Red Hat Security Advisory 2024-1060-03 - An update for python-pillow is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a code execution vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1060.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: python-pillow security updateAdvisory ID:        RHSA-2024:1060-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:1060Issue date:         2024-02-29Revision:           03CVE Names:          CVE-2023-50447====================================================================Summary: An update for python-pillow is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities.Security Fix(es):* pillow:Arbitrary Code Execution via the environment parameter (CVE-2023-50447)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-50447References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2259479

Red Hat Security Advisory 2024-1060-03

Red Hat Security Advisory 2024-1059-03 - An update for python-pillow is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include a code execution vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1059.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: python-pillow security updateAdvisory ID:        RHSA-2024:1059-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:1059Issue date:         2024-02-29Revision:           03CVE Names:          CVE-2023-50447====================================================================Summary: An update for python-pillow is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities.Security Fix(es):* pillow:Arbitrary Code Execution via the environment parameter (CVE-2023-50447)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-50447References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2259479

Red Hat Security Advisory 2024-1059-03

Red Hat Security Advisory 2024-1058-03 - An update for python-pillow is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a code execution vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1058.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: python-pillow security updateAdvisory ID:        RHSA-2024:1058-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:1058Issue date:         2024-02-29Revision:           03CVE Names:          CVE-2023-50447====================================================================Summary: An update for python-pillow is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities.Security Fix(es):* pillow:Arbitrary Code Execution via the environment parameter (CVE-2023-50447)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-50447References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2259479

Red Hat Security Advisory 2024-1058-03

Red Hat Security Advisory 2024-1057-03 - An update is now available for Red Hat Ansible Automation Platform 2.4. Issues addressed include crlf injection and denial of service vulnerabilities.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1057.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update  
Advisory ID:        RHSA-2024:1057-03  
Product:            Red Hat Ansible Automation Platform  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:1057  
Issue date:         2024-02-29  
Revision:           03  
CVE Names:          CVE-2022-40896  
====================================================================

Summary: 

An update is now available for Red Hat Ansible Automation Platform 2.4.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.

Security Fix(es):

* automation-eda-controller / ansible-rulebook / ansible-automation-platform-installer: Insecure websocket used when interacting with EDA server (CVE-2024-1657)

* python3-django/python39-django: denial-of-service in 'intcomma' template filter (CVE-2024-24680)

* python3-jinja2/python39-jinja2: HTML attribute injection when passing user input as keys to xmlattr filter (CVE-2024-22195)

* python3-aiohttp/python39-aiohttp: CRLF injection if user controls the HTTP method using aiohttp client (CVE-2023-49082)

* python3-aiohttp/python39-aiohttp: HTTP request modification (CVE-2023-49081)

* python3-aiohttp/python39-aiohttp: numerous issues in HTTP parser with header parsing (CVE-2023-47627)

* python3-pycryptodomex/python39-pycryptodomex: side-channel leakage for OAEP decryption in PyCryptodome and pycryptodomex (CVE-2023-52323)

* python3-pillow/python39-pillow: uncontrolled resource consumption when textlength in an ImageDraw instance operates on a long text argument (CVE-2023-44271)

* python3-pygments/python39-pygments: ReDoS in pygments (CVE-2022-40896)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Updates and fixes for automation controller:  
* automation-controller has been updated to 4.5.2  
* Enabled HashiCorp Vault LDAP and Userpass authentication (AAP-19842)

Updates and fixes for automation hub:  
* automation-hub and python3-galaxy-ng/python39-galaxy-ng have been updated to 4.9.1  
* various dependencies have been updated

Updates and fixes for Event-Driven Ansible:  
* automation-eda-controller has been updated to 1.0.5  
* various dependencies have been updated  
* Fixed a vulnerability that allowed command line injections in user and url fields for projects (AAP-17778)  
* The communication between the activations and eda-server is now authenticated. Once EDA Controller is upgraded, all the existing running activations must be restarted with upgraded Decision Environment images (AAP-17619)  
* Removed 409 conflict error when enabling an activation (AAP-16305)  
* An activation status did not change to failed when an internal error occurred (AAP-16014)  
* Restarting the EDA server can cause activation states to become stale (AAP-13064)  
* RHEL 9.2 activations can not connect to the host (AAP-12929)  
* Added podman_containers_conf_logs_max_size variable to control max log size for podman installations with a default value of 10 MiB (AAP-12295)

Note: The 2.4-6 installer/setup should be used to update Event-Driven Ansible to 1.0.5

Updates and fixes for installer and setup:  
* Added podman_containers_conf_logs_max_size variable for containers.conf to control max log size for podman installations with a default value of 10 MiB (AAP-19775)  
* EDA debug flag of false will now correctly disable django debug mode (AAP-19577)  
* installer and setup have been updated to 2.4-6

Additional changes:  
* ansible-builder has been updated to 3.0.1  
* ansible-runner has been updated to 2.3.5  
* ansible-dev-tools has been added

For more details about the updates and fixes included in this release, refer to the Release Notes.

