Redis v7.0 was discovered to contain a memory leak via the component streamGetEdgeID.

**Conversation**

 

add a comment to \`container\` in \`quicklist.h\`.
Because \`PLAIN\` and \`PACKED\` are not as easy to understand as \`NONE\`
and \`LISTPACK\` and we don't have a detailed comment on it.

Co-authored-by: Oran Agra <oran@redislabs.com>

\`the redis object pointer was populated.\` -> \`the sds pointer was populated.\`
We don't populate the redis object pointer in this function.

Till now, on MacOS we only used to enable SO\_KEEPALIVE,
but we didn't set the interval which is configurable via the \`tcp-keepalive\` config.
This adds support for that on MacOS, to match what we already do on Linux.

update macros ZIPLIST\_ENTRY\_END i think the right definition is ((zl)+intrev32ifbe(ZIPLIST\_BYTES(zl))-ZIPLIST\_END\_SIZE)

 

…#10663)

When user uses the same input key for SDIFF as the first one, the result must be empty, so we don't need to process the elements to test.

This method is like the one done in zset‘s \`zsetChooseDiffAlgorithm\`

Co-authored-by: Oran Agra <oran@redislabs.com>

In general, our error handler make sure the error
object is always a table. In some rare cases (such
as OOM error), the error handler will not be called
and the error object will be a string. The PR expose
the error even if its a string and not a table.

Currently there is no way to test it but if it'll ever happen,
it is better to propagate this string upwards than just
generate a generic error without any specific info.

 

\* Module API doc script: Mark unreleased API functions

\* fix broken quotes in generate-module-api-doc.rb

Co-authored-by: Oran Agra <oran@redislabs.com>

)

this seems to have been an oversight. syncing the flags so that NOTIFY\_NEW is available to modules.
missing in redis#10512

 

also fixing already defined constants build warning while at it.

Co-authored-by: Oran Agra <oran@redislabs.com>

Fixed RM\_Scan() usage example: \`RedisModuleCursor\` -> \`RedisModuleScanCursor\`

…edis#10661)

If we want to support bits that can be overlapping, we need to make sure
that:
1. we don't use the same bit for two return values.
2. values should be sorted so that prefer ones (matching more
   bits) come first.

Unintentional change in redis#9644 (since RC1) meant that an empty \`--save ""\` config
from command line, wouldn't have clear any setting from the config file

Added tests to cover that, and improved test infra to take additional
command line args for redis-server

fix some typo in "t\_zset.c".
1. \`zzlisinlexrange\` the function name mentioned in the comment is misspelled.
2. fix typo in function name\`zarndmemberReplyWithListpack\` -> \`zrandmemberReplyWithListpack\`

Changed cursor's type from \`int\` to \`unsigned long\`
allows handling database or key with more than 2^31 elements

Set \`old\_li\` to NULL to avoid linking it again on error.
Before the fix, loading an already existing library will cause the existing library to be added again. This cause not harm other then wrong statistics. The statistics that are effected  by the issue are:
\* \`libraries\_count\` and \`functions\_count\` returned by \`function stats\` command
\* \`used\_memory\_functions\` returned on \`info memory\` command
\* \`functions.caches\` returned on \`memory stats\` command

…0683)

It used to returns slots as strings, like:
\`\`\`
redis> cluster shards
1) 1) "slots"
   2) 1) "10923"
      2) "16383"
\`\`\`

CLUSTER SHARDS docs and the top comment of redis#10293 says that it returns integers.
Note other commands like CLUSTER SLOTS, it returns slots as integers.
Use addReplyLongLong instead of addReplyBulkLongLong, now it returns slots as integers:
\`\`\`
redis> cluster shards
1) 1) "slots"
   2) 1) (integer) 10923
      2) (integer) 16383
\`\`\`

This is a small breaking change, introduced in 7.0.0 (7.0 RC3, redis#10293)

Fixes redis#10680

I suggest to use "\[fpclassify\](https://en.cppreference.com/w/cpp/numeric/math/fpclassify)" for float
comparison with zero, because of expression "value == 0" with value very close to zero can be
considered as true with some performance compiler optimizations.

Note: this code was introduced by 9d520a7 to accept zset scores that get ERANGE in conversion
due to precision loss near 0.
But with Intel compilers, ICC and ICX, where optimizations for 0 check are more aggressive, "==0" is
true for mentioned functions, however should not be. Behavior is seen starting from O2.
This leads to a failure in the ZSCAN test in scan.tcl

Fix redis#10552

We no longer piggyback getkeys\_proc to hold the RedisModuleCommand struct, when exists

Others:
Use \`doesCommandHaveKeys\` in \`RM\_GetCommandKeysWithFlags\` and \`getKeysSubcommandImpl\`.
It causes a very minor behavioral change in commands that don't have actual keys, but have a spec
with \`CMD\_KEY\_NOT\_KEY\`.
For example, before this command \`COMMAND GETKEYS SPUBLISH\` would return
\`Invalid arguments specified for command\` but not it returns \`The command has no key arguments\`

…t dirty counter to 0 if we enable save (redis#10691)

## FLUSHALL
We used to restore the dirty counter after \`rdbSave\` zeroed it if we enable save.
Otherwise FLUSHALL will not be replicated nor put into the AOF.

And then we do increment it again below.
Without that extra dirty++, when db was already empty, FLUSHALL
will not be replicated nor put into the AOF.

We now gonna replace all that dirty counter magic with a call
to forceCommandPropagation (REPL and AOF), instead of all the
messing around with the dirty counter.
Added tests to cover three part (dirty counter, REPL, AOF).

One benefit other than cleaner code is that the \`rdb\_changes\_since\_last\_save\` is correct in this case.

## FLUSHDB
FLUSHDB was not replicated nor put into the AOF when db was already empty.
Unlike DEL on a non-existing key, FLUSHDB always does something, and that's to call the module hook. 
So basically FLUSHDB is never a NOP, and thus it should always be propagated.
Not doing that, could mean that if a module does something in that hook, and wants to
avoid issues of that hook being missing on the replica if the db is empty, it'll need to do complicated things.

So now FLUSHDB add call forceCommandPropagation, we will always propagate FLUSHDB.
Always propagating FLUSHDB seems like a safe approach that shouldn't have any drawbacks (other than looking odd)

This was mentioned in redis#8972

## Test section:
We actually found it while solving a race condition in the BGSAVE test (other.tcl).
It was found in extra\_ci Daily Arm64 (test-libc-malloc).
\`\`\`
\[exception\]: Executing test client: ERR Background save already in progress.
ERR Background save already in progress
\`\`\`

It look like \`r flushdb\` trigger (schedule) a bgsave right after \`waitForBgsave r\` and before \`r save\`.
Changing flushdb to flushall, FLUSHALL will do a foreground save and then set the dirty counter to 0.

… spaces for MULTI\_ARG configs parsing. And allow options value to use the -- prefix (redis#10660)

## Take one bulk string with spaces for MULTI\_ARG configs parsing
Currently redis-server looks for arguments that start with \`--\`,
and anything in between them is considered arguments for the config.
like: \`src/redis-server --shutdown-on-sigint nosave force now --port 6380\`

MULTI\_ARG configs behave differently for CONFIG command, vs the command
line argument for redis-server.
i.e. CONFIG command takes one bulk string with spaces in it, while the
command line takes an argv array with multiple values.

