ESB-2020.3460 – [RedHat] unbound: Denial of service – Remote/unauthenticated

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.3460
                          unbound security update
                              7 October 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           unbound
Publisher:         Red Hat
Operating System:  Red Hat Enterprise Linux Server 7
                   Red Hat Enterprise Linux WS/Desktop 7
Impact/Access:     Denial of Service -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-12663 CVE-2020-12662 

Reference:         ESB-2020.2336
                   ESB-2020.2163

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2020:4181

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: unbound security update
Advisory ID:       RHSA-2020:4181-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:4181
Issue date:        2020-10-06
CVE Names:         CVE-2020-12662 CVE-2020-12663 
=====================================================================

1. Summary:

An update for unbound is now available for Red Hat Enterprise Linux 7.7
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux ComputeNode EUS (v. 7.7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7) - x86_64
Red Hat Enterprise Linux Server EUS (v. 7.7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional EUS (v. 7.7) - ppc64, ppc64le, s390x, x86_64

3. Description:

The unbound packages provide a validating, recursive, and caching DNS or
DNSSEC resolver. 

Security Fix(es):

* unbound: amplification of an incoming query into a large number of
queries directed to a target (CVE-2020-12662)

* unbound: infinite loop via malformed DNS answers received from upstream
servers (CVE-2020-12663)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1837597 - CVE-2020-12662 unbound: amplification of an incoming query into a large number of queries directed to a target
1837604 - CVE-2020-12663 unbound: infinite loop via malformed DNS answers received from upstream servers

6. Package List:

Red Hat Enterprise Linux ComputeNode EUS (v. 7.7):

Source:
unbound-1.6.6-2.el7_7.src.rpm

x86_64:
unbound-debuginfo-1.6.6-2.el7_7.i686.rpm
unbound-debuginfo-1.6.6-2.el7_7.x86_64.rpm
unbound-libs-1.6.6-2.el7_7.i686.rpm
unbound-libs-1.6.6-2.el7_7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7):

x86_64:
unbound-1.6.6-2.el7_7.x86_64.rpm
unbound-debuginfo-1.6.6-2.el7_7.i686.rpm
unbound-debuginfo-1.6.6-2.el7_7.x86_64.rpm
unbound-devel-1.6.6-2.el7_7.i686.rpm
unbound-devel-1.6.6-2.el7_7.x86_64.rpm
unbound-python-1.6.6-2.el7_7.x86_64.rpm

Red Hat Enterprise Linux Server EUS (v. 7.7):

Source:
unbound-1.6.6-2.el7_7.src.rpm

ppc64:
unbound-1.6.6-2.el7_7.ppc64.rpm
unbound-debuginfo-1.6.6-2.el7_7.ppc.rpm
unbound-debuginfo-1.6.6-2.el7_7.ppc64.rpm
unbound-libs-1.6.6-2.el7_7.ppc.rpm
unbound-libs-1.6.6-2.el7_7.ppc64.rpm

ppc64le:
unbound-1.6.6-2.el7_7.ppc64le.rpm
unbound-debuginfo-1.6.6-2.el7_7.ppc64le.rpm
unbound-libs-1.6.6-2.el7_7.ppc64le.rpm

s390x:
unbound-1.6.6-2.el7_7.s390x.rpm
unbound-debuginfo-1.6.6-2.el7_7.s390.rpm
unbound-debuginfo-1.6.6-2.el7_7.s390x.rpm
unbound-libs-1.6.6-2.el7_7.s390.rpm
unbound-libs-1.6.6-2.el7_7.s390x.rpm

x86_64:
unbound-1.6.6-2.el7_7.x86_64.rpm
unbound-debuginfo-1.6.6-2.el7_7.i686.rpm
unbound-debuginfo-1.6.6-2.el7_7.x86_64.rpm
unbound-libs-1.6.6-2.el7_7.i686.rpm
unbound-libs-1.6.6-2.el7_7.x86_64.rpm

Red Hat Enterprise Linux Server Optional EUS (v. 7.7):

ppc64:
unbound-debuginfo-1.6.6-2.el7_7.ppc.rpm
unbound-debuginfo-1.6.6-2.el7_7.ppc64.rpm
unbound-devel-1.6.6-2.el7_7.ppc.rpm
unbound-devel-1.6.6-2.el7_7.ppc64.rpm
unbound-python-1.6.6-2.el7_7.ppc64.rpm

ppc64le:
unbound-debuginfo-1.6.6-2.el7_7.ppc64le.rpm
unbound-devel-1.6.6-2.el7_7.ppc64le.rpm
unbound-python-1.6.6-2.el7_7.ppc64le.rpm

s390x:
unbound-debuginfo-1.6.6-2.el7_7.s390.rpm
unbound-debuginfo-1.6.6-2.el7_7.s390x.rpm
unbound-devel-1.6.6-2.el7_7.s390.rpm
unbound-devel-1.6.6-2.el7_7.s390x.rpm
unbound-python-1.6.6-2.el7_7.s390x.rpm

x86_64:
unbound-debuginfo-1.6.6-2.el7_7.i686.rpm
unbound-debuginfo-1.6.6-2.el7_7.x86_64.rpm
unbound-devel-1.6.6-2.el7_7.i686.rpm
unbound-devel-1.6.6-2.el7_7.x86_64.rpm
unbound-python-1.6.6-2.el7_7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-12662
https://access.redhat.com/security/cve/CVE-2020-12663
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBX3x91tzjgjWX9erEAQh8yQ/+JniFH29Ey6j/LS6CC/x+to5XSCMxttAm
HXP5Zq3I64/dZ6Kc3dTcmqG70qZpO5jQMBzL6nYMSRFC+s4wHcdN+KzevQa3gYvm
nVqHFlijnDXf+WkvXi1nOHhjGhLWv9qGP6NDmk2IauqQOlF+esQuzos1INgVEnX7
LrDwGG7XrZLpzLk3MVf3qymkAhCuTztAy44iOvO8r1cKARCa+EofzzB3tuF+tLPP
tq22OnfIYWijfRLPzxxF6Xd7a5E8oHbq1hjpD8M/sKfRAycvslQwtytLQHHLYyCH
zOI1VwWAXfpxDVIg8msg8LGre7sVmD5DvZl91xCGJuO1kYf6wpKL0ycg/6Ehw4ga
0BwdGACXZ3sk3GHDY2Bs4DtQVSUh6gqm599LxTqzTFc9zMbxfp+btVIqwBNlv43E
qj7GCkz80+yTLi6LdSeciIFnI4MR0/nLR+r/5RBn8VZuKHDNztRuy/IXQagqft4s
kOrhamnULnRlkIoSWcqgSjYh2F8OCAqmkxgmHUP7eGddTpB3BDmBvAkvn45rgGr5
Ql1ENAJM9Ez5AQQ2wtUmdhi5fzbcys88k8ld+7RXaWzfznrfbtfOIyCbi1Nhkuta
4fupsatyvBmzZXHErFopGLIDIGT917OspRvD7GJkA81v/KW1bTBE/L5CdAoqsqj1
ZDpcY+u1KaQ=
=Eet1
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX30RsONLKJtyKPYoAQh2iRAAnxfVTOy/2aDOgd9URAO9jACPGk2icanw
OgSPNodIGEyU5YxjZsxE6Q+iIsgNg1P+qQfaTAd069Nj4r7Coifpp4P1G4CNqK2V
iM1Ip1QQjqL17XH8rdubkpt2IU+Ygsj2vjY08zL2BSjJqiEqZtuLTV/PG063aK+9
Bf8RT4tclSzju2iYb4p4pfMQQs3nsvic+mh3xKaSCyoOh6IGE0LCqWZH2J98CLtV
sbbfXi82q25TlfSONj1s4wjc+ZEoDD9uJk0v///WHHM2iYZL80H1Db1IxYqpiMK7
yRJ9CFyfYV97cB0mJMh10rXy3AvQpxkLmOaS588hXGDAdj7t68sOSc3w38+RUHNC
wSZ6Mnh/Z82TssrUsHDQ5MlF5Wt+qaFyzW/fRLiH39YKEDp8u4G70C5nqQo7Oegs
dDWCvXOoXmJ8FT/u8UqFoY+1/MtIxhZwK3nIqFrWHvCowx2ZD1y3rBuryMCgNOwQ
ek7fqVAcZLyKA/WRO/DKNP3UlQwmqO//+ETo9kIJhIRRyYTk7gtANT+Tv97uVusI
NlJEefvWEaxCTM7+L9UKw/Mtt7VYEo1SyD0nd21UXtyElidNJTX3jqP/t4avnWuA
bJ45nbMaaZXayoxVSQjrpO/ZzMnBMfGRhyVcKNooDFxkVuo6froi1w64ObPiH0Ck
syxnf1y+0k8=
=qvs1
-----END PGP SIGNATURE-----

Read More

The post ESB-2020.3460 – [RedHat] unbound: Denial of service – Remote/unauthenticated appeared first on Malware Devil.

https://malwaredevil.com/2020/10/07/esb-2020-3460-redhat-unbound-denial-of-service-remote-unauthenticated/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2020-3460-redhat-unbound-denial-of-service-remote-unauthenticated

ESB-2020.3459 – [Debian] thunderbird: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.3459
                        thunderbird security update
                              7 October 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           thunderbird
Publisher:         Debian
Operating System:  Debian GNU/Linux 10
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Cross-site Scripting            -- Remote with User Interaction
                   Denial of Service               -- Remote with User Interaction
                   Provide Misleading Information  -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-15678 CVE-2020-15677 CVE-2020-15676
                   CVE-2020-15673  

Reference:         ESB-2020.3423

Original Bulletin: 
   https://lists.debian.org/debian-security-announce/2020/msg00177.html

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- - -------------------------------------------------------------------------
Debian Security Advisory DSA-4770-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
October 06, 2020                      https://www.debian.org/security/faq
- - -------------------------------------------------------------------------

Package        : thunderbird
CVE ID         : CVE-2020-15673 CVE-2020-15676 CVE-2020-15677
                 CVE-2020-15678

Multiple security issues have been found in Thunderbird, which may lead
to the execution of arbitrary code or denial of service.

