Russian Hacker Gets 12-Years Prison for Massive JP Morgan Chase Hack

A U.S. court on Thursday sentenced a 37-year-old Russian to 12 years in prison for perpetrating an international hacking campaign that resulted in the heist of a trove of personal information from several financial institutions, brokerage firms, financial news publishers, and other American companies.

Andrei Tyurin was charged with computer intrusion, wire fraud, bank fraud, and illegal online gambling offenses, and for his role in one of the largest thefts of U.S. customer data from a single financial institution in history, which involved the personal information of more than 80 million J.P. Morgan Chase customers.

Besides the investment bank, some of the other major targets of the hacks were E*Trade, Scottrade, and the Wall Street Journal.

Tyurin, who carried out the extensive hacking from his home in Moscow between 2012 to mid-2015, is believed to have netted over $19 million in criminal proceeds as part of his intrusion schemes.

In one such instance of security fraud, Tyurin collaborated with his partner Gery Shalon to artificially inflate the price of certain stocks publicly traded in the U.S. by marketing said stocks in a deceptive and misleading manner to customers of the victim companies whose contact information were stolen during the intrusions.

Photo Credit: REUTERS/Amir Cohen

To carry out the attacks, Tyurin is alleged to have used computer infrastructure located across five continents that were remotely controlled and is said to have maintained persistent access over long periods of time to the victims’ networks to download and refresh the stolen data from the companies periodically.

“And once his hacking activities were detected, TYURIN worked with Shalon to destroy the evidence of their criminal activity and undermine U.S. law enforcement’s efforts to identify and arrest them,” the U.S. Southern District of New York said in a statement.

The development comes after Tyurin pleaded guilty in September 2019 to carry out the wire and bank fraud, computer intrusions, and illegal online gambling. Tyurin has been in U.S. custody since he was extradited from the country of Georgia in September 2018.

Found this article interesting? Follow THN on Facebook, Twitter and LinkedIn to read more exclusive content we post.

Read More

The post Russian Hacker Gets 12-Years Prison for Massive JP Morgan Chase Hack appeared first on Malware Devil.

https://malwaredevil.com/2021/01/11/russian-hacker-gets-12-years-prison-for-massive-jp-morgan-chase-hack-2/?utm_source=rss&utm_medium=rss&utm_campaign=russian-hacker-gets-12-years-prison-for-massive-jp-morgan-chase-hack-2

Russian Hacker Gets 12-Years Prison for Massive JP Morgan Chase Hack

A U.S. court on Thursday sentenced a 37-year-old Russian to 12 years in prison for perpetrating an international hacking campaign that resulted in the heist of a trove of personal information from several financial institutions, brokerage firms, financial news publishers, and other American companies.
Andrei Tyurin was charged with computer intrusion, wire fraud, bank fraud, and illegal online
Read More

The post Russian Hacker Gets 12-Years Prison for Massive JP Morgan Chase Hack appeared first on Malware Devil.

https://malwaredevil.com/2021/01/11/russian-hacker-gets-12-years-prison-for-massive-jp-morgan-chase-hack/?utm_source=rss&utm_medium=rss&utm_campaign=russian-hacker-gets-12-years-prison-for-massive-jp-morgan-chase-hack

How Hyperautomation Takes the Worry Out of Remote Work

Employees transitioning to remote work environments en masse have caused what IT teams feared most: a spike in security issues as use of devices with various degrees of adherence to security protocols increased. A survey of 1,600 IT professionals revealed 66% have experienced more security issues due to remote work. The top threats reported include..

The post How Hyperautomation Takes the Worry Out of Remote Work appeared first on Security Boulevard.

Read More

The post How Hyperautomation Takes the Worry Out of Remote Work appeared first on Malware Devil.

https://malwaredevil.com/2021/01/11/how-hyperautomation-takes-the-worry-out-of-remote-work/?utm_source=rss&utm_medium=rss&utm_campaign=how-hyperautomation-takes-the-worry-out-of-remote-work

Secure Email Gateway: The Gaps That Could Cost You

The email channel is one of the most essential components of effective corporate communication. Email is vital to keeping business flowing amongst colleagues, clients, vendors, and others. In  fact, the total number of business and consumer emails sent and received per day exceeded 293 billion in 2019. This is forecasted to grow to more than…

The post Secure Email Gateway: The Gaps That Could Cost You appeared first on Votiro.

The post Secure Email Gateway: The Gaps That Could Cost You appeared first on Security Boulevard.

Read More

The post Secure Email Gateway: The Gaps That Could Cost You appeared first on Malware Devil.

https://malwaredevil.com/2021/01/11/secure-email-gateway-the-gaps-that-could-cost-you/?utm_source=rss&utm_medium=rss&utm_campaign=secure-email-gateway-the-gaps-that-could-cost-you

28th January: Save the Date. Save the Data!

On 26th January 2006, the Council of Europe decided to launch a Data Protection Day on 28th January that isContinue reading

The post 28th January: Save the Date. Save the Data! appeared first on Kratikal Blog.

The post 28th January: Save the Date. Save the Data! appeared first on Security Boulevard.

Read More

The post 28th January: Save the Date. Save the Data! appeared first on Malware Devil.

https://malwaredevil.com/2021/01/11/28th-january-save-the-date-save-the-data/?utm_source=rss&utm_medium=rss&utm_campaign=28th-january-save-the-date-save-the-data

Tripwire Patch Priority Index for December 2020

Tripwire‘s December 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Pulse Secure, and Oracle. First on the patch priority list this month are two vulnerabilities that have recently been included within the Metasploit exploit framework. One is a vulnerability in Pulse Secure Desktop Client and the other is a vulnerability that impacts […]… Read More

The post Tripwire Patch Priority Index for December 2020 appeared first on The State of Security.

The post Tripwire Patch Priority Index for December 2020 appeared first on Security Boulevard.

Read More

The post Tripwire Patch Priority Index for December 2020 appeared first on Malware Devil.

https://malwaredevil.com/2021/01/11/tripwire-patch-priority-index-for-december-2020/?utm_source=rss&utm_medium=rss&utm_campaign=tripwire-patch-priority-index-for-december-2020

It’s Always DNS – But Not in the Way You May Think

A popular joke among technologists says that it’s always DNS, even when it initially didn’t seem that way. DNS issues come in many shapes and forms, including some often-overlooked security issues. DNS (short for the Domain Name System) continues to be described as “the phonebook of the Internet,” but many people, including most readers of […]… Read More

The post It’s Always DNS – But Not in the Way You May Think appeared first on The State of Security.

The post It’s Always DNS – But Not in the Way You May Think appeared first on Security Boulevard.

Read More

The post It’s Always DNS – But Not in the Way You May Think appeared first on Malware Devil.

https://malwaredevil.com/2021/01/11/its-always-dns-but-not-in-the-way-you-may-think/?utm_source=rss&utm_medium=rss&utm_campaign=its-always-dns-but-not-in-the-way-you-may-think

Verizon’s 2020 Payment Security Report: Focusing on Strategy

Last year, I wrote about the Verizon Payment Security Report saying it was ”Not Just for PCI.” Verizon liked that post enough to include its introduction in this year’s version. This recognition was a wonderful surprise. Like last year’s report, the 2020 publication goes well beyond PCI in its information and recommendations. While PCI DSS […]… Read More

The post Verizon’s 2020 Payment Security Report: Focusing on Strategy appeared first on The State of Security.

