INFOSEC | USERSPACE-Linux Aggregate Info

OS: Debian

Debian: DSA-4915-1: postgresql-11 security update

Multiple security issues have been discovered in the PostgreSQL database system, which could result in the execution of arbitrary code or disclosure of memory content.

Debian: DSA-4914-1: graphviz security update

A buffer overflow was discovered in Graphviz, which could potentially result in the execution of arbitrary code when processing a malformed file.

Debian: DSA-4913-1: hivex security update

Jemery Galindo discovered an out-of-bounds memory access in Hivex, a library to parse Windows Registry hive files. For the stable distribution (buster), this problem has been fixed in

Debian: DSA-4912-1: exim4 security update

The Qualys Research Labs reported several vulnerabilities in Exim, a mail transport agent, which could result in local privilege escalation and remote code execution.

OS: Redhat

RedHat: RHSA-2021-1560:01 Moderate: Red Hat AMQ Streams 1.6.4 release and

Red Hat AMQ Streams 1.6.4 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

RedHat: RHSA-2021-1547:01 Important: .NET Core 3.1 on Red Hat Enterprise

An update for rh-dotnet31-dotnet is now available for .NET Core on Red Hat Enterprise Linux. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2021-1546:01 Important: .NET 5.0 on Red Hat Enterprise Linux

An update for rh-dotnet50-dotnet is now available for .NET on Red Hat Enterprise Linux. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2021-1544:01 Important: Red Hat OpenShift Service Mesh 2.0.4

An update for openshift-istio-kiali-rhel8-operator-container is now available for OpenShift Service Mesh 2.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

OS: Debian LTS

Debian LTS: DLA-2660-1: libgetdata security update

One security issue has been discovered in libgetdata CVE-2021-20204

Debian LTS: DLA-2659-1: graphviz security update

CVE-2018-10196 NULL pointer dereference vulnerability in the rebuild_vlists function in lib/dotgen/conc.c in the dotgen library allows

Debian LTS: DLA-2658-1: redmine security update

Several issues were found in Redmine, a project management web application, which could lead to cross-site scripting, information disclosure, and reading arbitrary files from the server.

Debian LTS: DLA-2657-1: lz4 security update

It was discovered that there was a potential memory corruption vulnerability in the lz4 compression algorithm library. For Debian 9 "Stretch", this problem has been fixed in version

OS: Fedora

Fedora 32: kernel-tools 2021-9c0276e935

The 5.11.9 stable kernel update contains a number of important fixes across the tree.

Fedora 32: kernel-headers 2021-9c0276e935

The 5.11.9 stable kernel update contains a number of important fixes across the tree.

Fedora 32: kernel 2021-9c0276e935

The 5.11.9 stable kernel update contains a number of important fixes across the tree.

Fedora 33: mariadb 2021-68db93b130

**MariaDB 10.4.19** Release notes: https://mariadb.com/kb/en/mariadb-10419-release-notes/

OS: Slackware

Slackware: 2021-118-01: bind Security Update

New bind packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

Slackware: 2021-110-01: seamonkey Security Update

New seamonkey packages are available for Slackware 14.2 and -current to fix security issues.

Slackware: 2021-102-02: irssi Security Update

New irssi packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

Slackware: 2021-102-01: dnsmasq Security Update

New dnsmasq packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.

CVEMAP.ORG: Vulnerabilities & Exposures

Low CVE-2020-4536: IBM Openpages grc platformIBM OpenPages GRC Platform 8.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 182907.

Low CVE-2021-31908: Jetbrains TeamcityIn JetBrains TeamCity before 2020.2.3, stored XSS was possible on several pages.

Low CVE-2021-3315: Jetbrains TeamcityIn JetBrains TeamCity before 2020.2.2, stored XSS on a tests page was possible.

Medium CVE-2020-27245: Openclinic ga project Openclinic ga

Exploit-DB.com

[webapps] Student Management System 1.0 - 'message' Persistent Cross-Site Scripting (Authenticated)Student Management System 1.0 - 'message' Persistent Cross-Site Scripting (Authenticated)

[webapps] Podcast Generator 3.1 - 'Long Description' Persistent Cross-Site Scripting (XSS)Podcast Generator 3.1 - 'Long Description' Persistent Cross-Site Scripting (XSS)

[webapps] Chamilo LMS 1.11.14 - Remote Code Execution (Authenticated)Chamilo LMS 1.11.14 - Remote Code Execution (Authenticated)

[webapps] Dental Clinic Appointment Reservation System 1.0 - Authentication Bypass (SQLi)Dental Clinic Appointment Reservation System 1.0 - Authentication Bypass (SQLi)

OS: Mageia

Mageia 2021-0211: mariadb security update

Some severe exploitable vulnerabilities were discovered and fixed (CVE-2021-2154 and CVE-2021-2166). This is a regular update, which brings the usual improvements in innodb, galera. See upstream advisory.

Mageia 2021-0210: pngcheck security update

This update fixes a divide-by-zero crash bug (and probable vulnerability) in interlaced images with extra compressed data beyond the nominal end of the image data. (found by "chiba of topsec alpha lab") (rhbz#1949800). References:

Mageia 2021-0209: nagios security update

Nagios 4.4.5 allows an attacker, who already has administrative access to change the "URL for JSON CGIs" configuration setting, to modify the Alert Histogram and Trends code via crafted versions of the archivejson.cgi, objectjson.cgi, and statusjson.cgi files (CVE-2020-13977).

