ESB-2020.2737 – [Win][UNIX/Linux] IBM Java: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.2737
   Multiple vulnerabilities may affect IBM SDK, Java Technology Edition
                              10 August 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           IBM Java
Publisher:         IBM
Operating System:  Windows
                   UNIX variants (UNIX, Linux, OSX)
Impact/Access:     Modify Arbitrary Files   -- Remote/Unauthenticated
                   Access Confidential Data -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-2601 CVE-2020-2590 

Reference:         ASB-2020.0028
                   ESB-2020.2677
                   ESB-2020.1698
                   ESB-2020.1451

Original Bulletin: 
   https://www.ibm.com/support/pages/node/6256570
   https://www.ibm.com/support/pages/node/6256568

Comment: This bulletin contains two (2) IBM security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

CVE-2020-2601 may affect IBM SDK, Java Technology Edition


Document Information

More support for: IBM Java
Software version: All versions
Document number: 6256570
Modified date: 05 August 2020 


Security Bulletin

Summary

CVE-2020-2601 was disclosed as part of the Oracle January 2020 Critical Patch
Update.

Vulnerability Details

CVEID: CVE-2020-2601
DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java
SE, Java SE Embedded Security component could allow an unauthenticated attacker
to obtain sensitive information resulting in a high confidentiality impact
using unknown attack vectors.
CVSS Base score: 6.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
174548 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N)

Affected Products and Versions

7.0.0.0 - 7.0.10.65
7.1.0.0 - 7.1.4.65
8.0.0.0 - 8.0.6.11

Remediation/Fixes

7.0.10.70
7.1.4.70
8.0.6.15

APAR: IJ26763

Workarounds and Mitigations

None

Get Notified about Future Security Bulletins

References


- --------------------------------------------------------------------------------


CVE-2020-2590 may affect IBM SDK, Java Technology Edition


Document Information

More support for: IBM Java
Software version: All versions
Document number: 6256568
Modified date: 05 August 2020 


Security Bulletin

Summary

CVE-2020-2590 was disclosed as part of the Oracle January 2020 Critical Patch
Update.

Vulnerability Details

CVEID: CVE-2020-2590
DESCRIPTION: An unspecified vulnerability in Java SE related to the Java SE
Security component could allow an unauthenticated attacker to cause no
confidentiality impact, low integrity impact, and no availability impact.
CVSS Base score: 3.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
174538 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)

Affected Products and Versions

7.0.0.0 - 7.0.10.65
7.1.0.0 - 7.1.4.65
8.0.0.0 - 8.0.6.11

Remediation/Fixes

7.0.10.70
7.1.4.70
8.0.6.15

APAR: IJ26764

Workarounds and Mitigations

None

Get Notified about Future Security Bulletins

References

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXzDulONLKJtyKPYoAQjwphAAjxsdKXWcLmluyJIsBGntnbLlFryGjeoT
uXa9AnD0e8Euvb9UNKdYzk8rXy0LDwiZ+HcMpAwIIxa1rax6OqvVjja4L/znn7XW
c0qY2A38XLuKz9E2n5r42TkwA0gLzYL3sqdew5L4wTWOGtzjoAOD7vetrlblMxxb
R0fU4lwoT05L/Cbrsrhiow/R7BGBAPDRBb3WGhyLUPde++gCbJ+MXZ7KKtexHZtD
XfsxWlsoskCF1Ndf0N0Cgc3G87nN1BEoofv9EJMLgKmggLyJo0MsgVicQWGEubpH
wT4Pc/1yPg0OdZpEaUSCo+lCEhRz63Yd9Nv9k5WLGvqO16JiA3lBC8yg860IS2vL
9gPGQTqi27tv6z30s7uH1kAn0hmUgbNMnMV85UeztN+Qi4vcP41UKncagN7vhsNv
CNIKNbb4IOj8qjw+cC8mrD6TzbgYgZtE89fMJDHsGA94oKzIoEt7zH8iPCN5j4Ik
r9ElMK+bRIS5eXfyQXyeKeqdQ5ouM2NYKErwCotQBKidqU7ItjFXDrU1b7vw+n8H
05dcG8OrWS6ntJCLEPmMHe7W/56ZPpgk2zbfL4RItRwBds/BJn5r2i9udz1acngg
6OlOVys4zQizXYP7RY8Skz9RqfuiTfI9B1a99iBCBfyrNEUkJzSbdq0+kXAJLAMm
W7EJ21V7Gg8=
=zZQu
-----END PGP SIGNATURE-----

Read More

https://www.malwaredevil.com/2020/08/10/esb-2020-2737-winunix-linux-ibm-java-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2020-2737-winunix-linux-ibm-java-multiple-vulnerabilities

ESB-2020.2736 – [Linux][AIX] WebSphere Application Server Patterns: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.2736
    Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects
        WebSphere Application Server July 2020 CPU that is bundled
              with IBM WebSphere Application Server Patterns
                              10 August 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           WebSphere Application Server Patterns
Publisher:         IBM
Operating System:  AIX
                   Linux variants
Impact/Access:     Modify Arbitrary Files   -- Remote/Unauthenticated
                   Denial of Service        -- Remote/Unauthenticated
                   Access Confidential Data -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-14621 CVE-2020-14593 CVE-2020-14583
                   CVE-2020-14581 CVE-2020-14579 CVE-2020-14578
                   CVE-2020-14577 CVE-2020-14556 CVE-2020-2601
                   CVE-2020-2590 CVE-2019-17639 

Reference:         ASB-2020.0131
                   ASB-2020.0128
                   ESB-2020.2725
                   ESB-2020.2690
                   ESB-2020.2545

Original Bulletin: 
   https://www.ibm.com/support/pages/node/6257557

- --------------------------BEGIN INCLUDED TEXT--------------------

Multiple vulnerabilities in IBM Java SDK affects WebSphere Application Server
July 2020 CPU that is bundled with IBM WebSphere Application Server Patterns


Document Information

More support for: WebSphere Application Server Patterns
Software version: Version Independent
Operating system(s): AIX, Linux
Document number: 6257557
Modified date: 07 August 2020 


Security Bulletin

Summary

There are multiple vulnerabilities in the IBM SDK Java Technology Edition that
is shipped with IBM WebSphere Application Server. These issues were disclosed
in the IBM Java SDK updates in July 2020.

Vulnerability Details

CVEID: CVE-2020-2601
DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java
SE, Java SE Embedded Security component could allow an unauthenticated attacker
to obtain sensitive information resulting in a high confidentiality impact
using unknown attack vectors.
CVSS Base score: 6.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
174548 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N)

CVEID: CVE-2020-14583
DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries
component could allow an unauthenticated attacker to cause low confidentiality
impact, low integrity impact, and no availability impact.
CVSS Base score: 8.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
185061 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)

CVEID: CVE-2020-14593
DESCRIPTION: An unspecified vulnerability in Java SE related to the 2D
component could allow an unauthenticated attacker to cause no confidentiality
impact, high integrity impact, and no availability impact.
CVSS Base score: 7.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
185071 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N)

CVEID: CVE-2020-14621
DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP
component could allow an unauthenticated attacker to cause no confidentiality
impact, low integrity impact, and no availability impact.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
185099 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID: CVE-2020-14556
DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries
component could allow an unauthenticated attacker to cause low confidentiality
impact, low integrity impact, and no availability impact.
CVSS Base score: 4.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
185034 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)

