INFOSEC – USERSPACE.ORG :

[Linux Security]

OS: Suse

SUSE: 2023:1773-1 bci/rust Security Update

The container bci/rust was updated. The following patches have been included in this update:

SUSE: 2023:1772-1 bci/rust Security Update

The container bci/rust was updated. The following patches have been included in this update:

SUSE: 2023:1771-1 bci/ruby Security Update

The container bci/ruby was updated. The following patches have been included in this update:

SUSE: 2023:1770-1 bci/python Security Update

The container bci/python was updated. The following patches have been included in this update:

OS: Gentoo

Gentoo: GLSA-202305-37: Apache Tomcat: Multiple Vulnerabilities

Multiple vulnerabilities have been found in Apache Tomcat, the worst of which could result in denial of service.

Gentoo: GLSA-202305-36: Mozilla Thunderbird: Multiple Vulnerabilities

Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.

Gentoo: GLSA-202305-35: Mozilla Firefox: Multiple Vulnerabilities

Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution.

Gentoo: GLSA-202305-34: CGAL: Multiple Vulnerabilities

Multiple vulnerabilities have been found in CGAL, the worst of which could result in arbitrary code execution.

CVEMAP.ORG: Vulnerabilities & Exposures

Low CVE-2023-0687: GNU Glibc
A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function __monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. VDB-220246 is the identifier assigned to this vulnerability.

Low CVE-2020-36660: Eve ship replacement program project Eve ship replacement program
A vulnerability was found in paxswill EVE Ship Replacement Program 0.12.11. It has been rated as problematic. This issue affects some unknown processing of the file src/evesrp/views/api.py of the component User Information Handler. The manipulation leads to information disclosure. The attack may be initiated remotely. Upgrading to version 0.12.12 is able to address this issue. The name of the patch is 9e03f68e46e85ca9c9694a6971859b3ee66f0240. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-220211.

Medium CVE-2022-36728: Library management system project Library management system
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the RollNo parameter at /staff/delstu.php.

Low CVE-2021-30071: Hestiacp Hestiacp
A cross-site scripting (XSS) vulnerability in /admin/list_key.html of HestiaCP before v1.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.

OS: Fedora

Fedora 38: webkitgtk 2023-9e75e38b47

* Fix scrollbar jumping to top when drag released outside window in GTK 4. * Fix video rendering when GL is disabled. * Fix flickering on looped videos when starting again. * Fix CPU usage on autoplaying videos. * Choose amount of painting threads depending on available CPU cores on GTK 4. * Fix several crashes and rendering issues. * Fix CVE-2023-28204 and CVE-2023-32373.

Fedora 38: openssl 2023-026c8ba371

Rebase to upstream version 3.0.9

Fedora 38: ImageMagick 2023-d53831b69d

Update to 7.1.1.11 (#2210875) ---- Update to 7.1.1.10 (#2207788) Security fix for CVE-2023-34151 Security fix for CVE-2023-34152 Security fix for CVE-2023-34153

Fedora 37: webkitgtk 2023-23cc337543

OS: Debian

Debian: DSA-5417-1: openssl security update

Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. CVE-2023-0464

Debian: DSA-5416-1: connman security update

It was discovered that there was a potential buffer overflow and denial of service vulnerabilty in the gdhcp client implementation of connman, a command-line network manager designed for use on embedded devices.

Debian: DSA-5415-1: libreoffice security update

Two security issues were discocvered in LibreOffice, which could potentially result in the execution of arbitrary code when loading a malformed spreadsheet document or unacknowlegded loading of linked documents within a floating frame.

Debian: DSA-5412-1: libraw security update

Several vulnerabilities were discovered in libraw, a library for reading RAW files obtained from digital photo cameras, which may result in denial of service or the execution of arbitrary code if specially crafted files are processed.

OS: Mageia

Mageia 2023-0192: vim security update

Use of Out-of-range Pointer Offset in GitHub repository vim/vim. (CVE-2023-2426) References: - https://bugs.mageia.org/show_bug.cgi?id=31954

Mageia 2023-0191: tomcat security update

The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If non-default HTTP connector settings were used such that the maxParameterCount could be reached using query string parameters and a request was submitted that supplied exactly maxParameterCount parameters

Mageia 2023-0190: qtbase5 security update

Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the case used for this header does not exactly match. (CVE-2023-32762) QTextLayout buffer overflow in SVG file rendering. (CVE-2023-32763)

Mageia 2023-0189: cups-filters security update

Possible command injection in the Backend Error Handler (CVE-2023-24805) References: - https://bugs.mageia.org/show_bug.cgi?id=31939 - https://www.openwall.com/lists/oss-security/2023/05/17/5

OS: Slackware

Slackware: 2023-153-02: ntp Security Update

New ntp packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix security issues.

Slackware: 2023-153-01: cups Security Update

New cups packages are available for Slackware 14.2, 15.0, and -current to fix a security issue.

Slackware: 2023-150-01: openssl Security Update

New openssl packages are available for Slackware 15.0 and -current to fix a security issue.

Slackware: 2023-145-01: ntfs-3g Security Update

New ntfs-3g packages are available for Slackware 14.2 and 15.0 to fix security issues.

OS: CentOS

CentOS: CESA-2023-1791: Important CentOS 7 firefox

Upstream details at : https://access.redhat.com/errata/RHSA-2023:1791

CentOS: CESA-2023-1806: Important CentOS 7 thunderbird

Upstream details at : https://access.redhat.com/errata/RHSA-2023:1806

CentOS: CESA-2023-1875: Important CentOS 7 java-11-openjdk

Upstream details at : https://access.redhat.com/errata/RHSA-2023:1875

CentOS: CESA-2023-1332: Important CentOS 7 nss

Upstream details at : https://access.redhat.com/errata/RHSA-2023:1332

NIST Vulnerability Database

CVE-2023-3094
A vulnerability classified as critical has been found in code-projects Agro-School Management System 1.0. Affected is the function doUpdateQuestion of the file btn_functions.php. The manipulation of the argument question_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-230670 is the identifier assigned to this vulnerability.