The post Verizon’s 2020 Payment Security Report: Focusing on Strategy appeared first on Security Boulevard.

Read More

The post Verizon’s 2020 Payment Security Report: Focusing on Strategy appeared first on Malware Devil.

https://malwaredevil.com/2021/01/11/verizons-2020-payment-security-report-focusing-on-strategy/?utm_source=rss&utm_medium=rss&utm_campaign=verizons-2020-payment-security-report-focusing-on-strategy

How to Break Into a Cybersecurity Career – Part 2 with Rafal Los

Rafal Los, industry veteran and host of the “Down the Security Rabbithole Podcast”, joins Tom Eston for part two in our series on how to break into a cybersecurity career. If you’re a college student or thinking about getting into cybersecurity, this is one episode you don’t want to miss! ** Links mentioned on the […]

The post How to Break Into a Cybersecurity Career – Part 2 with Rafal Los appeared first on The Shared Security Show.

The post How to Break Into a Cybersecurity Career – Part 2 with Rafal Los appeared first on Security Boulevard.

Read More

The post How to Break Into a Cybersecurity Career – Part 2 with Rafal Los appeared first on Malware Devil.

https://malwaredevil.com/2021/01/11/how-to-break-into-a-cybersecurity-career-part-2-with-rafal-los/?utm_source=rss&utm_medium=rss&utm_campaign=how-to-break-into-a-cybersecurity-career-part-2-with-rafal-los

ISC Stormcast For Monday, January 11th, 2021 https://isc.sans.edu/podcastdetail.html?id=7322, (Mon, Jan 11th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Read More

The post ISC Stormcast For Monday, January 11th, 2021 https://isc.sans.edu/podcastdetail.html?id=7322, (Mon, Jan 11th) appeared first on Malware Devil.

https://malwaredevil.com/2021/01/11/isc-stormcast-for-monday-january-11th-2021-https-isc-sans-edu-podcastdetail-htmlid7322-mon-jan-11th/?utm_source=rss&utm_medium=rss&utm_campaign=isc-stormcast-for-monday-january-11th-2021-https-isc-sans-edu-podcastdetail-htmlid7322-mon-jan-11th

ESB-2021.0092 – [SUSE] tomcat: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2021.0092
                        Security update for tomcat
                              11 January 2021

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           tomcat
Publisher:         SUSE
Operating System:  SUSE
Impact/Access:     Access Confidential Data -- Remote/Unauthenticated
                   Reduced Security         -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-17527 CVE-2020-13943 

Reference:         ESB-2021.0055
                   ESB-2020.3716
                   ESB-2020.3677

Original Bulletin: 
   https://www.suse.com/support/update/announcement/2021/suse-su-20210040-1

- --------------------------BEGIN INCLUDED TEXT--------------------

SUSE Security Update: Security update for tomcat

______________________________________________________________________________

Announcement ID:   SUSE-SU-2021:0040-1
Rating:            moderate
References:        #1092163 #1172562 #1177582 #1178396 #1179602
Cross-References:  CVE-2020-13943 CVE-2020-17527
Affected Products:
                   SUSE Linux Enterprise Server for SAP 15
                   SUSE Linux Enterprise Server 15-LTSS
                   SUSE Linux Enterprise High Performance Computing 15-LTSS
                   SUSE Linux Enterprise High Performance Computing 15-ESPOS
______________________________________________________________________________

An update that solves two vulnerabilities and has three fixes is now available.

Description:

This update for tomcat fixes the following issues:
Security issues fixed:

  o CVE-2020-13943: Fixed a HTTP/2 Request mix-up (bsc#1177582).
  o CVE-2020-17527: Fixed a HTTP/2 request header mix-up (bsc#1179602).


Non-security issue fixed:

  o Removed tomcat-9.0.init and /usr/lib/tmpfiles.d/tomcat.conf from package.
    They're not used anymore becuse of systemd (bsc#1178396).
  o Fixed 'tomcat-servlet-4_0-api' package alternatives to use and keep a
    symlink for compatibility (bsc#1092163).
  o Don't give write permissions for the tomcat group on files and directories
    where it's not needed (bsc#1172562).

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Linux Enterprise Server for SAP 15:
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2021-40=1
  o SUSE Linux Enterprise Server 15-LTSS:
    zypper in -t patch SUSE-SLE-Product-SLES-15-2021-40=1
  o SUSE Linux Enterprise High Performance Computing 15-LTSS:
    zypper in -t patch SUSE-SLE-Product-HPC-15-2021-40=1
  o SUSE Linux Enterprise High Performance Computing 15-ESPOS:
    zypper in -t patch SUSE-SLE-Product-HPC-15-2021-40=1

Package List:

  o SUSE Linux Enterprise Server for SAP 15 (noarch):
       tomcat-9.0.36-3.74.1
       tomcat-admin-webapps-9.0.36-3.74.1
       tomcat-el-3_0-api-9.0.36-3.74.1
       tomcat-jsp-2_3-api-9.0.36-3.74.1
       tomcat-lib-9.0.36-3.74.1
       tomcat-servlet-4_0-api-9.0.36-3.74.1
       tomcat-webapps-9.0.36-3.74.1
  o SUSE Linux Enterprise Server 15-LTSS (noarch):
       tomcat-9.0.36-3.74.1
       tomcat-admin-webapps-9.0.36-3.74.1
       tomcat-el-3_0-api-9.0.36-3.74.1
       tomcat-jsp-2_3-api-9.0.36-3.74.1
       tomcat-lib-9.0.36-3.74.1
       tomcat-servlet-4_0-api-9.0.36-3.74.1
       tomcat-webapps-9.0.36-3.74.1
  o SUSE Linux Enterprise High Performance Computing 15-LTSS (noarch):
       tomcat-9.0.36-3.74.1
       tomcat-admin-webapps-9.0.36-3.74.1
       tomcat-el-3_0-api-9.0.36-3.74.1
       tomcat-jsp-2_3-api-9.0.36-3.74.1
       tomcat-lib-9.0.36-3.74.1
       tomcat-servlet-4_0-api-9.0.36-3.74.1
       tomcat-webapps-9.0.36-3.74.1
  o SUSE Linux Enterprise High Performance Computing 15-ESPOS (noarch):
       tomcat-9.0.36-3.74.1
       tomcat-admin-webapps-9.0.36-3.74.1
       tomcat-el-3_0-api-9.0.36-3.74.1
       tomcat-jsp-2_3-api-9.0.36-3.74.1
       tomcat-lib-9.0.36-3.74.1
       tomcat-servlet-4_0-api-9.0.36-3.74.1
       tomcat-webapps-9.0.36-3.74.1


References:

  o https://www.suse.com/security/cve/CVE-2020-13943.html
  o https://www.suse.com/security/cve/CVE-2020-17527.html
  o https://bugzilla.suse.com/1092163
  o https://bugzilla.suse.com/1172562
  o https://bugzilla.suse.com/1177582
  o https://bugzilla.suse.com/1178396
  o https://bugzilla.suse.com/1179602

