPageID=  
parameter.

```  
GET  
/portal/XsltResultControllerHtml.jsp?xslContent=&interfaceInstanceId=&lumPageId=%3cscript%3econfirm(1)%3c%2fscript%3e&xslContentFilePath=  
```  
2 - Verify that in the response your payload will be executed.

=====[ Timeline of  
disclosure]===============================================

 2/Apr/2024 - Responsible disclosure was initiated with the vendor.  
 12/Apr/2024 - LumisXP Support confirmed the issue;  
 16/Fev/2024 - The vendor fixed the vulnerability  
 29/May/2024 - CVEs was assigned and reserved as CVE-2024-33326

=====[ Thanks & Acknowledgements]========================================  
 * Tempest Security Intelligence [1]  
 * Rodolfo Tavares  
 * Niklas Correa

=====[ References ]=====================================================

 [1][ [https://cwe.mitre.org/data/definitions/79.html]  
 [2][ [https://www.tempest.com.br|https://www.tempest.com.br/]]  
 [3][Thanks Filipe X.]

=====[ EOF ]===========================================================  
--

-- 

*Esta mensagem é para uso exclusivo de seu destinatário e pode conter   
informações privilegiadas e confidenciais. Todas as informações aqui   
contidas devem ser tratadas como confidenciais e não devem ser divulgadas a   
terceiros sem o prévio consentimento por escrito da Tempest. Se você não é   
o destinatário não deve distribuir, copiar ou arquivar a mensagem. Neste   
caso, por favor, notifique o remetente da mesma e destrua imediatamente a   
mensagem.*

*  
*  
*This message is intended solely for the use of its   
addressee and may contain privileged or confidential information. All   
information contained herein shall be treated as confidential and shall not   
be disclosed to any third party without Tempest’s prior written approval.   
If you are not the addressee you should not distribute, copy or file this   
message. In this case, please notify the sender and destroy its contents   
immediately.**  
*  
*  
*

LumisXP 16.1.x Cross Site Scripting

LumisXP versions 15.0.x through 16.1.x suffer from a cross site scripting vulnerability in UrlAccessibilityEvaluation.jsp.

=====[ Tempest Security Intelligence - ADV-6/2024  
]==========================

LumisXP v15.0.x to v16.1.x

Author: Rodolfo Tavares

Tempest Security Intelligence - Recife, Pernambuco - Brazil

=====[ Table of Contents]==================================================  
 * Overview  
 * Detailed description  
 * Timeline of disclosure  
 * Thanks & Acknowledgements  
 * References

=====[ Vulnerability  
Information]=============================================  
 * Class: Improper Neutralization of Input During Web Page Generation  
('Cross-site Scripting')  
 ('Improper Neutralization of Input During Web Page Generation ('Cross-site  
Scripting')') [CWE-79]

 * CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N - 5.4

=====[ Overview]========================================================  
 * System affected : LumisXP  
 * Software Version : Version - v15.0.x to v16.1.x  
 * Impacts :  
 * Vulnerability: Lumisxp versions 15.0.x to 16.1.x have an unauthenticated  
XSS vulnerability in the UrlAccessibilityEvaluation.jsp page, specifically  
in the contentHtml parameter.

=====[ Detailed  
description]=================================================  
* XSS [GET  
/main.jsp?lumChannelId=00000000F00000000000000000000002&lumPageId=LumisBlankPage&lumRTI=lumis.service.doui.selectstructureelement.selectPage&pageId=%22%2c%20print()%2c%0d%22aaa  
]:

1 - Send the link by inserting the XSS payload into the contentHtml=  
parameter.

```  
GET  
/lumis/service/htmlevaluation/UrlAccessibilityEvaluation.jsp?contentHtml=%3cp%3e%3ci%20id%3d%22run-code-button%22%20lang%3d%22xml%22%20title%3d%22Run%20Code%20and%20See%20Output%22%3e%3c%2fi%3e%3c%2fp%3e%0a%0a%3cp%3e%3ci%20title%3d%22Light%20Mode%22%3e%3c%2fi%3e%3c%2fp%3e%0a%0a%3ctable%20border%3d%220%22%20cellpadding%3d%220%22%20cellspacing%3d%220mmdfn%26lt%3bscript%26gt%3balert(1)%26lt%3b%2fscript%26gt

```  
2 - Verify that in the response your payload will be executed.

