Red Hat Security Advisory 2024-10703-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include bypass, cross site scripting, and spoofing vulnerabilities.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10703.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: thunderbird security update  
Advisory ID:        RHSA-2024:10703-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:10703  
Issue date:         2024-12-03  
Revision:           03  
CVE Names:          CVE-2024-11159  
====================================================================

Summary: 

An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

Security Fix(es):

* thunderbird: Potential disclosure of plaintext in OpenPGP encrypted message (CVE-2024-11159)

* firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shims (CVE-2024-11694)

* firefox: thunderbird: Unhandled Exception in Add-on Signature Verification (CVE-2024-11696)

* firefox: thunderbird: Select list elements could be shown over another site (CVE-2024-11692)

* firefox: thunderbird: Memory safety bugs fixed in Firefox 133, Thunderbird 133, Firefox ESR 128.5, and Thunderbird 128.5 (CVE-2024-11699)

* firefox: thunderbird: URL Bar Spoofing via Manipulated Punycode and Whitespace Characters (CVE-2024-11695)

* firefox: thunderbird: Improper Keypress Handling in Executable File Confirmation Dialog (CVE-2024-11697)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2024-11159

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2325896  
https://bugzilla.redhat.com/show_bug.cgi?id=2328941  
https://bugzilla.redhat.com/show_bug.cgi?id=2328943  
https://bugzilla.redhat.com/show_bug.cgi?id=2328946  
https://bugzilla.redhat.com/show_bug.cgi?id=2328947  
https://bugzilla.redhat.com/show_bug.cgi?id=2328948  
https://bugzilla.redhat.com/show_bug.cgi?id=2328950

Red Hat Security Advisory 2024-10703-03

AppleAVD has an issue where a large OBU size in AV1_Syntax::Parse_Header reading can lead to out-of-bounds reads.

AppleAVD AV1_Syntax::Parse_Header Out-Of-Bounds Reads

AppleAVD has an issue in AV1_Syntax::f leading to out-of-bounds reads.

AppleAVD AV1_Syntax::f Out-Of-Bounds Reads

AppleAVD has an integer underflow in AV1_Syntax::Parse_Header that can lead to out-of-bounds reads.

AppleAVD AV1_Syntax::Parse_Header Integer Underflow / Out-Of-Bounds Reads

Debian Linux Security Advisory 5822-1 - It was discovered that in SimpleSAMLphp, an implementation of the SAML 2.0 protocol, is prone to a XXE vulnerability when loading an (untrusted) XML document.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5822-1                   security@debian.orghttps://www.debian.org/security/                     Salvatore BonaccorsoDecember 02, 2024                     https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : simplesamlphpCVE ID         : CVE-2024-52596It was discovered that in SimpleSAMLphp, an implementation of the SAML2.0 protocol, is prone to a XXE vulnerability when loading an(untrusted) XML document.For the stable distribution (bookworm), this problem has been fixed inversion 1.19.7-1+deb12u1.We recommend that you upgrade your simplesamlphp packages.For the detailed security status of simplesamlphp please refer to itssecurity tracker page at:https://security-tracker.debian.org/tracker/simplesamlphpFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmdNx7dfFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xNDz0Ramw//R//UPGNKlLuKl+WKnQgmgGaI41VEE+Ny4juiPNpHDfB1xlQLO/QyrALMtolILT6yeCgYP7nYUj5iEWaEP04iAa8xZyt1dQyCBmHPWrRhGPD0fB2Ne1dC6xujjHWFyQ/j26It23Vuogp8I/Kh1EdMYfDP4heSaPQlL6hMrj+tMMCfIZfmrVgFAVSFVNtWFbmkidySw8rGtNKr5rv8DCPyxGZWGIFNsog4IbQ/9F01eovIdAbVMANKmj0Anw9BjH9eXK38CPvhUmewT/l7WPcMyhav9yQtE/OxMilIiCTT3BOlO+kdUmdfk0jr6+Q57mmdQR7CYM4eAjXeDg7akyquhT+L/x0zNZl25bA/E2XMkQwxBnzV5KU3Z8WjBXXirbkIjHkwPAKrZCOv75ryYL2WKj5yT6KaLAx7KMqq5OQPFAOAD/3/0llsT9vQyTBk0f5MaTjZ4mIRIcsSD5Vu4QgaaZXH1FLlKK6ykcZ2QHGNdGYkRmfP2YdTcK5s8rReoIUSaclhlz3rKS+lv5WrbOQbcOvtpq+squIFqD0rRGA9r4dN/g0mGu6Uh/fY7xmkE9Ell5Lkg2LUwsOpsx/AvO1QOPJhxUcqYtko8sC8waC3TAlYOeBycWQk5aFeDPpgzs7JoZLfZB2hIsjD4QLe/Kavp06JCwIcHDzlnwJ7RaZ/cYE==5GGL-----END PGP SIGNATURE-----

Debian Security Advisory 5822-1

Debian Linux Security Advisory 5821-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5821-1                   security@debian.org  
https://www.debian.org/security/                       Moritz Muehlenhoff  
November 27, 2024                     https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : thunderbird  
CVE ID         : CVE-2024-11692 CVE-2024-11694 CVE-2024-11695  
                 CVE-2024-11696 CVE-2024-11697 CVE-2024-11699

Multiple security issues were discovered in Thunderbird, which could  
result in denial of service or the execution of arbitrary code.

