Gentoo Linux Security Advisory 202310-20 - A vulnerability has been discovered in rxvt-unicode where data written to the terminal can lead to code execution. Versions greater than or equal to 9.30 are affected.

Gentoo Linux Security Advisory 202310-20

Gentoo Linux Security Advisory 202310-19 - A vulnerability has been discovered in Dovecot that can lead to a privilege escalation when master and non-master passdbs are used. Versions greater than or equal to 2.3.19.1-r1 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202310-19  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: Dovecot: Privilege Escalation  
     Date: October 30, 2023  
     Bugs: #856733  
       ID: 202310-19

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

A vulnerability has been discovered in Dovecot that can lead to a  
privilege escalation when master and non-master passdbs are used.

Background  
==========

Dovecot is an open source IMAP and POP3 email server.

Affected packages  
=================

Package           Vulnerable     Unaffected  
----------------  -------------  --------------  
net-mail/dovecot  < 2.3.19.1-r1  >= 2.3.19.1-r1

Description  
===========

A vulnerability has been discovered in Dovecot. Please review the CVE  
identifier referenced below for details.

Impact  
======

When two passdb configuration entries exist in Dovecot configuration,  
which have the same driver and args settings, the incorrect  
username_filter and mechanism settings can be applied to passdb  
definitions. These incorrectly applied settings can lead to an  
unintended security configuration and can permit privilege escalation  
with certain configurations involving master user authentication.

Dovecot documentation does not advise against the use of passdb  
definitions which have the same driver and args settings. One such  
configuration would be where an administrator wishes to use the same pam  
configuration or passwd file for both normal and master users but use  
the username_filter setting to restrict which of the users is able to be  
a master user.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All Dovecot users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=net-mail/dovecot-2.3.19.1-r1"

References  
==========

[ 1 ] CVE-2022-30550  
      https://nvd.nist.gov/vuln/detail/CVE-2022-30550

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202310-19

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2023 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202310-19

Debian Linux Security Advisory 5538-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5538-1                   security@debian.org  
https://www.debian.org/security/                       Moritz Muehlenhoff  
October 27, 2023                      https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : thunderbird  
CVE ID         : CVE-2023-5721 CVE-2023-5724 CVE-2023-5725 CVE-2023-5728   
                 CVE-2023-5730 CVE-2023-5732

Multiple security issues were discovered in Thunderbird, which could  
result in denial of service or the execution of arbitrary code.

For the oldstable distribution (bullseye), these problems have been fixed  
in version 1:115.4.1-1~deb11u1.

For the stable distribution (bookworm), these problems have been fixed in  
version 1:115.4.1-1~deb12u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmU8/MIACgkQEMKTtsN8  
TjYydw/5AYVlXQCfZjiLfnVEk+KVVib53rJGc+eR3QtpcpzO6l73fPgRKWbBylM1  
GEwu8ua6NxQ8rk2SEfA9QFwRj3EE3OBVIDOMNA7RO+UNWYqHtYYHZiif73q/7Y12  
k3gvdKpAZny67bFYSSTxu1Y0yTGmZu0HdIbIc46pfu6kdqJFvqabskEDRZ+IKKOD  
dLdbJ48xY5GjmLaqJ4YX0Mm8x9CO9ILrCjkqjnwz+D/5Tpafue3+tQscJ276eMbw  
qCGlEctLX5HywcpL3W5mSWnLwZZpoOjYdTKyJDW+hTMNTFUqsuoZDylbqiUdxBjU  
ZRenTXMjKOCFATjD3vkJHF6eGZzYIhE92fTmlBeF+j40xbGXW7nq+F4XLl7gtziC  
YzbGxXgG4tvChrt56iMaixt80axt5wVosc2mx+7m+u6aD+ulNKHh0bKP6dchEATY  
stomlKurwR45IyrBdq7EhppUkObV3tpUm7b6h/3LK2wbI2OUwl2lz8wRNXNct04Z  
75LfgyYQE/Mkcffay3IL1Ej7qBq7u8URxmvYXJ9OO148ihJTCdv7qYI9w/ltSB9s  
gW76DXOoW+9t6RSCP7ftCsx2QEW5sdq0V4tTptIlEuAFJ29ORoQ1xDyc4bQlvqWn  
lLO1vbZmk2iZfEzg6JYX9ceG6AL4HY8sHDe1TlcUEOyVsB89obg=  
=IfPw  
-----END PGP SIGNATURE-----