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX/urhuNLKJtyKPYoAQgB9RAAkddeF1RgTWaywc6IT1Px9Oi9hvGcm00p
/1DMN/jYa3TsPz37WmR7ylKlVXWMJfTXfl/0/JfSGjukzB03qXXMscH6GRUWhbRV
L3Xhnh7S4lFEqHhUC9xKqzY7spu+1HHfOphg5LUzmgDx9aoUBOxWtNu7zPjwRg0+
AmzX9Yr2tLymIQ5PTygY99yCRUCraV0DjkwWfsHHsDxOskMAr6q/PhbShQKPmqVB
lRA4RtmMdJR+m4wBJmWDqdO25+G2PrfIf+fD4zUM+EZb/o3a5rTrOWJwUnJJ8rpk
hYNrMmtGhH3UeqrSPTchkA1LvtRn5Z360/LFPApss8HnyDrLFIlGT/KdRjkbXooq
AHSH6S4UqRH5cNvWPKTxsxfBl4tJCo3MP/ivxch6tBtIbhwMnI/Y6qYhdJbOegBM
wrFYTq9QmxL+3NVmg522i535S22s2JRjxKsRiPKpUvnC3pWdxewy74/oYuizk8T1
j53WoHMAFAWG/uNSnpW0qyent9SG5Ne9L7lvr8F+nqoQZZlY2m7wgMUIDsmsE+UO
+rc98WONLOCmMnYvqSL8DvD05YgPSxXPoLk+I+KeUGUOJyqyra2cjelI/cdccaQk
In13ej8ftgL5+R6YTlUqSAGeDZsp40noXlMYDAL/ELGuUI7QFLyTg4o/57vS9vXH
W7b+w/vz27k=
=Mwh1
-----END PGP SIGNATURE-----

Read More

The post ESB-2021.0092 – [SUSE] tomcat: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2021/01/11/esb-2021-0092-suse-tomcat-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-0092-suse-tomcat-multiple-vulnerabilities

ESB-2021.0091 – [SUSE] python-paramiko: Execute arbitrary code/commands – Existing account

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2021.0091
                    Security update for python-paramiko
                              11 January 2021

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           python-paramiko
Publisher:         SUSE
Operating System:  SUSE
Impact/Access:     Execute Arbitrary Code/Commands -- Existing Account
Resolution:        Patch/Upgrade
CVE Names:         CVE-2018-1000805  

Reference:         ESB-2019.0575
                   ESB-2018.3376

Original Bulletin: 
   https://www.suse.com/support/update/announcement/2021/suse-su-20210038-1

- --------------------------BEGIN INCLUDED TEXT--------------------

SUSE Security Update: Security update for python-paramiko

______________________________________________________________________________

Announcement ID:   SUSE-SU-2021:0038-1
Rating:            important
References:        #1111151
Cross-References:  CVE-2018-1000805
Affected Products:
                   SUSE Linux Enterprise Module for Public Cloud 12
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for python-paramiko fixes the following issue:

  o CVE-2018-1000805: Fixed an authentication bypass in auth_handler.py (bsc#
    1111151).

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Linux Enterprise Module for Public Cloud 12:
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2021-38=1

Package List:

  o SUSE Linux Enterprise Module for Public Cloud 12 (noarch):
       python-paramiko-2.1.3-9.6.1
       python3-paramiko-2.1.3-9.6.1


References:

  o https://www.suse.com/security/cve/CVE-2018-1000805.html
  o https://bugzilla.suse.com/1111151

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX/urSONLKJtyKPYoAQhssA/+JEQ6iWIN5dNV3Vj9UioKSd3b4Va5MqRe
yZnd/y78ffWmkhAmL4+Qp/5fxujNEQ5I7weo930mJY1nsDs3TdKKPHUTruo2i0OR
HljVhu8sA/KHkEBFkLUaYySkuQMf5ImK2u39iy1h4PnjV3D6Y5PWVJFdkc70rpOp
3ocTHiaKXOUbbPfaV6h85R/BC08Qe8WuGS6k/FOeyHBiaLjVKjE8If0uXCxYxl+r
9pDPT8STJmASAMUj8XM684TJo2GmhjHREo/AZnqM1GOC6nxNq7Xt0Y8KCELHR8XC
Vto3stNYXYFVBtD0kgwyg9s42WuXqup1z/FsPRWhGLC/BVgKnrmd25dDMyaD+W7/
mMwQmy8N21H7jbBPUiG2nnUX08PimN2BvuuQFFZSl4AfKqgWkBFQVQ8MeosdGa+v
DqsbdId72ITPz605E0waGOpLtA9vF9Pujy7KlaqbX0UrelZbFAg+f7up4X/QxKge
u84n8bNpQaihHDeTQU3VBDp+48hyfvwdqHnvEnkWfet9MQA1KyKI//IEXivwBCQd
pxX5wd1JZY77YgUeRqPuh79PGmd6P5xG2BFdXANQYPDG+hJpmrxkpBRrMsM2PLjW
Wd0SnTjdKgHrH6dqAnKgKI/7+4mkrnMS+koE328szV8S1NzMEUSDkAcjOyt1IOhb
M1B4qsSqGRU=
=9GrN
-----END PGP SIGNATURE-----

Read More

The post ESB-2021.0091 – [SUSE] python-paramiko: Execute arbitrary code/commands – Existing account appeared first on Malware Devil.

https://malwaredevil.com/2021/01/11/esb-2021-0091-suse-python-paramiko-execute-arbitrary-code-commands-existing-account-2/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-0091-suse-python-paramiko-execute-arbitrary-code-commands-existing-account-2

ESB-2021.0090 – [SUSE] python-defusedxml: Unauthorised access – Remote/unauthenticated

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2021.0090
         Security update for python-defusedxml, python-freezegun,
           python-pkgconfig, python-python3-saml, python-xmlsec
                              11 January 2021

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           python-defusedxml
Publisher:         SUSE
Operating System:  SUSE
Impact/Access:     Unauthorised Access -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2017-11427  

Reference:         ESB-2018.0574
                   ESB-2018.0571

Original Bulletin: 
   https://www.suse.com/support/update/announcement/2021/suse-su-20210048-1

- --------------------------BEGIN INCLUDED TEXT--------------------

SUSE Security Update: Security update for python-defusedxml, python-freezegun,
python-pkgconfig, python-python3-saml, python-xmlsec

______________________________________________________________________________

Announcement ID:   SUSE-SU-2021:0048-1
Rating:            moderate
References:        #1019074 #1041090 #1177200
Cross-References:  CVE-2017-11427
Affected Products:
                   SUSE Enterprise Storage 6
______________________________________________________________________________

An update that solves one vulnerability and has two fixes is now available.