=====[ Timeline of  
disclosure]===============================================

 2/Apr/2024 - Responsible disclosure was initiated with the vendor.  
 12/Apr/2024 - LumisXP Support confirmed the issue;  
 16/Fev/2024 - The vendor fixed the vulnerability  
 29/May/2024 - CVEs was assigned and reserved as CVE-2024-33327

=====[ Thanks & Acknowledgements]========================================  
 * Tempest Security Intelligence [1]  
 * Rodolfo Tavares  
 * Niklas Correa

=====[ References ]=====================================================

 [1][ [https://cwe.mitre.org/data/definitions/79.html]  
 [2][ [https://www.tempest.com.br|https://www.tempest.com.br/]]  
 [3][Thanks Filipe X.]

=====[ EOF ]===========================================================

--

-- 

*Esta mensagem é para uso exclusivo de seu destinatário e pode conter   
informações privilegiadas e confidenciais. Todas as informações aqui   
contidas devem ser tratadas como confidenciais e não devem ser divulgadas a   
terceiros sem o prévio consentimento por escrito da Tempest. Se você não é   
o destinatário não deve distribuir, copiar ou arquivar a mensagem. Neste   
caso, por favor, notifique o remetente da mesma e destrua imediatamente a   
mensagem.*

*  
*  
*This message is intended solely for the use of its   
addressee and may contain privileged or confidential information. All   
information contained herein shall be treated as confidential and shall not   
be disclosed to any third party without Tempest’s prior written approval.   
If you are not the addressee you should not distribute, copy or file this   
message. In this case, please notify the sender and destroy its contents   
immediately.**  
*  
*  
*

LumisXP versions 15.0.x through 16.1.x suffer from a cross site scripting vulnerability in main.jsp

=====[ Tempest Security Intelligence - ADV-6/2024  
]==========================

LumisXP v15.0.x to v16.1.x

Author: Rodolfo Tavares

Tempest Security Intelligence - Recife, Pernambuco - Brazil

=====[ Table of Contents]==================================================  
 * Overview  
 * Detailed description  
 * Timeline of disclosure  
 * Thanks & Acknowledgements  
 * References

=====[ Vulnerability  
Information]=============================================  
 * Class: Improper Neutralization of Input During Web Page Generation  
('Cross-site Scripting')  
 ('Improper Neutralization of Input During Web Page Generation ('Cross-site  
Scripting')') [CWE-79]

 * CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N - 5.4

=====[ Overview]========================================================  
 * System affected : LumisXP  
 * Software Version : Version - v15.0.x to v16.1.x  
 * Impacts :  
 * Vulnerability: A cross-site scripting (XSS) vulnerability in the  
component main.jsp of Lumisxp v15.0.x to v16.1.x allows attackers to  
execute arbitrary web scripts or HTML via a crafted payload injected into  
the pageId parameter.

=====[ Detailed  
description]=================================================  
* XSS [GET  
/main.jsp?lumChannelId=00000000F00000000000000000000002&lumPageId=LumisBlankPage&lumRTI=lumis.service.doui.selectstructureelement.selectPage&pageId=%22%2c%20print()%2c%0d%22aaa  
]:

1 - Send the link by inserting the XSS payload into the pageId= parameter.

```  
GET  
/main.jsp?lumChannelId=00000000F00000000000000000000002&lumPageId=LumisBlankPage&lumRTI=lumis.service.doui.selectstructureelement.selectPage&pageId=%22%2c%20print()%2c%0d%22aaa  
```  
2 - Verify that in the response your payload will be executed.

=====[ Timeline of  
disclosure]===============================================

 2/Apr/2024 - Responsible disclosure was initiated with the vendor.  
 12/Apr/2024 - LumisXP Support confirmed the issue;  
 16/Fev/2024 - The vendor fixed the vulnerability  
 29/May/2024 - CVEs was assigned and reserved as CVE-2024-33328

=====[ Thanks & Acknowledgements]========================================  
 * Tempest Security Intelligence [1]  
 * Rodolfo Tavares  
 * Niklas Correa

=====[ References ]=====================================================

 [1][ [https://cwe.mitre.org/data/definitions/79.html]  
 [2][ [https://www.tempest.com.br|https://www.tempest.com.br/]]  
 [3][Thanks Filipe X.]