In this PR, in config.c, if \`argc > 1\` we can take them as is,
and if the config is a \`MULTI\_ARG\` and \`argc == 1\`, we will split it by spaces.

So both of these will be the same:
\`\`\`
redis-server --shutdown-on-sigint nosave force now --shutdown-on-sigterm nosave force
redis-server --shutdown-on-sigint nosave "force now" --shutdown-on-sigterm nosave force
redis-server --shutdown-on-sigint nosave "force now" --shutdown-on-sigterm "nosave force"
\`\`\`

## Allow options value to use the \`--\` prefix
Currently it decides to switch to the next config, as soon as it sees \`--\`, 
even if there was not a single value provided yet to the last config,
this makes it impossible to define a config value that has \`--\` prefix in it.

For instance, if we want to set the logfile to \`--my--log--file\`,
like \`redis-server --logfile --my--log--file --loglevel verbose\`,
current code will handle that incorrectly.

In this PR, now we allow a config value that has \`--\` prefix in it.
\*\*But note that\*\* something like \`redis-server --some-config --config-value1 --config-value2 --loglevel debug\`
would not work, because if you want to pass a value to a config starting with \`--\`, it can only be a single value.
like: \`redis-server --some-config "--config-value1 --config-value2" --loglevel debug\`

An example (using \`--\` prefix config value):
\`\`\`
redis-server --logfile --my--log--file --loglevel verbose
redis-cli config get logfile loglevel
1) "loglevel"
2) "verbose"
3) "logfile"
4) "--my--log--file"
\`\`\`

### Potentially breaking change
\`redis-server --save --loglevel verbose\` used to work the same as \`redis-server --save "" --loglevel verbose\`
now, it'll error!

Before this commit, all source files including those that are not going
to be compiled were used. Some of these files are platform specific and
won't even pre-process on another platform. With GCC/Clang, that's not
an issue and they'll simply ignore them, but ICC aborts in this case.

This commit only attempts to generate Makefile.dep from the actual set
of C source files that will be compiled.

…G flag for volatile configurations. (redis#10713)

This fixes a possible regression in Redis 7.0.0, in which doing CONFIG SET
on a TLS config would not reload the configuration in case the new config is
the same file as before.

A volatile configuration is a configuration value which is a reference to the
configuration data and not the configuration data itself. In such a case Redis
doesn't know if the config data changed under the hood and can't assume a
change happens only when the config value changes. Therefore it needs to
be applied even when setting a config value to the same value as it was before.

The purpose of the test is to kill the child while it is running.
From the last two lines we can see the child exits before being killed.
\`\`\`
- Module fork started pid: 56998
\* <fork> fork child started
- Killing running module fork child: 56998
\* <fork> fork child exiting
signal-handler (1652267501) Received SIGUSR1 in child, exiting now.
\`\`\`

In this commit, we pass an argument to \`fork.create\` indicating how
long it should sleep. For the fork kill test, we use a longer time to
avoid the child exiting before being killed.

Other changes:
use wait\_for\_condition instead of hardcoded \`after 250\`.
Unify the test for failing fork with the one for killing it (save time)

…10645)

Updated the comments for:
info command
lmpopCommand and blmpopCommand
sinterGenericCommand 

Fix the missing "key" words in the srandmemberCommand function
For LPOS command, when rank is 0, prompt user that rank could be
positive number or negative number, and add a test for it

Alias was mistakenly forgotten when the sub commands introduced as json files.

since the sharded pubsub is different with pubsub, it's better to give users a hint to make it more clear.

This allows the module to know the usable size of an allocation
it made, rather than the consumed size.

…truct (redis#10697)

Move the client flags to a more cache friendly position within the client struct
we regain the lost 2% of CPU cycles since v6.2 ( from 630532.57 to 647449.80 ops/sec ).
These are due to higher rate of calls to getClientType due to changes in redis#9166 and redis#10020

…M check bug, and new RM\_Call checks. (redis#10786)

\* Fix broken protocol when redis can't persist to RDB (general commands, not
  modules), excessive newline. regression of redis#10372 (7.0 RC3)
\* Fix broken protocol when Redis can't persist to AOF (modules and
  scripts), missing newline.
\* Fix bug in OOM check of EVAL scripts called from RM\_Call.
  set the cached OOM state for scripts before executing module commands too,
  so that it can serve scripts that are executed by modules.
  i.e. in the past EVAL executed by RM\_Call could have either falsely
  fail or falsely succeeded because of a wrong cached OOM state flag.
\* Fix bugs with RM\_Yield:
  1. SHUTDOWN should only accept the NOSAVE mode
  2. Avoid eviction during yield command processing.
  3. Avoid processing master client commands while yielding from another client
\* Add new two more checks to RM\_Call script mode.
  1. READONLY You can't write against a read only replica
  2. MASTERDOWN Link with MASTER is down and \`replica-serve-stale-data\` is set to \`no\`
\* Add new RM\_Call flag to let redis automatically refuse \`deny-oom\` commands
  while over the memory limit. 
\* Add tests to cover various errors from Scripts, Modules, Modules
  calling scripts, and Modules calling commands in script mode.

Add tests:
\* Looks like the MISCONF error was completely uncovered by the tests,
  add tests for it, including from scripts, and modules
\* Add tests for NOREPLICAS from scripts
\* Add tests for the various errors in module RM\_Call, including RM\_Call that
  calls EVAL, and RM\_call in "eval mode". that includes:
  NOREPLICAS, READONLY, MASTERDOWN, MISCONF

The important part is that read-only scripts (not just EVAL\_RO
and FCALL\_RO, but also ones with \`no-writes\` executed by normal EVAL or
FCALL), will now be permitted to run during CLIENT PAUSE WRITE (unlike
before where only the \_RO commands would be processed).

Other than that, some errors like OOM, READONLY, MASTERDOWN are now
handled by processCommand, rather than the command itself affects the
error string (and even error code in some cases), and command stats.

Besides that, now the \`may-replicate\` commands, PFCOUNT and PUBLISH, will
be considered \`write\` commands in scripts and will be blocked in all
read-only scripts just like other write commands.
They'll also be blocked in EVAL\_RO (i.e. even for scripts without the
\`no-writes\` shebang flag.

This commit also hides the \`may\_replicate\` flag from the COMMAND command
output. this is a \*\*breaking change\*\*.

background about may\_replicate:
We don't want to expose a no-may-replicate flag or alike to scripts, since we
consider the may-replicate thing an internal concern of redis, that we may
some day get rid of.
In fact, the may-replicate flag was initially introduced to flag EVAL: since
we didn't know what it's gonna do ahead of execution, before function-flags
existed). PUBLISH and PFCOUNT, both of which because they have side effects
which may some day be fixed differently.

code changes:
The changes in eval.c are mostly code re-ordering:
- evalCalcFunctionName is extracted out of evalGenericCommand
- evalExtractShebangFlags is extracted luaCreateFunction
- evalGetCommandFlags is new code

Apparently, GCC 11.2.0 has a new fancy warning for misleading indentations.
It prints a warning when BRET(b) is on the same line as the loop.