Description:

This update for python-defusedxml, python-freezegun, python-pkgconfig,
python-python3-saml, python-xmlsec fixes the following issues:


  o Update to 0.6.0 - Increase test coverage. - Add badges to README. - Test on
    Python 3.7 stable and 3.8-dev - Drop support for Python 3.4 - No longer
    pass *html* argument to XMLParse. It has been deprecated and ignored for a
    long time. The DefusedXMLParser still takes a html argument. A deprecation
    warning is issued when the argument is False and a TypeError when it's
    True. - defusedxml now fails early when pyexpat stdlib module is not
    available or broken. - defusedxml.ElementTree.__all__ now lists ParseError
    as public attribute. - The defusedxml.ElementTree and
    defusedxml.cElementTree modules had a typo and used XMLParse instead of
    XMLParser as an alias for DefusedXMLParser. Both the old and fixed name are
    now available.


  o Remove superfluous devel dependency for noarch package


  o Update to 5.0 * Add compatibility with Python 3.6 * Drop support for Python
    2.6, 3.1, 3.2, 3.3 * Fix lxml tests (XMLSyntaxError: Detected an entity
    reference loop)
  o Implement single-spec version.


  o Dummy changelog for bsc#1019074, FATE#322329


  o Add dependency on the full python (which is not pulled by setuptools
    anymore). Use %{pythons} macro now. (bsc#1177200)


  o Upgrade to 0.3.12: * Refactor classes to functions * Ignore Selenium * Move
    to pytest * Conditionally patch time.clock (removed in 3.8) * Patch
    time.time_ns added in Python 3.7


  o Do not require python2 module for building python3 module


  o Update to 0.3.11: * Performance improvements * Fix nesting time.time * Add
    nanosecond property


  o Remove superfluous devel dependency for noarch package


  o Add remove_dependency_on_mock.patch which removes dependency on python-mock
    for Python 3, where it is not required.


  o update to 0.3.10 * Performance improvements * Coroutine support


  o update to version 0.3.9 * If no time to be frozen, use current time * Fix
    uuid1 issues * Add support for python 3.6


update to version 0.3.8 * Improved unpatching when importing modules after
freeze_time start() * Add manual increment via tick method * Fix bug with
time.localtime not being reset. Closes #112. * Fix test to work when current
timezone is GMT-14 or GMT+14. * Fixed #162 - allow decorating old-style
classes. * Add support to PyMySQL * Assume the default time to freeze is "now".
* Register fake types in PyMySQL conversions * Ignore threading and Queue
modules. Closes #129. * Lock down coverage version since new coverage doesnt
support py3.2 * Fix or py3 astimezone and not passing tz. Closes #138. * Add
note about deafult arguments. Closes #140. * Add license info. Closes #120.

  o Update to 0.3.5 * No upstream changelog
  o Remove unneeded freeze_hideDeps.patch


  o Use download Url as source
  o Use tarball provided by pypi


  o update to 1.5.1 * Use poetry instead of setuptools directly * Fix #42:
    raise exception if package is missing * Fix version parsing for
    openssl-like version numbers, fixes #32 * Add boolean static keyword to
    output private libraries as well * Raise original OSError as well


  o Add missing test dependency pkgconfig

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Enterprise Storage 6:
    zypper in -t patch SUSE-Storage-6-2021-48=1

Package List:

  o SUSE Enterprise Storage 6 (aarch64 x86_64):
       python3-xmlsec-1.3.6-1.5.1
       python3-xmlsec-debuginfo-1.3.6-1.5.1
  o SUSE Enterprise Storage 6 (noarch):
       python3-defusedxml-0.6.0-1.5.1
       python3-freezegun-0.3.12-1.5.1
       python3-isodate-0.6.0-1.3.2
       python3-pkgconfig-1.5.1-1.5.1
       python3-python3-saml-1.9.0-1.5.2


References:

  o https://www.suse.com/security/cve/CVE-2017-11427.html
  o https://bugzilla.suse.com/1019074
  o https://bugzilla.suse.com/1041090
  o https://bugzilla.suse.com/1177200

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX/urA+NLKJtyKPYoAQikrBAAhLkSaj9XEfmaRXlDog+dl2azDVR27wWW
m4KSBLoWjhhNpEqZnSolMV/TubOU9NK7veCOXdqtRD/fJ5UTCaP8BGKJt6HgahY0
FN0310W/fN34UID1d4aiCeOON3UIuKw6X7NdC83Wlrcsi3GwuS+vHOBKkg5mUe4Q
NJW76lolZKQKHwIL4Zn14eD+WqitlM/NMsjeZVkkkXZnZj7xYDOk+EBIhgmXvEbb
T7fBDDLRaUe4608ktnZLXlRfNT5+2pyc9nzTVX4r3wn9QESBC8geZ+sxMOI3Q1wT
E/Prdt3YNeDXX5Z9OCtvroKDXdA0TyyCQQfeVmyYzwZd1DklYPYg2ZlpZl1+qdBC
pNXxbuz3+uG6kST66ahVcZPbcN9BRBT4eG2G1soe/mTwyHibJXI8fmlzPClVYsii
m5luWAJuYCOfl23h5vxb0o+p4G6hO61fUntKh4sd5qHu7LZGSZ9hXqGvPQBP14RI
/jNH/CoYZnU5nXOjhELAZm9nKrSkbCNqcfY+EZ1P6Bv1nIyuVaLQa5/U2aQNNuZE
QNN0tNHjC18igE0RhwF8kd4SvUB9/1w78C7hlDGjRmUswi1t3WT84KoKRfpw9M1d
baEL6+zlOTIGdBzfQq6cAYX/aR2K+iGIb3pc4SmVy9GBHauXaPNwt4HO+2HzkbiW
e2VDv6YnUWY=
=JL8v
-----END PGP SIGNATURE-----

Read More

The post ESB-2021.0090 – [SUSE] python-defusedxml: Unauthorised access – Remote/unauthenticated appeared first on Malware Devil.

https://malwaredevil.com/2021/01/11/esb-2021-0090-suse-python-defusedxml-unauthorised-access-remote-unauthenticated-2/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-0090-suse-python-defusedxml-unauthorised-access-remote-unauthenticated-2

ESB-2021.0089 – [SUSE] tomcat: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2021.0089
                        Security update for tomcat
                              11 January 2021

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           tomcat
Publisher:         SUSE
Operating System:  SUSE
Impact/Access:     Access Confidential Data -- Remote/Unauthenticated
                   Reduced Security         -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-17527  

Reference:         ESB-2021.0055
                   ESB-2021.0017
                   ESB-2020.4472
                   ESB-2020.4294

Original Bulletin: 
   https://www.suse.com/support/update/announcement/2021/suse-su-20210042-1
   https://www.suse.com/support/update/announcement/2021/suse-su-20210041-1

Comment: This bulletin contains two (2) SUSE security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

SUSE Security Update: Security update for tomcat

______________________________________________________________________________

Announcement ID:   SUSE-SU-2021:0042-1
Rating:            moderate
References:        #1179602
Cross-References:  CVE-2020-17527
Affected Products:
                   SUSE Linux Enterprise Module for Web Scripting 15-SP1
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for tomcat fixes the following issue:

  o CVE-2020-17527: Fixed a HTTP/2 request header mix-up (bsc#1179602).