Debian follows the Thunderbird upstream releases. Support for the 68.x
series has ended, so starting with this update we're now following
the 78.x releases.

The 78.x series discontinues support for some addons. Also, starting
with 78, Thunderbird supports OpenPGP natively. If you are currently
using the Enigmail addon for PGP, please refer to the included NEWS
and README.Debian.gz files for information on how to migrate your
keys.

For the stable distribution (buster), this problem has been fixed in
version 1:78.3.1-2~deb10u2.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl981JMACgkQEMKTtsN8
Tjavdg/+PT70JTgFjBaa337MA94BuQZecT8jc5oPBCd55TzzduuYByhW34gSAaKv
rgODRNI5r+QY44zqremrFXo21aXBP6qUZxD2x5MBbhc9uw8AS/tqlcwfXP3E0gph
nYIxN10FUonYG//MZIfPy4Q5l4SPU8XWm/1GOhBUEqb5K8XRxUZI5o+Y9SVuk1Yp
FuscsJsKnOzXML3PPEcCxbb3cl24sMbgOlEEMFxUV3+eROJiKsjddL7WLv42+POV
iym7tJkio+jYPOAdcuufn4OY5zcWhYbgwtfmez5JXHfW7Rwlql1U2NssD7i4cxax
paIkeXMcwvoK3AtstCEiOr2uMFaEFqAyzk0K09SCYf4NJ2MR20x56IkGHairu96U
+kUHyzIrUdTZ2tqBTbXkhKyIJcYlMbL2Zke5+fmn0zEmCHVu3cphTdywFxQYHRVJ
iWkFnVZAZ02wCxTuruC6t+qjWFZMwnM7YnDAUD9e4SduqIYK51H7bvM7inKGyquD
ra6w5KyVWmLgShEegtylgYAu+oT4tgw+l9u4vdVksh7Msa22W3tlQiIrjMOPBPw2
6psv3X5fyfWoFUiGP+opSzMf+RmsvIjcBenwEqKNb6BhAYOBeAtW2s+C0DsxrQhH
yJuk6R9ATPvTN9H9iLv45dFjLTSM5JRClfDMmgYJYxTwEUyU26Q=
=DY0f
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX30HF+NLKJtyKPYoAQjCxw/6A1JUqOkL8O1Trmzj4OneAmAFJzHPPwmo
idiXueWZi2wsVJo8HJqo5TeWE2+6mtkB4iuQr/7XuyplQktNyYwDP/UyA8IzDaPe
+GEuscB3fDgQAV83/UO6OOSbikVImwB2QHOtxi08E8DiuMqPSinIsB593XduCfCG
nNtlFJwZnrSOckqs3zoswpTz8LNTLkwqYqQfWRej2EXvFIsiK5QCQa4lzth+kaVW
3riATknpEaf4P7JppVll8fiPmCaFjmuPQtHZTSkPUSpR2aAOhc1c6Sqibexq6bbc
7wour3cYTUprNXHrRRmIi+Rc0LytH5neywXjlOMbds2Kh9PJC4V3moSb2A/dNGlk
pK8t5Q1+25x+2r8GutXi8aWAZxMxq860irOlkj3UEXKB8CSzAzckhJNYVa+lkxe3
/+PbiUwHrL+PPk3gIGONHfb3luEwzSdoWrlPJQRtjEUKumwra6ELXeQeTek5QjaM
JPrBXmB5bgjX4UtPbHowVJj49xciIhAsxsasBwwkrnZKuiM0Y9hGazxnm/YGkjlG
GF7cqKap9ffzyMamQDv+QCEZq8zotTwSMbVYLFeSk2gicIpoRR9quzpAUX3FofWv
Zrd+zVNMZXKAPQWfKwWK0AuFy00khubUk5VwaVBXl2bbluPHVhBBu5P5gA3RNwoB
uq9QyF5MOkU=
=sfUy
-----END PGP SIGNATURE-----

Read More

The post ESB-2020.3459 – [Debian] thunderbird: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2020/10/07/esb-2020-3459-debian-thunderbird-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2020-3459-debian-thunderbird-multiple-vulnerabilities

ESB-2020.3458 – [Win][UNIX/Linux][Debian] php7.0: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.3458
                          php7.0 security update
                              7 October 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           php7.0
Publisher:         Debian
Operating System:  Debian GNU/Linux 9
                   UNIX variants (UNIX, Linux, OSX)
                   Windows
Impact/Access:     Overwrite Arbitrary Files -- Remote with User Interaction
                   Reduced Security          -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-7070  

Original Bulletin: 
   https://lists.debian.org/debian-lts-announce/2020/10/msg00008.html

Comment: This advisory references vulnerabilities in products which run on 
         platforms other than Debian. It is recommended that administrators 
         running php7.0 check for an updated version of the software for 
         their operating system.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2397-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                  Roberto C. S=E1nchez
October 06, 2020                              https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : php7.0
Version        : 7.0.33-0+deb9u10
CVE ID         : CVE-2020-7070

A vulnerability was discovered in PHP, a server-side, HTML-embedded
scripting language.  When PHP is processing incoming HTTP cookie values,
the cookie names are url-decoded. This may lead to cookies with prefixes
like __Host confused with cookies that decode to such prefix, thus
leading to an attacker being able to forge a cookie which is supposed to
be secure.

For Debian 9 stretch, this problem has been fixed in version
7.0.33-0+deb9u10.

We recommend that you upgrade your php7.0 packages.

For the detailed security status of php7.0 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/php7.0

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

- -----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEz9ERzDttUsU/BH8iLNd4Xt2nsg8FAl985MwACgkQLNd4Xt2n
sg8KxQ//QUM/KobertP6NplbT73JuVM8PH7Xm/Do7SWwADrBzl0Zb0lk7KhHNycZ
8iJz9Zv2qbwkAzIV7Ssb6zs70UqBN/TX3E1nzFW6PnZpMHLJx5p5RCbnAQFAsL1A
X1R5RfHa7Rv9OSKBcfMuuv5trEXKaU37tu9EhAdYDY8ZacVM6SbNoE8NSLV83LqR
YU5rLWecpFsNJCmSJ4+hGG9wTY7L1aXSCHAIfqoXLYapWpF0YAxb2HSildnuBKsV
5z4166wQf5X+3ha6tZLKsAybRz6oxfJ/dX5ocs5I/mds9OR2seFZZtazHZtcFvgp
V7/AdZd1VLSWuARyeVRZT2QOXc9Jelm5s4/3bdpiXe9xHYOYg/7pOrsdFFcANpOV
PhTgMJAvm9FjyDPe7spvx2RKWs5PwqU63cRTvRb6AMRU4WyN58dvuE7WTsvSisXq
nulY9UYawcgzlF38TIlr6+1gFjg/hZZ+fdlIsKDqiSC5X3D6oQFvtCapBPf69Ezf
xDjv8z8jDJoCOcQQt6HGQ+Vp21oY5i/zwzAwkd12VfAJMMPBxFicUfI/9kr4dIOj
hbOscCNd398qXXNn0gpdsia5vivUMQX4InHQ+kPgbrPSQbh9LSWPzRfOURGDIe1B
lX+HB+wqFJzaPcSAAlp6LD3GP6wYWrZAUSgEDmGtrZx2KkNf8is=
=6Kkn
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX30HBONLKJtyKPYoAQhp5w/8DMFKr4YvUpqXOom5DaP3Irz+5nem5i8l
t0E3QCGtlpeN0tnSI5gTpbdYeWoIiwKnhBH0Gob7wIqykOosukbScWtb+xErdYVk
GqRij2Oymy0xv11k+6LqXTWgPkQVAmVXAXgfg4RjjSCCUtjo7khQ9xLPC/EmAmm/
P6WzZ1QrNIle/RBwQFYfAYwgmZu6oNU6vRlq0l5ICNRxpkRQWHDQqlYR1xdB1zb7
GinMu+JfaWQzpvs9AR6fke4g+JZWrA2IQq7PTwdoOLQ0uepnQFDEew1lPUWtWgg3
qODdDb4XbDlLDQb0W7K7k/mfaZascC9Zi8T9JyRGb3JmaXYbvibcLo9x4saVCa+t
VU1MmnAJhRJ/7mEmu0meVPv2w6Fr3y9cIQmzVXFTVsYFcoKnv6yGl62MP0no6wLF
1L5K0SWexQz91FdYxrKfg2RN2fJj/AGfTDD62tg6ima7/nq6CEorL67UPdIBB01c
NfukmdQ1LeAdAGvEJZHX34CUWOA9mqpYrv61ywh1RXz9qt4uUUItzfdECpwEWfxU
4tcc+NkUa2zjc8i8I5/m7zT7cn5MgA5WhFQu79HQxTTqxyy8P8/Br2b2zSXgzYEz
jTNPC2Uw1pvKPJ9a4Wuwgaj7B3yJaxh5xMExDKhpKvuylKVlIv0shdp+Mvpe0DzA
BpTtMbzl0Ko=
=1YsR
-----END PGP SIGNATURE-----

Read More

The post ESB-2020.3458 – [Win][UNIX/Linux][Debian] php7.0: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2020/10/07/esb-2020-3458-winunix-linuxdebian-php7-0-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2020-3458-winunix-linuxdebian-php7-0-multiple-vulnerabilities

ESB-2020.3457 – [UNIX/Linux][Debian] tigervnc: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.3457
                         tigervnc security update
                              7 October 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           tigervnc
Publisher:         Debian
Operating System:  Debian GNU/Linux 9
                   UNIX variants (UNIX, Linux, OSX)
Impact/Access:     Provide Misleading Information -- Remote with User Interaction
                   Access Confidential Data       -- Remote with User Interaction
                   Reduced Security               -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-26117  

Original Bulletin: 
   https://lists.debian.org/debian-lts-announce/2020/10/msg00007.html

Comment: This advisory references vulnerabilities in products which run on 
         platforms other than Debian. It is recommended that administrators 
         running tigervnc check for an updated version of the software for 
         their operating system.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2396-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                  Roberto C. S=E1nchez
October 06, 2020                              https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : tigervnc
Version        : 1.7.0+dfsg-7+deb9u2
CVE ID         : CVE-2020-26117
Debian Bug     : 971272

A vulnerability was discovered in tigernvc, a Virtual Network Computing
client and server implementation.  The viewer implementation mishandles
TLS certificate exceptions, storing the certificates as authorities,
meaning that the owner of a certificate could impersonate any server
after a client had added an exception.

