💾 Archived View for data.konfusator.de › feeds › dsa.gmi captured on 2023-12-28 at 15:16:42. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2023-11-14)
-=-=-=-=-=-=-
Zuletzt aktualisiert: 2023-12-28T19:37:56Z
2023-12-28
Several vulnerabilities were discovered in libssh, a tiny C SSH library.
CVE-2023-6004
It was reported that using the ProxyCommand or the ProxyJump feature
may allow an attacker to inject malicious code through specially
crafted hostnames.
CVE-2023-6918
Jack Weinstein reported that missing checks for return values for
digests may result in denial of service (application crashes) or
usage of uninitialized memory.
CVE-2023-48795
Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that
the SSH protocol is prone to a prefix truncation attack, known as
the "Terrapin attack". This attack allows a MITM attacker to effect
a limited break of the integrity of the early encrypted SSH
transport protocol by sending extra messages prior to the
commencement of encryption, and deleting an equal number of
consecutive messages immediately after encryption starts.
Details can be found at https://terrapin-attack.com/
https://security-tracker.debian.org/tracker/DSA-5591-1
2023-12-28
Several vulnerabilities were discovered in HAProxy, a fast and reliable
load balancing reverse proxy, which can result in HTTP request smuggling
or information disclosure.
https://security-tracker.debian.org/tracker/DSA-5590-1
2023-12-27
Multiple vulnerabilities were discovered in Node.js, which could result in
HTTP request smuggling, bypass of policy feature checks, denial of service
or loading of incorrect ICU data.
https://security-tracker.debian.org/tracker/DSA-5589-1
2023-12-24
Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the
SSH protocol is prone to a prefix truncation attack, known as the
"Terrapin attack". This attack allows a MITM attacker to effect a
limited break of the integrity of the early encrypted SSH transport
protocol by sending extra messages prior to the commencement of
encryption, and deleting an equal number of consecutive messages
immediately after encryption starts.
Details can be found at https://terrapin-attack.com/
https://security-tracker.debian.org/tracker/DSA-5588-1
2023-12-23
Two security issues were discovered in Curl: Cookies were incorrectly
validated against the public suffix list of domains and in same cases
HSTS data could fail to save to disk.
https://security-tracker.debian.org/tracker/DSA-5587-1
2023-12-22
Several vulnerabilities have been discovered in OpenSSH, an
implementation of the SSH protocol suite.
CVE-2021-41617
It was discovered that sshd failed to correctly initialise
supplemental groups when executing an AuthorizedKeysCommand or
AuthorizedPrincipalsCommand, where a AuthorizedKeysCommandUser or
AuthorizedPrincipalsCommandUser directive has been set to run the
command as a different user. Instead these commands would inherit
the groups that sshd was started with.
CVE-2023-28531
Luci Stanescu reported that a error prevented constraints being
communicated to the ssh-agent when adding smartcard keys to the
agent with per-hop destination constraints, resulting in keys being
added without constraints.
CVE-2023-48795
Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that
the SSH protocol is prone to a prefix truncation attack, known as
the "Terrapin attack". This attack allows a MITM attacker to effect
a limited break of the integrity of the early encrypted SSH
transport protocol by sending extra messages prior to the
commencement of encryption, and deleting an equal number of
consecutive messages immediately after encryption starts.
Details can be found at https://terrapin-attack.com/
CVE-2023-51384
It was discovered that when PKCS#11-hosted private keys were
added while specifying destination constraints, if the PKCS#11
token returned multiple keys then only the first key had the
constraints applied.
CVE-2023-51385
It was discovered that if an invalid user or hostname that contained
shell metacharacters was passed to ssh, and a ProxyCommand,
LocalCommand directive or "match exec" predicate referenced the user
or hostname via expansion tokens, then an attacker who could supply
arbitrary user/hostnames to ssh could potentially perform command
injection. The situation could arise in case of git repositories
with submodules, where the repository could contain a submodule with
shell characters in its user or hostname.
https://security-tracker.debian.org/tracker/DSA-5586-1
2023-12-21
An important security issue was discovered in Chromium, which could result
in the execution of arbitrary code.
Google is aware that an exploit for CVE-2023-7024 exists in the wild.
https://security-tracker.debian.org/tracker/DSA-5585-1
2023-12-21
It was reported that the BlueZ's HID profile implementation is not
inline with the HID specification which mandates the use of Security
Mode 4. The HID profile configuration option ClassicBondedOnly now
defaults to "true" to make sure that input connections only come from
bonded device connections.
https://security-tracker.debian.org/tracker/DSA-5584-1
2023-12-21
A buffer overflow was discovered in the AV1 video plugin for the
GStreamer media framework, which may result in denial of service or
potentially the execution of arbitrary code if a malformed media file
is opened.