 

…, and inserting comments around module and acl configs (redis#10761)

A regression from redis#10285 (redis 7.0).
CONFIG REWRITE would put lines with: \`include\`, \`rename-command\`,
\`user\`,  \`loadmodule\`, and any module specific config in a comment.

For ACL \`user\`, \`loadmodule\` and module specific configs would be
re-inserted at the end (instead of updating existing lines), so the only
implication is a messy config file full of comments.

But for \`rename-command\` and \`include\`, the implication would be that
they're now missing, so a server restart would lose them.

Co-authored-by: Oran Agra <oran@redislabs.com>

Skip the print on AOF\_NOT\_EXIST status.

 

Redis 7 adds some new alias config like \`hash-max-listpack-entries\` alias \`hash-max-ziplist-entries\`.

If a config file contains both real name and alias like this:
\`\`\`
hash-max-listpack-entries 20
hash-max-ziplist-entries 20
\`\`\`

after set \`hash-max-listpack-entries\` to 100 and \`config rewrite\`, the config file becomes to:
\`\`\`
hash-max-listpack-entries 100
hash-max-ziplist-entries 20
\`\`\`

we can see that the alias config is not modified, and users will get wrong config after restart.

6.0 and 6.2 doesn't have this bug, since they only have the \`slave\` word alias.

Co-authored-by: Oran Agra <oran@redislabs.com>

\* Update time independent string compare to use hash length

On line 4068, redis has a logical nodeIsSlave(myself) on the outer if layer,
which you can delete without having to repeat the decision

…and instantaneous\_output\_repl\_kbps. (redis#10810)

A supplement to redis#10062
Split \`instantaneous\_repl\_total\_kbps\` to \`instantaneous\_input\_repl\_kbps\` and \`instantaneous\_output\_repl\_kbps\`. 
## Work:
This PR:
- delete 1 info field:
    - \`instantaneous\_repl\_total\_kbps\`
- add 2 info fields:
    - \`instantaneous\_input\_repl\_kbps / instantaneous\_output\_repl\_kbps\`
## Result:
- master
\`\`\`
total\_net\_input\_bytes:26633673
total\_net\_output\_bytes:21716596
total\_net\_repl\_input\_bytes:0
total\_net\_repl\_output\_bytes:18433052
instantaneous\_input\_kbps:0.02
instantaneous\_output\_kbps:0.00
instantaneous\_input\_repl\_kbps:0.00
instantaneous\_output\_repl\_kbps:0.00
\`\`\`
- slave
\`\`\`
total\_net\_input\_bytes:18433212
total\_net\_output\_bytes:94790
total\_net\_repl\_input\_bytes:18433052
total\_net\_repl\_output\_bytes:0
instantaneous\_input\_kbps:0.00
instantaneous\_output\_kbps:0.05
instantaneous\_input\_repl\_kbps:0.00
instantaneous\_output\_repl\_kbps:0.00
\`\`\`

Trying to avoid people opening crash report issues about module crashes and ARM QEMU bugs.

Current documentation only states a single GET token is needed which is not true. Marking the command with multiple\_token.

Currently generate-command.help.rb dose not handle the
multiple\_token flag, handle this flag in this PR.
The format is the same as redis-cli rendering.
\`\`\`diff
- bitfield\_ro key GET encoding offset \[encoding offset ...\]
+ bitfield\_ro key GET encoding offset \[GET encoding offset ...\]
\`\`\`

Re run generate-command-code.py which was forget in redis#10820.
Also change the flag value from string to bool, like "true" to true

Correcting the introduction version of the command \`BITFIELD\_RO\`
Command added by commit: b3e4abf 

Add history info of the \`FULL\` modifier in \`XINFO STREAM\`
Modifier was added by commit: 1e2aee3

(Includes output from \`./utils/generate-command-code.py\`)

Currently, we only increment stat\_rdb\_saves in rdbSaveBackground,
we should also increment it in the SAVE command.

We concluded there's no need to increment when:
1. saving a base file for an AOF
2. when saving an empty rdb file to delete an old one
3. when saving to sockets (not creating a persistence / snapshot file)

The stat counter was introduced in redis#10178

\* fix a wrong comment in startSaving

This change fixes failing \`integration/logging.tcl\` test in Gentoo with
musl libc, where \`ldd\` returns
\`\`\`
libc.so => /lib/ld-musl-x86\_64.so.1 (0x7f9d5f171000)
\`\`\`
unlike Alpine's
\`\`\`
libc.musl-x86\_64.so.1 => /lib/ld-musl-x86\_64.so.1 (0x7f82cfa16000)
\`\`\`
The solution is to extend matching pattern introduced in redis#8532.

 oranagra changed the base branch from unstable to 7.0

Jun 8, 2022

CVE-2022-33105: Release 7.0.1 by oranagra · Pull Request #10829 · redis/redis

An issue was discovered in SaltStack Salt in versions before 3002.9, 3003.5, 3004.2. PAM auth fails to reject locked accounts, which allows a previously authorized user whose account is locked still run Salt commands when their account is locked. This affects both local shell accounts with an active session and salt-api users that authenticate via PAM eauth.

CVE-2022-22967: Salt Project Package Repo

In Zalando Skipper before 0.13.218, a query predicate could be bypassed via a prepared request.

**Changes**

fix: Query predicate could be bypassed by prepared request, config is enabled by default and you can disable with -validate-query=false or (#2028)

Thanks to Daniel Abeles and Gal Goldshtein from https://oxeye.io

**POC**

    % ./bin/skipper -inline-routes '
    r1: QueryParam("foo") -> inlineContent("foo") -> <shunt>; 
    r2: * -> inlineContent("OK") -> <shunt>'
    
    % curl "localhost:9090/r?foo=bar;" 
    OK
    

**Fix as docker or binary user**

Update to >=v0.13.218

To opt-out the fix: -validate-query=false

**Fix as skipper library user**

diff --git main.go main.go
index 66b2da6..002455d 100644
\--- main.go
+++ main.go
@@ -5,6 +5,7 @@ import (
        "flag"
        "fmt"
+       "net/http"
        "net/url"
        "os"
        "path"
@@ -21,6 +22,7 @@ import (
        "github.com/zalando/skipper/filters/accesslog"
        "github.com/zalando/skipper/filters/auth"
        "github.com/zalando/skipper/filters/cors"
+       "github.com/zalando/skipper/net"
        "github.com/zalando/skipper/proxy"
        "github.com/zalando/skipper/routing"


        options := skipper.Options{
+               CustomHttpHandlerWrap: func(handler http.Handler) http.Handler {
+                       return &net.ValidateQueryHandler{Handler: handler}
+               },

**Docker image**

Docker image is available in Zalando's Open Source registry:

    docker run -it registry.opensource.zalan.do/teapot/skipper:v0.13.218 skipper --help
    # arm64
    docker run -it registry.opensource.zalan.do/teapot/skipper-arm64:v0.13.218 skipper --help
    # arm v7 32bit
    docker run -it registry.opensource.zalan.do/teapot/skipper-armv7:v0.13.218 skipper --help

CVE-2022-34296: Release v0.13.218 · zalando/skipper

The beleaguered Israeli surveillanceware vendor NSO Group this week admitted to the European Union lawmakers that its Pegasus tool was used by at least five countries in the region.
"We're trying to do the right thing and that's more than other companies working in the industry," Chaim Gelfand, the company's general counsel and chief compliance officer, said, according to a report from Politico.