Solution:

CVEs:

CVE-2022-40896

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2247820  
https://bugzilla.redhat.com/show_bug.cgi?id=2249825  
https://bugzilla.redhat.com/show_bug.cgi?id=2251643  
https://bugzilla.redhat.com/show_bug.cgi?id=2252235  
https://bugzilla.redhat.com/show_bug.cgi?id=2252248  
https://bugzilla.redhat.com/show_bug.cgi?id=2257028  
https://bugzilla.redhat.com/show_bug.cgi?id=2257854  
https://bugzilla.redhat.com/show_bug.cgi?id=2261856  
https://bugzilla.redhat.com/show_bug.cgi?id=2265085

Red Hat Security Advisory 2024-1057-03

Red Hat Security Advisory 2024-1055-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a privilege escalation vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1055.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: kpatch-patch security updateAdvisory ID:        RHSA-2024:1055-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:1055Issue date:         2024-02-29Revision:           03CVE Names:          CVE-2023-6546====================================================================Summary: An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.Security Fix(es):* kernel: GSM multiplexing race condition leads to privilege escalation (CVE-2023-6546)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-6546References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2255498

Red Hat Security Advisory 2024-1055-03

Red Hat Security Advisory 2024-1041-03 - An update for go-toolset-1.19-golang is now available for Red Hat Developer Tools. Issues addressed include a denial of service vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1041.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: go-toolset-1.19-golang security updateAdvisory ID:        RHSA-2024:1041-03Product:            Red Hat Developer ToolsAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:1041Issue date:         2024-02-29Revision:           03CVE Names:          CVE-2023-39326====================================================================Summary: An update for go-toolset-1.19-golang is now available for Red Hat Developer Tools.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.Security Fix(es):* golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests (CVE-2023-39326)* golang: cmd/go: Protocol Fallback when fetching modules (CVE-2023-45285)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-39326References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2253323https://bugzilla.redhat.com/show_bug.cgi?id=2253330

Red Hat Security Advisory 2024-1041-03

Debian Linux Security Advisory 5634-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256- -------------------------------------------------------------------------Debian Security Advisory DSA-5634-1                   security@debian.orghttps://www.debian.org/security/                           Andres SalomonFebruary 28, 2024                     https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : chromiumCVE ID         : CVE-2024-1938 CVE-2024-1939Multiple security issues were discovered in Chromium, which could resultin the execution of arbitrary code, denial of service or informationdisclosure.For the stable distribution (bookworm), this problem has been fixed inversion 122.0.6261.94-1~deb12u1.We recommend that you upgrade your chromium packages.For the detailed security status of chromium please refer toits security tracker page at:https://security-tracker.debian.org/tracker/chromiumFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCAAdFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmXfhAcACgkQZF0CR8Nudjfb1g/9H3MTUe56oMfSFIxki7qRpyzRcYvSVgJ79T3fX5t9+s9mEtyPa3z2rZFoI4+0VHnUOxEyRdsmd+hjrCr5gl2UW7NjkAczVLNjJ57TRtP0//81L5CjZXKPA/uJMTftRbdoKJG4+nC/G7dgwmxEq8bTjXZ4qvKTmEn6LlUuoxfwp1PS+r7d0MEHFSLQNh/wBUNGYshhGSWkMG18LV0+V/7tQeXvj2SgQCjJuhIm8hFcgwxAFZgCcLnNLfVFI/85GojBUpCPk7jo9A/n0GHoEQNdN/piddYbYrRWeiA+1xnEJb0DdXW7HFOIgb3NUXn4F7QpAVxxi4iZ5cSZCASzzvRl5bhj+JPl309GlhY/QLU1sXF5KES5Y21pi2uioKwZOFkuiTTuyYW9w6NAP8U0CdPgqWNsPQEbbWP5eRHWTQRIiurZ03tb+boyMUXfgdm6NxnU8Z/vmJhiSk9bYC4ZX8h25ukaGT1TTka+9Zo8Mpu7AClVDkKSzn/ybn+gbw7omtl3GLX+bdJEuTKAJTyxKhsb9emAtyBSlr14zT5eNg2RnSx35Xu+0axyX3WUKL57PBqT4k6L+5MMKutwW7CEPHpuSk1paEmw9fw0k3dlhbc26Jg5s5WHyKlUM12AuEI9FBybZM22QneUvVFN3EosxCOQGT+MvU7atVMh+Xzp2LW+20U==iYsy-----END PGP SIGNATURE-----