For Debian 9 stretch, this problem has been fixed in version
1.7.0+dfsg-7+deb9u2.

We recommend that you upgrade your tigervnc packages.

For the detailed security status of tigervnc please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/tigervnc

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

- -----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEz9ERzDttUsU/BH8iLNd4Xt2nsg8FAl985KMACgkQLNd4Xt2n
sg9ziQ//b+9uNEGQibvn/rBqX6yCx3RlFIqlFHADYlWK05CERaOmcrBtNxpVUKVK
3I2pPmSs698bunFUOV5Jz5omg1cfDdFSaikqlIZrDlq6sARph/VubXU8fuGk4r6d
k1pBlX5J1GlYw+75t+YXMHpa+ixyYc/f31UWrbbpO5DFuN3glJweZK7iqgWoQQGS
+a/WTzTHS6Zx0ku3jteguQJtONJBfOMW+x7TuTrguYHyrrLS158MKVbzeyUE7UeR
IpJO8eAP35C+weuNV4RtK9tSHT6UIOrMVrRikhTfNigCMq/K50Ju0xFruyYiKq34
bFwjq8SbktkakfuTOCo5F31JO0uq1Uf9vAGJiVtPhfWG2NuJuy8HVewOaVzKpuYl
/8XtQpuCBSW3nPfIbWEGia56UfTvE8hr34IYYV+6yXJY2NXI92wGpPalrbfWlJbJ
Daqjwx4kLR1z41yOLrcm/Ke1Zcnu7BI3DZ/JgxYTSvnqVoHIuM6bdJDfYY6xXxia
o7a9+cK7Tv3rJ3PiTQSHexQOUqB8DZ6xWGxVnh0chxRgyTmruz+JE2jPPUSQMaCy
U6ESam12LH2r1GHeXZWA0oN5R5Z8wjf24zCyGJVDZesNbRCrsuwotnFqzGWbkBIQ
d0dmlxDRdoow5bAVNal1Em4FTUMGyX7tCm9az/vpZ78Ekayxkk8=
=Dr6f
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX30G6ONLKJtyKPYoAQj4Bw/9Hhsy9Js52NB/+QfGAo+fQxAzMys3L6Fi
nSKv5yYKwMAsc2z6R0AeqOEwkUdKWLPBSnLdM8dOhYuTosOOoGEgkONAoHnXTHB3
c1jx5uaJin/SYhPBhMaCYo8SPpWLlH75cSHa/9mSLLBL4y08JUde1TJY5boPvnyj
a9IVp0NrAivexI76gfjfedOLZ7frUwIGAm9JjPIIeenzOQSaXpP2EUsJAF6uSROz
M+LJvAqL+SkaOvykeho9XW2PV+qPiHNMUyjcj7dYzCloxUIoVRsbyz9r64hU+wZd
G468nBL//OEYXR8uu4f/GFuXGEB2yfHvysuwLFwR39Id2RFnjGr7mCrRQBQ0A7hT
vsuOp5GVQHTmoo6q5cb5t98pXf8CRxUMiiPc18juFBDqoA/+SvLmulzne0KZ7mHw
tBHJxBkzfg8choMCBai+72N4jJvHkjVxHVNijabA83xChgMO2ksIVFGVD0EpgFya
4aQXG/P/0gJZBYt0ZaB73yc1Uh8cEt9SEmrg/C04tn8SLRvyePxxN51JsAtjjpYG
uux8Kc7q0qM/DSjv3sPRMIHUmUlw7cmBVxThXameMeJ+S5QEDUPXeEzShul9o3d7
x2LaOdxzdAMhhC9I5FNibd1dwN3Ibg3T7tzfXvBRsOH4i5CoybBad/wha2kxo6LA
yB177G4LIao=
=wcUZ
-----END PGP SIGNATURE-----

Read More

The post ESB-2020.3457 – [UNIX/Linux][Debian] tigervnc: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2020/10/07/esb-2020-3457-unix-linuxdebian-tigervnc-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2020-3457-unix-linuxdebian-tigervnc-multiple-vulnerabilities

ESB-2020.3456 – [Ubuntu] spice: Execute arbitrary code/commands – Existing account

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.3456
                      USN-4572-1: Spice vulnerability
                              7 October 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           spice
Publisher:         Ubuntu
Operating System:  Ubuntu
Impact/Access:     Execute Arbitrary Code/Commands -- Existing Account
                   Denial of Service               -- Existing Account
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-14355  

Reference:         ESB-2020.3455

Original Bulletin: 
   https://usn.ubuntu.com/4572-1/

- --------------------------BEGIN INCLUDED TEXT--------------------

USN-4572-1: Spice vulnerability
06 October 2020

Spice could be made to crash or run programs if it received specially
crafted network traffic.
Releases

  o Ubuntu 20.04 LTS
  o Ubuntu 18.04 LTS
  o Ubuntu 16.04 LTS

Packages

  o spice - SPICE protocol client and server library

Details

Frediano Ziglio discovered that Spice incorrectly handled QUIC image
decoding. A remote attacker could use this to cause Spice to crash,
resulting in a denial of service, or possibly execute arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following package
versions:

Ubuntu 20.04

  o libspice-server1 - 0.14.2-4ubuntu3.1

Ubuntu 18.04

  o libspice-server1 - 0.14.0-1ubuntu2.5

Ubuntu 16.04

  o libspice-server1 - 0.12.6-4ubuntu0.5

After a standard system update you need to restart qemu guests to make all
the necessary changes.

References

  o CVE-2020-14355

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX30DzONLKJtyKPYoAQgQQw//deWEz4XX3Z+zmJH++tLgeB3kHRJmQVRi
UCB7Hfp8WmHAcWzVfG5NBXCToxZ+tWZHvh98A0Q6VUoU2OEJZULTDk7ydY6JV6u/
hi2rhuWSf9oTUWPvEd3VY3foKZpBgxx3AKXDyoSLd7klIeldLZMj76RMzY+mQWbz
YE0YPtnXHNxcp0JpXf4npoBkP052TufzVWAkRg1gG+r8ml7+HWPPKacbg9hFhRQa
3rRugX7BsCyYlL2zO+yKIqpm+bP2184dmJ9w8/aKoqwzSteLjQUvZVh8gPOHhqL9
+QNIkAac3smzY9hmp8kqMSK2Lrrp0vt4/3pNu1MYyFRvn4de4BeetaHiXyocu7o1
58c69kXzRPqA+5JBIo0WjfEQAW9iIs4rcX5tM2q3p2dQpU7E+FU6SXQOgWdSajqn
80+XHDxjjqfcISoSWILCkFx52V5GOu2EEFlVLxC1gW5jSWzlh3kIFic7zZPfKKoD
tPA4S2n94FKVFS3ASalIVtfKZ3pekDI/oZ5ClCJpt9zvl+wFlAwOEaxfPeRoHsPx
FMMxF4k0TkqZBtJ2ox07S3LATLN4M/fZuFmDJlAXGus8btZfLd6PsAeSUmYA9e3h
M4byHhVKzD92cYLjdFkR8h4BNzFr22qVzVjuBDqEkyKFzK3Yh2N7gTu7jgMFnfFY
FUC/4ZYL+hU=
=PP3k
-----END PGP SIGNATURE-----

Read More

The post ESB-2020.3456 – [Ubuntu] spice: Execute arbitrary code/commands – Existing account appeared first on Malware Devil.

https://malwaredevil.com/2020/10/07/esb-2020-3456-ubuntu-spice-execute-arbitrary-code-commands-existing-account/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2020-3456-ubuntu-spice-execute-arbitrary-code-commands-existing-account

ESB-2020.3455 – [RedHat] spice and spice-gtk: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.3455
                    spice and spice-gtk security update
                              7 October 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           spice and spice-gtk
Publisher:         Red Hat
Operating System:  Red Hat Enterprise Linux Server 7
                   Red Hat Enterprise Linux WS/Desktop 7
                   Red Hat Enterprise Linux Server 8
                   Red Hat Enterprise Linux WS/Desktop 8
Impact/Access:     Execute Arbitrary Code/Commands -- Existing Account
                   Denial of Service               -- Existing Account
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-14355  

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2020:4184
   https://access.redhat.com/errata/RHSA-2020:4185
   https://access.redhat.com/errata/RHSA-2020:4186
   https://access.redhat.com/errata/RHSA-2020:4187

Comment: This bulletin contains four (4) Red Hat security advisories.
         