The oldstable distribution (bullseye) is not affected.
https://security-tracker.debian.org/tracker/DSA-5583-1
2023-12-21
Multiple security issues were discovered in Thunderbird, which could
result in denial of service, the execution of arbitrary code or spoofing
of signed PGP/MIME and SMIME emails.
https://security-tracker.debian.org/tracker/DSA-5582-1
2023-12-20
Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code, sandbox escape or clickjacking.
https://security-tracker.debian.org/tracker/DSA-5581-1
2023-12-18
The following vulnerabilities have been discovered in the WebKitGTK
web engine:
CVE-2023-42883
The Zoom Offensive Security Team discovered that processing a SVG
image may lead to a denial-of-service.
https://security-tracker.debian.org/tracker/DSA-5580-1
2023-12-17
Multiple vulnerabilities were discovered in FreeImage, a support library
for graphics image formats, which could result in the execution of
arbitrary code if malformed image files are processed.
https://security-tracker.debian.org/tracker/DSA-5579-1
2023-12-17
The initial fix for CVE-2023-6377 as applied in DSA 5576-1 did not fully
fix the vulnerability. Updated packages correcting this issue including
the upstream merged commit are now available.
https://security-tracker.debian.org/tracker/DSA-5576-2
2023-12-15
It was discovered that Ghostscript, the GPL PostScript/PDF interpreter,
does not properly handle errors in the gdev_prn_open_printer_seekable()
function, which could result in the execution of arbitrary commands if
malformed document files are processed.
https://security-tracker.debian.org/tracker/DSA-5578-1
2023-12-13
Multiple security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.
https://security-tracker.debian.org/tracker/DSA-5577-1
2023-12-13
Jan-Niklas Sohn discovered several vulnerabilities in the Xorg X server,
which may result in privilege escalation if the X server is running
privileged.
https://security-tracker.debian.org/tracker/DSA-5576-1
2023-12-11
The following vulnerabilities have been discovered in the WebKitGTK
web engine:
CVE-2023-42916
Clement Lecigne discovered that processing web content may
disclose sensitive information. Apple is aware of a report that
this issue may have been actively exploited.
CVE-2023-42917
Clement Lecigne discovered that processing web content may lead to
arbitrary code execution. Apple is aware of a report that this
issue may have been actively exploited.
https://security-tracker.debian.org/tracker/DSA-5575-1
2023-12-11
Reginaldo Silva discovered two security vulnerabilities in LibreOffice,
which could result in the execution of arbitrary scripts or Gstreamer
plugins when opening a malformed file.
https://security-tracker.debian.org/tracker/DSA-5574-1
2023-12-09
Multiple security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.
https://security-tracker.debian.org/tracker/DSA-5573-1
2023-12-04
Rene Rehme discovered that roundcube, a skinnable AJAX based webmail
solution for IMAP servers, did not properly set headers when handling
attachments. This would allow an attacker to load arbitrary JavaScript
code.
https://security-tracker.debian.org/tracker/DSA-5572-1
2023-12-01
It was discovered that missing input sanitising in the HTTP API endpoint
of RabbitMQ, an implementation of the AMQP protocol, could result in
denial of service.
https://security-tracker.debian.org/tracker/DSA-5571-1
2023-12-01
It was discovered that libnghttp2, a library implementing the HTTP/2
protocol, handled request cancellation incorrectly. This could result
in denial of service.
https://security-tracker.debian.org/tracker/DSA-5570-1
2023-11-30
Multiple security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.
https://security-tracker.debian.org/tracker/DSA-5569-1
2023-11-27
It was discovered that incorrect memory management in Fast DDS, a C++
implementation of the DDS (Data Distribution Service) might result in
denial of service.
The oldstable distribution (bullseye) is not affected.
https://security-tracker.debian.org/tracker/DSA-5568-1
2023-11-27
Brief introduction
Multiple buffer overflows and memory leak issues have been found in tiff,
the Tag Image File Format (TIFF) library and tools, which may cause denial
of service when processing a crafted TIFF image.
https://security-tracker.debian.org/tracker/DSA-5567-1
2023-11-26
Multiple security issues were discovered in Thunderbird, which could
result in denial of service or the execution of arbitrary code.
https://security-tracker.debian.org/tracker/DSA-5566-1
2023-11-25
Multiple vulnerabilities were discovered in plugins for the GStreamer
media framework and its codecs and demuxers, which may result in denial
of service or potentially the execution of arbitrary code if a malformed
media file is opened.
https://security-tracker.debian.org/tracker/DSA-5565-1
2023-11-24
Michael Randrianantenaina reported several vulnerabilities in GIMP, the
GNU Image Manipulation Program, which could result in denial of service
(application crash) or potentially the execution of arbitrary code if
malformed DDS, PSD and PSP files are opened.
https://security-tracker.debian.org/tracker/DSA-5564-1
2023-11-23
Benoit Morgan, Paul Grosen, Thais Moreira Hamasaki, Ke Sun, Alyssa
Milburn, Hisham Shafi, Nir Shlomovich, avis Ormandy, Daniel Moghimi,
Josh Eads, Salman Qazi, Alexandra Sandulescu, Andy Nguyen, Eduardo Vela,
Doug Kwan, and Kostik Shtoyk discovered that some Intel processors
mishandle repeated sequences of instructions leading to unexpected
behavior, which may result in privilege escalation, information
disclosure or denial of service.
https://security-tracker.debian.org/tracker/DSA-5563-1
════════════════════════
Skriptlauf: 2023-12-28T21:02:01