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Linux Enterprise Module for Web Scripting 15-SP1:
    zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP1-2021-42=1

Package List:

  o SUSE Linux Enterprise Module for Web Scripting 15-SP1 (noarch):
       tomcat-9.0.36-4.53.1
       tomcat-admin-webapps-9.0.36-4.53.1
       tomcat-el-3_0-api-9.0.36-4.53.1
       tomcat-jsp-2_3-api-9.0.36-4.53.1
       tomcat-lib-9.0.36-4.53.1
       tomcat-servlet-4_0-api-9.0.36-4.53.1
       tomcat-webapps-9.0.36-4.53.1


References:

  o https://www.suse.com/security/cve/CVE-2020-17527.html
  o https://bugzilla.suse.com/1179602

- ------------------------------------------------------------------------------------------------------------------------------------------------------
SUSE Security Update: Security update for tomcat

______________________________________________________________________________

Announcement ID:   SUSE-SU-2021:0041-1
Rating:            moderate
References:        #1179602
Cross-References:  CVE-2020-17527
Affected Products:
                   SUSE Linux Enterprise Module for Web Scripting 15-SP2
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for tomcat fixes the following issue:

  o CVE-2020-17527: Fixed a HTTP/2 request header mix-up (bsc#1179602).

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Linux Enterprise Module for Web Scripting 15-SP2:
    zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP2-2021-41=1

Package List:

  o SUSE Linux Enterprise Module for Web Scripting 15-SP2 (noarch):
       tomcat-9.0.36-3.18.1
       tomcat-admin-webapps-9.0.36-3.18.1
       tomcat-el-3_0-api-9.0.36-3.18.1
       tomcat-jsp-2_3-api-9.0.36-3.18.1
       tomcat-lib-9.0.36-3.18.1
       tomcat-servlet-4_0-api-9.0.36-3.18.1
       tomcat-webapps-9.0.36-3.18.1


References:

  o https://www.suse.com/security/cve/CVE-2020-17527.html
  o https://bugzilla.suse.com/1179602

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIUAwUBX/uqnuNLKJtyKPYoAQjXqw/48vGYmv0IlKdZxK6q8WbVaoIbKejI5FzP
9qOBzSew4mZFgWUQsAyBmbmZ+mqGJpwWZaGk+y3sVbTCQDNvZI2pB2VFWdjJJhJC
eG2rlt21bs6NuM7CnvbttKA+PyQwg8cxTg7FH2IphbnVbFxDN7BkC7AbaASfOAww
mFu1yQh8We+ToeK2h2LqCSxykJy0opFQ39ViU52Kyd2b5Vc7SPt7K28n4hT29B3c
IGYB7PEVB0nF3tkrk1psle3euI4spJPHFViUcyAsAfm1DiFJ07Oe7zYQaGjFdjEB
PAWbrHu772q6J09WO6hclyCS9FwBpiQVeK7hSL2Rt+Ze+bd0okekVRpJaFYQba6D
jKWoeSYGU3YfZfxia/+56/ToqnahAxZ6iIcLGp9JiS2n2eaxdpNgkk+iglSCEhDd
HUUTHoyqp9VsRYJ4HebDTtmz3qa+cywrSHvWdm/3SXIDHoI2G7Vq6l78Sx3Z0gHc
6mhicEHWys2o/n0cC6ne4GP9g8GgJP4zLdXYQWLWkLMUsCa7SEFieiV5qUPjTxW9
Bj84lnr5L3TycsH70yok+bqimz1VgMvJLN2++irvYuJMCGS4cUDMEQfZGJ5fgyN9
vvEmf+A2wrCeZaa8G0n1Y4cTt6nFwm1J6X44ipzb2VHFyAtEr8WEZmwUjXX8rHl2
Cc3LUxlnrQ==
=tY2/
-----END PGP SIGNATURE-----

Read More

The post ESB-2021.0089 – [SUSE] tomcat: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2021/01/11/esb-2021-0089-suse-tomcat-multiple-vulnerabilities-2/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-0089-suse-tomcat-multiple-vulnerabilities-2

ESB-2021.0091 – [SUSE] python-paramiko: Execute arbitrary code/commands – Existing account

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2021.0091
                    Security update for python-paramiko
                              11 January 2021

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           python-paramiko
Publisher:         SUSE
Operating System:  SUSE
Impact/Access:     Execute Arbitrary Code/Commands -- Existing Account
Resolution:        Patch/Upgrade
CVE Names:         CVE-2018-1000805  

Reference:         ESB-2019.0575
                   ESB-2018.3376

Original Bulletin: 
   https://www.suse.com/support/update/announcement/2021/suse-su-20210038-1

- --------------------------BEGIN INCLUDED TEXT--------------------

SUSE Security Update: Security update for python-paramiko

______________________________________________________________________________

Announcement ID:   SUSE-SU-2021:0038-1
Rating:            important
References:        #1111151
Cross-References:  CVE-2018-1000805
Affected Products:
                   SUSE Linux Enterprise Module for Public Cloud 12
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for python-paramiko fixes the following issue:

  o CVE-2018-1000805: Fixed an authentication bypass in auth_handler.py (bsc#
    1111151).

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Linux Enterprise Module for Public Cloud 12:
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2021-38=1

Package List:

  o SUSE Linux Enterprise Module for Public Cloud 12 (noarch):
       python-paramiko-2.1.3-9.6.1
       python3-paramiko-2.1.3-9.6.1


References:

  o https://www.suse.com/security/cve/CVE-2018-1000805.html
  o https://bugzilla.suse.com/1111151

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX/urSONLKJtyKPYoAQhssA/+JEQ6iWIN5dNV3Vj9UioKSd3b4Va5MqRe
yZnd/y78ffWmkhAmL4+Qp/5fxujNEQ5I7weo930mJY1nsDs3TdKKPHUTruo2i0OR
HljVhu8sA/KHkEBFkLUaYySkuQMf5ImK2u39iy1h4PnjV3D6Y5PWVJFdkc70rpOp
3ocTHiaKXOUbbPfaV6h85R/BC08Qe8WuGS6k/FOeyHBiaLjVKjE8If0uXCxYxl+r
9pDPT8STJmASAMUj8XM684TJo2GmhjHREo/AZnqM1GOC6nxNq7Xt0Y8KCELHR8XC
Vto3stNYXYFVBtD0kgwyg9s42WuXqup1z/FsPRWhGLC/BVgKnrmd25dDMyaD+W7/
mMwQmy8N21H7jbBPUiG2nnUX08PimN2BvuuQFFZSl4AfKqgWkBFQVQ8MeosdGa+v
DqsbdId72ITPz605E0waGOpLtA9vF9Pujy7KlaqbX0UrelZbFAg+f7up4X/QxKge
u84n8bNpQaihHDeTQU3VBDp+48hyfvwdqHnvEnkWfet9MQA1KyKI//IEXivwBCQd
pxX5wd1JZY77YgUeRqPuh79PGmd6P5xG2BFdXANQYPDG+hJpmrxkpBRrMsM2PLjW
Wd0SnTjdKgHrH6dqAnKgKI/7+4mkrnMS+koE328szV8S1NzMEUSDkAcjOyt1IOhb
M1B4qsSqGRU=
=9GrN
-----END PGP SIGNATURE-----