         This advisory references vulnerabilities in products which run on 
         platforms other than Red Hat. It is recommended that administrators
         running spice and spice-gtk check for an updated version of the 
         software for their operating system.

- --------------------------BEGIN INCLUDED TEXT--------------------

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.3455
                    spice and spice-gtk security update
                              7 October 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           spice and spice-gtk
Publisher:         Red Hat
Operating System:  Red Hat Enterprise Linux Server 7
                   Red Hat Enterprise Linux WS/Desktop 7
                   Red Hat Enterprise Linux Server 8
                   Red Hat Enterprise Linux WS/Desktop 8
                   UNIX variants (UNIX, Linux, OSX)
Impact/Access:     Execute Arbitrary Code/Commands -- Existing Account
                   Denial of Service               -- Existing Account
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-14355  

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2020:4187
   https://access.redhat.com/errata/RHSA-2020:4185
   https://access.redhat.com/errata/RHSA-2020:4186
   https://access.redhat.com/errata/RHSA-2020:4184

Comment: This bulletin contains four (4) Red Hat security advisories.
         
         This advisory references vulnerabilities in products which run on 
         platforms other than Red Hat. It is recommended that administrators
         running spice and spice-gtk check for an updated version of the 
         software for their operating system.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: spice and spice-gtk security update
Advisory ID:       RHSA-2020:4187-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:4187
Issue date:        2020-10-06
CVE Names:         CVE-2020-14355 
=====================================================================

1. Summary:

An update for spice and spice-gtk is now available for Red Hat Enterprise
Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

The Simple Protocol for Independent Computing Environments (SPICE) is a
remote display system built for virtual environments which allows the user
to view a computing 'desktop' environment not only on the machine where it
is running, but from anywhere on the Internet and from a wide variety of
machine architectures.

The spice-gtk packages provide a GIMP Toolkit (GTK+) widget for Simple
Protocol for Independent Computing Environments (SPICE) clients. Both
Virtual Machine Manager and Virtual Machine Viewer can make use of this
widget to access virtual machines using the SPICE protocol.

Security Fix(es):

* spice: multiple buffer overflow vulnerabilities in QUIC decoding code
(CVE-2020-14355)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All applications using SPICE (most notably all QEMU-KVM instances using the
SPICE console) must be restarted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1868435 - CVE-2020-14355 spice: multiple buffer overflow vulnerabilities in QUIC decoding code

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
spice-0.14.0-9.el7_9.1.src.rpm
spice-gtk-0.35-5.el7_9.1.src.rpm

x86_64:
spice-debuginfo-0.14.0-9.el7_9.1.x86_64.rpm
spice-glib-0.35-5.el7_9.1.i686.rpm
spice-glib-0.35-5.el7_9.1.x86_64.rpm
spice-gtk-debuginfo-0.35-5.el7_9.1.i686.rpm
spice-gtk-debuginfo-0.35-5.el7_9.1.x86_64.rpm
spice-gtk3-0.35-5.el7_9.1.i686.rpm
spice-gtk3-0.35-5.el7_9.1.x86_64.rpm
spice-server-0.14.0-9.el7_9.1.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
spice-debuginfo-0.14.0-9.el7_9.1.x86_64.rpm
spice-glib-devel-0.35-5.el7_9.1.i686.rpm
spice-glib-devel-0.35-5.el7_9.1.x86_64.rpm
spice-gtk-debuginfo-0.35-5.el7_9.1.i686.rpm
spice-gtk-debuginfo-0.35-5.el7_9.1.x86_64.rpm
spice-gtk-tools-0.35-5.el7_9.1.x86_64.rpm
spice-gtk3-devel-0.35-5.el7_9.1.i686.rpm
spice-gtk3-devel-0.35-5.el7_9.1.x86_64.rpm
spice-gtk3-vala-0.35-5.el7_9.1.x86_64.rpm
spice-server-devel-0.14.0-9.el7_9.1.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

Source:
spice-0.14.0-9.el7_9.1.src.rpm

x86_64:
spice-debuginfo-0.14.0-9.el7_9.1.x86_64.rpm
spice-server-0.14.0-9.el7_9.1.x86_64.rpm
spice-server-devel-0.14.0-9.el7_9.1.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
spice-0.14.0-9.el7_9.1.src.rpm
spice-gtk-0.35-5.el7_9.1.src.rpm

s390x:
spice-glib-0.35-5.el7_9.1.s390.rpm
spice-glib-0.35-5.el7_9.1.s390x.rpm
spice-gtk-debuginfo-0.35-5.el7_9.1.s390.rpm
spice-gtk-debuginfo-0.35-5.el7_9.1.s390x.rpm
spice-gtk3-0.35-5.el7_9.1.s390.rpm
spice-gtk3-0.35-5.el7_9.1.s390x.rpm

x86_64:
spice-debuginfo-0.14.0-9.el7_9.1.x86_64.rpm
spice-glib-0.35-5.el7_9.1.i686.rpm
spice-glib-0.35-5.el7_9.1.x86_64.rpm
spice-gtk-debuginfo-0.35-5.el7_9.1.i686.rpm
spice-gtk-debuginfo-0.35-5.el7_9.1.x86_64.rpm
spice-gtk3-0.35-5.el7_9.1.i686.rpm
spice-gtk3-0.35-5.el7_9.1.x86_64.rpm
spice-server-0.14.0-9.el7_9.1.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

Source:
spice-gtk-0.35-5.el7_9.1.src.rpm

ppc64le:
spice-glib-0.35-5.el7_9.1.ppc64le.rpm
spice-glib-devel-0.35-5.el7_9.1.ppc64le.rpm
spice-gtk-debuginfo-0.35-5.el7_9.1.ppc64le.rpm
spice-gtk-tools-0.35-5.el7_9.1.ppc64le.rpm
spice-gtk3-0.35-5.el7_9.1.ppc64le.rpm
spice-gtk3-devel-0.35-5.el7_9.1.ppc64le.rpm
spice-gtk3-vala-0.35-5.el7_9.1.ppc64le.rpm

s390x:
spice-glib-devel-0.35-5.el7_9.1.s390.rpm
spice-glib-devel-0.35-5.el7_9.1.s390x.rpm
spice-gtk-debuginfo-0.35-5.el7_9.1.s390.rpm
spice-gtk-debuginfo-0.35-5.el7_9.1.s390x.rpm
spice-gtk-tools-0.35-5.el7_9.1.s390x.rpm
spice-gtk3-devel-0.35-5.el7_9.1.s390.rpm
spice-gtk3-devel-0.35-5.el7_9.1.s390x.rpm
spice-gtk3-vala-0.35-5.el7_9.1.s390x.rpm

x86_64:
spice-debuginfo-0.14.0-9.el7_9.1.x86_64.rpm
spice-glib-devel-0.35-5.el7_9.1.i686.rpm
spice-glib-devel-0.35-5.el7_9.1.x86_64.rpm
spice-gtk-debuginfo-0.35-5.el7_9.1.i686.rpm
spice-gtk-debuginfo-0.35-5.el7_9.1.x86_64.rpm
spice-gtk-tools-0.35-5.el7_9.1.x86_64.rpm
spice-gtk3-devel-0.35-5.el7_9.1.i686.rpm
spice-gtk3-devel-0.35-5.el7_9.1.x86_64.rpm
spice-gtk3-vala-0.35-5.el7_9.1.x86_64.rpm
spice-server-devel-0.14.0-9.el7_9.1.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
spice-0.14.0-9.el7_9.1.src.rpm
spice-gtk-0.35-5.el7_9.1.src.rpm

x86_64:
spice-debuginfo-0.14.0-9.el7_9.1.x86_64.rpm
spice-glib-0.35-5.el7_9.1.i686.rpm
spice-glib-0.35-5.el7_9.1.x86_64.rpm
spice-gtk-debuginfo-0.35-5.el7_9.1.i686.rpm
spice-gtk-debuginfo-0.35-5.el7_9.1.x86_64.rpm
spice-gtk3-0.35-5.el7_9.1.i686.rpm
spice-gtk3-0.35-5.el7_9.1.x86_64.rpm
spice-server-0.14.0-9.el7_9.1.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

x86_64:
spice-debuginfo-0.14.0-9.el7_9.1.x86_64.rpm
spice-glib-devel-0.35-5.el7_9.1.i686.rpm
spice-glib-devel-0.35-5.el7_9.1.x86_64.rpm
spice-gtk-debuginfo-0.35-5.el7_9.1.i686.rpm
spice-gtk-debuginfo-0.35-5.el7_9.1.x86_64.rpm
spice-gtk-tools-0.35-5.el7_9.1.x86_64.rpm
spice-gtk3-devel-0.35-5.el7_9.1.i686.rpm
spice-gtk3-devel-0.35-5.el7_9.1.x86_64.rpm
spice-gtk3-vala-0.35-5.el7_9.1.x86_64.rpm
spice-server-devel-0.14.0-9.el7_9.1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-14355
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBX3zNh9zjgjWX9erEAQiv2xAAgS+Or5UIhX+jDqVyv6dQrHdyqd6+K0Cx
LFZo06ySpDBv/jAcgukTCR4oTlxFONuEKk1mxntR2PTVBUTdne/CI0GVK447wU8v
R/KWk9eSWz/EPr7JYqEG6dcy4FmnxPquFzstPjXLyDnZZm9yXeXfi2oZXOIq0dnc
ZueOx6Kbsdrj/WThzVqh/TirXVh0q/t69cigBrfbZuldIZi0KEe333WWRpRy7e+s
kBwWAvmW1LS7B5EZ78jY4lrryg63cVLkFFigNxSvpKQ3WAdGmpuXynxhExUoQ9Je
zDQAAj/RwRj8/VPM56J0VKlRXU/z8GRN25BXSKbOBs78Eym1Htk2dvTs7A4YL1Mt
rvptGLzi5+TIJRU80Ud1GcjrZN1ecvTWbiwoGeMWaOLEC4pU8y0D+oeC/cJD3Nor
oIN2UdfGKgMg5jNTilxUGqD9nWt8tTNv7pp+DHoSPIV3O4DD43+vREZrcgh43OxH
CCSHy+sD1lNjcu3sQ9heKhcI6c+HAHRTJbAfh73V7dbEMaak/CDJSSf76xVw2pL9
P4cuGPEFO0B9feCseHVnvZItP41loE8RNNw4vJ0fxcW7LLLl9/1QQxczhfjMrYMi
MbK+Jol4w9jX/X+Pc6okDzS0lmgyFmSyHTbrTzGrfZ9coAQ4xpkBGFmEZi+x9oFl
d0fVcVxPjLY=
=mos9
- -----END PGP SIGNATURE-----

