Red Hat Security Advisory 2024-10745-03 - An update for firefox is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include bypass, cross site scripting, and spoofing vulnerabilities.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10745.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: firefox security updateAdvisory ID:        RHSA-2024:10745-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:10745Issue date:         2024-12-03Revision:           03CVE Names:          CVE-2024-11692====================================================================Summary: An update for firefox is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.Security Fix(es):* firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shims (CVE-2024-11694)* firefox: thunderbird: Unhandled Exception in Add-on Signature Verification (CVE-2024-11696)* firefox: thunderbird: Select list elements could be shown over another site (CVE-2024-11692)* firefox: thunderbird: Memory safety bugs fixed in Firefox 133, Thunderbird 133, Firefox ESR 128.5, and Thunderbird 128.5 (CVE-2024-11699)* firefox: thunderbird: URL Bar Spoofing via Manipulated Punycode and Whitespace Characters (CVE-2024-11695)* firefox: thunderbird: Improper Keypress Handling in Executable File Confirmation Dialog (CVE-2024-11697)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-11692References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2328941https://bugzilla.redhat.com/show_bug.cgi?id=2328943https://bugzilla.redhat.com/show_bug.cgi?id=2328946https://bugzilla.redhat.com/show_bug.cgi?id=2328947https://bugzilla.redhat.com/show_bug.cgi?id=2328948https://bugzilla.redhat.com/show_bug.cgi?id=2328950

Red Hat Security Advisory 2024-10745-03

Red Hat Security Advisory 2024-10743-03 - An update for firefox is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include bypass, cross site scripting, and spoofing vulnerabilities.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10743.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: firefox security updateAdvisory ID:        RHSA-2024:10743-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:10743Issue date:         2024-12-03Revision:           03CVE Names:          CVE-2024-11692====================================================================Summary: An update for firefox is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.Security Fix(es):* firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shims (CVE-2024-11694)* firefox: thunderbird: Unhandled Exception in Add-on Signature Verification (CVE-2024-11696)* firefox: thunderbird: Select list elements could be shown over another site (CVE-2024-11692)* firefox: thunderbird: Memory safety bugs fixed in Firefox 133, Thunderbird 133, Firefox ESR 128.5, and Thunderbird 128.5 (CVE-2024-11699)* firefox: thunderbird: URL Bar Spoofing via Manipulated Punycode and Whitespace Characters (CVE-2024-11695)* firefox: thunderbird: Improper Keypress Handling in Executable File Confirmation Dialog (CVE-2024-11697)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-11692References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2328941https://bugzilla.redhat.com/show_bug.cgi?id=2328943https://bugzilla.redhat.com/show_bug.cgi?id=2328946https://bugzilla.redhat.com/show_bug.cgi?id=2328947https://bugzilla.redhat.com/show_bug.cgi?id=2328948https://bugzilla.redhat.com/show_bug.cgi?id=2328950

Red Hat Security Advisory 2024-10743-03

Red Hat Security Advisory 2024-10742-03 - An update for firefox is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Issues addressed include bypass, cross site scripting, and spoofing vulnerabilities.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10742.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: firefox security updateAdvisory ID:        RHSA-2024:10742-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:10742Issue date:         2024-12-03Revision:           03CVE Names:          CVE-2024-11692====================================================================Summary: An update for firefox is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.Security Fix(es):* firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shims (CVE-2024-11694)* firefox: thunderbird: Unhandled Exception in Add-on Signature Verification (CVE-2024-11696)* firefox: thunderbird: Select list elements could be shown over another site (CVE-2024-11692)* firefox: thunderbird: Memory safety bugs fixed in Firefox 133, Thunderbird 133, Firefox ESR 128.5, and Thunderbird 128.5 (CVE-2024-11699)* firefox: thunderbird: URL Bar Spoofing via Manipulated Punycode and Whitespace Characters (CVE-2024-11695)* firefox: thunderbird: Improper Keypress Handling in Executable File Confirmation Dialog (CVE-2024-11697)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-11692References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2328941https://bugzilla.redhat.com/show_bug.cgi?id=2328943https://bugzilla.redhat.com/show_bug.cgi?id=2328946https://bugzilla.redhat.com/show_bug.cgi?id=2328947https://bugzilla.redhat.com/show_bug.cgi?id=2328948https://bugzilla.redhat.com/show_bug.cgi?id=2328950