CVEID: CVE-2020-14581
DESCRIPTION: An unspecified vulnerability in Oracle Java SE and Java SE
Embedded related to the 2D component could allow an unauthenticated attacker to
obtain sensitive information resulting in a low confidentiality impact using
unknown attack vectors.
CVSS Base score: 3.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
185059 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2020-14579
DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries
component could allow an unauthenticated attacker to cause a denial of service
resulting in a low availability impact using unknown attack vectors.
CVSS Base score: 3.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
185057 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2020-14578
DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries
component could allow an unauthenticated attacker to cause a denial of service
resulting in a low availability impact using unknown attack vectors.
CVSS Base score: 3.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
185056 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2020-14577
DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE
component could allow an unauthenticated attacker to obtain sensitive
information resulting in a low confidentiality impact using unknown attack
vectors.
CVSS Base score: 3.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
185055 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2019-17639
DESCRIPTION: Eclipse OpenJ9 could allow a remote attacker to obtain sensitive
information, caused by the premature return of the current method with an
undefined return value. By invoking the System.arraycopy method with a length
longer than the length of the source or destination array can, an attacker
could exploit this vulnerability to obtain sensitive information.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
185437 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2020-2590
DESCRIPTION: An unspecified vulnerability in Java SE related to the Java SE
Security component could allow an unauthenticated attacker to cause no
confidentiality impact, low integrity impact, and no availability impact.
CVSS Base score: 3.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
174538 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)

Affected Products and Versions

IBM Java SDK shipped with IBM WebSphere Application Server Patterns 1.0.0.0
through 1.0.0.7 and 2.2.0.0 through 2.3.3.0.

Remediation/Fixes

Please see the IBM Java SDK Security Bulletin for WebSphere Application Server 
to determine which WebSphere Application Server versions are affected and to
obtain the JDK fixes. The interim fix 1.0.0.0-WS-WASPATTERNS-JDK-2007 can be
used to apply the April 2020 SDK iFixes in a PureApplication or Cloud Pak
System Environment.

Download and apply the interim fix 1.0.0.0-WS-WASPATTERNS-JDK-2007.

Workarounds and Mitigations

None

Get Notified about Future Security Bulletins

References

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXzDVVuNLKJtyKPYoAQjJVw//ZriZlNnD7mv/xyIwOj9h7j5NueMR2PCh
gy4z0FK5KsF0fLZxfg73oZ9eCHrtk8rkvCFbuyRJ0/1smAxnbX7k2AEr2QEU5Ys4
zbGnGYYA6tdOrPBq8vXutUvHZ+Pd/Enm2jIPhRrkvLtfNEfyvpB8VLY1wXMO8YXY
zNCz/CHYDiHxKloz9MWajBHEzcgfgbHtxhKGNkopyEOC7Asjd0K8YA3J3aLsHViN
kT2kFf9w804ROigDLdmD/eVcUNiry5rK3jD5pI5zRqitewsT5yU7A3fXgjWgA30q
24k9DaN2mvqTCHjAiusJtTqDuBEj06o9pQBoKNXPgXJGKj8Bsa/lU/90+hvFf9EO
tvqOy1VBsqm+xfVjP/8iu78WiPLL1OG90jIud5HO+yP13JT3bebka6ZxtddQSZ4h
zk/UrWuY+c/85+mk+xnDxDZRgf8OM+lDHi0f9t78hjLbJ2/5UV2y98cF+jnq3BbC
QX0Rs7lCBvpDnFYjCun9TmieMj9Srg0sOaENplFOu3Lma+EzJdZPfwUr/j/DbOQ7
QV13MgCBddxTUP+Ie0793m+kqzL1IwghbXw+xWQ403e4+8mLa77aMeW5Tktgt0W2
dx4Pbk5dHgviBGW8alR0goAu3YDfnni72LO5nBEp9x2qJNyXD1Jq5G4yZkkZc7s7
bDBaOVRdY6o=
=QPX8
-----END PGP SIGNATURE-----

Read More

https://www.malwaredevil.com/2020/08/10/esb-2020-2736-linuxaix-websphere-application-server-patterns-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2020-2736-linuxaix-websphere-application-server-patterns-multiple-vulnerabilities

ESB-2020.2734 – [Debian] xrdp: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.2734
                           xrdp security update
                              10 August 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           xrdp
Publisher:         Debian
Operating System:  Debian GNU/Linux 9
Impact/Access:     Execute Arbitrary Code/Commands -- Existing Account      
                   Denial of Service               -- Remote/Unauthenticated
                   Access Confidential Data        -- Existing Account      
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-4044  

Reference:         ESB-2020.2710

Original Bulletin: 
   https://lists.debian.org/debian-lts-announce/2020/08/msg00015.html

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- - -------------------------------------------------------------------------
Debian LTS Advisory DLA-2319-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                          Abhijith PA
August 09, 2020                               https://wiki.debian.org/LTS
- - -------------------------------------------------------------------------

Package        : xrdp
Version        : 0.9.1-9+deb9u4
CVE ID         : CVE-2020-4044
Debian Bug     : 964573

xrdp-sesman service in xrdp can be crashed by connecting over port 3350
and supplying a malicious payload. Once the xrdp-sesman process is dead,
an unprivileged attacker on the server could then proceed to start their
own imposter sesman service listening on port 3350. This will allow them
to capture any user credentials that are submitted to XRDP and approve or
reject arbitrary login credentials. For xorgxrdp sessions in particular,
this allows an unauthorized user to hijack an existing session. This is a
buffer overflow attack, so there may be a risk of arbitrary code
execution as well.

For Debian 9 stretch, this problem has been fixed in version
0.9.1-9+deb9u4.

We recommend that you upgrade your xrdp packages.

For the detailed security status of xrdp please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/xrdp

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
- -----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE7xPqJqaY/zX9fJAuhj1N8u2cKO8FAl8wD/0ACgkQhj1N8u2c
KO82Tw/9FdQb+Bjxsdo6Kj0FLFJAzh6NN0cEtM29OP1Z6Fd/foRUdM8/HIa9Kpkt
oOXrQoLUThrsOqY5E0vOp5Suot72TeZn8Xm4FNIxGugMCazrZ46+tPfC7/njGdHy
2YHpe/tdBAD56ANvUs9QQ3hJLGhiUXREMUiSgm12tE5BsUvK22ah2fFZA3m8CuQr
3pMnDfLyzWQDk8CYCztzMeNaosFG9/wNOSV1/1+guf1wF8r+P1qaKnPqgZDmxTiA
4KO0w2LvZPYJyboA/JIchFDwpUydAmvkhSdsM0Ha3cB0ggBvNHJzu5aqj6+HquZo
G1TghiKuIXF4LdKUQwhLbbIB6P2EEuikkmsEM+9qzZbgAp6S4ansNcgGyI0/gJ34
8DoIiGyDtyDqqjsAO5yb97Wb/YzKVWn8puPSk367u7Loq3phkoZY9mgwfNoXHvmS
TCmfMP1MMWPMMd3KIYa/5Z142/Ms+i538Dam3xdQstNyRvs+JT1TnNarNF0fqQif
MH9GBGJ5rNTg6iphkOnWsFBZn5oJYm6ExAERhcuVokRzwjMpi55zE3uNYo1h+qUY
bQbpSIph1AaYUCRbw7QnXe8ElWtU0pX3D+weFHdOjQhaDnqMI72yfCsbCINOzfm/
2b5lFlK6ifO6a60IpDFCAHwBoOyJUEX0BTZo5SGKhCX/gZhosTM=
=6n5B
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXzDSYONLKJtyKPYoAQhpCQ/+Pflxv7Sal3v7k+rgbYkiy5IqaljaXULY
Sxr5h1oQg92M0/VW7Az4jCTeXDF8pWdDkpvIErOEl8zquLoElS7mYGQRWyMsX3gj
/Vv+WZJzGe/YlwKLDqF+eeszVOthuIPZdZRZNNtikZsVCWvoHyXZYmecAUL/FeR3
CwGaAPPFBnFgAj8yH16NY7XXSwdbkibhQn0sBuG147kwDzcsx/t8EpQZmO+gP16R
XRmLAV2HN2nz4bZAZyABc5ezYLxYt2EtOInlqq5eTQbF+xUMeMUI0j0kCRW2V7pK
l5UMHTi4oMaDE3t1JBL6zQMXwowuMHXKVpR/H0I82ybndCNMIHRbdhKONd1TMXcS
MJWWJpoMldGKcpoN6o2wpFhmzimLskYGhP3gwyG06tnovkiZ/hmbzKhNRT1omFy/
ghc66mOaEbAN9MMwgEQz9vIrSCV1h54aMJPykRsr5uRtPKS6b2Ke9MeqCEQtpmE6
hZtI8t+bE0y3Ruvnpw8fJLyKfj9DanHX5t+iiQZOSATRjqdNRu64bbFB6bzL5qkC
I1qFJZYn0T6ZXdGHwZP4jdRUdAO6nKYEV4nn4JoasHzqZKv07DlFOPqSYRH7kNw+
XcyhCx+DVkG+WQrS+AFhS1SoS+Wr/h0RWjP03WmSMzpYpCZwxIeP0xtsrVwj2ofW
HlipmjjXCiM=
=bm1M
-----END PGP SIGNATURE-----