- -----------------------------------------------------------------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: spice and spice-gtk security update
Advisory ID:       RHSA-2020:4185-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:4185
Issue date:        2020-10-06
CVE Names:         CVE-2020-14355 
=====================================================================

1. Summary:

An update for spice and spice-gtk is now available for Red Hat Enterprise
Linux 8.1 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat CodeReady Linux Builder EUS (v. 8.1) - aarch64, x86_64
Red Hat Enterprise Linux AppStream EUS (v. 8.1) - aarch64, ppc64le, s390x, x86_64

3. Description:

The Simple Protocol for Independent Computing Environments (SPICE) is a
remote display system built for virtual environments which allows the user
to view a computing 'desktop' environment not only on the machine where it
is running, but from anywhere on the Internet and from a wide variety of
machine architectures.

The spice-gtk packages provide a GIMP Toolkit (GTK+) widget for Simple
Protocol for Independent Computing Environments (SPICE) clients. Both
Virtual Machine Manager and Virtual Machine Viewer can make use of this
widget to access virtual machines using the SPICE protocol.

Security Fix(es):

* spice: multiple buffer overflow vulnerabilities in QUIC decoding code
(CVE-2020-14355)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All applications using SPICE (most notably all QEMU-KVM instances using the
SPICE console) must be restarted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1868435 - CVE-2020-14355 spice: multiple buffer overflow vulnerabilities in QUIC decoding code

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v. 8.1):

Source:
spice-0.14.2-1.el8_1.1.src.rpm
spice-gtk-0.37-1.el8_1.2.src.rpm

aarch64:
spice-debugsource-0.14.2-1.el8_1.1.aarch64.rpm
spice-glib-0.37-1.el8_1.2.aarch64.rpm
spice-glib-debuginfo-0.37-1.el8_1.2.aarch64.rpm
spice-glib-devel-0.37-1.el8_1.2.aarch64.rpm
spice-gtk-0.37-1.el8_1.2.aarch64.rpm
spice-gtk-debuginfo-0.37-1.el8_1.2.aarch64.rpm
spice-gtk-debugsource-0.37-1.el8_1.2.aarch64.rpm
spice-gtk-tools-0.37-1.el8_1.2.aarch64.rpm
spice-gtk-tools-debuginfo-0.37-1.el8_1.2.aarch64.rpm
spice-gtk3-0.37-1.el8_1.2.aarch64.rpm
spice-gtk3-debuginfo-0.37-1.el8_1.2.aarch64.rpm
spice-gtk3-devel-0.37-1.el8_1.2.aarch64.rpm
spice-gtk3-vala-0.37-1.el8_1.2.aarch64.rpm
spice-server-0.14.2-1.el8_1.1.aarch64.rpm
spice-server-debuginfo-0.14.2-1.el8_1.1.aarch64.rpm

ppc64le:
spice-glib-0.37-1.el8_1.2.ppc64le.rpm
spice-glib-debuginfo-0.37-1.el8_1.2.ppc64le.rpm
spice-glib-devel-0.37-1.el8_1.2.ppc64le.rpm
spice-gtk-0.37-1.el8_1.2.ppc64le.rpm
spice-gtk-debuginfo-0.37-1.el8_1.2.ppc64le.rpm
spice-gtk-debugsource-0.37-1.el8_1.2.ppc64le.rpm
spice-gtk-tools-0.37-1.el8_1.2.ppc64le.rpm
spice-gtk-tools-debuginfo-0.37-1.el8_1.2.ppc64le.rpm
spice-gtk3-0.37-1.el8_1.2.ppc64le.rpm
spice-gtk3-debuginfo-0.37-1.el8_1.2.ppc64le.rpm
spice-gtk3-devel-0.37-1.el8_1.2.ppc64le.rpm
spice-gtk3-vala-0.37-1.el8_1.2.ppc64le.rpm

s390x:
spice-glib-0.37-1.el8_1.2.s390x.rpm
spice-glib-debuginfo-0.37-1.el8_1.2.s390x.rpm
spice-glib-devel-0.37-1.el8_1.2.s390x.rpm
spice-gtk-0.37-1.el8_1.2.s390x.rpm
spice-gtk-debuginfo-0.37-1.el8_1.2.s390x.rpm
spice-gtk-debugsource-0.37-1.el8_1.2.s390x.rpm
spice-gtk-tools-0.37-1.el8_1.2.s390x.rpm
spice-gtk-tools-debuginfo-0.37-1.el8_1.2.s390x.rpm
spice-gtk3-0.37-1.el8_1.2.s390x.rpm
spice-gtk3-debuginfo-0.37-1.el8_1.2.s390x.rpm
spice-gtk3-devel-0.37-1.el8_1.2.s390x.rpm
spice-gtk3-vala-0.37-1.el8_1.2.s390x.rpm

x86_64:
spice-debugsource-0.14.2-1.el8_1.1.i686.rpm
spice-debugsource-0.14.2-1.el8_1.1.x86_64.rpm
spice-glib-0.37-1.el8_1.2.i686.rpm
spice-glib-0.37-1.el8_1.2.x86_64.rpm
spice-glib-debuginfo-0.37-1.el8_1.2.i686.rpm
spice-glib-debuginfo-0.37-1.el8_1.2.x86_64.rpm
spice-glib-devel-0.37-1.el8_1.2.i686.rpm
spice-glib-devel-0.37-1.el8_1.2.x86_64.rpm
spice-gtk-0.37-1.el8_1.2.x86_64.rpm
spice-gtk-debuginfo-0.37-1.el8_1.2.i686.rpm
spice-gtk-debuginfo-0.37-1.el8_1.2.x86_64.rpm
spice-gtk-debugsource-0.37-1.el8_1.2.i686.rpm
spice-gtk-debugsource-0.37-1.el8_1.2.x86_64.rpm
spice-gtk-tools-0.37-1.el8_1.2.x86_64.rpm
spice-gtk-tools-debuginfo-0.37-1.el8_1.2.i686.rpm
spice-gtk-tools-debuginfo-0.37-1.el8_1.2.x86_64.rpm
spice-gtk3-0.37-1.el8_1.2.i686.rpm
spice-gtk3-0.37-1.el8_1.2.x86_64.rpm
spice-gtk3-debuginfo-0.37-1.el8_1.2.i686.rpm
spice-gtk3-debuginfo-0.37-1.el8_1.2.x86_64.rpm
spice-gtk3-devel-0.37-1.el8_1.2.i686.rpm
spice-gtk3-devel-0.37-1.el8_1.2.x86_64.rpm
spice-gtk3-vala-0.37-1.el8_1.2.x86_64.rpm
spice-server-0.14.2-1.el8_1.1.i686.rpm
spice-server-0.14.2-1.el8_1.1.x86_64.rpm
spice-server-debuginfo-0.14.2-1.el8_1.1.i686.rpm
spice-server-debuginfo-0.14.2-1.el8_1.1.x86_64.rpm

Red Hat CodeReady Linux Builder EUS (v. 8.1):

aarch64:
spice-debugsource-0.14.2-1.el8_1.1.aarch64.rpm
spice-server-debuginfo-0.14.2-1.el8_1.1.aarch64.rpm
spice-server-devel-0.14.2-1.el8_1.1.aarch64.rpm

x86_64:
spice-debugsource-0.14.2-1.el8_1.1.i686.rpm
spice-debugsource-0.14.2-1.el8_1.1.x86_64.rpm
spice-server-debuginfo-0.14.2-1.el8_1.1.i686.rpm
spice-server-debuginfo-0.14.2-1.el8_1.1.x86_64.rpm
spice-server-devel-0.14.2-1.el8_1.1.i686.rpm
spice-server-devel-0.14.2-1.el8_1.1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-14355
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBX3ySO9zjgjWX9erEAQiaaQ/9Hn8DtEmkYywd2KLlW/fm1BUg04r0aVt4
DWSkyztI6nxwi3APyNDE8jf5mffI4+E469A1r45N27A9eIlhVAyt6PSzbsUgBRQN
XVr1BGdHTfYiwC8uCxNms9RVfBNkLQfyqLNzrGimnISCdQIc8cAwfRmm/UDCBhAF
0oC/bva11FpxSgS9Da7wNeHUbQVbsp27aT5SqHCaXY8irT5j4f/+625wg5QE3y4D
OyLuicB+R/lo4c7IZT3p/AV2pUHyvtgACSUsclEtjsUZ3BiMs1tqVjMWFx9hZtXW
MsNWRkKc4un7Qy8MgAgCKyAnzSZ8NiBRmjrJWpR//w9t+6IZEptxrZX8AvqpZRkY
1Lfq7g2hplyZgGq8Zx848uge4i+iNguRCda7NemI2X1Dp3tRmtMkQkGNJpdEEmIt
+PZF2QWyoVQTz850BOeeczmvtFH+8c+/3dAg2gCeWqtNzYb0kS1F0g3y4aBFi9Se
gELul3FZVsZkAtw6LZcoTv/aLWpZdGSUvNIT422x5s+8jp02ogmajFuK2e2nipSm
D7amzQWMR0ZU9cy55V/21ZBwp8NaWQ2Dkh/6i328ePXCPRrBKLHtJkz5KbnQS0fW
cl/PNnN/L27HUcx7iy2f3ULzxIgfF9/xY9PmvRNT4zWwpaJ3s62a+1lD026IY23K
bjeIedOOY94=
=8FKZ
- -----END PGP SIGNATURE-----