Red Hat Security Advisory 2024-10742-03

Red Hat Security Advisory 2024-10734-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include bypass, cross site scripting, and spoofing vulnerabilities.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10734.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: thunderbird security update  
Advisory ID:        RHSA-2024:10734-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:10734  
Issue date:         2024-12-03  
Revision:           03  
CVE Names:          CVE-2024-11159  
====================================================================

Summary: 

An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

Security Fix(es):

* thunderbird: Potential disclosure of plaintext in OpenPGP encrypted message (CVE-2024-11159)

* firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shims (CVE-2024-11694)

* firefox: thunderbird: Unhandled Exception in Add-on Signature Verification (CVE-2024-11696)

* firefox: thunderbird: Select list elements could be shown over another site (CVE-2024-11692)

* firefox: thunderbird: Memory safety bugs fixed in Firefox 133, Thunderbird 133, Firefox ESR 128.5, and Thunderbird 128.5 (CVE-2024-11699)

* firefox: thunderbird: URL Bar Spoofing via Manipulated Punycode and Whitespace Characters (CVE-2024-11695)

* firefox: thunderbird: Improper Keypress Handling in Executable File Confirmation Dialog (CVE-2024-11697)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2024-11159

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2325896  
https://bugzilla.redhat.com/show_bug.cgi?id=2328941  
https://bugzilla.redhat.com/show_bug.cgi?id=2328943  
https://bugzilla.redhat.com/show_bug.cgi?id=2328946  
https://bugzilla.redhat.com/show_bug.cgi?id=2328947  
https://bugzilla.redhat.com/show_bug.cgi?id=2328948  
https://bugzilla.redhat.com/show_bug.cgi?id=2328950

Red Hat Security Advisory 2024-10734-03

Red Hat Security Advisory 2024-10733-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Issues addressed include bypass, cross site scripting, and spoofing vulnerabilities.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10733.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: thunderbird security update  
Advisory ID:        RHSA-2024:10733-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:10733  
Issue date:         2024-12-03  
Revision:           03  
CVE Names:          CVE-2024-11159  
====================================================================

Summary: 

An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

Security Fix(es):

* thunderbird: Potential disclosure of plaintext in OpenPGP encrypted message (CVE-2024-11159)

* firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shims (CVE-2024-11694)

* firefox: thunderbird: Unhandled Exception in Add-on Signature Verification (CVE-2024-11696)

* firefox: thunderbird: Select list elements could be shown over another site (CVE-2024-11692)

* firefox: thunderbird: Memory safety bugs fixed in Firefox 133, Thunderbird 133, Firefox ESR 128.5, and Thunderbird 128.5 (CVE-2024-11699)

* firefox: thunderbird: URL Bar Spoofing via Manipulated Punycode and Whitespace Characters (CVE-2024-11695)

* firefox: thunderbird: Improper Keypress Handling in Executable File Confirmation Dialog (CVE-2024-11697)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2024-11159

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2325896  
https://bugzilla.redhat.com/show_bug.cgi?id=2328941  
https://bugzilla.redhat.com/show_bug.cgi?id=2328943  
https://bugzilla.redhat.com/show_bug.cgi?id=2328946  
https://bugzilla.redhat.com/show_bug.cgi?id=2328947  
https://bugzilla.redhat.com/show_bug.cgi?id=2328948  
https://bugzilla.redhat.com/show_bug.cgi?id=2328950

Red Hat Security Advisory 2024-10733-03

Red Hat Security Advisory 2024-10710-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include bypass, cross site scripting, and spoofing vulnerabilities.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10710.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: thunderbird security update  
Advisory ID:        RHSA-2024:10710-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:10710  
Issue date:         2024-12-03  
Revision:           03  
CVE Names:          CVE-2024-11159  
====================================================================

Summary: 

An update for thunderbird is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

Security Fix(es):

* thunderbird: Potential disclosure of plaintext in OpenPGP encrypted message (CVE-2024-11159)

* firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shims (CVE-2024-11694)

* firefox: thunderbird: Unhandled Exception in Add-on Signature Verification (CVE-2024-11696)

* firefox: thunderbird: Select list elements could be shown over another site (CVE-2024-11692)

* firefox: thunderbird: Memory safety bugs fixed in Firefox 133, Thunderbird 133, Firefox ESR 128.5, and Thunderbird 128.5 (CVE-2024-11699)

* firefox: thunderbird: URL Bar Spoofing via Manipulated Punycode and Whitespace Characters (CVE-2024-11695)

* firefox: thunderbird: Improper Keypress Handling in Executable File Confirmation Dialog (CVE-2024-11697)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2024-11159