Read More

https://www.malwaredevil.com/2020/08/10/esb-2020-2734-debian-xrdp-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2020-2734-debian-xrdp-multiple-vulnerabilities

ESB-2020.2735 – [UNIX/Linux] Apache HTTP Server: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.2735
                        Apache 2.4 vulnerabilities
                              10 August 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Apache HTTP Server
Publisher:         The Apache Software Foundation
Operating System:  UNIX variants (UNIX, Linux, OSX)
Impact/Access:     Denial of Service              -- Remote/Unauthenticated
                   Provide Misleading Information -- Remote/Unauthenticated
                   Access Confidential Data       -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-11993 CVE-2020-11985 CVE-2020-11984
                   CVE-2020-9490  

Original Bulletin: 
   https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-9490
   https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11993
   https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11985
   https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11984

Comment: This bulletin contains four (4) security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

CVE-2020-11984: mod_uwsgi buffer overlow

Severity: moderate

Vendor: The Apache Software Foundation

Versions Affected:
httpd 2.4.32 to 2.4.44

Description:
Apache HTTP Server 2.4.32 to 2.4.44
mod_proxy_uwsgi info disclosure and possible RCE
    
Mitigation:
disable mod_uwsgi

Credit:
Discovered by Felix Wilhelm of Google Project Zero

References:
https://httpd.apache.org/security/vulnerabilities_24.html

- -----------------------------------------------------------------------------

CVE-2020-11985: CWE-345: Insufficient verification of data authenticity

Severity: low

Vendor: The Apache Software Foundation

Versions Affected:
httpd 2.4.1 to 2.4.23

Description:
Apache HTTP Server 2.4.1 to 2.4.23
IP address spoofing when proxying using mod_remoteip and mod_rewrite
    
Mitigation:
Disable mod_remoteip

Credit:
Initially reported at https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1875299

References:
https://httpd.apache.org/security/vulnerabilities_24.html

- -----------------------------------------------------------------------------

CVE-2020-11993: Push Diary Crash on Specifically Crafted HTTP/2 Header

Severity: moderate

Vendor: Apache Software Foundation

Versions Affected:
Apache HTTP Server 2.4.20 to 2.4.43

Description:
Apache HTTP Server versions 2.4.20 to 2.4.43
When trace/debug was enabled for the HTTP/2 module and on
certain traffic edge patterns, logging statements were made on
the wrong connection, causing concurrent use of memory pools.

Configuring the LogLevel of mod_http2 above "info" will mitigate this vulnerability for unpatched servers.

Mitigation:

Credit:
Felix Wilhelm of Google Project Zero

References:
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11993

- -----------------------------------------------------------------------------

CVE-2020-9490: Push Diary Crash on Specifically Crafted HTTP/2 Header

Severity: important

Vendor: Apache Software Foundation

Versions Affected:
Apache HTTP Server 2.4.20 to 2.4.43

Description:
Apache HTTP Server versions 2.4.20 to 2.4.43
A specially crafted value for the 'Cache-Digest' header in a HTTP/2
request would result in a crash when the server actually tries to HTTP/2
PUSH a resource afterwards.

Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability for unpatched servers.

Mitigation:

Credit:
Felix Wilhelm of Google Project Zero

References:
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-9490

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXzDSdONLKJtyKPYoAQib8Q//e0mO640NDZnCL4YetqSZTA/Di33pHoPi
tqFBKtDurippH0s6KThDXnlbAv+33uizJ0OgrBYCZ66jY1CoBkdg7SzmnYCjUaE3
SdyPdaGgX5IGTiF4V/PRiD1WWWMGi63so4ugKM6AS6K3TDt/+OIB+ZP1lgnAzCDy
ibhga+STMAEwhoj1t+2YcGrAs8rRqiW0Uw0OL1km223ZrzzobMa/tCwFIoYW95sb
/FT/o9l238I9NQVVadeinKjOZjf/5WsQOZ+PKdS6agLT5xPzza8E80SB7PKvqlCI
P0iLZ5E87po7DsO16Y/nOZyLS9dskM50aqiNk0T/dLPmUeyxyk0sSaZ/5Kt/AFGl
a2eAbHvd16wPmO99WkbXqEzY4PklCxV2JU0VcupXtCCdzZY4Z+PX49xXZcmz80NB
kd5DgBSoSsijOuqxRS3F8/4nIIiOjfMX4UtIBYBHLPmyIhgBxN7DdSnnhrdoZmO3
IfOglvLyel1/rvG3RyO8zUFndP2PbUmQfnkSNDhL4YrRzh4Jvas/kslMX/lksfzm
xdCjYGrIVWnnpzDzJhiGXtXLOozl5yvCMUNgofQqBIMLfgKNMO385LtIXWHYecpm
+kBtDoc2J8qtAXBtmE56LXnKCTgA/2+xI0BaD8B+vC5hGUFw1HnlwF7r1fUgUcaA
fDZ0TGTo0pk=
=X91C
-----END PGP SIGNATURE-----

Read More

https://www.malwaredevil.com/2020/08/10/esb-2020-2735-unix-linux-apache-http-server-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2020-2735-unix-linux-apache-http-server-multiple-vulnerabilities

ESB-2020.2723 – [SUSE] xen: Execute arbitrary code/commands – Remote/unauthenticated

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.2723
                          Security update for xen
                              10 August 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           xen
Publisher:         SUSE
Operating System:  SUSE
Impact/Access:     Execute Arbitrary Code/Commands -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-8608  

Reference:         ESB-2020.2708
                   ESB-2020.2696

Original Bulletin: 
   https://www.suse.com/support/update/announcement/2020/suse-su-20202159-1
   https://www.suse.com/support/update/announcement/2020/suse-su-20202171-1
   https://www.suse.com/support/update/announcement/2020/suse-su-20202158-1
   https://www.suse.com/support/update/announcement/2020/suse-su-20202166-1
   https://www.suse.com/support/update/announcement/2020/suse-su-20202160-1

Comment: This bulletin contains five (5) SUSE security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

SUSE Security Update: Security update for xen

______________________________________________________________________________

Announcement ID:   SUSE-SU-2020:2159-1
Rating:            important
References:        #1172356 #1174543
Affected Products:
                   SUSE Linux Enterprise Server for SAP 15
                   SUSE Linux Enterprise High Performance Computing 15-LTSS
                   SUSE Linux Enterprise High Performance Computing 15-ESPOS
______________________________________________________________________________

An update that contains security fixes can now be installed.