- -----------------------------------------------------------------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: spice and spice-gtk security update
Advisory ID:       RHSA-2020:4186-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:4186
Issue date:        2020-10-06
CVE Names:         CVE-2020-14355 
=====================================================================

1. Summary:

An update for spice and spice-gtk is now available for Red Hat Enterprise
Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat CodeReady Linux Builder (v. 8) - aarch64, x86_64
Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64

3. Description:

The Simple Protocol for Independent Computing Environments (SPICE) is a
remote display system built for virtual environments which allows the user
to view a computing 'desktop' environment not only on the machine where it
is running, but from anywhere on the Internet and from a wide variety of
machine architectures.

The spice-gtk packages provide a GIMP Toolkit (GTK+) widget for Simple
Protocol for Independent Computing Environments (SPICE) clients. Both
Virtual Machine Manager and Virtual Machine Viewer can make use of this
widget to access virtual machines using the SPICE protocol.

Security Fix(es):

* spice: multiple buffer overflow vulnerabilities in QUIC decoding code
(CVE-2020-14355)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All applications using SPICE (most notably all QEMU-KVM instances using the
SPICE console) must be restarted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1868435 - CVE-2020-14355 spice: multiple buffer overflow vulnerabilities in QUIC decoding code

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:
spice-0.14.2-1.el8_2.1.src.rpm
spice-gtk-0.37-1.el8_2.2.src.rpm

aarch64:
spice-debugsource-0.14.2-1.el8_2.1.aarch64.rpm
spice-glib-0.37-1.el8_2.2.aarch64.rpm
spice-glib-debuginfo-0.37-1.el8_2.2.aarch64.rpm
spice-glib-devel-0.37-1.el8_2.2.aarch64.rpm
spice-gtk-0.37-1.el8_2.2.aarch64.rpm
spice-gtk-debuginfo-0.37-1.el8_2.2.aarch64.rpm
spice-gtk-debugsource-0.37-1.el8_2.2.aarch64.rpm
spice-gtk-tools-0.37-1.el8_2.2.aarch64.rpm
spice-gtk-tools-debuginfo-0.37-1.el8_2.2.aarch64.rpm
spice-gtk3-0.37-1.el8_2.2.aarch64.rpm
spice-gtk3-debuginfo-0.37-1.el8_2.2.aarch64.rpm
spice-gtk3-devel-0.37-1.el8_2.2.aarch64.rpm
spice-gtk3-vala-0.37-1.el8_2.2.aarch64.rpm
spice-server-0.14.2-1.el8_2.1.aarch64.rpm
spice-server-debuginfo-0.14.2-1.el8_2.1.aarch64.rpm

ppc64le:
spice-glib-0.37-1.el8_2.2.ppc64le.rpm
spice-glib-debuginfo-0.37-1.el8_2.2.ppc64le.rpm
spice-glib-devel-0.37-1.el8_2.2.ppc64le.rpm
spice-gtk-0.37-1.el8_2.2.ppc64le.rpm
spice-gtk-debuginfo-0.37-1.el8_2.2.ppc64le.rpm
spice-gtk-debugsource-0.37-1.el8_2.2.ppc64le.rpm
spice-gtk-tools-0.37-1.el8_2.2.ppc64le.rpm
spice-gtk-tools-debuginfo-0.37-1.el8_2.2.ppc64le.rpm
spice-gtk3-0.37-1.el8_2.2.ppc64le.rpm
spice-gtk3-debuginfo-0.37-1.el8_2.2.ppc64le.rpm
spice-gtk3-devel-0.37-1.el8_2.2.ppc64le.rpm
spice-gtk3-vala-0.37-1.el8_2.2.ppc64le.rpm

s390x:
spice-glib-0.37-1.el8_2.2.s390x.rpm
spice-glib-debuginfo-0.37-1.el8_2.2.s390x.rpm
spice-glib-devel-0.37-1.el8_2.2.s390x.rpm
spice-gtk-0.37-1.el8_2.2.s390x.rpm
spice-gtk-debuginfo-0.37-1.el8_2.2.s390x.rpm
spice-gtk-debugsource-0.37-1.el8_2.2.s390x.rpm
spice-gtk-tools-0.37-1.el8_2.2.s390x.rpm
spice-gtk-tools-debuginfo-0.37-1.el8_2.2.s390x.rpm
spice-gtk3-0.37-1.el8_2.2.s390x.rpm
spice-gtk3-debuginfo-0.37-1.el8_2.2.s390x.rpm
spice-gtk3-devel-0.37-1.el8_2.2.s390x.rpm
spice-gtk3-vala-0.37-1.el8_2.2.s390x.rpm

x86_64:
spice-debugsource-0.14.2-1.el8_2.1.i686.rpm
spice-debugsource-0.14.2-1.el8_2.1.x86_64.rpm
spice-glib-0.37-1.el8_2.2.i686.rpm
spice-glib-0.37-1.el8_2.2.x86_64.rpm
spice-glib-debuginfo-0.37-1.el8_2.2.i686.rpm
spice-glib-debuginfo-0.37-1.el8_2.2.x86_64.rpm
spice-glib-devel-0.37-1.el8_2.2.i686.rpm
spice-glib-devel-0.37-1.el8_2.2.x86_64.rpm
spice-gtk-0.37-1.el8_2.2.x86_64.rpm
spice-gtk-debuginfo-0.37-1.el8_2.2.i686.rpm
spice-gtk-debuginfo-0.37-1.el8_2.2.x86_64.rpm
spice-gtk-debugsource-0.37-1.el8_2.2.i686.rpm
spice-gtk-debugsource-0.37-1.el8_2.2.x86_64.rpm
spice-gtk-tools-0.37-1.el8_2.2.x86_64.rpm
spice-gtk-tools-debuginfo-0.37-1.el8_2.2.i686.rpm
spice-gtk-tools-debuginfo-0.37-1.el8_2.2.x86_64.rpm
spice-gtk3-0.37-1.el8_2.2.i686.rpm
spice-gtk3-0.37-1.el8_2.2.x86_64.rpm
spice-gtk3-debuginfo-0.37-1.el8_2.2.i686.rpm
spice-gtk3-debuginfo-0.37-1.el8_2.2.x86_64.rpm
spice-gtk3-devel-0.37-1.el8_2.2.i686.rpm
spice-gtk3-devel-0.37-1.el8_2.2.x86_64.rpm
spice-gtk3-vala-0.37-1.el8_2.2.x86_64.rpm
spice-server-0.14.2-1.el8_2.1.i686.rpm
spice-server-0.14.2-1.el8_2.1.x86_64.rpm
spice-server-debuginfo-0.14.2-1.el8_2.1.i686.rpm
spice-server-debuginfo-0.14.2-1.el8_2.1.x86_64.rpm

Red Hat CodeReady Linux Builder (v. 8):

aarch64:
spice-debugsource-0.14.2-1.el8_2.1.aarch64.rpm
spice-server-debuginfo-0.14.2-1.el8_2.1.aarch64.rpm
spice-server-devel-0.14.2-1.el8_2.1.aarch64.rpm

x86_64:
spice-debugsource-0.14.2-1.el8_2.1.i686.rpm
spice-debugsource-0.14.2-1.el8_2.1.x86_64.rpm
spice-server-debuginfo-0.14.2-1.el8_2.1.i686.rpm
spice-server-debuginfo-0.14.2-1.el8_2.1.x86_64.rpm
spice-server-devel-0.14.2-1.el8_2.1.i686.rpm
spice-server-devel-0.14.2-1.el8_2.1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-14355
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBX3zLp9zjgjWX9erEAQh79A//XxtduO6leRHBJy0sQtf4xJMjOwN8IXJQ
rZ4ycPIk6zeGR66+dTTdtzngOJcTORCX9PS/FpOAF51w1U3lEvxnjq2whUVZPULB
SR57/hxXbSyQlAeAzzNclsmQZP+e8OnjwtkiXpvVsbl648xzO5Q8rd+zytuvUM4o
LwxXZEuVPpA6huWgC6jhTSPI6IEDB0ZJsPCayj3CDFQuFroNkM2fD8G8ExAq2lrY
CqPCst0nydgWoWcxScyd12DTxU+RgqHVMYWN0dUPI5+l/R0dqcVDBfnOK4Rao5pm
sph4qROaa6iv4IGqT0RGSUAaMdtepdg7HD5CSYeR64F7pkELgfcwumA5nzjpfOT/
EjdP8Y/qEE2wEclFjVAP2E56RTMqIi+HtdmZWSSSWvfnRV1s+csBDlVZz4tBWp5V
w6rHLD0h0mezXKP3nbes2vE1Mcmza89ZhGOpQENvChwAdj45Sk3GD0uLZOgsn0OM
QRLeodXfHduVbfQQGs0YUP2P/byox+V0UOGyz/gJmM/PlANVRxZpY31LN/GsbFYu
n+0pQbPFF6bO5p64KZd6raVaPtB606K3BFC2bowwo0PzMV9yGKj4LPiXhAphZUsz
l/KlLvYpkAo4FBsXO1IetaeFC7ACEIxSWRJMsfFs66HZMmMXNM/KJDxS/6zPhWu0
gdORDVzy1sA=
=pNKg
- -----END PGP SIGNATURE-----

- -----------------------------------------------------------------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: spice and spice-gtk security update
Advisory ID:       RHSA-2020:4184-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:4184
Issue date:        2020-10-06
CVE Names:         CVE-2020-14355 
=====================================================================

1. Summary:

An update for spice and spice-gtk is now available for Red Hat Enterprise
Linux 8.0 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream E4S (v. 8.0) - aarch64, ppc64le, s390x, x86_64

3. Description:

The Simple Protocol for Independent Computing Environments (SPICE) is a
remote display system built for virtual environments which allows the user
to view a computing 'desktop' environment not only on the machine where it
is running, but from anywhere on the Internet and from a wide variety of
machine architectures.