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2325896  
https://bugzilla.redhat.com/show_bug.cgi?id=2328941  
https://bugzilla.redhat.com/show_bug.cgi?id=2328943  
https://bugzilla.redhat.com/show_bug.cgi?id=2328946  
https://bugzilla.redhat.com/show_bug.cgi?id=2328947  
https://bugzilla.redhat.com/show_bug.cgi?id=2328948  
https://bugzilla.redhat.com/show_bug.cgi?id=2328950

Red Hat Security Advisory 2024-10710-03

Red Hat Security Advisory 2024-10703-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include bypass, cross site scripting, and spoofing vulnerabilities.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10703.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: thunderbird security update  
Advisory ID:        RHSA-2024:10703-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:10703  
Issue date:         2024-12-03  
Revision:           03  
CVE Names:          CVE-2024-11159  
====================================================================

Summary: 

An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

Security Fix(es):

* thunderbird: Potential disclosure of plaintext in OpenPGP encrypted message (CVE-2024-11159)

* firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shims (CVE-2024-11694)

* firefox: thunderbird: Unhandled Exception in Add-on Signature Verification (CVE-2024-11696)

* firefox: thunderbird: Select list elements could be shown over another site (CVE-2024-11692)

* firefox: thunderbird: Memory safety bugs fixed in Firefox 133, Thunderbird 133, Firefox ESR 128.5, and Thunderbird 128.5 (CVE-2024-11699)

* firefox: thunderbird: URL Bar Spoofing via Manipulated Punycode and Whitespace Characters (CVE-2024-11695)

* firefox: thunderbird: Improper Keypress Handling in Executable File Confirmation Dialog (CVE-2024-11697)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2024-11159

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2325896  
https://bugzilla.redhat.com/show_bug.cgi?id=2328941  
https://bugzilla.redhat.com/show_bug.cgi?id=2328943  
https://bugzilla.redhat.com/show_bug.cgi?id=2328946  
https://bugzilla.redhat.com/show_bug.cgi?id=2328947  
https://bugzilla.redhat.com/show_bug.cgi?id=2328948  
https://bugzilla.redhat.com/show_bug.cgi?id=2328950

Red Hat Security Advisory 2024-10703-03

Red Hat Security Advisory 2024-10700-03 - Red Hat build of Apache Camel 4.8 for Spring Boot release and security update is now available. Issues addressed include privilege escalation and traversal vulnerabilities.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10700.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: Red Hat Build of Apache Camel 4.8 for Spring Boot security update.Advisory ID:        RHSA-2024:10700-03Product:            Red Hat Build of Apache CamelAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:10700Issue date:         2024-12-02Revision:           03CVE Names:          CVE-2024-31141====================================================================Summary: Red Hat build of Apache Camel 4.8 for Spring Boot release and security update is now available.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Red Hat build of Apache Camel 4.8 for Spring Boot release and security update is now available.The purpose of this text-only errata is to inform you about the security issues fixed.Security Fix(es):* org.apache.kafka/kafka-clients: privilege escalation to filesystem read-access via automatic ConfigProvider (CVE-2024-31141)* org.springframework/spring-webmvc: Path traversal vulnerability in functional web frameworks (CVE-2024-38819)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-31141References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2327264https://bugzilla.redhat.com/show_bug.cgi?id=2327614

Red Hat Security Advisory 2024-10700-03

Red Hat Security Advisory 2024-10517-03 - Red Hat OpenShift Container Platform release 4.17.7 is now available with updates to packages and images that fix several bugs.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10517.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Moderate: OpenShift Container Platform 4.17.7 security and extras update  
Advisory ID:        RHSA-2024:10517-03  
Product:            Red Hat OpenShift Enterprise  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:10517  
Issue date:         2024-12-03  
Revision:           03  
CVE Names:          CVE-2023-44270  
====================================================================

Summary: 

Red Hat OpenShift Container Platform release 4.17.7 is now available with updates to packages and images that fix several bugs.

This release includes a security update for Red Hat OpenShift Container Platform 4.17.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.17.7. See the following advisory for the container images for this release:

https://access.redhat.com/errata/RHSA-2024:10518

Security Fix(es):

* PostCSS: Improper input validation in PostCSS (CVE-2023-44270)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

All OpenShift Container Platform 4.17 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.17/updating/updating_a_cluster/updating-cluster-cli.html

Solution:

https://docs.openshift.com/container-platform/4.17/release_notes/ocp-4-17-release-notes.html

CVEs:

CVE-2023-44270

References:

https://access.redhat.com/security/updates/classification/#moderate  
https://bugzilla.redhat.com/show_bug.cgi?id=2326998

Red Hat Security Advisory 2024-10517-03

Websites these days know everything about you — even some details you might not realize. Hackers can take advantage of that with a sharp-toothed attack that exploits Europe's GDPR-mandated data portability rules.