Description:

This update for xen fixes the following issues:

  o bsc#1174543 - secure boot related fixes
  o bsc#1172356 - Not able to hot-plug NIC via virt-manager, asks to attach on
    next reboot while it should be live attached

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Linux Enterprise Server for SAP 15:
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2020-2159=1
  o SUSE Linux Enterprise High Performance Computing 15-LTSS:
    zypper in -t patch SUSE-SLE-Product-HPC-15-2020-2159=1
  o SUSE Linux Enterprise High Performance Computing 15-ESPOS:
    zypper in -t patch SUSE-SLE-Product-HPC-15-2020-2159=1

Package List:

  o SUSE Linux Enterprise Server for SAP 15 (x86_64):
       xen-4.10.4_14-3.38.1
       xen-debugsource-4.10.4_14-3.38.1
       xen-devel-4.10.4_14-3.38.1
       xen-libs-4.10.4_14-3.38.1
       xen-libs-debuginfo-4.10.4_14-3.38.1
       xen-tools-4.10.4_14-3.38.1
       xen-tools-debuginfo-4.10.4_14-3.38.1
       xen-tools-domU-4.10.4_14-3.38.1
       xen-tools-domU-debuginfo-4.10.4_14-3.38.1
  o SUSE Linux Enterprise High Performance Computing 15-LTSS (x86_64):
       xen-4.10.4_14-3.38.1
       xen-debugsource-4.10.4_14-3.38.1
       xen-devel-4.10.4_14-3.38.1
       xen-libs-4.10.4_14-3.38.1
       xen-libs-debuginfo-4.10.4_14-3.38.1
       xen-tools-4.10.4_14-3.38.1
       xen-tools-debuginfo-4.10.4_14-3.38.1
       xen-tools-domU-4.10.4_14-3.38.1
       xen-tools-domU-debuginfo-4.10.4_14-3.38.1
  o SUSE Linux Enterprise High Performance Computing 15-ESPOS (x86_64):
       xen-4.10.4_14-3.38.1
       xen-debugsource-4.10.4_14-3.38.1
       xen-devel-4.10.4_14-3.38.1
       xen-libs-4.10.4_14-3.38.1
       xen-libs-debuginfo-4.10.4_14-3.38.1
       xen-tools-4.10.4_14-3.38.1
       xen-tools-debuginfo-4.10.4_14-3.38.1
       xen-tools-domU-4.10.4_14-3.38.1
       xen-tools-domU-debuginfo-4.10.4_14-3.38.1


References:

  o https://bugzilla.suse.com/1172356
  o https://bugzilla.suse.com/1174543

- ------------------------------------------------------------------------------------
SUSE Security Update: Security update for xen

______________________________________________________________________________

Announcement ID:   SUSE-SU-2020:2171-1
Rating:            important
References:        #1163019 #1174543
Cross-References:  CVE-2020-8608
Affected Products:
                   SUSE OpenStack Cloud Crowbar 8
                   SUSE OpenStack Cloud 8
                   SUSE Linux Enterprise Server for SAP 12-SP3
                   SUSE Linux Enterprise Server 12-SP3-LTSS
                   SUSE Linux Enterprise Server 12-SP3-BCL
                   SUSE Enterprise Storage 5
                   HPE Helion Openstack 8
______________________________________________________________________________

An update that solves one vulnerability and has one errata is now available.

Description:

This update for xen fixes the following issues:

  o bsc#1174543 - secure boot related fixes
  o bsc#1163019 - CVE-2020-8608: Potential OOB access due to unsafe snprintf()
    usages

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE OpenStack Cloud Crowbar 8:
    zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2020-2171=1
  o SUSE OpenStack Cloud 8:
    zypper in -t patch SUSE-OpenStack-Cloud-8-2020-2171=1
  o SUSE Linux Enterprise Server for SAP 12-SP3:
    zypper in -t patch SUSE-SLE-SAP-12-SP3-2020-2171=1
  o SUSE Linux Enterprise Server 12-SP3-LTSS:
    zypper in -t patch SUSE-SLE-SERVER-12-SP3-2020-2171=1
  o SUSE Linux Enterprise Server 12-SP3-BCL:
    zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2020-2171=1
  o SUSE Enterprise Storage 5:
    zypper in -t patch SUSE-Storage-5-2020-2171=1
  o HPE Helion Openstack 8:
    zypper in -t patch HPE-Helion-OpenStack-8-2020-2171=1

Package List:

  o SUSE OpenStack Cloud Crowbar 8 (x86_64):
       xen-4.9.4_10-3.71.1
       xen-debugsource-4.9.4_10-3.71.1
       xen-doc-html-4.9.4_10-3.71.1
       xen-libs-32bit-4.9.4_10-3.71.1
       xen-libs-4.9.4_10-3.71.1
       xen-libs-debuginfo-32bit-4.9.4_10-3.71.1
       xen-libs-debuginfo-4.9.4_10-3.71.1
       xen-tools-4.9.4_10-3.71.1
       xen-tools-debuginfo-4.9.4_10-3.71.1
       xen-tools-domU-4.9.4_10-3.71.1
       xen-tools-domU-debuginfo-4.9.4_10-3.71.1
  o SUSE OpenStack Cloud 8 (x86_64):
       xen-4.9.4_10-3.71.1
       xen-debugsource-4.9.4_10-3.71.1
       xen-doc-html-4.9.4_10-3.71.1
       xen-libs-32bit-4.9.4_10-3.71.1
       xen-libs-4.9.4_10-3.71.1
       xen-libs-debuginfo-32bit-4.9.4_10-3.71.1
       xen-libs-debuginfo-4.9.4_10-3.71.1
       xen-tools-4.9.4_10-3.71.1
       xen-tools-debuginfo-4.9.4_10-3.71.1
       xen-tools-domU-4.9.4_10-3.71.1
       xen-tools-domU-debuginfo-4.9.4_10-3.71.1
  o SUSE Linux Enterprise Server for SAP 12-SP3 (x86_64):
       xen-4.9.4_10-3.71.1
       xen-debugsource-4.9.4_10-3.71.1
       xen-doc-html-4.9.4_10-3.71.1
       xen-libs-32bit-4.9.4_10-3.71.1
       xen-libs-4.9.4_10-3.71.1
       xen-libs-debuginfo-32bit-4.9.4_10-3.71.1
       xen-libs-debuginfo-4.9.4_10-3.71.1
       xen-tools-4.9.4_10-3.71.1
       xen-tools-debuginfo-4.9.4_10-3.71.1
       xen-tools-domU-4.9.4_10-3.71.1
       xen-tools-domU-debuginfo-4.9.4_10-3.71.1
  o SUSE Linux Enterprise Server 12-SP3-LTSS (x86_64):
       xen-4.9.4_10-3.71.1
       xen-debugsource-4.9.4_10-3.71.1
       xen-doc-html-4.9.4_10-3.71.1
       xen-libs-32bit-4.9.4_10-3.71.1
       xen-libs-4.9.4_10-3.71.1
       xen-libs-debuginfo-32bit-4.9.4_10-3.71.1
       xen-libs-debuginfo-4.9.4_10-3.71.1
       xen-tools-4.9.4_10-3.71.1
       xen-tools-debuginfo-4.9.4_10-3.71.1
       xen-tools-domU-4.9.4_10-3.71.1
       xen-tools-domU-debuginfo-4.9.4_10-3.71.1
  o SUSE Linux Enterprise Server 12-SP3-BCL (x86_64):
       xen-4.9.4_10-3.71.1
       xen-debugsource-4.9.4_10-3.71.1
       xen-doc-html-4.9.4_10-3.71.1
       xen-libs-32bit-4.9.4_10-3.71.1
       xen-libs-4.9.4_10-3.71.1
       xen-libs-debuginfo-32bit-4.9.4_10-3.71.1
       xen-libs-debuginfo-4.9.4_10-3.71.1
       xen-tools-4.9.4_10-3.71.1
       xen-tools-debuginfo-4.9.4_10-3.71.1
       xen-tools-domU-4.9.4_10-3.71.1
       xen-tools-domU-debuginfo-4.9.4_10-3.71.1
  o SUSE Enterprise Storage 5 (x86_64):
       xen-4.9.4_10-3.71.1
       xen-debugsource-4.9.4_10-3.71.1
       xen-doc-html-4.9.4_10-3.71.1
       xen-libs-32bit-4.9.4_10-3.71.1
       xen-libs-4.9.4_10-3.71.1
       xen-libs-debuginfo-32bit-4.9.4_10-3.71.1
       xen-libs-debuginfo-4.9.4_10-3.71.1
       xen-tools-4.9.4_10-3.71.1
       xen-tools-debuginfo-4.9.4_10-3.71.1
       xen-tools-domU-4.9.4_10-3.71.1
       xen-tools-domU-debuginfo-4.9.4_10-3.71.1
  o HPE Helion Openstack 8 (x86_64):
       xen-4.9.4_10-3.71.1
       xen-debugsource-4.9.4_10-3.71.1
       xen-doc-html-4.9.4_10-3.71.1
       xen-libs-32bit-4.9.4_10-3.71.1
       xen-libs-4.9.4_10-3.71.1
       xen-libs-debuginfo-32bit-4.9.4_10-3.71.1
       xen-libs-debuginfo-4.9.4_10-3.71.1
       xen-tools-4.9.4_10-3.71.1
       xen-tools-debuginfo-4.9.4_10-3.71.1
       xen-tools-domU-4.9.4_10-3.71.1
       xen-tools-domU-debuginfo-4.9.4_10-3.71.1