The spice-gtk packages provide a GIMP Toolkit (GTK+) widget for Simple
Protocol for Independent Computing Environments (SPICE) clients. Both
Virtual Machine Manager and Virtual Machine Viewer can make use of this
widget to access virtual machines using the SPICE protocol.

Security Fix(es):

* spice: multiple buffer overflow vulnerabilities in QUIC decoding code
(CVE-2020-14355)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All applications using SPICE (most notably all QEMU-KVM instances using the
SPICE console) must be restarted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1868435 - CVE-2020-14355 spice: multiple buffer overflow vulnerabilities in QUIC decoding code

6. Package List:

Red Hat Enterprise Linux AppStream E4S (v. 8.0):

Source:
spice-0.14.0-7.el8_0.1.src.rpm
spice-gtk-0.35-7.el8_0.1.src.rpm

aarch64:
spice-debugsource-0.14.0-7.el8_0.1.aarch64.rpm
spice-glib-0.35-7.el8_0.1.aarch64.rpm
spice-glib-debuginfo-0.35-7.el8_0.1.aarch64.rpm
spice-glib-devel-0.35-7.el8_0.1.aarch64.rpm
spice-gtk-0.35-7.el8_0.1.aarch64.rpm
spice-gtk-debuginfo-0.35-7.el8_0.1.aarch64.rpm
spice-gtk-debugsource-0.35-7.el8_0.1.aarch64.rpm
spice-gtk-tools-0.35-7.el8_0.1.aarch64.rpm
spice-gtk-tools-debuginfo-0.35-7.el8_0.1.aarch64.rpm
spice-gtk3-0.35-7.el8_0.1.aarch64.rpm
spice-gtk3-debuginfo-0.35-7.el8_0.1.aarch64.rpm
spice-gtk3-devel-0.35-7.el8_0.1.aarch64.rpm
spice-gtk3-vala-0.35-7.el8_0.1.aarch64.rpm
spice-server-0.14.0-7.el8_0.1.aarch64.rpm
spice-server-debuginfo-0.14.0-7.el8_0.1.aarch64.rpm

ppc64le:
spice-glib-0.35-7.el8_0.1.ppc64le.rpm
spice-glib-debuginfo-0.35-7.el8_0.1.ppc64le.rpm
spice-glib-devel-0.35-7.el8_0.1.ppc64le.rpm
spice-gtk-0.35-7.el8_0.1.ppc64le.rpm
spice-gtk-debuginfo-0.35-7.el8_0.1.ppc64le.rpm
spice-gtk-debugsource-0.35-7.el8_0.1.ppc64le.rpm
spice-gtk-tools-0.35-7.el8_0.1.ppc64le.rpm
spice-gtk-tools-debuginfo-0.35-7.el8_0.1.ppc64le.rpm
spice-gtk3-0.35-7.el8_0.1.ppc64le.rpm
spice-gtk3-debuginfo-0.35-7.el8_0.1.ppc64le.rpm
spice-gtk3-devel-0.35-7.el8_0.1.ppc64le.rpm
spice-gtk3-vala-0.35-7.el8_0.1.ppc64le.rpm

s390x:
spice-glib-0.35-7.el8_0.1.s390x.rpm
spice-glib-debuginfo-0.35-7.el8_0.1.s390x.rpm
spice-glib-devel-0.35-7.el8_0.1.s390x.rpm
spice-gtk-0.35-7.el8_0.1.s390x.rpm
spice-gtk-debuginfo-0.35-7.el8_0.1.s390x.rpm
spice-gtk-debugsource-0.35-7.el8_0.1.s390x.rpm
spice-gtk-tools-0.35-7.el8_0.1.s390x.rpm
spice-gtk-tools-debuginfo-0.35-7.el8_0.1.s390x.rpm
spice-gtk3-0.35-7.el8_0.1.s390x.rpm
spice-gtk3-debuginfo-0.35-7.el8_0.1.s390x.rpm
spice-gtk3-devel-0.35-7.el8_0.1.s390x.rpm
spice-gtk3-vala-0.35-7.el8_0.1.s390x.rpm

x86_64:
spice-debugsource-0.14.0-7.el8_0.1.i686.rpm
spice-debugsource-0.14.0-7.el8_0.1.x86_64.rpm
spice-glib-0.35-7.el8_0.1.i686.rpm
spice-glib-0.35-7.el8_0.1.x86_64.rpm
spice-glib-debuginfo-0.35-7.el8_0.1.i686.rpm
spice-glib-debuginfo-0.35-7.el8_0.1.x86_64.rpm
spice-glib-devel-0.35-7.el8_0.1.i686.rpm
spice-glib-devel-0.35-7.el8_0.1.x86_64.rpm
spice-gtk-0.35-7.el8_0.1.x86_64.rpm
spice-gtk-debuginfo-0.35-7.el8_0.1.i686.rpm
spice-gtk-debuginfo-0.35-7.el8_0.1.x86_64.rpm
spice-gtk-debugsource-0.35-7.el8_0.1.i686.rpm
spice-gtk-debugsource-0.35-7.el8_0.1.x86_64.rpm
spice-gtk-tools-0.35-7.el8_0.1.x86_64.rpm
spice-gtk-tools-debuginfo-0.35-7.el8_0.1.i686.rpm
spice-gtk-tools-debuginfo-0.35-7.el8_0.1.x86_64.rpm
spice-gtk3-0.35-7.el8_0.1.i686.rpm
spice-gtk3-0.35-7.el8_0.1.x86_64.rpm
spice-gtk3-debuginfo-0.35-7.el8_0.1.i686.rpm
spice-gtk3-debuginfo-0.35-7.el8_0.1.x86_64.rpm
spice-gtk3-devel-0.35-7.el8_0.1.i686.rpm
spice-gtk3-devel-0.35-7.el8_0.1.x86_64.rpm
spice-gtk3-vala-0.35-7.el8_0.1.x86_64.rpm
spice-server-0.14.0-7.el8_0.1.i686.rpm
spice-server-0.14.0-7.el8_0.1.x86_64.rpm
spice-server-debuginfo-0.14.0-7.el8_0.1.i686.rpm
spice-server-debuginfo-0.14.0-7.el8_0.1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-14355
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBX3xuXtzjgjWX9erEAQiKOQ//TdmPjrQGgqPd9VBMy7bwriT7/IIUMlUY
L+nrFNOr/IlxVG/+ah71kKxpNkxvBFIBp/Dc2xZkhBEP3xzCG/Gk9EA94lF04ynE
kfgeSnUuAJ1aGxepBtnido/nb8O10vfeuqaH0fHzdSmYQRfvsJaSnNWVemfDs63O
u7hIa7cjjciZw0IDjbRYe3wISZPMxWgadnObUgsgfbZ13oXBrcRQ0YXRy1LXCAQj
WFQwJLmm+A/I+w5hGBzJdb9d1lz/g6F5yqkwii5wxQtYTmxU2i8X4DQ4xDKV/Zp1
rKJkk4FDauTao0denPQ4Nri2+uo7FNrxFNzM4/l9qnaB3FXesYesUi9rAN9aFhmk
WEUCxVOAmtRZBZqIeyZpgsXjlg7/LJbeA7NKVGdLEqQmOrVuKik8XGd2e5EU754s
0WC3w2ETO/rms/FAR6k8YkCsKkQdbFufUcEBKyP8BbSmxDn43DESWIiVk8wWz2mQ
FeOx5zVPhDPimmymYgEQae10xXTRa+ClT05qQ4r7yLBB03ACMubtqxRSn7DTb+06
9UYImyoGt4a6YuhQi2pyMc4B5Bb3PQ0clUtq9RRtlG6P2lyLT4FGCMBnwIUh9Fex
BhHKnWUl5C052mVskCKZ4u/AMa3MigiXE6keH0OYHpQeuL9ZjL0a/erIAb0oA/M5
ikM/XKYvBpg=
=A+nZ
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX30AQ+NLKJtyKPYoAQhoKA//Qal+DCPna5DJVxTA7NTe3/3y27YqcKqc
6yNGq6sTcYlt7nB+sWc8IyFgXXVAbKlDfYwY/QsEd2LTjz5A6X/WzX+ivLru5coF
Ps6llSIOAJWaqhN1kMJlmof13eObMehb2iKDMKy93JPJQEnYcQSacf2vbfDDENAf
CagceLrMckM7bmdatLqsb30CiZdkJV5+ZQtQd25T9DAqxHfuFGr0n3v84+8Vpx7H
g2L1qphKxpL+ZZDVTf78vPGclF4isyzM6GZxy+VxpSU48NNqAUyLM4JkKzb3XVq8
NoKcJ1gqefZkhjhiMsPZsA0OzQQohOcG7g6NRlYLm358ytk8Vj6Fele2suNHHP8f
UgXhmDrbxsG6+Ot0GfcB1b8i7ZQyRIhwXudXHpJDqnar7rK3nppT0ylZJQ9cdtcc
etNUBOtQGnZMu6koVR8VkSTglCYb5zvpc+O39ZBLId0M8yMyHUNl48rJwhF5M0Xq
DJ9jCD0LLNhQw43kBW9yvHx3R2zpodKolUifQ1m0c4y+q1wrbKZWpnD4g+9Rf8/d
CflZzLh3nPpBahR1oTzYey3Pbg6j+MBZgbO3ou/lWs3qsQ81y/ls2mhTjOT24Qou
ABxyU27fIQLEweHr4qxZIZyXr+JPMME3bzqb8+i3G83hViAyG0RJ5U7+TTCVLowO
hw9zzaWWGEA=
=OofZ
-----END PGP SIGNATURE-----