Read More

The post ESB-2021.0091 – [SUSE] python-paramiko: Execute arbitrary code/commands – Existing account appeared first on Malware Devil.

https://malwaredevil.com/2021/01/11/esb-2021-0091-suse-python-paramiko-execute-arbitrary-code-commands-existing-account/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-0091-suse-python-paramiko-execute-arbitrary-code-commands-existing-account

ESB-2021.0090 – [SUSE] python-defusedxml: Unauthorised access – Remote/unauthenticated

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2021.0090
         Security update for python-defusedxml, python-freezegun,
           python-pkgconfig, python-python3-saml, python-xmlsec
                              11 January 2021

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           python-defusedxml
Publisher:         SUSE
Operating System:  SUSE
Impact/Access:     Unauthorised Access -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2017-11427  

Reference:         ESB-2018.0574
                   ESB-2018.0571

Original Bulletin: 
   https://www.suse.com/support/update/announcement/2021/suse-su-20210048-1

- --------------------------BEGIN INCLUDED TEXT--------------------

SUSE Security Update: Security update for python-defusedxml, python-freezegun,
python-pkgconfig, python-python3-saml, python-xmlsec

______________________________________________________________________________

Announcement ID:   SUSE-SU-2021:0048-1
Rating:            moderate
References:        #1019074 #1041090 #1177200
Cross-References:  CVE-2017-11427
Affected Products:
                   SUSE Enterprise Storage 6
______________________________________________________________________________

An update that solves one vulnerability and has two fixes is now available.

Description:

This update for python-defusedxml, python-freezegun, python-pkgconfig,
python-python3-saml, python-xmlsec fixes the following issues:


  o Update to 0.6.0 - Increase test coverage. - Add badges to README. - Test on
    Python 3.7 stable and 3.8-dev - Drop support for Python 3.4 - No longer
    pass *html* argument to XMLParse. It has been deprecated and ignored for a
    long time. The DefusedXMLParser still takes a html argument. A deprecation
    warning is issued when the argument is False and a TypeError when it's
    True. - defusedxml now fails early when pyexpat stdlib module is not
    available or broken. - defusedxml.ElementTree.__all__ now lists ParseError
    as public attribute. - The defusedxml.ElementTree and
    defusedxml.cElementTree modules had a typo and used XMLParse instead of
    XMLParser as an alias for DefusedXMLParser. Both the old and fixed name are
    now available.


  o Remove superfluous devel dependency for noarch package


  o Update to 5.0 * Add compatibility with Python 3.6 * Drop support for Python
    2.6, 3.1, 3.2, 3.3 * Fix lxml tests (XMLSyntaxError: Detected an entity
    reference loop)
  o Implement single-spec version.


  o Dummy changelog for bsc#1019074, FATE#322329


  o Add dependency on the full python (which is not pulled by setuptools
    anymore). Use %{pythons} macro now. (bsc#1177200)


  o Upgrade to 0.3.12: * Refactor classes to functions * Ignore Selenium * Move
    to pytest * Conditionally patch time.clock (removed in 3.8) * Patch
    time.time_ns added in Python 3.7


  o Do not require python2 module for building python3 module


  o Update to 0.3.11: * Performance improvements * Fix nesting time.time * Add
    nanosecond property


  o Remove superfluous devel dependency for noarch package


  o Add remove_dependency_on_mock.patch which removes dependency on python-mock
    for Python 3, where it is not required.


  o update to 0.3.10 * Performance improvements * Coroutine support


  o update to version 0.3.9 * If no time to be frozen, use current time * Fix
    uuid1 issues * Add support for python 3.6


update to version 0.3.8 * Improved unpatching when importing modules after
freeze_time start() * Add manual increment via tick method * Fix bug with
time.localtime not being reset. Closes #112. * Fix test to work when current
timezone is GMT-14 or GMT+14. * Fixed #162 - allow decorating old-style
classes. * Add support to PyMySQL * Assume the default time to freeze is "now".
* Register fake types in PyMySQL conversions * Ignore threading and Queue
modules. Closes #129. * Lock down coverage version since new coverage doesnt
support py3.2 * Fix or py3 astimezone and not passing tz. Closes #138. * Add
note about deafult arguments. Closes #140. * Add license info. Closes #120.

  o Update to 0.3.5 * No upstream changelog
  o Remove unneeded freeze_hideDeps.patch


  o Use download Url as source
  o Use tarball provided by pypi


  o update to 1.5.1 * Use poetry instead of setuptools directly * Fix #42:
    raise exception if package is missing * Fix version parsing for
    openssl-like version numbers, fixes #32 * Add boolean static keyword to
    output private libraries as well * Raise original OSError as well


  o Add missing test dependency pkgconfig

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Enterprise Storage 6:
    zypper in -t patch SUSE-Storage-6-2021-48=1

Package List:

  o SUSE Enterprise Storage 6 (aarch64 x86_64):
       python3-xmlsec-1.3.6-1.5.1
       python3-xmlsec-debuginfo-1.3.6-1.5.1
  o SUSE Enterprise Storage 6 (noarch):
       python3-defusedxml-0.6.0-1.5.1
       python3-freezegun-0.3.12-1.5.1
       python3-isodate-0.6.0-1.3.2
       python3-pkgconfig-1.5.1-1.5.1
       python3-python3-saml-1.9.0-1.5.2


References:

  o https://www.suse.com/security/cve/CVE-2017-11427.html
  o https://bugzilla.suse.com/1019074
  o https://bugzilla.suse.com/1041090
  o https://bugzilla.suse.com/1177200

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX/urA+NLKJtyKPYoAQikrBAAhLkSaj9XEfmaRXlDog+dl2azDVR27wWW
m4KSBLoWjhhNpEqZnSolMV/TubOU9NK7veCOXdqtRD/fJ5UTCaP8BGKJt6HgahY0
FN0310W/fN34UID1d4aiCeOON3UIuKw6X7NdC83Wlrcsi3GwuS+vHOBKkg5mUe4Q
NJW76lolZKQKHwIL4Zn14eD+WqitlM/NMsjeZVkkkXZnZj7xYDOk+EBIhgmXvEbb
T7fBDDLRaUe4608ktnZLXlRfNT5+2pyc9nzTVX4r3wn9QESBC8geZ+sxMOI3Q1wT
E/Prdt3YNeDXX5Z9OCtvroKDXdA0TyyCQQfeVmyYzwZd1DklYPYg2ZlpZl1+qdBC
pNXxbuz3+uG6kST66ahVcZPbcN9BRBT4eG2G1soe/mTwyHibJXI8fmlzPClVYsii
m5luWAJuYCOfl23h5vxb0o+p4G6hO61fUntKh4sd5qHu7LZGSZ9hXqGvPQBP14RI
/jNH/CoYZnU5nXOjhELAZm9nKrSkbCNqcfY+EZ1P6Bv1nIyuVaLQa5/U2aQNNuZE
QNN0tNHjC18igE0RhwF8kd4SvUB9/1w78C7hlDGjRmUswi1t3WT84KoKRfpw9M1d
baEL6+zlOTIGdBzfQq6cAYX/aR2K+iGIb3pc4SmVy9GBHauXaPNwt4HO+2HzkbiW
e2VDv6YnUWY=
=JL8v
-----END PGP SIGNATURE-----