References:

  o https://www.suse.com/security/cve/CVE-2020-8608.html
  o https://bugzilla.suse.com/1163019
  o https://bugzilla.suse.com/1174543

- -----------------------------------------------------------------------------------

SUSE Security Update: Security update for xen

______________________________________________________________________________

Announcement ID:   SUSE-SU-2020:2158-1
Rating:            important
References:        #1172356 #1174543
Affected Products:
                   SUSE Linux Enterprise Module for Server Applications 15-SP1
                   SUSE Linux Enterprise Module for Basesystem 15-SP1
______________________________________________________________________________

An update that contains security fixes can now be installed.

Description:

This update for xen fixes the following issues:

  o bsc#1174543 - secure boot related fixes
  o bsc#1172356 - Not able to hot-plug NIC via virt-manager, asks to attach on
    next reboot while it should be live attached

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Linux Enterprise Module for Server Applications 15-SP1:
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP1-2020-2158=1
  o SUSE Linux Enterprise Module for Basesystem 15-SP1:
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2020-2158=1

Package List:

  o SUSE Linux Enterprise Module for Server Applications 15-SP1 (x86_64):
       xen-4.12.3_06-3.25.1
       xen-debugsource-4.12.3_06-3.25.1
       xen-devel-4.12.3_06-3.25.1
       xen-tools-4.12.3_06-3.25.1
       xen-tools-debuginfo-4.12.3_06-3.25.1
  o SUSE Linux Enterprise Module for Basesystem 15-SP1 (x86_64):
       xen-debugsource-4.12.3_06-3.25.1
       xen-libs-4.12.3_06-3.25.1
       xen-libs-debuginfo-4.12.3_06-3.25.1
       xen-tools-domU-4.12.3_06-3.25.1
       xen-tools-domU-debuginfo-4.12.3_06-3.25.1


References:

  o https://bugzilla.suse.com/1172356
  o https://bugzilla.suse.com/1174543

- ------------------------------------------------------------------------------------

SUSE Security Update: Security update for xen

______________________________________________________________________________

Announcement ID:   SUSE-SU-2020:2166-1
Rating:            important
References:        #1172356 #1174543
Affected Products:
                   SUSE Linux Enterprise Software Development Kit 12-SP5
                   SUSE Linux Enterprise Server 12-SP5
______________________________________________________________________________

An update that contains security fixes can now be installed.

Description:

This update for xen fixes the following issues:

  o bsc#1174543 - secure boot related fixes
  o bsc#1172356 - Not able to hot-plug NIC via virt-manager, asks to attach on
    next reboot while it should be live attached

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Linux Enterprise Software Development Kit 12-SP5:
    zypper in -t patch SUSE-SLE-SDK-12-SP5-2020-2166=1
  o SUSE Linux Enterprise Server 12-SP5:
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-2166=1

Package List:

  o SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 x86_64):
       xen-debugsource-4.12.3_06-3.21.1
       xen-devel-4.12.3_06-3.21.1
  o SUSE Linux Enterprise Server 12-SP5 (x86_64):
       xen-4.12.3_06-3.21.1
       xen-debugsource-4.12.3_06-3.21.1
       xen-doc-html-4.12.3_06-3.21.1
       xen-libs-32bit-4.12.3_06-3.21.1
       xen-libs-4.12.3_06-3.21.1
       xen-libs-debuginfo-32bit-4.12.3_06-3.21.1
       xen-libs-debuginfo-4.12.3_06-3.21.1
       xen-tools-4.12.3_06-3.21.1
       xen-tools-debuginfo-4.12.3_06-3.21.1
       xen-tools-domU-4.12.3_06-3.21.1
       xen-tools-domU-debuginfo-4.12.3_06-3.21.1


References:

  o https://bugzilla.suse.com/1172356
  o https://bugzilla.suse.com/1174543

- -----------------------------------------------------------------------------------

SUSE Security Update: Security update for xen

______________________________________________________________________________

Announcement ID:   SUSE-SU-2020:2160-1
Rating:            important
References:        #1172356 #1174543
Affected Products:
                   SUSE Linux Enterprise Module for Server Applications 15-SP2
                   SUSE Linux Enterprise Module for Basesystem 15-SP2
______________________________________________________________________________

An update that contains security fixes can now be installed.

Description:

This update for xen fixes the following issues:

  o bsc#1174543 - secure boot related fixes
  o bsc#1172356 - Not able to hot-plug NIC via virt-manager, asks to attach on
    next reboot while it should be live attached

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Linux Enterprise Module for Server Applications 15-SP2:
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP2-2020-2160=1
  o SUSE Linux Enterprise Module for Basesystem 15-SP2:
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP2-2020-2160=1

Package List:

  o SUSE Linux Enterprise Module for Server Applications 15-SP2 (noarch):
       xen-tools-xendomains-wait-disk-4.13.1_06-3.7.1
  o SUSE Linux Enterprise Module for Server Applications 15-SP2 (x86_64):
       xen-4.13.1_06-3.7.1
       xen-debugsource-4.13.1_06-3.7.1
       xen-devel-4.13.1_06-3.7.1
       xen-tools-4.13.1_06-3.7.1
       xen-tools-debuginfo-4.13.1_06-3.7.1
  o SUSE Linux Enterprise Module for Basesystem 15-SP2 (x86_64):
       xen-debugsource-4.13.1_06-3.7.1
       xen-libs-4.13.1_06-3.7.1
       xen-libs-debuginfo-4.13.1_06-3.7.1
       xen-tools-domU-4.13.1_06-3.7.1
       xen-tools-domU-debuginfo-4.13.1_06-3.7.1