The beleaguered Israeli surveillanceware vendor NSO Group this week admitted to the European Union lawmakers that its Pegasus tool was used by at least five countries in the region.

"We're trying to do the right thing and that's more than other companies working in the industry," Chaim Gelfand, the company's general counsel and chief compliance officer, said, according to a report from Politico.

Acknowledging that it had "made mistakes," the company also stressed on the need for an international standard to regulate the government use of spyware.

The disclosure comes as a special inquiry committee was launched in April 2022 to investigate alleged breaches of E.U. law following revelations that the company's Pegasus spyware is being used to snoop on phones belonging to politicians, diplomats, and civil society members.

"The committee is going to look into existing national laws regulating surveillance, and whether Pegasus spyware was used for political purposes against, for example, journalists, politicians and lawyers," the European Parliament said in March 2022.

Earlier this February, the European Data Protection Supervisor (EDPS) called for a ban on the development and the use of commercial spyware in the region, stating that the technology's "unprecedented level of intrusiveness" could endanger users' right to privacy.

Pegasus, and its other counterparts like FinFisher and Cytrox, are designed to be stealthily installed on a smartphone by exploiting unknown vulnerabilities in software known as zero-days to seize remote control of the device and harvest sensitive data.

Infections are typically achieved by means of one-click attacks wherein targets are tricked into clicking on a link sent via messages on iMessage or WhatsApp, or alternatively using zero-click exploits that require no interaction.

Once installed, the spyware provides support for a broad range of capabilities that allows the operator to track the victim's whereabouts, eavesdrop on conversations, and exfiltrate messages from even encrypted apps like WhatsApp.

NSO Group, founded in 2010, has long maintained it only supplies the software to government customers for what it says is to tackle terrorism, drug trafficking, and serious crime, but evidence has shown widespread misuse of the software to keep tabs on political opponents, critics, activists, journalists, lawyers across the world.

"The use of Pegasus does not require cooperation with telecommunication companies, and it can easily overcome encryption, SSL, proprietary protocols, and any hurdle introduced by the complex communications worldwide," the Council of Europe noted in an interim report.

"It provides remote, covert, and unlimited access to the target's mobile devices. This Modus Operandi of the Pegasus clearly reveals its capacity to be used for targeted as well as indiscriminate surveillance."

Found this article interesting? Follow THN on Facebook, Twitter __ and LinkedIn to read more exclusive content we post.

NSO Confirms Pegasus Spyware Used by at least 5 European Countries

Enables DevOps and security teams to prioritize and remediate risks in cloud-native applications earlier in the development life cycle.

San Jose, California, June 22, 2022 / Las Vegas, Nevada, June 22, 2022

Zscaler, Inc. (NASDAQ: ZS), the leader in cloud security, today announced its new Posture Control™ solution, designed to give organizations unified Cloud-Native Application Protection Platform (CNAPP) functionality tailor-made to secure cloud workloads. Integrated into the Zscaler Zero Trust Exchange™, the Posture Control solution enables DevOps and security teams to efficiently prioritize and remediate risks in cloud-native applications earlier in the development lifecycle. The completely agentless solution correlates and prioritizes risks, such as unpatched vulnerabilities in containers and VMs, excessive entitlements and permissions, and cloud service misconfigurations.

“The cybersecurity landscape continues to evolve as more applications reside across multi-cloud footprints, making it more difficult than ever for security, IT, and DevOps teams to keep up with new types of attacks and efficiently prioritize and then remediate cloud risks,” said Amit Sinha, President, Zscaler. “Unlike point cloud security tools, which lack context and overburden operators with alerts while missing the full picture, Zscaler’s new Posture Control solution correlates signals across several cloud security disciplines to identify and prioritize real risk drivers and high priority security incidents. Also, by extending security directly into developer workflows, infosec teams can collaborate more effectively with DevOps teams to proactively secure applications earlier in the development lifecycle.”

Today, most enterprises are forced to implement and manage dozens of point security tools to achieve complete security coverage. These tools operate in silos and are not integrated, leading to visibility challenges, security gaps, and friction among cross-functional teams. However, due to the dynamic nature of the cloud, security risks are made up of a combination of several complex issues that are interconnected across multiple layers. To address them, security teams need a consolidated platform that prioritizes risk across all their cloud environments.

To meet the scale and speed required for cloud-native application development, organizations need a unified approach that envelops the entire Continuous Integration and Continuous Delivery (CI/CD) lifecycle, integrating seamlessly with developer and DevOps workflows. They also need a simplified architecture that correlates issues across multi-cloud environments to better identify high priority security risks and deliver remediation via each stakeholder’s preferred workflows earlier in the development process.

“As organizations increasingly move their applications to the cloud, security teams struggle to keep up with cloud-native development because multiple siloed tools create too many alerts that are difficult to manage and prioritize,” said Melinda Marks, Senior Analyst, Enterprise Strategy Group (ESG). “With its integrated approach, Zscaler’s Posture Control solution can help security and DevOps teams better identify, prioritize, and remediate risks. With solutions like this, organizations can focus on the top issues to greatly reduce their overall risk.”

Zscaler’s new Posture Control solution builds on the security capabilities of Zscaler’s proven Workload Communications solution, which is designed to secure cloud applications at runtime. Integrated with the Zscaler for Workloads service, the Posture Control solution and Workload Communications are combined to unify development and runtime security of cloud-native and VM-based applications running on any service in any cloud. The Posture Control solution delivers comprehensive coverage of all cloud environments in a singular view and a unified data model to enable security, IT, and DevOps teams to secure cloud apps without disrupting the development processes. Following are key features of the Posture Control solution:

*   **Advanced Threat and Risk Correlation:** Identify and assess the combination of multiple security issues that may appear to be low-risk individually, but have the potential to create larger, more malicious risks across cloud environments when combined. These correlated risks are unified in a singular view, giving security teams the context they need to properly explore and prioritize risks in the cloud.
*   **Agentless Workload Scanning:** Avoid developer friction and eliminate blind spots due to incomplete coverage of security tools with a 100% agentless, API-based approach. VMs and containers are scanned in both registries and in production environments, correlating vulnerabilities with other cloud weaknesses to prioritize actions based on risk rather than on CVSS score alone.
*   **Full Lifecycle Cloud Security:** Detect and resolve security issues early in the development phase before they become production incidents with “shift left” security. Zscaler monitors automated deployment processes and sends alerts when critical security issues are found.
*   **Risk and Compliance Visualizations Across the Entire Cloud:** Gain 360-degree visibility into risks across the entire multi-cloud footprint, including VMs, containers, and serverless workloads. Zscaler integrates with development platforms like VS Code, DevOps tools such as GitHub and Jenkins, and all major cloud providers to enable visibility and control “from build to run.”
*   **Simplified, Fast Deployment** **and Operations** - Zscaler and HashiCorp, a leader in multi-cloud infrastructure automation, have extended their integrations to secure cloud-native workloads in multi-cloud environments. The Posture Control solution can now easily scan infrastructure-as-a-code templates written in Terraform in the development environment. This shift-left approach provides the ability to build security in the CI/CD process, thereby reducing friction between development and security teams, and providing rapid application deployment and better security posture of cloud workloads.