Read More

The post ESB-2020.3455 – [RedHat] spice and spice-gtk: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2020/10/07/esb-2020-3455-redhat-spice-and-spice-gtk-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2020-3455-redhat-spice-and-spice-gtk-multiple-vulnerabilities

Network Security News Summary for Wednesday October 7 2020

A brief daily summary of what is important in cybersecurity. The podcast is published every weekday and designed to get you ready for the day with a brief, usually about 5 minutes long, summary of current network security-related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Storm Center. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

The post Network Security News Summary for Wednesday October 7 2020 appeared first on Malware Devil.

https://malwaredevil.com/2020/10/07/network-security-news-summary-for-wednesday-october-7-2020/?utm_source=rss&utm_medium=rss&utm_campaign=network-security-news-summary-for-wednesday-october-7-2020

Windows Server Flaw Prompts Emergency Action

The Cybersecurity and Infrastructure Security Agency (CISA), part of the US Department of Homeland Security, issued an Emergency Directive on Septembe…

(Feed generated with FetchRSS)

The post Windows Server Flaw Prompts Emergency Action appeared first on Security Boulevard.

Read More

The post Windows Server Flaw Prompts Emergency Action appeared first on Malware Devil.

https://malwaredevil.com/2020/10/06/windows-server-flaw-prompts-emergency-action/?utm_source=rss&utm_medium=rss&utm_campaign=windows-server-flaw-prompts-emergency-action

Verizon Payment Security Report is a Wake-up Call: Time to Refocus on PCI DSS Compliance

Too many organizations fail to enact the baseline payment security controls, according to the Verizon 2020 Payment Security Report, and the recent Blackbaud ransomware incident is merely the latest evidence.

This week sees the launch of Verizon’s annual Payment Security Report, which looks at how organizations are maintaining – and not maintaining – compliance with the Payment Card Industry Data Security Standard (PCI DSS).

Of significant concern is that the report highlights a continued, marked decline in compliance sustainability since 2016. Illustrating these findings is a late September news headline detailing how a technology provider failed to adequately protect bank account information.

Time and again, consumers have been let down by poor security controls. Why are organizations still failing to protect payment information?

Blackbaud ransomware security incident not over yet

Blackbaud is a global cloud software and services company founded nearly 40 years ago. Using the slogan, “powering social good,” it is headquartered in Charleston, South Carolina.

Earlier in 2020, it was announced that education institutions and charities are among an unknonwn number of organizations affected by a successful ransomware attack on Blackbaud. Blackbaud paid off the attackers, but it remains unclear if the cybercriminals kept their side of the bargain.

The potential exposure of personally identifiable information (PII) was already known from the first reports of the ransomware attack. Blackbaud subsequently noted that prior to locking the cybercriminals out of its systems, the attackers removed a copy of a subset of data from its self-hosted (private cloud) environment.

Payment information was not previously thought to have been exposed in the security incident.

However, at the end of September, Blackbaud submitted an 8-K filing to the U.S. Securities and Exchange Commission (SEC), stating that the attack had been more invasive than it initially thought.

“After July 16, further forensic investigation found that for some of the notified customers, the cybercriminal may have accessed some unencrypted fields intended for bank account information, social security numbers, usernames and/or passwords,” according to the company’s 8-K statement.

In other words, the data was not secured in accordance with PCI DSS requirements. Blackbaud states on its website that it “acknowledges our responsibility for compliance with PCI requirements and protection of any cardholder data that we, as a service provider, possess, store, process, or transmit on behalf of the customer.”

Verizon Payment Security Report identifies many shortcomings

The Verizon 2020 Payment Security Report, released on Oct. 6, 2020, outlines the data security and compliance challenges facing organizations charged with securing payment processes. In particular, the report focuses on the state of PCI DSS version 3.2.1 compliance sustainability to date, as well as looks forward at what organizations can do to improve payment security.

This year’s report notes that compliance sustainability continues to fall, year on year, dating as far back as 2016. Looking at data from 2019, only 27.9% of organizations achieved 100% compliance during interim compliance validation. Overall, the report comments that lack of long-term security thinking – organizations that focus on applying quick fixes instead of creating and executing a larger strategy – is severely impacting sustained PCI DSS compliance.

Omdia research very much resonates with the findings of the Verizon report. It is a wake-up call to organizations that strong leadership is required to address failures, adequately manage payment security, and comply with PCI DSS security controls.

The alignment of security strategy with organizational strategy is essential for organizations to maintain compliance, whether that is with PCI DSS, the EU General Data Protection Regulation (GDPR), or any other regulation to which organizations are subject. Security is not compliance, and vice versa, but security does have a huge bearing on compliance; security must be aligned with PCI DSS compliance, and other key organizational requirements.

But any successful strategic initiative requires a stakeholder who is charged with seeing it through. Unfortunately, in most organizations rarely is one individual or role responsible for compliance, security, and risk, and this means that the best-laid plans can fall down the cracks.

Omdia concurs with the report’s comment that long-term data security and compliance success will require the combined efforts of multiple roles, including the Chief Information Security Officer, Chief Risk Officer, and Chief Compliance Officer.

Organizations must get a grip on compliance and uphold their customers’ trust, which is all too readily damaged by inadequate actions such as those of Blackbaud.

Related Content:

Maxine leads Omdia’s cybersecurity research, developing a comprehensive research program to support vendor, service provider, and enterprise clients. Having worked with enterprises across multiple industries in the world of information security, Maxine has a strong … View Full Bio

Recommended Reading:

Comment |

Email This |

Print |

RSS

More Insights

Webcasts
More Webcasts

White Papers

The High Cost of Poor Web Performance

More White Papers

Reports

InformationWeek & Network Computing Report Round Up

Email Security Threat Report 2020

More Reports

The post Verizon Payment Security Report is a Wake-up Call: Time to Refocus on PCI DSS Compliance appeared first on Malware Devil.

https://malwaredevil.com/2020/10/06/verizon-payment-security-report-is-a-wake-up-call-time-to-refocus-on-pci-dss-compliance/?utm_source=rss&utm_medium=rss&utm_campaign=verizon-payment-security-report-is-a-wake-up-call-time-to-refocus-on-pci-dss-compliance

Zerologon Vulnerability Used in APT Attacks

Subscribe to Newsletters

Interop Digital, Oct. 5-8; Learn the skills necessary for managing a IT Org

More Informa Tech Live Events

White Papers

The High Cost of Poor Web Performance

Vulnerability Management for Financial Companies

The 2020 Outbound Email Security Report

More White Papers

Video

All Videos

Cartoon

Latest Comment: Sorry, I cannot brush my teeth tonight. The toothbrush locked me out after three tries.

Cartoon Archive

Current Issue

Special Report: Computing’s New NormalThis special report examines how IT security organizations have adapted to the “new normal” of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.

Back Issues | Must Reads

Flash Poll

All Polls

How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world — and enterprise computing — on end. Here’s a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.

Download Now!

Special Report: Understanding Your Cyber Attackers

0 comments

2020 State of Cybersecurity Operations and Incident Response

0 comments

The Changing Face of Threat Intelligence

0 comments

More Reports

Twitter Feed

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database
CVE-2020-26603
PUBLISHED: 2020-10-06

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Sticker Center allows directory traversal for an unprivileged process to read arbitrary files. The Samsung ID is SVE-2020-18433 (October 2020).

CVE-2020-26604
PUBLISHED: 2020-10-06

An issue was discovered in SystemUI on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. PendingIntent allows an unprivileged process to access contact numbers. The Samsung ID is SVE-2020-18467 (October 2020).

CVE-2020-26605
PUBLISHED: 2020-10-06

An issue was discovered on Samsung mobile devices with Q(10.0) and R(11.0) (Exynos chipsets) software. They allow attackers to obtain sensitive information by reading a log. The Samsung ID is SVE-2020-18596 (October 2020).

CVE-2020-26606
PUBLISHED: 2020-10-06

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. An attacker can access certain Secure Folder content via a debugging command. The Samsung ID is SVE-2020-18673 (October 2020).

CVE-2020-26607
PUBLISHED: 2020-10-06

An issue was discovered in TimaService on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. PendingIntent with an empty intent is mishandled, allowing an attacker to perform a privileged action via a modified intent. The Samsung ID is SVE-2020-18418 (October 2020).

The post Zerologon Vulnerability Used in APT Attacks appeared first on Malware Devil.

https://malwaredevil.com/2020/10/06/zerologon-vulnerability-used-in-apt-attacks/?utm_source=rss&utm_medium=rss&utm_campaign=zerologon-vulnerability-used-in-apt-attacks