References:

  o https://bugzilla.suse.com/1172356
  o https://bugzilla.suse.com/1174543

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXzDG0eNLKJtyKPYoAQjpBA/+J4D7A0L4tD00F/W5RFcvb2aNbXCUmcUV
n8EBb3kAt6TIku3uqYeUiY5fioTXT8SR4lCN/321pGzF7j4Q/sG4LjFAxGuTZEu1
O8fDzQVRKw5ts89vMWNSIU79lvEqDCH6OrqYR31+/ASCMoQkMjErib62mADB4rfE
Oz+I8oZvz8MVXjbYtzcrGedhOqgrHVO3RoNlvCduOzY6MQhDYztk3wjbCfkGH6MA
41Ndi67xM6pvNWixRO6B533CUCqG6z3givkNKa3G3d1ruhYqeEF6h2dsn4I/qWsf
0xtYwjuGlyCcW04hftJX+J7JSMq5l5nbMYtbPbB6Lpv752u/I9Wb6UncKbaClZYp
QryJ/GnHS/mZHbUyOt9xQiHi62/yRTFbUuHqHoobtC+3Aio4xGG0nyRM3EJgVSBW
dNKXSorBfF+vDXemmSUBCeLQt2PgqqDHvOBqM77ESUrD8XO/jQlWxC9hsmlpIZnI
ini8bKsOOayNTKGvuFDg0Umem8DLcT6AsTjKSax1rY6U+Mjm/juAQkui9YiHuaGy
enYdB6En+VR1JOvIJuc+FGHOQs+Q4Acnsw0d6RMHuvreUApsrh2ui+I/68EQnKmF
/+gIwJ30lmQp9XojUTEJ4s8/Fcn0PF9jN08UNDbsQ7vsJuSzLi0SFC0aPmHazX/m
DngBjQumktI=
=+ocL
-----END PGP SIGNATURE-----

Read More

https://www.malwaredevil.com/2020/08/10/esb-2020-2723-suse-xen-execute-arbitrary-code-commands-remote-unauthenticated/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2020-2723-suse-xen-execute-arbitrary-code-commands-remote-unauthenticated

ESB-2020.2724 – [SUSE] MozillaFirefox: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.2724
                    Security update for MozillaFirefox
                              10 August 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           MozillaFirefox
Publisher:         SUSE
Operating System:  SUSE
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Denial of Service               -- Remote with User Interaction
                   Access Confidential Data        -- Remote with User Interaction
                   Reduced Security                -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-15659 CVE-2020-15658 CVE-2020-15657
                   CVE-2020-15656 CVE-2020-15655 CVE-2020-15654
                   CVE-2020-15653 CVE-2020-15652 CVE-2020-6514
                   CVE-2020-6463  

Reference:         ESB-2020.2675
                   ESB-2020.2640

Original Bulletin: 
   https://www.suse.com/support/update/announcement/2020/suse-su-20202147-1

- --------------------------BEGIN INCLUDED TEXT--------------------

SUSE Security Update: Security update for MozillaFirefox

______________________________________________________________________________

Announcement ID:   SUSE-SU-2020:2147-1
Rating:            important
References:        #1171433 #1174538
Cross-References:  CVE-2020-15652 CVE-2020-15653 CVE-2020-15654 CVE-2020-15655
                   CVE-2020-15656 CVE-2020-15657 CVE-2020-15658 CVE-2020-15659
                   CVE-2020-6463 CVE-2020-6514
Affected Products:
                   SUSE Linux Enterprise Module for Desktop Applications 15-SP2
______________________________________________________________________________

An update that fixes 10 vulnerabilities is now available.

Description:

This update for MozillaFirefox fixes the following issues:
This update for MozillaFirefox and pipewire fixes the following issues:
MozillaFirefox Extended Support Release 78.1.0 ESR

  o Fixed: Various stability, functionality, and security fixes (bsc#1174538)
  o CVE-2020-15652: Potential leak of redirect targets when loading scripts in
    a worker
  o CVE-2020-6514: WebRTC data channel leaks internal address to peer
  o CVE-2020-15655: Extension APIs could be used to bypass Same-Origin Policy
  o CVE-2020-15653: Bypassing iframe sandbox when allowing popups
  o CVE-2020-6463: Use-after-free in ANGLE
    gl::Texture::onUnbindAsSamplerTexture
  o CVE-2020-15656: Type confusion for special arguments in IonMonkey
  o CVE-2020-15658: Overriding file type when saving to disk
  o CVE-2020-15657: DLL hijacking due to incorrect loading path
  o CVE-2020-15654: Custom cursor can overlay user interface
  o CVE-2020-15659: Memory safety bugs fixed in Firefox 79 and Firefox ESR 78.1


pipewire was updated to version 0.3.6 (bsc#1171433, jsc#ECO-2308):

  o Extensive memory leak fixing and stress testing was done. A big leak in
    screen sharing with DMA-BUF was fixed.
  o Compile fixes
  o Stability improvements in jack and pulseaudio layers.
  o Added the old portal module to make the Camera portal work again. This will
    be moved to the session manager in future versions.
  o Improvements to the GStreamer source and sink shutdown.
  o Fix compatibility with v2 clients again when negotiating buffers.

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Linux Enterprise Module for Desktop Applications 15-SP2:
    zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP2-2020-2147=1

Package List:

  o SUSE Linux Enterprise Module for Desktop Applications 15-SP2 (aarch64
    ppc64le s390x x86_64):
       MozillaFirefox-78.1.0-8.3.1
       MozillaFirefox-branding-SLE-78-9.2.4
       MozillaFirefox-debuginfo-78.1.0-8.3.1
       MozillaFirefox-debugsource-78.1.0-8.3.1
       MozillaFirefox-translations-common-78.1.0-8.3.1
       MozillaFirefox-translations-other-78.1.0-8.3.1
       libpipewire-0_3-0-0.3.6-3.3.2
       libpipewire-0_3-0-debuginfo-0.3.6-3.3.2
       pipewire-0.3.6-3.3.2
       pipewire-debuginfo-0.3.6-3.3.2
       pipewire-debugsource-0.3.6-3.3.2
       pipewire-modules-0.3.6-3.3.2
       pipewire-modules-debuginfo-0.3.6-3.3.2
       pipewire-spa-plugins-0_2-0.3.6-3.3.2
       pipewire-spa-plugins-0_2-debuginfo-0.3.6-3.3.2
       pipewire-spa-tools-0.3.6-3.3.2
       pipewire-spa-tools-debuginfo-0.3.6-3.3.2
       pipewire-tools-0.3.6-3.3.2
       pipewire-tools-debuginfo-0.3.6-3.3.2
  o SUSE Linux Enterprise Module for Desktop Applications 15-SP2 (aarch64
    ppc64le x86_64):
       MozillaFirefox-devel-78.1.0-8.3.1


References:

  o https://www.suse.com/security/cve/CVE-2020-15652.html
  o https://www.suse.com/security/cve/CVE-2020-15653.html
  o https://www.suse.com/security/cve/CVE-2020-15654.html
  o https://www.suse.com/security/cve/CVE-2020-15655.html
  o https://www.suse.com/security/cve/CVE-2020-15656.html
  o https://www.suse.com/security/cve/CVE-2020-15657.html
  o https://www.suse.com/security/cve/CVE-2020-15658.html
  o https://www.suse.com/security/cve/CVE-2020-15659.html
  o https://www.suse.com/security/cve/CVE-2020-6463.html
  o https://www.suse.com/security/cve/CVE-2020-6514.html
  o https://bugzilla.suse.com/1171433
  o https://bugzilla.suse.com/1174538