For more details about Zscaler’s Posture Control solution, please see here.

About Zscaler  

Zscaler (NASDAQ: ZS) accelerates digital transformation so customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Distributed across more than 150 data centers globally, the SSE-based Zero Trust Exchange is the world’s largest in-line cloud security platform.

Zscaler Launches Posture Control Solution

Swiss researchers debunked MEGA's claims that anyone that would be able to take over MEGA's infrastructure would still not have access to your information and files.
The post MEGA claims it can’t decrypt your files. But someone’s managed to… appeared first on Malwarebytes Labs.

MEGA, the cloud storage provider and file hosting service, is very proud of its end-to-end encryption. It says it couldn’t decrypt your stored files, even if it wanted to.

“All your data on MEGA is encrypted with a key derived from your password; in other words, your password is your main encryption key. MEGA does not have access to your password or your data. Using a strong and unique password will ensure that your data is protected from being hacked and gives you total confidence that your information will remain just that – yours.”

But there’s a problem. A Swiss team of researchers has just proved those claims wrong.

And that’s not all. The research went one step further, finding that an attacker could insert malicious files into the storage, passing all authenticity checks of the client.

**Cryptography flaws**

Researchers at the Department of Computer Science of the ETH Zurich in Zurich, Switzerland reviewed the security of MEGA and found significant issues in how it uses cryptography.

These findings could lead to devastating attacks on the confidentiality and integrity of user data in the MEGA cloud.

**Key hierarchy**

The MEGA client derives an authentication key and an encryption key from the password. The authentication key identifies users to MEGA. The encryption key encrypts a randomly generated master key, which in turn encrypts other key material of the user. Every account has a set of asymmetric keys: An RSA key pair for sharing data, a Curve25519 key pair for exchanging chat keys for MEGA’s chat functionality, and an Ed25519 key pair for signing the other keys. Furthermore, the client generates a new key for every file or folder (collectively referred to as nodes) uploaded by the user.

Long story short, all the keys are derived in one way or another from the password. And all the keys get stored on MEGA’s servers to support access from multiple devices.

**Ciphertext**

Ciphertext is encrypted text transformed from plaintext using an encryption algorithm. The researchers built two attacks based on the lack of integrity protection of ciphertexts containing keys, and two further attacks to breach the integrity of file ciphertexts and allow a malicious service provider to insert chosen files into a user’s cloud storage.

**Attacks**

Due to the flawed integrity protection, a malicious service provider can recover a user’s private RSA share key (used to share file and folder keys) over 512 login attempts. The number is 512 because of the RSA-CRT implementation used by MEGA clients to build an oracle that leaks one bit of information per login attempt about a factor of the RSA modulus.

As a result the malicious service provider can recover any plaintext encrypted with AES-ECB under a user’s master key. This includes all node keys used for encrypting files and folders. As a consequence, the confidentiality of all user data protected by these keys, such as files and chat messages, is lost.

Based on the first two attacks, a malicious service provider can construct an encrypted file. The user cannot demonstrate that they didn’t upload the forged data because the files and keys are indistinguishable from genuinely uploaded ones. It needs no further explanation that introducing a malicious file in such an attack could further compromise not only the user’s system, but also for those the user has shared their files or folders with.

**MEGA’s response**

MEGA acknowledged the issue on March 24, 2022, and released patches on June 21, 2022, awarding the researchers a bug bounty. But MEGA’s fix differs greatly from what the researchers proposed, patching only for the first attack alone since the other attacks rely on the first one.

Since that does not fix the key reuse issue, lack of integrity checks, and other systemic problems the researchers identified, this remains a source of concern for them.

As a regular MEGA user there is no reason to worry about these flaws, especially if you haven’t logged in more than 512 times. An attacker would need to have control over MEGA’s API servers or TLS connections without being noticed to perform any of these attacks.

Anyone interested in more technical details, can read the researcher’s paper.

MEGA claims it can’t decrypt your files. But someone’s managed to…

Organizations can strengthen their network defense with a number of intelligent security innovations.

San Jose, California, June 22, 2022 / Las Vegas, Nevada, June 22, 2022

Zscaler, Inc. (NASDAQ: ZS), the leader in cloud security, today announced newly advanced AI/ML innovations powered by the largest security cloud in the world for unparalleled user protection and digital experience monitoring. The new capabilities further enhance Zscaler’s Zero Trust Exchange™ security platform to enable organizations to implement a Security Service Edge (SSE) that protects against the most advanced cyberattacks, while delivering an exceptional digital experience to users, and simplifying adoption of a zero trust architecture.

Organizations are facing a 314 percent increase in cyberattacks on encrypted internet traffic and an 80 percent increase in ransomware with nearly a 120 percent increase in double extortion attacks. Phishing is also on the rise with industries like financial services, government and retail seeing annual increases in attacks of over 100 percent in 2021. To combat advancing threats, organizations need to adapt their defenses to real-time changes in risk. However, lean-running IT and security teams are experiencing security alert fatigue with increasing exposure to real-time threats and often don’t have the resources or skills to effectively investigate and respond to the mounting volume of threats. Zscaler is addressing these challenges by providing one-click root cause analysis to instantly identify the issues behind poor digital experience, freeing up IT and security teams from troubleshooting to focus on preventing attacks. AI-powered security helps IT professionals by automating threat detection to deliver better and faster protection.

Zscaler operates the largest in-line security cloud, which inspects over 240 billion data transactions daily and blocks 150 million daily attacks across the globe to dramatically expedite investigation, response and resolution times, and pinpoint potential malware to stop breaches and data loss. Zscaler is uniquely equipped to train its AI/ML models for superior accuracy in automating threat responses and making policy recommendations to security teams. From faster threat detection to freeing up resources, Zscaler’s Zero Trust platform enables IT and security teams to reduce the constant fire drill of manually chasing alerts and trying to identify new threats.

“Cybercriminals are using AI, automation, and advanced techniques to train machines to hack or socially engineer victims faster than ever before,” said Amit Sinha, President, Zscaler. “To help our customers combat these escalating techniques, we’ve dramatically advanced AI and machine learning in our cloud to take advantage of our massive data pool, giving our customers granular real-time risk visibility and a solution to combat attackers that no other security vendor can provide.”

Utilizing Zscaler’s AI-powered Zero Trust platform, organizations can now strengthen their network defense with the following intelligent security innovations:

*   **AI-powered phishing prevention:** Detect and stop credential theft and browser exploitation from phishing pages with real-time analytics on threat intelligence from 300 trillion daily signals, expert ThreatLabz research, and dynamic browser isolation.
*   **AI-powered segmentation:** Simplify user-to-app segmentation to minimize the attack surface and stop lateral movement with AI-based policy recommendations trained by millions of cross-customer signals across private app telemetry, user context, behavior, and location.
*   **Autonomous risk-based policy engine:** Dynamically adapt security and access policies in real-time across the Zscaler™ Zero Trust Exchange to maintain network integrity against rapidly-evolving cyber threats. The new capabilities also allow security teams to customize policies based on risk scoring for users, devices, apps, and content.
*   **AI-powered root cause analysis:** Accelerate mean time to resolution putting impacted end users back to work in a matter of seconds by identifying root causes of poor user experiences 180 times faster, freeing IT from time-consuming troubleshooting and analysis.