Debian Security Advisory 5538-1

Debian Linux Security Advisory 5537-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in bypass of sandbox restrictions or denial of service.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5537-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffOctober 27, 2023                      https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : openjdk-11CVE ID         : CVE-2023-22067 CVE-2023-22081Several vulnerabilities have been discovered in the OpenJDK Java runtime,which may result in bypass of sandbox restrictions or denial of service.For the oldstable distribution (bullseye), these problems have been fixedin version 11.0.21+9-1~deb11u1.We recommend that you upgrade your openjdk-11 packages.For the detailed security status of openjdk-11 please refer toits security tracker page at:https://security-tracker.debian.org/tracker/openjdk-11Further information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmU74DgACgkQEMKTtsN8Tjbrug/+K+/T0ydiyOhIQ/4s4rrQr2YBx0miVGaBTFjuAEw/YduTbIT4eLsJsWOZeQ2dg2ZkIFtW1Ngs7QUaA7WgAjgAu7tnW90rZYFiQalcxPlwAmnSWZSYM9SSaW9p/AHARm8uSQ0YKjlnskCEDVXODVggzOQLpvVF2oA8MA+1Rtb6hnl1W4u+IDXvhXCZzniKheuAe/G9iz0nY8wHgEVNfIc1KO+MKFyD8Z655kH8qgGuMcyORGYDFDX4l6luorc/dA15dr90pokg0TD/2L2dIbkEsj0zOePzU6yZsYTBgQ878Y8gdJnCirpSS/ZaCKWAOSX+fARW+wVUsscvpUh/TcDyHEKh8EjA05ahaiqp6/gvScz8H9rbebYw32glFEu89JMgfDLAI137YLqkfOWhLIKvCzZ+u+drpg7Hf0yjDU0dPWWzc0KHd/asClDxyec5N5zlDCI7eGvY2zxH0TsGqiyed2GVTPi1TR3FWRRvlCC1uKiZF9vdmQZTubDzqpjR7gGbVIyGfn6lYDOxqhOTq7ftoJ3+BjCBxuaxZmHBtw2QzQCb8pJalQj1D2IgqsMBAt92pdD+3DyXjEYnFHNRr330uDiVg2ZeadatRkm+VwiI+pJGwkl+1Xrom1Mg2SQkeNtiY5IO3lGAjIhU8b0TkbrgdMoM3j0zI4dQkX8+BRV5YKM==UEly-----END PGP SIGNATURE-----

Debian Security Advisory 5537-1

Gentoo Linux Security Advisory 202310-18 - Multiple vulnerabilities have been discovered in Rack, the worst of which can lead to sequence injection in logging components. Versions greater than or equal to 2.2.3.1 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202310-18  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High  
    Title: Rack: Multiple Vulnerabilities  
     Date: October 30, 2023  
     Bugs: #884795  
       ID: 202310-18

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been discovered in Rack, the worst of  
which can lead to sequence injection in logging compontents.

Background  
==========

Rack is a modular Ruby web server interface.

Affected packages  
=================

Package        Vulnerable    Unaffected  
-------------  ------------  ------------  
dev-ruby/rack  < 2.2.3.1     >= 2.2.3.1

Description  
===========

Multiple vulnerabilities have been discovered in Rack. Please review the  
CVE identifiers referenced below for details.

Impact  
======

A possible denial of service vulnerability was found in the multipart  
parsing component of Rack.