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXzDHDeNLKJtyKPYoAQh3aw//bTbc2y8GS+lnt8VDwX9+K08c+AkGkWXK
oOq+5Qi7o/4YvKqVNY5WMZN00hzMSiCxnrlA+ywE6nPvuTs2ngEb4d2yk8rQLlMG
iNnwwoqCdtIg5nKHZwCPIMuEc4lQHUXmxVxrMY51bB0PCwC1CKQiDUvLmzcRVNn8
wanbUXhKGlwTOkzttsSRHSEkifazj6x3iNwXtwfaYkanDc13zNt/PxRHihVvp4je
KetBL1DS626HqDGgO3IUHibmqdlTVQz8zHoKHjN6XzEx3TA0g0z0K1Vd/Msy1qju
wvi/12osStiYvViqx0RnA4X4MF26eBn45L6hjhWxeCDnjGRFa8816FgDntKlRt9Z
HB467+v5C2SGQ1PI+Ye/t0PjyvBTfMmqroDpOZKDekaQnAeVIkHy7GbV9O1xkDed
fHFhUzgaPJNjstwwEg6beBIiuRjgVMknPGO9G1NweviAUFJVukxxpIp3psLT30SU
8tjkoESwaR0D7Y0YDJ2frL3sHZvwpFjutgEkV3dWLJ/4D0YLLClj/Q+CSm3agYVS
1fHr9PJE0iF8tus8ZfE5RBjJ8nITBJjzk+/U1q+9hToohprFfjUxJM2KRH1++K62
OP3zfn/TEEBoA9Bfe+VaNoKCuMkgmktr3boavjjWMQyPsNtCw5nEJR1x/cane1uN
cEByEeokwyQ=
=fJQU
-----END PGP SIGNATURE-----

Read More

https://www.malwaredevil.com/2020/08/10/esb-2020-2724-suse-mozillafirefox-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2020-2724-suse-mozillafirefox-multiple-vulnerabilities

ESB-2020.2733 – [Debian] wpa: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.2733
                            wpa security update
                              10 August 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           wpa
Publisher:         Debian
Operating System:  Debian GNU/Linux 9
Impact/Access:     Denial of Service -- Remote/Unauthenticated
                   Reduced Security  -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-12695 CVE-2019-10064 CVE-2016-10743

Reference:         ESB-2020.2705

Original Bulletin: 
   https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- - -----------------------------------------------------------------------
Debian LTS Advisory DLA-2318-1              debian-lts@lists.debian.org
https://www.debian.org/lts/security/                      Utkarsh Gupta
August 09, 2020                             https://wiki.debian.org/LTS
- - -----------------------------------------------------------------------

Package        : wpa
Version        : 2:2.4-1+deb9u7
CVE ID         : CVE-2019-10064 CVE-2020-12695

The following CVE(s) have been reported against src:wpa.

CVE-2019-10064

    hostapd before 2.6, in EAP mode, makes calls to the rand()
    and random() standard library functions without any preceding
    srand() or srandom() call, which results in inappropriate
    use of deterministic values. This was fixed in conjunction
    with CVE-2016-10743.

CVE-2020-12695

    The Open Connectivity Foundation UPnP specification before
    2020-04-17 does not forbid the acceptance of a subscription
    request with a delivery URL on a different network segment
    than the fully qualified event-subscription URL, aka the
    CallStranger issue.

For Debian 9 stretch, these problems have been fixed in version
2:2.4-1+deb9u7.

We recommend that you upgrade your wpa packages.

For the detailed security status of wpa please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/wpa

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
- -----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAl8vDlwACgkQgj6WdgbD
S5bqJQ//cbMou+eANH0/krVoHBolRox7q6pFjwFiEZkKGwmLKKSXeOHcrJ/JrM0S
kCo6GmO+CMuoe0o+HPmNWAsHOB8tg94cvrl2KtBUgfDhXwl5mxjrtdzhLxUQmeJi
UKEbpDbFjJAzioVVsaSCu3Z8UkJO4QNbDKDfwB22CFt3cgcmT+49znViSAhV62BM
CIcTLUm+RNq1MtYxWJQZ4h29YaAxzXGH7+x+iyArafSrbZj5lAD9lQclqi8B8RR/
4WL5mLZyeGotM/zn8wwCWnewfo8DVhZwQIVTZajLVtigyX9G4AUfIO1lumjKtRNR
AkPYJK9lJUia/eGsMPsSrz0mIMnWKVELV1nE/vJGq7LYclvEONJOa4iPuJfAMVZ3
fDF8MOTpUzB6CE2Y/HGJCz0WN3spMkQ8oJsXLxg+X9tMCQkwu2Za9JrgciKqGN3q
pSn4Hmik1W5TfYVQL3MCy3pCT/qRTA9u6D/8MCL6Gga9s5QnVVLV3v65QAqe8r7G
lD904U2U1ZuLDB6Yzq9bYt6jFA0kePYdRBi1aJUfUAn3bsMVTOZZD7g0SUYErxLL
w2c8ol2KCI3y9WvdAey19k7Vw8Pfhkj45ilS0FbE+62h/TNWvgNVCwmIL8jIIJfj
O44qKl27wM+C7RqdykJcBvadr5XbcJs+jw17VgGAdEextroKk/k=
=eSMy
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXzDSP+NLKJtyKPYoAQgI5RAAnPr1XFJXc3u1M0PXwWRoHd7UAZQV2Eif
25OqwdIp/Z75U0bLcBsfVMD/b3WyvSXZR4utEfQPYcJ+OwCJhQIvIvFH9C2UkiUw
oFlT1FAmrD5Lj+wpAwz1aOJ8HE0TeTqSzp5lIEz2YaOWnUDqsp0mjwmsXA6P/wEX
fFGsYljKw0uWRSQa0CdaL2Cg20swqTiKFTSmJrppGLY/vy2mYp5hths8mZdA2Rtg
OM/PaIJ+OfoVXVqi6nLRB36gt5JHsEpWBF/Pcstl5eS13hbBsIkvnQdparwIx6Ft
CjTj53IvJVJEVVnENMSvonQ/ryeBsbD+tGKWb0EGM5HeISeR5bxgrjBC2MMo0LRx
polLjOsSpf64AO1r8jhkrNePa7y1ATYWf/2y0j/RPeloofxjoP562Iuy0tdrb4xd
+0gx44rReLRNCnA8B3tPctMkdt1woH4jPreBU19xFm6QXS1aOzQ+LhDHyMEYC3Mj
OYyxlTdAb7dGiKyw80N0yfNdw8O06X54D8qID2cTSD1Gk4hSd9wtAM3s9iSzrw1d
6bwwMQugQfW7SGQ0zdBthqV/LuAqRmR+9XaovsfH/0/3hFY26EWGmMT1nBQ7Paud
Ie/3KJN2cnx66uDxCfqh8e+9rc6A+nV7pG6vnIyz9bPXnIPIamGYh4ss9mHCR5EH
1yyNV9F/7WI=
=XO+5
-----END PGP SIGNATURE-----

Read More

https://www.malwaredevil.com/2020/08/10/esb-2020-2733-debian-wpa-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2020-2733-debian-wpa-multiple-vulnerabilities

ESB-2020.2732 – [Debian] pillow: Execute arbitrary code/commands – Existing account

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.2732
                          pillow security update
                              10 August 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           pillow
Publisher:         Debian
Operating System:  Debian GNU/Linux 9
Impact/Access:     Execute Arbitrary Code/Commands -- Existing Account
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-10177  

Reference:         ESB-2020.2570

Original Bulletin: 
   https://lists.debian.org/debian-lts-announce/2020/08/msg00012.html

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- - -----------------------------------------------------------------------
Debian LTS Advisory DLA-2317-1              debian-lts@lists.debian.org
https://www.debian.org/lts/security/                      Utkarsh Gupta
August 08, 2020                             https://wiki.debian.org/LTS
- - -----------------------------------------------------------------------

Package        : pillow
Version        : 4.0.0-4+deb9u2
CVE ID         : CVE-2020-10177

It was noticed that in Pillow before 7.1.0, there are multiple
out-of-bounds reads in libImaging/FliDecode.c.