“Delivering seamless digital experiences, from employee devices to the applications they need, goes hand in hand with securing our sensitive business applications and data, no matter where it resides,” said Darren Beattie, Modern Workplace and Security Operations Manager at Auckland New Zealand-headquartered Tower Limited. “Zscaler’s integrated cloud platform helped us effortlessly adopt a zero trust architecture, reduce risk, accelerate our digital transformation, and achieve business goals.”

“With Zscaler’s AI-powered Zero Trust platform based on a SSE framework, we are able to augment and expand the reach of our IT and security team to stop the growing frequency of advanced cyberattacks,” said Stephen Bailey, Vice President of Information Technology at Cache Creek Casino Resort. “The threat landscape is constantly evolving, and these new AI capabilities will effectively enable us to see real-time changes in risk, automate our response process, and stay ahead of the attackers.”

For more details about Zscaler’s AI-powered Security Service Edge (SSE) platform, please see here.

About Zscaler

Zscaler (NASDAQ: ZS) accelerates digital transformation so customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Distributed across more than 150 data centers globally, the SSE-based Zero Trust Exchange is the world’s largest in-line cloud security platform.

Zscaler Adds New AI/ML Capabilities for the Zscaler Zero Trust Exchange

Red Hat Security Advisory 2022-5163-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a null pointer vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Low: httpd:2.4 security update  
Advisory ID:       RHSA-2022:5163-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:5163  
Issue date:        2022-06-22  
CVE Names:         CVE-2020-13950  
====================================================================  
1. Summary:

An update for the httpd:2.4 module is now available for Red Hat Enterprise  
Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Low. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

The httpd packages provide the Apache HTTP Server, a powerful, efficient,  
and extensible web server.

Security Fix(es):

* httpd: mod_proxy NULL pointer dereference (CVE-2020-13950)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the updated packages, the httpd daemon will be restarted  
automatically.

5. Bugs fixed (https://bugzilla.redhat.com/):

1966738 - CVE-2020-13950 httpd: mod_proxy NULL pointer dereference

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:  
httpd-2.4.37-47.module+el8.6.0+15654+427eba2e.2.src.rpm  
mod_http2-1.15.7-5.module+el8.6.0+13996+01710940.src.rpm  
mod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.src.rpm

aarch64:  
httpd-2.4.37-47.module+el8.6.0+15654+427eba2e.2.aarch64.rpm  
httpd-debuginfo-2.4.37-47.module+el8.6.0+15654+427eba2e.2.aarch64.rpm  
httpd-debugsource-2.4.37-47.module+el8.6.0+15654+427eba2e.2.aarch64.rpm  
httpd-devel-2.4.37-47.module+el8.6.0+15654+427eba2e.2.aarch64.rpm  
httpd-tools-2.4.37-47.module+el8.6.0+15654+427eba2e.2.aarch64.rpm  
httpd-tools-debuginfo-2.4.37-47.module+el8.6.0+15654+427eba2e.2.aarch64.rpm  
mod_http2-1.15.7-5.module+el8.6.0+13996+01710940.aarch64.rpm  
mod_http2-debuginfo-1.15.7-5.module+el8.6.0+13996+01710940.aarch64.rpm  
mod_http2-debugsource-1.15.7-5.module+el8.6.0+13996+01710940.aarch64.rpm  
mod_ldap-2.4.37-47.module+el8.6.0+15654+427eba2e.2.aarch64.rpm  
mod_ldap-debuginfo-2.4.37-47.module+el8.6.0+15654+427eba2e.2.aarch64.rpm  
mod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64.rpm  
mod_md-debuginfo-2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64.rpm  
mod_md-debugsource-2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64.rpm  
mod_proxy_html-2.4.37-47.module+el8.6.0+15654+427eba2e.2.aarch64.rpm  
mod_proxy_html-debuginfo-2.4.37-47.module+el8.6.0+15654+427eba2e.2.aarch64.rpm  
mod_session-2.4.37-47.module+el8.6.0+15654+427eba2e.2.aarch64.rpm  
mod_session-debuginfo-2.4.37-47.module+el8.6.0+15654+427eba2e.2.aarch64.rpm  
mod_ssl-2.4.37-47.module+el8.6.0+15654+427eba2e.2.aarch64.rpm  
mod_ssl-debuginfo-2.4.37-47.module+el8.6.0+15654+427eba2e.2.aarch64.rpm

noarch:  
httpd-filesystem-2.4.37-47.module+el8.6.0+15654+427eba2e.2.noarch.rpm  
httpd-manual-2.4.37-47.module+el8.6.0+15654+427eba2e.2.noarch.rpm

ppc64le:  
httpd-2.4.37-47.module+el8.6.0+15654+427eba2e.2.ppc64le.rpm  
httpd-debuginfo-2.4.37-47.module+el8.6.0+15654+427eba2e.2.ppc64le.rpm  
httpd-debugsource-2.4.37-47.module+el8.6.0+15654+427eba2e.2.ppc64le.rpm  
httpd-devel-2.4.37-47.module+el8.6.0+15654+427eba2e.2.ppc64le.rpm  
httpd-tools-2.4.37-47.module+el8.6.0+15654+427eba2e.2.ppc64le.rpm  
httpd-tools-debuginfo-2.4.37-47.module+el8.6.0+15654+427eba2e.2.ppc64le.rpm  
mod_http2-1.15.7-5.module+el8.6.0+13996+01710940.ppc64le.rpm  
mod_http2-debuginfo-1.15.7-5.module+el8.6.0+13996+01710940.ppc64le.rpm  
mod_http2-debugsource-1.15.7-5.module+el8.6.0+13996+01710940.ppc64le.rpm  
mod_ldap-2.4.37-47.module+el8.6.0+15654+427eba2e.2.ppc64le.rpm  
mod_ldap-debuginfo-2.4.37-47.module+el8.6.0+15654+427eba2e.2.ppc64le.rpm  
mod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le.rpm  
mod_md-debuginfo-2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le.rpm  
mod_md-debugsource-2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le.rpm  
mod_proxy_html-2.4.37-47.module+el8.6.0+15654+427eba2e.2.ppc64le.rpm  
mod_proxy_html-debuginfo-2.4.37-47.module+el8.6.0+15654+427eba2e.2.ppc64le.rpm  
mod_session-2.4.37-47.module+el8.6.0+15654+427eba2e.2.ppc64le.rpm  
mod_session-debuginfo-2.4.37-47.module+el8.6.0+15654+427eba2e.2.ppc64le.rpm  
mod_ssl-2.4.37-47.module+el8.6.0+15654+427eba2e.2.ppc64le.rpm  
mod_ssl-debuginfo-2.4.37-47.module+el8.6.0+15654+427eba2e.2.ppc64le.rpm