Debian Security Advisory 5634-1

Red Hat Security Advisory 2024-1027-03 - An update is now available for MTA-6.2-RHEL-8 and MTA-6.2-RHEL-9. Issues addressed include XML injection and denial of service vulnerabilities.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1027.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Moderate: Migration Toolkit for Applications security update  
Advisory ID:        RHSA-2024:1027-03  
Product:            Migration Toolkit for Applications  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:1027  
Issue date:         2024-02-28  
Revision:           03  
CVE Names:          CVE-2022-1962  
====================================================================

Summary: 

An update is now available for MTA-6.2-RHEL-8 and MTA-6.2-RHEL-9.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Migration Toolkit for Applications 

Security Fix(es):

* golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)

* jettison:  If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)

* apache-ivy: XML External Entity vulnerability (CVE-2022-46751)

* jettison: Uncontrolled Recursion in JSONArray (CVE-2023-1436)

* guava: insecure temporary directory creation (CVE-2023-2976)

* follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse() (CVE-2023-26159)

* golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)

* golang: crypto/tls: slow verification of certificate chains containing large RSA keys (CVE-2023-29409)

* jackson-databind: denial of service via cylic dependencies (CVE-2023-35116)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2022-1962

References:

https://access.redhat.com/security/updates/classification/#moderate  
https://bugzilla.redhat.com/show_bug.cgi?id=2107376  
https://bugzilla.redhat.com/show_bug.cgi?id=2155970  
https://bugzilla.redhat.com/show_bug.cgi?id=2182788  
https://bugzilla.redhat.com/show_bug.cgi?id=2215214  
https://bugzilla.redhat.com/show_bug.cgi?id=2215229  
https://bugzilla.redhat.com/show_bug.cgi?id=2222167  
https://bugzilla.redhat.com/show_bug.cgi?id=2228743  
https://bugzilla.redhat.com/show_bug.cgi?id=2233112  
https://bugzilla.redhat.com/show_bug.cgi?id=2256413  
https://issues.redhat.com/browse/MTA-87

Red Hat Security Advisory 2024-1027-03

The json-jwt (aka JSON::JWT) gem 1.16.3 for Ruby sometimes allows bypass of identity checks via a sign/encryption confusion attack. For example, JWE can sometimes be used to bypass JSON::JWT.decode.

GHSA-c8v6-786g-vjx6: json-jwt allows bypass of identity checks via a sign/encryption confusion attack

Ubuntu Security Notice 6667-1 - It was discovered that Cpanel-JSON-XS incorrectly decoded certain data. A remote attacker could use this issue to cause Cpanel-JSON-XS to crash, resulting in a denial of service, or possibly obtain sensitive information.

    ==========================================================================Ubuntu Security Notice USN-6667-1February 28, 2024libcpanel-json-xs-perl vulnerability==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTS- Ubuntu 20.04 LTSSummary:Cpanel-JSON-XS could be made to crash or expose information if itprocessed specially crafted data.Software Description:- libcpanel-json-xs-perl: module for fast and correct serialising to JSONDetails:It was discovered that Cpanel-JSON-XS incorrectly decoded certain data. Aremote attacker could use this issue to cause Cpanel-JSON-XS to crash,resulting in a denial of service, or possibly obtain sensitive information.Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTS:   libcpanel-json-xs-perl          4.27-1ubuntu0.1Ubuntu 20.04 LTS:   libcpanel-json-xs-perl          4.19-1ubuntu0.1In general, a standard system update will make all the necessary changes.References:   https://ubuntu.com/security/notices/USN-6667-1   CVE-2022-48623Package Information:   https://launchpad.net/ubuntu/+source/libcpanel-json-xs-perl/4.27-1ubuntu0.1   https://launchpad.net/ubuntu/+source/libcpanel-json-xs-perl/4.19-1ubuntu0.1

Tag

#js