For Debian 9 stretch, this problem has been fixed in version
4.0.0-4+deb9u2.

We recommend that you upgrade your pillow packages.

For the detailed security status of pillow please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/pillow

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
- -----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAl8u6OcACgkQgj6WdgbD
S5bBwQ/+PCLae1ky4d/WeF769BoUXsdA9CQcy4ZMCKAoD2DCPDdRlo/uwjG1gfds
3dncVBxoWIvROAWLskjSJSQ73zdNcvzYWadfwGg9RjMuisGmY3QXTBE4473Xl0dp
aBejZ2++NZ5vwAzgsj6meeZQtIVbNcSkduT4fgUPXQAXUh5IYm+UcrU82j8VAbKx
J/z7iftO7OjaJEZegmBD7tBd3DiEtGceHHxzKik4r4gq1ZIPloz68kuI/DXp+XIS
hrEoshJvrJ2NtoUsrpRmWkO/aw0dkPJebeHs+mcXCpCobQ+lWiR7AUOnuzO/kGtO
pvzcfbBNQcTXX9uFPpin4ZVAtQecrzNlxx/WXIRtlowvMoh8y/3LuQOg4xEHIyWv
Ae+CwC/e8MdDVGvY+QTBjzXLrlURFw/USbLDzVCeXyvlXF2yGMvToyUibMZbPcs/
B+oGioE7BF7QSnSIlDQcEHUX9esYEg47GiHWh/SbWaSDOYZgOBlROzyKh4HQeQ/p
y2SVH8tKmBn+sJQdKD70y9iiz2UaMCuiSwwRTXx4Gsvj5wQpoSbiZMxbrRrKt5VX
ckfWReSLqiuWpddIWDzhsZ4AP2Lqv1XRAZj/h2jBb6coZdeKMv9fnpMoRiDrRsss
RTvxOfHh3us6K2KE/dGiBpzYM1rHKXwBoUCR3wVfiWHxVqYNTzA=
=uo3f
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXzDSKONLKJtyKPYoAQgfTQ//QVtTaQGqU5LGG+KOzzuL0g+7mjfF7F7b
KdjtK76O1hqAVNIPjNH4BmDarlWwgStgyYt62idIfrAsAujLHkCAzENL2odIlud1
xvHgIOTDiN1wa+JKnYd4+RmZdU0GmWzgqCNzRKyHPJcKU+icIR1D5L2a7AycUuZP
eaPNf1kPP09/HmnEAY4o3XT9XnLfxosYcdyVjc2l1s116nJ+FP9yJy4xXVvqqOHa
A+eofGTdZSi97RuVvNiEC6VaeAMKjy+AnKf5mZ1NxPzPbrhiisvfiXhr/smswV66
7bSoISba0tHjI6t8Dk5+qdUHvZdcLf0QQ3YrhkFCvzQJUonpj0kjEsn0ZSlq2SY2
A6dkxIn5PvsbQfJK4D7dPIM0uYvsCZuNSehG2GrLsbTQXn9zn2Lcgv/wqUKYsXIw
pOkLKtPwhUGmIgxQPAW5crigZ1iQEjf3DxTTwE/BeaEVavXH4V/3mDlm3jobbNYY
JhRiNRiolY5vy7bP4w6zPa3eGWJXYBHagdaHSfxNk5JKrVaGAs41qt0tznZ1HXkT
nKQtyFrHWN78HbagSaqKYQ7MGboiSyLeNbaQqzu+bltnf9QuFPcpKuADh0XnchPj
07Zg6p+QRzuIQAY020kp6ZRdQsPluXJ/jVz9Ppzxk2jSJLJOp2+uZ4LgVVRj5MMe
NzLOwABkLqg=
=cLeh
-----END PGP SIGNATURE-----

Read More

https://www.malwaredevil.com/2020/08/10/esb-2020-2732-debian-pillow-execute-arbitrary-code-commands-existing-account/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2020-2732-debian-pillow-execute-arbitrary-code-commands-existing-account

Network Security News Summary for Monday August 10 2020

A brief daily summary of what is important in cybersecurity. The podcast is published every weekday and designed to get you ready for the day with a brief, usually about 5 minutes long, summary of current network security-related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Storm Center. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

https://www.malwaredevil.com/2020/08/09/network-security-news-summary-for-monday-august-10-2020/?utm_source=rss&utm_medium=rss&utm_campaign=network-security-news-summary-for-monday-august-10-2020

‘Ghostwriter’ Uses ‘NATO’ Related Fake News as an Attack Vector

A recent fake news campaign, dubbed ‘Ghostwriter’, has been observed spreading NATO-related fake narratives by hacking into media sites based in eastern European countries.
Read More

https://www.malwaredevil.com/2020/08/09/ghostwriter-uses-nato-related-fake-news-as-an-attack-vector/?utm_source=rss&utm_medium=rss&utm_campaign=ghostwriter-uses-nato-related-fake-news-as-an-attack-vector

The Weaponization of Zero-day Exploits Becoming a New Favourite of Attackers

According to an analysis by Google’s Project Zero, in the first six months of 2020, a total of 11 new zero-day vulnerabilities have been disclosed, that were being exploited in the wild.
Read More

https://www.malwaredevil.com/2020/08/09/the-weaponization-of-zero-day-exploits-becoming-a-new-favourite-of-attackers/?utm_source=rss&utm_medium=rss&utm_campaign=the-weaponization-of-zero-day-exploits-becoming-a-new-favourite-of-attackers

New Hacker-for-Hire Threat Actor Unearthed by Security Researchers

The Deceptikons group has been stealing business and financial secrets from organizations located across Europe, as well as the Middle East countries like Israel, Jordan, and Egypt.
Read More

https://www.malwaredevil.com/2020/08/09/new-hacker-for-hire-threat-actor-unearthed-by-security-researchers/?utm_source=rss&utm_medium=rss&utm_campaign=new-hacker-for-hire-threat-actor-unearthed-by-security-researchers

Doki Linux Malware Infected Docker Servers in the Cloud

Researchers discovered an attack campaign primarily aimed at taking control over misconfigured Docker servers and exploit them to set up their own malicious containers with cryptominers on a victim’s system.
Read More

https://www.malwaredevil.com/2020/08/09/doki-linux-malware-infected-docker-servers-in-the-cloud/?utm_source=rss&utm_medium=rss&utm_campaign=doki-linux-malware-infected-docker-servers-in-the-cloud

What Should You Know About the GRUB2 Bootloader Vulnerability?

Researchers reported BootHole vulnerability in the Grand Unified Bootloader version 2 (GRUB2) utilized by most Linux systems and dual-boot systems with Windows.
Read More

https://www.malwaredevil.com/2020/08/09/what-should-you-know-about-the-grub2-bootloader-vulnerability/?utm_source=rss&utm_medium=rss&utm_campaign=what-should-you-know-about-the-grub2-bootloader-vulnerability

Hacktivists Go on to Add New Feathers to Their Caps With Each Passing Year

According to Blueliv, several new hacktivist collectives have emerged in the period between May 2019 and May 2020, who primarily operate via Twitter to exchange ideas and information.
Read More

https://www.malwaredevil.com/2020/08/09/hacktivists-go-on-to-add-new-feathers-to-their-caps-with-each-passing-year/?utm_source=rss&utm_medium=rss&utm_campaign=hacktivists-go-on-to-add-new-feathers-to-their-caps-with-each-passing-year