Read More

The post ESB-2021.0090 – [SUSE] python-defusedxml: Unauthorised access – Remote/unauthenticated appeared first on Malware Devil.

https://malwaredevil.com/2021/01/11/esb-2021-0090-suse-python-defusedxml-unauthorised-access-remote-unauthenticated/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-0090-suse-python-defusedxml-unauthorised-access-remote-unauthenticated

ESB-2021.0089 – [SUSE] tomcat: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2021.0089
                        Security update for tomcat
                              11 January 2021

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           tomcat
Publisher:         SUSE
Operating System:  SUSE
Impact/Access:     Access Confidential Data -- Remote/Unauthenticated
                   Reduced Security         -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-17527  

Reference:         ESB-2021.0055
                   ESB-2021.0017
                   ESB-2020.4472
                   ESB-2020.4294

Original Bulletin: 
   https://www.suse.com/support/update/announcement/2021/suse-su-20210042-1
   https://www.suse.com/support/update/announcement/2021/suse-su-20210041-1

Comment: This bulletin contains two (2) SUSE security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

SUSE Security Update: Security update for tomcat

______________________________________________________________________________

Announcement ID:   SUSE-SU-2021:0042-1
Rating:            moderate
References:        #1179602
Cross-References:  CVE-2020-17527
Affected Products:
                   SUSE Linux Enterprise Module for Web Scripting 15-SP1
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for tomcat fixes the following issue:

  o CVE-2020-17527: Fixed a HTTP/2 request header mix-up (bsc#1179602).

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Linux Enterprise Module for Web Scripting 15-SP1:
    zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP1-2021-42=1

Package List:

  o SUSE Linux Enterprise Module for Web Scripting 15-SP1 (noarch):
       tomcat-9.0.36-4.53.1
       tomcat-admin-webapps-9.0.36-4.53.1
       tomcat-el-3_0-api-9.0.36-4.53.1
       tomcat-jsp-2_3-api-9.0.36-4.53.1
       tomcat-lib-9.0.36-4.53.1
       tomcat-servlet-4_0-api-9.0.36-4.53.1
       tomcat-webapps-9.0.36-4.53.1


References:

  o https://www.suse.com/security/cve/CVE-2020-17527.html
  o https://bugzilla.suse.com/1179602

- ------------------------------------------------------------------------------------------------------------------------------------------------------
SUSE Security Update: Security update for tomcat

______________________________________________________________________________

Announcement ID:   SUSE-SU-2021:0041-1
Rating:            moderate
References:        #1179602
Cross-References:  CVE-2020-17527
Affected Products:
                   SUSE Linux Enterprise Module for Web Scripting 15-SP2
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for tomcat fixes the following issue:

  o CVE-2020-17527: Fixed a HTTP/2 request header mix-up (bsc#1179602).

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Linux Enterprise Module for Web Scripting 15-SP2:
    zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP2-2021-41=1

Package List:

  o SUSE Linux Enterprise Module for Web Scripting 15-SP2 (noarch):
       tomcat-9.0.36-3.18.1
       tomcat-admin-webapps-9.0.36-3.18.1
       tomcat-el-3_0-api-9.0.36-3.18.1
       tomcat-jsp-2_3-api-9.0.36-3.18.1
       tomcat-lib-9.0.36-3.18.1
       tomcat-servlet-4_0-api-9.0.36-3.18.1
       tomcat-webapps-9.0.36-3.18.1


References:

  o https://www.suse.com/security/cve/CVE-2020-17527.html
  o https://bugzilla.suse.com/1179602

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIUAwUBX/uqnuNLKJtyKPYoAQjXqw/48vGYmv0IlKdZxK6q8WbVaoIbKejI5FzP
9qOBzSew4mZFgWUQsAyBmbmZ+mqGJpwWZaGk+y3sVbTCQDNvZI2pB2VFWdjJJhJC
eG2rlt21bs6NuM7CnvbttKA+PyQwg8cxTg7FH2IphbnVbFxDN7BkC7AbaASfOAww
mFu1yQh8We+ToeK2h2LqCSxykJy0opFQ39ViU52Kyd2b5Vc7SPt7K28n4hT29B3c
IGYB7PEVB0nF3tkrk1psle3euI4spJPHFViUcyAsAfm1DiFJ07Oe7zYQaGjFdjEB
PAWbrHu772q6J09WO6hclyCS9FwBpiQVeK7hSL2Rt+Ze+bd0okekVRpJaFYQba6D
jKWoeSYGU3YfZfxia/+56/ToqnahAxZ6iIcLGp9JiS2n2eaxdpNgkk+iglSCEhDd
HUUTHoyqp9VsRYJ4HebDTtmz3qa+cywrSHvWdm/3SXIDHoI2G7Vq6l78Sx3Z0gHc
6mhicEHWys2o/n0cC6ne4GP9g8GgJP4zLdXYQWLWkLMUsCa7SEFieiV5qUPjTxW9
Bj84lnr5L3TycsH70yok+bqimz1VgMvJLN2++irvYuJMCGS4cUDMEQfZGJ5fgyN9
vvEmf+A2wrCeZaa8G0n1Y4cTt6nFwm1J6X44ipzb2VHFyAtEr8WEZmwUjXX8rHl2
Cc3LUxlnrQ==
=tY2/
-----END PGP SIGNATURE-----

Read More

The post ESB-2021.0089 – [SUSE] tomcat: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2021/01/11/esb-2021-0089-suse-tomcat-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-0089-suse-tomcat-multiple-vulnerabilities

ESB-2021.0087 – [Debian] firefox-esr: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2021.0087
                        firefox-esr security update
                              11 January 2021

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           firefox-esr
Publisher:         Debian
Operating System:  Debian GNU/Linux
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Denial of Service               -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-16044  

Reference:         ESB-2021.0081
                   ESB-2021.0067

Original Bulletin: 
   https://www.debian.org/lts/security/2021/dla-2521

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- - -------------------------------------------------------------------------
Debian LTS Advisory DLA-2521-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
January 08, 2021                              https://wiki.debian.org/LTS
- - -------------------------------------------------------------------------

Package        : firefox-esr
Version        : 78.6.1esr-1~deb9u1
CVE ID         : CVE-2020-16044

A security issue was found in the Mozilla Firefox web browser, which
could potentially result in the execution of arbitrary code.