A sequence injection vulnerability was found which could allow a  
possible shell escape in the Lint and CommonLogger components of Rack.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All Rack users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=dev-ruby/rack-2.2.3.1"

References  
==========

[ 1 ] CVE-2022-30122  
      https://nvd.nist.gov/vuln/detail/CVE-2022-30122  
[ 2 ] CVE-2022-30123  
      https://nvd.nist.gov/vuln/detail/CVE-2022-30123

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202310-18

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2023 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202310-18

Gentoo Linux Security Advisory 202310-17 - Multiple vulnerabilities have been discovered in UnZip, the worst of which could lead to code execution. Versions greater than or equal to 6.0_p27 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202310-17  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High  
    Title: UnZip: Multiple Vulnerabilities  
     Date: October 30, 2023  
     Bugs: #831190  
       ID: 202310-17

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been discovered in UnZip, the worst of  
which could lead to code execution.

Background  
==========

Info-ZIP’s UnZip is a tool to list and extract files inside PKZIP  
compressed files.

Affected packages  
=================

Package         Vulnerable    Unaffected  
--------------  ------------  ------------  
app-arch/unzip  < 6.0_p27     >= 6.0_p27

Description  
===========

Multiple vulnerabilities have been discovered in UnZip. Please review  
the CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All UnZip users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=app-arch/unzip-6.0_p27"

References  
==========

[ 1 ] CVE-2022-0529  
      https://nvd.nist.gov/vuln/detail/CVE-2022-0529  
[ 2 ] CVE-2022-0530  
      https://nvd.nist.gov/vuln/detail/CVE-2022-0530

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202310-17

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2023 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202310-17

Red Hat Security Advisory 2023-6022-01 - An update for the varnish:6 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include a denial of service vulnerability.

    The following data is constructed from data provided by Red Hat's json file at:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_6022.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: varnish:6 security updateAdvisory ID:        RHSA-2023:6022-01Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:6022Issue date:         2023-10-27Revision:           01CVE Names:          CVE-2023-44487====================================================================Summary: An update for the varnish:6 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up.Security Fix(es):* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-44487References:https://access.redhat.com/security/updates/classification/#importanthttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003

Red Hat Security Advisory 2023-6022-01

Red Hat Security Advisory 2023-6021-01 - An update for the varnish:6 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a denial of service vulnerability.

    The following data is constructed from data provided by Red Hat's json file at:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_6021.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: varnish:6 security updateAdvisory ID:        RHSA-2023:6021-01Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:6021Issue date:         2023-10-27Revision:           01CVE Names:          CVE-2023-44487====================================================================Summary: An update for the varnish:6 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up.Security Fix(es):* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-44487References:https://access.redhat.com/security/updates/classification/#importanthttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003

Red Hat Security Advisory 2023-6021-01

Red Hat Security Advisory 2023-5992-01 - An update for the python27:2.7 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a bypass vulnerability.

    The following data is constructed from data provided by Red Hat's json file at:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5992.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: python27:2.7 security updateAdvisory ID:        RHSA-2023:5992-01Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:5992Issue date:         2023-10-23Revision:           01CVE Names:          CVE-2023-40217====================================================================Summary: An update for the python27:2.7 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for MySQL and PostgreSQL.Security Fix(es):* python: TLS handshake bypass (CVE-2023-40217)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-40217References:https://access.redhat.com/security/updates/classification/#important

Red Hat Security Advisory 2023-5992-01

An issue was discovered in the Linux kernel through 6.5.9. During a race with SQ thread exit, an io_uring/fdinfo.c io_uring_show_fdinfo NULL pointer dereference can occur.

**Commit**

Permalink

Browse files

Browse the repository at this point in the history

io\_uring/fdinfo: lock SQ thread while retrieving thread cpu/pid

We could race with SQ thread exit, and if we do, we'll hit a NULL pointer
dereference when the thread is cleared. Grab the SQPOLL data lock before
attempting to get the task cpu and pid for fdinfo, this ensures we have a
stable view of it.

Cc: stable@vger.kernel.org
Link: https://bugzilla.kernel.org/show\_bug.cgi?id=218032
Reviewed-by: Gabriel Krisman Bertazi <krisman@suse.de>
Signed-off-by: Jens Axboe <axboe@kernel.dk>

*   Loading branch information

Tag

#linux