=====[ EOF ]===========================================================

--

-- 

*Esta mensagem é para uso exclusivo de seu destinatário e pode conter   
informações privilegiadas e confidenciais. Todas as informações aqui   
contidas devem ser tratadas como confidenciais e não devem ser divulgadas a   
terceiros sem o prévio consentimento por escrito da Tempest. Se você não é   
o destinatário não deve distribuir, copiar ou arquivar a mensagem. Neste   
caso, por favor, notifique o remetente da mesma e destrua imediatamente a   
mensagem.*

*  
*  
*This message is intended solely for the use of its   
addressee and may contain privileged or confidential information. All   
information contained herein shall be treated as confidential and shall not   
be disclosed to any third party without Tempest’s prior written approval.   
If you are not the addressee you should not distribute, copy or file this   
message. In this case, please notify the sender and destroy its contents   
immediately.**  
*  
*  
*

LumisXP versions 15.0.x through 16.1.x have a hardcoded privileged identifier that allows attackers to bypass authentication and access internal pages and other sensitive information.

=====[ Tempest Security Intelligence - ADV-6/2024  
]==========================

LumisXP v15.0.x to v16.1.x

Author: Rodolfo Tavares

Tempest Security Intelligence - Recife, Pernambuco - Brazil

=====[ Table of Contents]==================================================

Overview  
Detailed description  
Timeline of disclosure  
Thanks & Acknowledgements  
References  
=====[ Vulnerability  
Information]=============================================

Class: Use of Hard-coded Credentials  
('Use of Hard-coded Credentials') [CWE-798]  
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - 5.3  
=====[ Overview]========================================================

System affected : LumisXP  
Software Version : Version - v15.0.x to v16.1.x  
Impacts :  
Vulnerability: A hardcoded privileged ID within Lumisxp v15.0.x to v16.1.x  
allows attackers to bypass authentication and access internal pages and  
other sensitive information  
=====[ Detailed  
description]=================================================

IDOR  
http://localhost.com/main.jsp?lumChannelId=00000000F00000000000000000000002&lumPageId=LumisBlankPage&lumRTI=lumis.service.doui.selectstructureelement.selectPage&pageId=  
:  
Access the link by inserting the GUID into the lumChannelId= parameter.  
1 - Access your target using the following GUID (  
00000000F00000000000000000000002 )  
```  
http://localhost.com/main.jsp?lumChannelId=00000000F00000000000000000000002&lumPageId=LumisBlankPage&lumRTI=lumis.service.doui.selectstructureelement.selectPage&pageId=  
```  
2 - Verify that in the request response you will have access to various  
component information and internal information about one or several domains.

=====[ Timeline of  
disclosure]===============================================

2/Apr/2024 - Responsible disclosure was initiated with the vendor.  
12/Apr/2024 - LumisXP Support confirmed the issue;  
16/Fev/2024 - The vendor fixed the vulnerability  
29/May/2024 - CVEs was assigned and reserved as CVE-2024-33329

=====[ Thanks & Acknowledgements]========================================

Tempest Security Intelligence [1]  
Rodolfo Tavares  
Niklas Correa  
=====[ References ]=====================================================

[1][ https://cwe.mitre.org/data/definitions/798.html  
[2][ https://www.tempest.com.br]  
[3][Thanks Filipe X.]

=====[ EOF ]===========================================================

--

-- 

*Esta mensagem é para uso exclusivo de seu destinatário e pode conter   
informações privilegiadas e confidenciais. Todas as informações aqui   
contidas devem ser tratadas como confidenciais e não devem ser divulgadas a   
terceiros sem o prévio consentimento por escrito da Tempest. Se você não é   
o destinatário não deve distribuir, copiar ou arquivar a mensagem. Neste   
caso, por favor, notifique o remetente da mesma e destrua imediatamente a   
mensagem.*

*  
*  
*This message is intended solely for the use of its   
addressee and may contain privileged or confidential information. All   
information contained herein shall be treated as confidential and shall not   
be disclosed to any third party without Tempest’s prior written approval.   
If you are not the addressee you should not distribute, copy or file this   
message. In this case, please notify the sender and destroy its contents   
immediately.**  
*  
*  
*