s390x:  
httpd-2.4.37-47.module+el8.6.0+15654+427eba2e.2.s390x.rpm  
httpd-debuginfo-2.4.37-47.module+el8.6.0+15654+427eba2e.2.s390x.rpm  
httpd-debugsource-2.4.37-47.module+el8.6.0+15654+427eba2e.2.s390x.rpm  
httpd-devel-2.4.37-47.module+el8.6.0+15654+427eba2e.2.s390x.rpm  
httpd-tools-2.4.37-47.module+el8.6.0+15654+427eba2e.2.s390x.rpm  
httpd-tools-debuginfo-2.4.37-47.module+el8.6.0+15654+427eba2e.2.s390x.rpm  
mod_http2-1.15.7-5.module+el8.6.0+13996+01710940.s390x.rpm  
mod_http2-debuginfo-1.15.7-5.module+el8.6.0+13996+01710940.s390x.rpm  
mod_http2-debugsource-1.15.7-5.module+el8.6.0+13996+01710940.s390x.rpm  
mod_ldap-2.4.37-47.module+el8.6.0+15654+427eba2e.2.s390x.rpm  
mod_ldap-debuginfo-2.4.37-47.module+el8.6.0+15654+427eba2e.2.s390x.rpm  
mod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.s390x.rpm  
mod_md-debuginfo-2.0.8-8.module+el8.3.0+6814+67d1e611.s390x.rpm  
mod_md-debugsource-2.0.8-8.module+el8.3.0+6814+67d1e611.s390x.rpm  
mod_proxy_html-2.4.37-47.module+el8.6.0+15654+427eba2e.2.s390x.rpm  
mod_proxy_html-debuginfo-2.4.37-47.module+el8.6.0+15654+427eba2e.2.s390x.rpm  
mod_session-2.4.37-47.module+el8.6.0+15654+427eba2e.2.s390x.rpm  
mod_session-debuginfo-2.4.37-47.module+el8.6.0+15654+427eba2e.2.s390x.rpm  
mod_ssl-2.4.37-47.module+el8.6.0+15654+427eba2e.2.s390x.rpm  
mod_ssl-debuginfo-2.4.37-47.module+el8.6.0+15654+427eba2e.2.s390x.rpm

x86_64:  
httpd-2.4.37-47.module+el8.6.0+15654+427eba2e.2.x86_64.rpm  
httpd-debuginfo-2.4.37-47.module+el8.6.0+15654+427eba2e.2.x86_64.rpm  
httpd-debugsource-2.4.37-47.module+el8.6.0+15654+427eba2e.2.x86_64.rpm  
httpd-devel-2.4.37-47.module+el8.6.0+15654+427eba2e.2.x86_64.rpm  
httpd-tools-2.4.37-47.module+el8.6.0+15654+427eba2e.2.x86_64.rpm  
httpd-tools-debuginfo-2.4.37-47.module+el8.6.0+15654+427eba2e.2.x86_64.rpm  
mod_http2-1.15.7-5.module+el8.6.0+13996+01710940.x86_64.rpm  
mod_http2-debuginfo-1.15.7-5.module+el8.6.0+13996+01710940.x86_64.rpm  
mod_http2-debugsource-1.15.7-5.module+el8.6.0+13996+01710940.x86_64.rpm  
mod_ldap-2.4.37-47.module+el8.6.0+15654+427eba2e.2.x86_64.rpm  
mod_ldap-debuginfo-2.4.37-47.module+el8.6.0+15654+427eba2e.2.x86_64.rpm  
mod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64.rpm  
mod_md-debuginfo-2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64.rpm  
mod_md-debugsource-2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64.rpm  
mod_proxy_html-2.4.37-47.module+el8.6.0+15654+427eba2e.2.x86_64.rpm  
mod_proxy_html-debuginfo-2.4.37-47.module+el8.6.0+15654+427eba2e.2.x86_64.rpm  
mod_session-2.4.37-47.module+el8.6.0+15654+427eba2e.2.x86_64.rpm  
mod_session-debuginfo-2.4.37-47.module+el8.6.0+15654+427eba2e.2.x86_64.rpm  
mod_ssl-2.4.37-47.module+el8.6.0+15654+427eba2e.2.x86_64.rpm  
mod_ssl-debuginfo-2.4.37-47.module+el8.6.0+15654+427eba2e.2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-13950  
https://access.redhat.com/security/updates/classification/#low

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYrMEn9zjgjWX9erEAQgeFg//TCoQjMOyZ6nsYGocj27JJXLctdqaYVkt  
4GKbAE8B/85Oc8HKvidjTLPluBntS8EZyKUiVOQrn7qwsqdOMxEkKWG2cTeJITVb  
D4LJHj8Uu2dHMgK5hU1nZH9yRA12Y2hURRav3HAOshWloB95vafYT0kMeXQiUyt8  
pTdCebtnTSpxgeZBRq5HOawk5TmDkKpk9LuER1vKaeBTJQOq8lV9AoiLiIQDaqdu  
976P95isQdu4vr7IX3tg13u7vWCT7QnbkcmEp8JB9+a20EaZQXvqxunuk+JcujC9  
JBawo6IyeOqPVdSKGtsYIqsrVo5RU3nxw2rDCABQXIPLoDfOmcsnh8oU7EWPMoBb  
bZs0bmoYcM1cPaR8T16Ii7NoA9j6Dirz/gH6mboYC7tSwyuyHPIXcv6BOXX3UHOg  
8upQmcO6r44bkZSpnQZbQ0Mqezqrikbn51GW+49b3pzHE9kyBTwMbIhO4JnUKuM2  
cfTtmnhY3tt6JCBgNVuPkz4kXfjWxy2mA9CjmWckTIEU6GJvUDMANPHNPTu1q52G  
gWgoA/3wbvPYl3tYaTCzptO7cfqyg4nECJbXbA5TzeyYlsfgnDuvkxKiyOMNPGPq  
SogUx7v+8WQDQ3v7S5Wy6RW3dQpkiDDjLR2twVbkJTbUCaM2O2jDz5+YQ0l4zjHD  
dCZ1eMOHFBg=uQtW  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-5163-01

Red Hat Security Advisory 2022-5152-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a cross site scripting vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: Red Hat OpenShift GitOps security update  
Advisory ID:       RHSA-2022:5152-01  
Product:           Red Hat OpenShift GitOps  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:5152  
Issue date:        2022-06-22  
CVE Names:         CVE-2018-25032 CVE-2022-1271 CVE-2022-31016  
                   CVE-2022-31034 CVE-2022-31035 CVE-2022-31036  
====================================================================  
1. Summary:

An update is now available for Red Hat OpenShift GitOps 1.5.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Description:

Red Hat Openshift GitOps is a declarative way to implement continuous  
deployment for cloud native applications.

Security Fix(es):

* argocd: vulnerable to a variety of attacks when an SSO login is initiated  
from the Argo CD CLI or the UI. (CVE-2022-31034)

* argocd: cross-site scripting (XSS) allows a malicious user to inject a  
javascript link in the UI (CVE-2022-31035)

* argocd: vulnerable to an uncontrolled memory consumption bug  
(CVE-2022-31016)

* argocd: vulnerable to a symlink following bug allowing a malicious user  
with repository write access (CVE-2022-31036)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information refer to the CVE  
page(s) listed in the References section.

3. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

4. Bugs fixed (https://bugzilla.redhat.com/):

2096278 - CVE-2022-31035 argocd: cross-site scripting (XSS) allow a malicious user to inject a javascript link in the UI  
2096282 - CVE-2022-31034 argocd: vulnerable to a variety of attacks when an SSO login is initiated from the Argo CD CLI or the UI.  
2096283 - CVE-2022-31016 argocd: vulnerable to an uncontrolled memory consumption bug  
2096291 - CVE-2022-31036 argocd: vulnerable to a symlink following bug allowing a malicious user with repository write access

5. References:

https://access.redhat.com/security/cve/CVE-2018-25032  
https://access.redhat.com/security/cve/CVE-2022-1271  
https://access.redhat.com/security/cve/CVE-2022-31016  
https://access.redhat.com/security/cve/CVE-2022-31034  
https://access.redhat.com/security/cve/CVE-2022-31035  
https://access.redhat.com/security/cve/CVE-2022-31036  
https://access.redhat.com/security/updates/classification/#important

6. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYrLob9zjgjWX9erEAQhsxw/9EbM8BdLUASvR5jVTtZeDXjOavkH9ob65  
/W+vtrpycWaOGKLm0sVZDnH9Y/iNy5io1vbTp3qseFXzCJVSnOrBmPc21VLHpCnJ  
mZ/apMKfS4HONdDqEOlwxFXPyZfp4M8ms7XdEKxEyabBdL5deL/ZhOzg1nbUWXwy  
JdDrll9oGk9HsUFqaVyM7+tOsT+a0g7SliFoXFDDF684W3JI6uL3y6ejKEEiBXOd  
649AoBnIaGyNT37BK/JaItpJj3EhmhavBs5OILDdrIzvBsjIBtVfyPNMfRjrzCEB  
qAa9CRfUT3daBK9bdx3P5X8MDXGlXEUKOOJGTwlCSk6d/mshET9AWKaJNyOdRxHJ  
U1MPlspWjb+ADXqCNB3zaQgmOaPj4lYsT9dT738JHtW+VIUAGs+KVsslizIAV9uF  
KZkJIrPqL5g9hQN4lt2uB3iLC0e1prSSZsXZLXCLFcxXObLUYV83ChFBJxaEGmMl  
VeFmgasL0LkhbH/9O4taHdwRRqMCOTshQE4N8jfqyo2jA2clPAua0vE840qSNz03  
2aEi/5J7oGV/z1wuZtklTTJGBVs2qGkhdYvqAF2wKkXPEhaoWyqhUn1dqnjGIrk+  
JJ43POziAdewPlIKN4OBkPgfTjfGWW5wy/RkMnTLtamObkF5AANQF7a8D4TcCdod  
UfPGO4T/krI=jReJ  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-5152-01

A new piece of research from academics at ETH Zurich has identified a number of critical security issues in the MEGA cloud storage service that could be leveraged to break the confidentiality and integrity of user data.
In a paper titled "MEGA: Malleable Encryption Goes Awry," the researchers point out how MEGA's system does not protect its users against a malicious server, thereby enabling a

A new piece of research from academics at ETH Zurich has identified a number of critical security issues in the MEGA cloud storage service that could be leveraged to break the confidentiality and integrity of user data.

In a paper titled "MEGA: Malleable Encryption Goes Awry," the researchers point out how MEGA's system does not protect its users against a malicious server, thereby enabling a rogue actor to fully compromise the privacy of the uploaded files.

"Additionally, the integrity of user data is damaged to the extent that an attacker can insert malicious files of their choice which pass all authenticity checks of the client," ETH Zurich's Matilda Backendal, Miro Haller, and Kenneth G. Paterson said in an analysis of the service's cryptographic architecture.

MEGA, which advertises itself as the "privacy company" and claims to provide user-controlled end-to-end encrypted cloud storage, has more than 10 million daily active users, with over 122 billion files uploaded to the platform to date.

Chief among the weaknesses is an RSA Key Recovery Attack that makes it possible for MEGA (itself acting maliciously) or a resourceful nation-state adversary in control of its API infrastructure to recover a user's RSA private key by tampering with 512 login attempts and decrypt the stored content.

"Once a targeted account had made enough successful logins, incoming shared folders, MEGAdrop files and chats could have been decryptable," Mathias Ortmann, MEGA's chief architect, said in response to the findings. "Files in the cloud drive could have been successively decrypted during subsequent logins."

The recovered RSA key can then be extended to make way for four other attacks -

*   **Plaintext Recovery Attack**, which allows MEGA to decrypt node keys — an encryption key associated with every uploaded file and are encrypted with a user's master key — and use them to decrypt all user communication and files.

*   **Framing Attack**, wherein MEGA can insert arbitrary files into the user's file storage that are indistinguishable from genuinely uploaded ones.

*   **Integrity Attack**, a less stealthy variant of the Framing Attack that can be exploited to forge a file in the name of the victim and place it in the target's cloud storage, and

*   **Guess-and-Purge (GaP) Bleichenbacher attack**, a variant of the Adaptive chosen-ciphertext attack devised by Swiss cryptographer Daniel Bleichenbacher in 1998 that could be exploited to decrypt RSA ciphertexts.

"Each user has a public RSA key used by other users or MEGA to encrypt data for the owner, and a private key used by the user themselves to decrypt data shared with them," the researchers explained. "With this \[GaP Bleichenbacher attack\], MEGA can decrypt these RSA ciphertexts, albeit requiring an impractical number of login attempts."

In a nutshell, the attacks could be weaponized by MEGA or any entity controlling its core infrastructure to upload lookalike files and decrypt all files and folders owned by or shared with the victim as well as the chat messages exchanged.

The shortcomings are severe as they undermine MEGA's supposed security guarantees, prompting the company to issue updates to address the first three of the five issues. The fourth vulnerability related to the breach of integrity is expected to be addressed in an upcoming release.

As for the Bleichenbacher-style attack against MEGA's RSA encryption mechanism, the company noted the attack is "challenging to perform in practice as it would require approximately 122,000 client interactions on average" and that it would remove the legacy code from all of its clients.

MEGA further emphasized that it's not aware of any user accounts that may have been compromised by the aforementioned attack methods.

"The reported vulnerabilities would have required MEGA to become a bad actor against certain of its users, or otherwise could only be exploited if another party compromised MEGA's API servers or TLS connections without being noticed," Ortmann pointed out.

"The attacks \[...\] arise from unexpected interactions between seemingly independent components of MEGA's cryptographic architecture," the researchers elaborated. "They hint at the difficulty of maintaining large-scale systems employing cryptography, especially when the system has an evolving set of features and is deployed across multiple platforms."

"The attacks presented here show that it is possible for a motivated party to find and exploit vulnerabilities in real world cryptographic architectures, with devastating results for security. It is conceivable that systems in this category attract adversaries who are willing to invest significant resources to compromise the service itself, increasing the plausibility of high-complexity attacks."

Found this article interesting? Follow THN on Facebook, Twitter __ and LinkedIn to read more exclusive content we post.

Tag

#ssl