For the stable distribution (bookworm), these problems have been fixed in  
version 1:128.5.0esr-1~deb12u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmdHcv8ACgkQEMKTtsN8  
TjY7kQ/9HOqGp2HwtLMf7jRWdCtBtwsAVOvOiYsGNr18FJRzTEj8CTXsz2ucn4Bg  
9c79NfbbMKQghXNKApzbDJb5Q2AEl9feic1EdMvKKqkTQQmWTKkxaTyqIVZ6/j/E  
pc2FmyKJKwHpPDseEDbG5UAv+Ea5HEvKuVp2G7KmkmxHVyh8iaanaQlk6GNgdzYd  
mUoHdlLre+MXp39ZzMyIGRs2NFUEP4gme7EglldGq77JXRGwWB3IDpYk0SViYKu0  
znO2+ITE39crVBTIGapaf2QD3Dppvbz0hsULrrPwmkDqlK4OqFJyaRuxGyv/Mymv  
YRQcBHpV9BQO9Xcl/RrD7qDgLyEHgjpX+c4tBau4h1+7RejDUTNyO7zArOrBAwYS  
pqd97quGWe9sSZyOJj1pF/yQRct9WExbMAhqGbNt5zdET7BSb09GtiKywT/vQKBl  
VEIO0LsAPYx1G+2nzhwdqzIQu6ojk52R0w/jmeBknsSsFp9mbfI5KKwBtNXWSpT+  
3z3NkWfr/5kzbPERj2jkS5MV/RzAe4d7zgxpEUMySIzUujszWI9RXo77heGYQ9LW  
3QfRqRmTUCwBaEdhf7YIqiYtyG7B6OYIOJPasDxvErRoEXwJKXic/oPxYmyCS2gx  
dYsoZntZJOvtjFzfzVBS3nJTv7+4PBWmqZSE9sCsDfazbJzn/fw=  
=RVGl  
-----END PGP SIGNATURE-----

Debian Security Advisory 5821-1

Red Hat Security Advisory 2024-10677-03 - An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include a code execution vulnerability.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10677.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: postgresql:13 security updateAdvisory ID:        RHSA-2024:10677-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:10677Issue date:         2024-12-02Revision:           03CVE Names:          CVE-2024-10979====================================================================Summary: An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:PostgreSQL is an advanced object-relational database management system (DBMS).Security Fix(es):* postgresql: PostgreSQL PL/Perl environment variable changes execute arbitrary code (CVE-2024-10979)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-10979References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2326253

Red Hat Security Advisory 2024-10677-03

Nearly two dozen security vulnerabilities have been disclosed in Advantech EKI industrial-grade wireless access point devices, some of which could be weaponized to bypass authentication and execute code with elevated privileges.
"These vulnerabilities pose significant risks, allowing unauthenticated remote code execution with root privileges, thereby fully compromising the confidentiality,

Over Two Dozen Flaws Identified in Advantech Industrial Wi-Fi Access Points – Patch ASAP

Red Hat Security Advisory 2024-10275-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10275.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: kernel-rt security updateAdvisory ID:        RHSA-2024:10275-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:10275Issue date:         2024-11-26Revision:           03CVE Names:          CVE-2022-48773====================================================================Summary: An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.Security Fix(es):* kernel: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create (CVE-2022-48773)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2022-48773References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2298109

Red Hat Security Advisory 2024-10275-03

Red Hat Security Advisory 2024-9943-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include a use-after-free vulnerability.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9943.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: kernel-rt security updateAdvisory ID:        RHSA-2024:9943-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:9943Issue date:         2024-11-25Revision:           03CVE Names:          CVE-2022-48796====================================================================Summary: An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.Security Fix(es):* kernel: blk-mq: fix IO hang from sbitmap wakeup race (CVE-2024-26671)* kernel: iommu: Fix potential use-after-free during probe (CVE-2022-48796)* kernel: mptcp: pm: Fix uaf in __timer_delete_sync (CVE-2024-46858)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2022-48796References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2272811https://bugzilla.redhat.com/show_bug.cgi?id=2298132https://bugzilla.redhat.com/show_bug.cgi?id=2315210

Tag

#sap