Source: Design Pics Inc Alamy Stock Photo

Researchers are warning that an otherwise positive European data regulation has introduced massive risks to individuals and the companies they work for.

Ever since the passage of the General Data Protection Regulation (GDPR), Internet users in Europe — and in many places around the world following suit — have been able to download the entirety of the data that websites save about them. Besides the obvious benefits to privacy and transparency, the idea was portability: Anyone could take the data one site possessed about them and transfer it to another.

In a new blog post, CyberArk highlights a theoretical yet severe cost to this new right to data portability. Before the rule, everyone's most sensitive data was protected behind brick walls at ultrasecure data centers. Now that users can retrieve that data via a cloud-based mechanism, hackers can access their accounts and steal it all. Considering the extent of the data that websites collect about us today, the possibilities for malfeasance are endless.

"It's my legal right, and it's perfectly fine that I'm capable \[of seeing\] what information is being kept about me," says Lior Yakim, threat researcher at CyberArk Labs, who dubs the attack "White FAANG," since the vulnerable data could be exported from services provided by major tech companies like Facebook, Amazon, Apple, Netflix, and Google (FAANG).

Related:'Bootkitty' First Bootloader to Take Aim at Linux

However, he warns, "Because it's so easy to get all of that highly intrusive information — together with the fact that people use the same devices for corporate and personal purposes — there's a major risk."

**The Data Sites Have on You**

Companies hoard gobs of sensitive information, especially the largest technology companies most central to our online lives. They possess everything from our most sensitive personally identifying information (PII) to the long histories of our online activity. But even the most jaded Internet users might be surprised just how deep this hole goes.

Meta, for example, records not only your documented Facebook activity, but also plenty of undocumented data, like what posts you viewed, and exactly how long you viewed them.

Google, likewise, saves not only your entire search history, but even searches you typed but didn't ultimately execute.

GDPR's well-intentioned data portability regulations forced companies to make all of this information exportable at the click of a button, in a machine-readable format. And what's stopping a hacker in possession of your account from doing just that? "The most common protection is, indeed, multifactor authentication (MFA). But as we know, MFA can be bypassed," Yakim notes.

Related:China's Cyber Offensives Built in Lockstep With Private Firms, Academia

**The Risks to Individuals and Corporations**

With export data, there is no limit to what an attacker can do. They can use your Google search history to blackmail you, your GPS data from Meta to find where you live, and your Apple calendar history to know where you've been and where you'll be, to say nothing of the endless possibilities for cyberattacks.

Beyond all that, there's the risk to employers. Individual accounts can house all kinds of data that pertains to, or can otherwise be used to attack the companies they work for.

Again, the scenarios are limitless. With an Apple export, for example, a hacker could take the MAC address associated with an employee's unpatched AirPods, spoof a Bluetooth connection, exploit CVE-2024-27867 to gain access to them, then listen in on corporate meetings. Or, Yakim suggests, they can leverage information like the operating system version of the employee's mobile phone. "If I know, for example, that the mobile device of the employee is not up to date, I can search for specific, known vulnerabilities in order to target this employee," he says.

And there are far simpler, more present dangers than that. CyberArk surveyed 14,000 employees, finding that around 63% use personal accounts on their work computers, and 80% access work applications from their personal computers. Thanks to this comingling, work passwords tend to end up stored in far less secure personal accounts, from which they can be exported. This was how Cisco got breached in 2022, and Okta in 2023, a case that affected every one of its customers as well.

Related:VISO TRUST Secures $24M to Accelerate Innovation in AI-Powered Third-Party Risk Management

To prevent that from happening, employees need to draw a clear line in the sand between their business and pleasure online. "Personal accounts are less secure than corporate accounts," Yakim says. "That's the message that we're trying to deliver here."

**About the Author**

Nate Nelson is a freelance writer based in New York City. Formerly a reporter at Threatpost, he contributes to a number of cybersecurity blogs and podcasts. He writes "Malicious Life" -- an award-winning Top 20 tech podcast on Apple and Spotify -- and hosts every other episode, featuring interviews with leading voices in security. He also co-hosts "The Industrial Security Podcast," the most popular show in its field.

Tag

#web