Mageia 2021-0208: messagelib security update

Deleting an attachment of a decrypted encrypted message stored on a remote server (e.g. an IMAP server) causes KMail to upload the decrypted content of the message to the remote server. This is not easily noticeable by the user because KMail does not display the decrypted content.

OS: Arch

ArchLinux: 202104-10: bind: multiple issues

The package bind before version 9.16.15-1 is vulnerable to multiple issues including arbitrary code execution and denial of service.

ArchLinux: 202104-9: virtualbox: multiple issues

The package virtualbox before version 6.1.20-1 is vulnerable to multiple issues including arbitrary code execution, arbitrary filesystem access and information disclosure.

ArchLinux: 202104-8: libupnp: content spoofing

The package libupnp before version 1.14.6-1 is vulnerable to content spoofing.

ArchLinux: 202104-7: chromium: multiple issues

The package chromium before version 90.0.4430.85-1 is vulnerable to multiple issues including arbitrary code execution and sandbox escape.

OS: Suse

SUSE: 2021:162-1 suse/sle15 Security Update

The container suse/sle15 was updated. The following patches have been included in this update:

SUSE: 2021:444-1 sles-15-sp2-chost-byos-v20210506 Security Update

The container sles-15-sp2-chost-byos-v20210506 was updated. The following patches have been included in this update:

SUSE: 2021:442-1 suse-sles-15-sp2-chost-byos-v20210506-gen2 Security Update

The container suse-sles-15-sp2-chost-byos-v20210506-gen2 was updated. The following patches have been included in this update:

SUSE: 2021:150-1 suse/sles12sp5 Security Update

The container suse/sles12sp5 was updated. The following patches have been included in this update:

NIST Vulnerability Database

CVE-2021-31922An HTTP Request Smuggling vulnerability in Pulse Secure Virtual Traffic Manager before 21.1 could allow an attacker to smuggle an HTTP request through an HTTP/2 Header. This vulnerability is resolved in 21.1, 20.3R1, 20.2R1, 20.1R2, 19.2R4, and 18.2R3.

CVE-2021-32051Hexagon G!nius Auskunftsportal before 5.0.0.0 allows SQL injection via the GiPWorkflow/Service/DownloadPublicFile id parameter.

CVE-2021-33026The Flask-Caching extension through 1.10.1 for Flask relies on Pickle for serialization, which may lead to remote code execution or local privilege escalation. If an attacker gains access to cache storage (e.g., filesystem, Memcached, Redis, etc.), they can construct a crafted payload, poison the cache, and execute Python code.

CVE-2021-32615Piwigo 11.4.0 allows admin/user_list_backend.php order[0][dir] SQL Injection.

NIST Vulnerability Database

CVE-2021-32051Hexagon G!nius Auskunftsportal before 5.0.0.0 allows SQL injection via the GiPWorkflow/Service/DownloadPublicFile id parameter.

CVE-2021-32615Piwigo 11.4.0 allows admin/user_list_backend.php order[0][dir] SQL Injection.

OS: Gentoo

Gentoo: GLSA-202105-01: Exim: Multiple vulnerabilities

Multiple vulnerabilities have been found in Exim, the worst of which allows remote attackers to execute arbitrary code.

Gentoo: GLSA-202104-10: Mozilla Firefox: Multiple vulnerabilities

Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.

Gentoo: GLSA-202104-09: Mozilla Thunderbird: Multiple vulnerabilities

Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.

Gentoo: GLSA-202104-08: Chromium, Google Chrome: Multiple vulnerabilities

Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code.

OS: Scientific

SciLinux: SLSA-2021-1512-1 Important: postgresql on SL7.x x86_64

postgresql: Reconnection can downgrade connection security settings (CVE-2020-25694) * postgresql: Multiple features escape "security restricted operation" sandbox (CVE-2020-25695) * postgresql: TYPE in pg_temp executes arbitrary SQL during SECURITY DEFINER execution (CVE-2019-10208) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other [More...]

SciLinux: SLSA-2021-1469-1 Important: bind on SL7.x x86_64

bind: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself (CVE-2021-25215) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 - bind-9.11.4-26.P2.el7_9.5.x86_64.rpm - bind-chroot-9.11.4-26.P2.el7_9.5.x86_ [More...]

SciLinux: SLSA-2021-1389-1 Moderate: openldap on SL7.x x86_64

openldap: NULL pointer dereference for unauthenticated packet in slapd (CVE-2020-25692) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 - openldap-2.4.44-23.el7_9.i686.rpm - openldap-2.4.44-23.el7_9.x86_64.rpm - openldap-clients-2.4.44-23.el7_9.x86_64.rpm - openldap-debugin [More...]

SciLinux: SLSA-2021-1384-1 Moderate: nss on SL7.x x86_64

nss: TLS 1.3 CCS flood remote DoS Attack (CVE-2020-25648) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * FTBFS: Paypal Cert expired * FTBFS: IKE CLASS_1563 fails gtest * Cannot compile code with nss headers and -Werror=strict-prototypes * CA HSM ncipher token disabled after [More...]