LumisXP 16.1.x Hardcoded Credentials / IDOR

Debian Linux Security Advisory 5728-1 - Phillip Szelat discovered that Exim, a mail transport agent, does not properly parse a multiline RFC 2231 header filename, allowing a remote attacker to bypass a $mime_filename based extension-blocking protection mechanism.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5728-1                   security@debian.orghttps://www.debian.org/security/                     Salvatore BonaccorsoJuly 10, 2024                         https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : exim4CVE ID         : CVE-2024-39929Debian Bug     : 1075785Phillip Szelat discovered that Exim, a mail transport agent, does notproperly parse a multiline RFC 2231 header filename, allowing a remoteattacker to bypass a $mime_filename based extension-blocking protectionmechanism.For the oldstable distribution (bullseye), this problem has been fixedin version 4.94.2-7+deb11u3.For the stable distribution (bookworm), this problem has been fixed inversion 4.96-15+deb12u5.We recommend that you upgrade your exim4 packages.For the detailed security status of exim4 please refer to its securitytracker page at:https://security-tracker.debian.org/tracker/exim4Further information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmaO7kFfFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xNDz0SQbQ//Xf0lnD7yltYNVPwznIlXWJYasQQUgq7B5s9p9djogOnGK1W8fHS4m5g77nk4P7mI6YeYp2LZ3uOll4WhqRDes7UtCIKYq18vs8PqljoWusvg1Ay8UPp8q8lZria6PTz3I0baMIzLtEilNNC2NYHwuS04wfs/7g6Rih/bzTRCJcUKa8tUtXVv7/7/WCnWDOcSIuNFBX7aOeO+PNlSCo/Cc2ku/6e4HOsGR1Y6P2moWYhSZ+xOuP/lphxPIxMzzRjIZ7f9yUtoiajpTcZ2w6pCSGYs9WVsFyeajXiI5ZQjSF5iMs6W/9/ZcF8oLf6ZPZxOt/hp1zfTL1UwQCacjMV6ZrGzjL1kXVwkFywc9xlEu6zgGApEi9pIAL9kyOT7RaU4UCJg5DMotNwlQaVop8X8NbKEFA1MBlDnVK/1I0zyPb3cOQjOT13kj0hr+RX9o7icU6X0G1BW2rMLrAFZZsTkRPkp6wH66zoXywfgNdk9u06sL4GrXUNAtU1jLvttKCiArpYQ1R3bEcq0SZPCiPXOQglwXRP0+lOnyvbnm7H+gq8qdhyp8AqELxcn7W1PuvGD02p16cyYZLRX7QwooJQ2xu6ZF8pgWOUts4H5nacXLg6YR/eK53SGgGHT9BNJzodKqmh72z1fdzpOeo7WhjQk29+/NEUipZ6aqQi/4wGpuTU==gyDE-----END PGP SIGNATURE-----

Debian Security Advisory 5728-1

Red Hat Security Advisory 2024-4505-03 - Moderate: An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Issues addressed include a denial of service vulnerability.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_4505.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Moderate: Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update (RHBQ 3.8.5.GA)  
Advisory ID:        RHSA-2024:4505-03  
Product:            Red Hat Build of Apache Camel  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:4505  
Issue date:         2024-07-11  
Revision:           03  
CVE Names:          CVE-2024-29857  
====================================================================

Summary: 

Moderate: An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.5.GA).  
The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products.

Description:

An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.5.GA).  
The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products:  
* CVE-2024-29857 org.bouncycastle:bcprov-jdk18on: org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service  
* CVE-2024-30172 org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class  
* CVE-2024-30171 org.bouncycastle-bcprov-jdk18on: bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)

Solution:

CVEs:

CVE-2024-29857

References:

https://access.redhat.com/security/updates/classification/#moderate  
https://access.redhat.com/security/cve/CVE-2024-29857  
https://access.redhat.com/security/cve/CVE-2024-30172  
https://access.redhat.com/security/cve/CVE-2024-30171  
https://bugzilla.redhat.com/show_bug.cgi?id=2276360  
https://bugzilla.redhat.com/show_bug.cgi?id=2293025  
https://bugzilla.redhat.com/show_bug.cgi?id=2293028

Red Hat Security Advisory 2024-4505-03

Red Hat Security Advisory 2024-4504-03 - An update for httpd is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a HTTP response splitting vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_4504.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: httpd security updateAdvisory ID:        RHSA-2024:4504-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:4504Issue date:         2024-07-11Revision:           03CVE Names:          CVE-2023-27522====================================================================Summary: An update for httpd is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.Security Fix(es):* httpd: mod_proxy_uwsgi HTTP response splitting (CVE-2023-27522)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-27522References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2176211

Tag

#js