For Debian 9 stretch, this problem has been fixed in version
78.6.1esr-1~deb9u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
- -----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAl/4H9QACgkQnUbEiOQ2
gwIztA//WoAmdFNlBDatHKDrY0G6wihTlZZn69J+JW1gyY7wc1cNKb6m9rxDEm1g
21EoASaWZYnj30L/AKaj26aemk+iYBw799inOKWvVKhJQ0aCHxC/KHkdcRiTyejv
gkOiMjwGc6mnwFSizrQSZX2dyzH4ez/atp08ofalqAiLYluCJpQyojEXmjeAvsfA
fTcfRBbDsRdFnkN6ULCGGaJn+P94bLfX2XJPsVVE9hGZEcXBAzT8/Z/dzN9Ijtb6
35GYyLATHnR37RcGDU4rGL7f2XuFM8OPxmY6fTveT+0UCWOvieo8jX66z16TMpgE
U6dLz1ZmAtBx6h2h+pSbcpvFAYa2IFrfUX3SqFOqnwrQiqb89DfygrCbfIJKzgqY
hbf2nC98wnO0/0zn8EWGI/kjHCiwcB7m3zDXI1mNWfLh7N4XNt4xJ7Rc/YMOaz7S
RReFnaVl/lVw2td9NprNKz0L0GNYqtB63kmnaFRXHphLgctSVvt58ReriCdeNnRG
uQA1iAslxPONfz+wucijg8PLpSdZ9u9rmLrIR2cVQGZhm5aRBB6br5elykGE2PEI
P1FIBLF919hzRLszH6RaNLlH3gBKWu6SX13CIbOdITa7Lf6G0dm6clSRxwFX63Vb
T5iZ7Rge2RD8QNbZACtXOYHC7aY9m5Fijj+3BXjVvdqib/JlSF8=
=VFJG
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX/uaRONLKJtyKPYoAQjXJg//fJV9A83LFLt9FMyQ/i0v/MJiwG4PLTah
F8FKqecfQfjE65CoX0trGhXQzaZ65IkYH9AgCJiTIM3MePx5EDrE8YODnqERSX7n
BuI7IlB1CWacGi/PVUdI3YqT4Hdj1QTneto61Sov1pzcc0H7q0+g8uoTzTJ3XVhs
DWUOdDGyM/JFutOL5ipxVq+wE7JTOBbQ2Pv9xqPzGDev7m/tMG0y53ocTzyU8Sx8
tNn9U02Xzk2s3iX0gnPuiAaH9MhwPAs4TIX67QpSSSTtfRj3ZVLMHEZq0Xqw7tKZ
pnuLs6TqQe7zgOGhJgnlUXsfu4RLwIs8LP+F8EyxLv+MdVHrcpA6p5x+brI6Sv2z
06sjAKoB5obnQx+zihhcyaK50YW+jTkGErlXljeY6wbxk5uGfXsEa79lTiVcCovW
WDDQEFlQ9MPUt1ER5yX9J7vHkcLtobwtfjGbui0Llopt9azwlj0UC3XqeaQdglFE
fgIcrOk/N9Su/sh3I8sQPefH++Pkd7klHLkkWJ7hTRfv1OgMZPaF4QzeG4izV3MX
IgCHhZk9PZ/WwLStK2Q/aiZAXq+YVcAJRnwUbHjkAsdOFj3I4WIBmfmlTcgL6DB9
xm0hKE/p+dbxLJzkYzz6OTvjBkyZSBkljitDrk2Bkl4OXT/yAd9i2KFiClwFHBi3
C/tkzniZxUI=
=N0M0
-----END PGP SIGNATURE-----

Read More

The post ESB-2021.0087 – [Debian] firefox-esr: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2021/01/11/esb-2021-0087-debian-firefox-esr-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-0087-debian-firefox-esr-multiple-vulnerabilities

ESB-2021.0088 – [Ubuntu] firefox: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2021.0088
                     USN-4687-1: Firefox vulnerability
                              11 January 2021

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           firefox
Publisher:         Ubuntu
Operating System:  Ubuntu
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Denial of Service               -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-16044  

Reference:         ESB-2021.0081
                   ESB-2021.0067

Original Bulletin: 
   https://ubuntu.com/security/notices/USN-4687-1

- --------------------------BEGIN INCLUDED TEXT--------------------

USN-4687-1: Firefox vulnerability
08 January 2021

Firefox could be made to crash or run programs as your login if it
opened a malicious website.
Releases

  o Ubuntu 20.10
  o Ubuntu 20.04 LTS
  o Ubuntu 18.04 LTS
  o Ubuntu 16.04 LTS

Packages

  o firefox - Mozilla Open Source web browser

Details

A use-after-free was discovered in Firefox when handling SCTP packets.
An attacker could potentially exploit this to cause a denial of service,
or execute arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following package
versions:

Ubuntu 20.10

  o firefox - 84.0.2+build1-0ubuntu0.20.10.1

Ubuntu 20.04

  o firefox - 84.0.2+build1-0ubuntu0.20.04.1

Ubuntu 18.04

  o firefox - 84.0.2+build1-0ubuntu0.18.04.1

Ubuntu 16.04

  o firefox - 84.0.2+build1-0ubuntu0.16.04.1

After a standard system update you need to restart Firefox to make
all the necessary changes.

References

  o CVE-2020-16044

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX/uaYONLKJtyKPYoAQgf0w/+KLRMfROVIy/UOz7V8LSeXejePz6KghjX
BqFLgxqRYN7Pf+6N38bvgFEs0WECGIcoDOJEObQQqiEoTLAelEFIsYpbnkYrLgyl
g+TS4YhOy5BWx0IP2Y4hXW9+Y80VgZoVLvGb1HhBlFqxRRqiUr9EY2p5lR88oGah
rDNbdkDvildR72fUChzOiCHIUV/4/d1YxD5CJqK0iCqVNQM8VzozxboY1BsFX1P3
aOTmyS0nfsYn99+WfI3qoWqiHUcO1Bvj7CBTV7PfgcdWtC6LunXFJy0/fdVV434J
Qk+ll31PZTPnuun+qdAsMp4174Z2RuUO7mmJe6mdUZHxLeiavBwAcDmqmJaMYX6O
mEU8W5StRR27vX6VL5P4wmFeVAvKM5OXXffTFa3UhNTSf9zDvA/SzHgS7vjOEDcb
ZTK0SLPQgwWmoJvVvqnsYlHcvByXW0pfli+F7a+Xu2sf+2asGMFTKgejjUVBqC/a
PIQdhZeD6JK266xSNwFxRReNqlZePAD5msFFxshwgYlzIOb4q6QQ9UqdyA0au6bT
F5VyVZxjmUwY0RITHquYO8UXOo06E1GQ7tZFCBw1ip1sY4Q1edYw6qzwKR6xthsv
xxE5+2YPRdBXrIF2lhuqjvIaD8a1N7/QGWf8btd1adDkl1THAPoqy80aOp3D2lYK
7rnR8yXRhjE=
=5gRx
-----END PGP SIGNATURE-----

Read More

The post ESB-2021.0088 – [Ubuntu] firefox: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2021/01/11/esb-2021-0088-ubuntu-firefox-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-0088-ubuntu-firefox-multiple-vulnerabilities

Network Security News Summary for Monday January 11st, 2021

A brief daily summary of what is important in cybersecurity. The podcast is published every weekday and designed to get you ready for the day with a brief, usually about 5 minutes long, summary of current network security-related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Storm Center. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

The post Network Security News Summary for Monday January 11st, 2021 appeared first on Malware Devil.

https://malwaredevil.com/2021/01/11/network-security-news-summary-for-monday-january-11st-2021/?utm_source=rss&utm_medium=rss&utm_campaign=network-security-news-summary-for-monday-january-11st-2021