CVE-2023-3091
** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Captura up to 8.0.0. It has been declared as critical. This vulnerability affects unknown code in the library CRYPTBASE.dll. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitation appears to be difficult. The identifier of this vulnerability is VDB-230668. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

CVE-2023-32582
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kyle Maurer Don8 plugin <=Â 0.4 versions.

CVE-2023-3086
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.

OS: Scientific

SciLinux: SLSA-2023-3263-1 Important: git on SL7.x x86_64

git: by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (CVE-2023-25652) * git: arbitrary configuration injection when renaming or deleting a section from a configuration file (CVE-2023-29007) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and oth [More...]

SciLinux: SLSA-2023-3137-1 Important: firefox on SL7.x x86_64

This update upgrades Firefox to version 102.11.0 ESR. * Mozilla: Browser prompts could have been obscured by popups (CVE-2023-32205) * Mozilla: Crash in RLBox Expat driver (CVE-2023-32206) * Mozilla: Potential permissions request bypass via clickjacking (CVE-2023-32207) * Mozilla: Memory safety bugs fixed in Firefox 113 and Firefox ESR 102.11 (CVE-2023-32215) * Mozilla: Content process cras [More...]

SciLinux: SLSA-2023-3151-1 Important: thunderbird on SL7.x x86_64

This update upgrades Thunderbird to version 102.11.0. * Mozilla: Browser prompts could have been obscured by popups (CVE-2023-32205) * Mozilla: Crash in RLBox Expat driver (CVE-2023-32206) * Mozilla: Potential permissions request bypass via clickjacking (CVE-2023-32207) * Mozilla: Memory safety bugs fixed in Firefox 113 and Firefox ESR 102.11 (CVE-2023-32215) * Mozilla: Content process cras [More...]

SciLinux: SLSA-2023-3145-1 Important: apr-util on SL7.x x86_64

apr-util: out-of-bounds writes in the apr_base64 (CVE-2022-25147) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 apr-util-1.5.2-6.el7_9.1.i686.rpm apr-util-1.5.2-6.el7_9.1.x86_64.rpm apr-util-debuginfo-1.5.2-6.el7_9.1.i686.rpm apr-util-debuginfo-1.5.2-6.el7_9.1.x86 [More...]

OS: Debian LTS

Debian LTS: DLA-3441-1: sofia-sip security update

It was discovered that there was a series of heap overflow and integer overflow vulnerabilities in Sofia-SIP, a building block for creating VoIP/SIP and instant messaging applications.

Debian LTS: DLA-3440-1: cups security update

An issue has been found in cups, the Common UNIX Printing System. Due to a buffer overflow vulnerability in the function format_log_line() a remote attackers could cause a denial-of-service(DoS). The vulnerability

Debian LTS: DLA-3426-2: netatalk regression update

The security update of netatalk,Â the Apple Filing Protocol service, announced as DLA-3426-1 caused a regression when the netatalk server was configured to use the AppleDouble v2 file system format.

Debian LTS: DLA-3427-2: texlive-bin regression update

It was discovered that the patch to fix CVE-2023-32700 in texlive-bin, released as DLA-3427-1, was incomplete and caused an error when running the lualatex command.

Exploit-DB.com

[webapps] unilogies/bumsys v1.0.3 beta - Unrestricted File Upload
unilogies/bumsys v1.0.3 beta - Unrestricted File Upload

[webapps] SCRMS 2023-05-27 1.0 - Multiple SQL Injection
SCRMS 2023-05-27 1.0 - Multiple SQL Injection

[webapps] Online Security Guards Hiring System 1.0 - Reflected XSS
Online Security Guards Hiring System 1.0 - Reflected XSS

[remote] Flexense HTTP Server 10.6.24 - Buffer Overflow (DoS) (Metasploit)
Flexense HTTP Server 10.6.24 - Buffer Overflow (DoS) (Metasploit)

NIST Vulnerability Database

CVE-2023-32582
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kyle Maurer Don8 plugin <=Â 0.4 versions.

CVE-2023-3086
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.

OS: Arch

ArchLinux: 202210-4: linux-zen: multiple issues

The package linux-zen before version 6.0.1.zen2-1 is vulnerable to multiple issues including arbitrary code execution, information disclosure and denial of service.

ArchLinux: 202210-3: linux-lts: multiple issues

The package linux-lts before version 5.15.73-3 is vulnerable to multiple issues including arbitrary code execution, information disclosure and denial of service.

ArchLinux: 202210-2: linux: multiple issues

The package linux before version 6.0.1.arch2-1 is vulnerable to multiple issues including arbitrary code execution, information disclosure and denial of service.

ArchLinux: 202210-1: linux-hardened: multiple issues

The package linux-hardened before version 5.19.15.hardened2-1 is vulnerable to multiple issues including arbitrary code execution, information disclosure and denial of service.

OS: Redhat

RedHat: RHSA-2023-3304:01 Moderate: OpenShift Container Platform 4.13.1 bug

Red Hat OpenShift Container Platform release 4.13.1 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13.

RedHat: RHSA-2023-3379:01 Important: Red Hat Advanced Cluster Security for

Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes security fixes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2023-3305:01 Moderate: OpenShift Container Platform 4.13.1

Red Hat OpenShift Container Platform release 4.13.1 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.13.

RedHat: RHSA-2023-3309:01 Moderate: OpenShift Container Platform 4.11.42

Red Hat OpenShift Container Platform release 4.11.42 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11.