Debian Linux Security Advisory 5812-1 - Multiple security issues were discovered in PostgreSQL, which may result in the execution of arbitrary code, privilege escalation or log manipulation.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5812-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffNovember 15, 2024                     https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : postgresql-15CVE ID         : CVE-2024-10976 CVE-2024-10977 CVE-2024-10978 CVE-2024-10979Multiple security issues were discovered in PostgreSQL, which may result inthe execution of arbitrary code, privilege escalation or log manipulation.For the stable distribution (bookworm), these problems have been fixed inversion 15.9-0+deb12u1.We recommend that you upgrade your postgresql-15 packages.For the detailed security status of postgresql-15 please refer toits security tracker page at:https://security-tracker.debian.org/tracker/postgresql-15Further information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmc3hfUACgkQEMKTtsN8TjalVxAAmmEGwof8hC+HRIlI65sI/pwgMrmmJSWjAYMYMJbED7cSFbk66SMBa/GId+yXBJY8WFwLrkJAqjsn8iFDdILEjoY7uMTsbaf4aKZUgLEPLH8wSjRVGlg63q4SRc4pK7eNwPI1T3IqEfhmnJQFLh/WC34iPpuokL+52FpfajRXZ3yxA3ZSuE5cqBVp/JRvtq6NNaVz5uLSdCDrSHm+eV+TC16XZSPJVYCT8Rt21D93xn7HS3bidWuqhTbBLRJCD4FOJ9gSGGAG+BME5h33NpqyZboE43ikLAfWmGKhL50ymSnZ5waPUW990RmXa4D+HKgVynumjaZHohUnT5L+6Baw1UnqaaevkZa7wo8iaanmf2odYGYP1pJavCJprKQ5yCLCErFL5IACTcC7tergpffZlrZXt8owt9h/ahW+BglBfB2PglxTYhDrIRl9A4d0lG0DfltPAFyOMB3VgrKd6w9myIK6W6KDrN4B/dnu7bDf8XCxfdDe7KsFaScz7ZXz7tYkC5/k2KOxLo43i1yaQRXLhei1OuklcaEZy2oD/RU1C1by5GQCIvfvKg9D0eGipGy6rh12wIq66Ef0neUHbuja6/zR304nU/1XPAV+2qPWGRN5SsScf1lbkXD2CcpgR7n5S3mU1fN9Ufd42koI/oQ0Q5gCKvVm2VUzQZrjnWfj5H4==ab7S-----END PGP SIGNATURE-----

Debian Security Advisory 5812-1

Ubuntu Security Notice 7106-1 - It was discovered that Tomcat did not include the secure attribute for session cookies when using the RemoteIpFilter with requests from a reverse proxy. An attacker could possibly use this issue to leak sensitive information. It was discovered that Tomcat had a vulnerability in its FORM authentication feature, leading to an open redirect attack. An attacker could possibly use this issue to perform phishing attacks.

==========================================================================  
Ubuntu Security Notice USN-7106-1  
November 13, 2024

tomcat9 vulnerabilities  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS  
- Ubuntu 20.04 LTS  
- Ubuntu 18.04 LTS

Summary:

Several security issues were fixed in Tomcat.

Software Description:  
- tomcat9: Servlet and JSP engine

Details:

It was discovered that Tomcat did not include the secure attribute for  
session cookies when using the RemoteIpFilter with requests from a  
reverse proxy. An attacker could possibly use this issue to leak  
sensitive information. (CVE-2023-28708)

It was discovered that Tomcat had a vulnerability in its FORM  
authentication feature, leading to an open redirect attack. An attacker  
could possibly use this issue to perform phishing attacks. (CVE-2023-41080)

It was discovered that Tomcat incorrectly recycled certain objects,  
which could lead to information leaking from one request to the next.  
An attacker could potentially use this issue to leak sensitive  
information. (CVE-2023-42795)

It was discovered that Tomcat incorrectly handled HTTP trailer headers. A  
remote attacker could possibly use this issue to perform HTTP request  
smuggling. (CVE-2023-45648)

It was discovered that Tomcat incorrectly handled socket cleanup, which  
could lead to websocket connections staying open. An attacker could  
possibly use this issue to cause a denial of service. (CVE-2024-23672)

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 22.04 LTS  
  libtomcat9-java                 9.0.58-1ubuntu0.1+esm4  
                                  Available with Ubuntu Pro  
  tomcat9                         9.0.58-1ubuntu0.1+esm4  
                                  Available with Ubuntu Pro

Ubuntu 20.04 LTS  
  libtomcat9-java                 9.0.31-1ubuntu0.8  
  tomcat9                         9.0.31-1ubuntu0.8

Ubuntu 18.04 LTS  
  libtomcat9-java                 9.0.16-3ubuntu0.18.04.2+esm4  
                                  Available with Ubuntu Pro  
  tomcat9                         9.0.16-3ubuntu0.18.04.2+esm4  
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:  
  https://ubuntu.com/security/notices/USN-7106-1  
  CVE-2023-28708, CVE-2023-41080, CVE-2023-42795, CVE-2023-45648,  
  CVE-2024-23672

Package Information:  
  https://launchpad.net/ubuntu/+source/tomcat9/9.0.31-1ubuntu0.8

Ubuntu Security Notice USN-7106-1

Red Hat Security Advisory 2024-9680-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include code execution, out of bounds read, and use-after-free vulnerabilities.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9680.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: webkit2gtk3 security update  
Advisory ID:        RHSA-2024:9680-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:9680  
Issue date:         2024-11-15  
Revision:           03  
CVE Names:          CVE-2022-32885  
====================================================================

Summary: 

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.

Security Fix(es):

* webkitgtk: Memory corruption issue when processing web content (CVE-2022-32885)

* webkitgtk: arbitrary javascript code execution (CVE-2023-40397)

* webkitgtk: Arbitrary Remote Code Execution (CVE-2023-42917)

* webkitgtk: type confusion may lead to arbitrary code execution (CVE-2024-23222)

* webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2023-42852)

* chromium-browser: Use after free in ANGLE (CVE-2024-4558)

* webkitgtk: webkit2gtk: Use after free may lead to Remote Code Execution (CVE-2024-40776)

* webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2024-40789)

* webkitgtk: webkit2gtk: Out-of-bounds read was addressed with improved bounds checking (CVE-2024-40780)

* webkitgtk: webkit2gtk: Out-of-bounds read was addressed with improved bounds checking (CVE-2024-40779)

* webkitgtk: webkit2gtk: Use-after-free was addressed with improved memory management (CVE-2024-40782)

* webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2024-27808)

* webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2024-27820)

* webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2024-27833)

* webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2024-27851)

* webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2024-44185)

* webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2024-44244)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2022-32885

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2236842  
https://bugzilla.redhat.com/show_bug.cgi?id=2238945  
https://bugzilla.redhat.com/show_bug.cgi?id=2253058  
https://bugzilla.redhat.com/show_bug.cgi?id=2259893  
https://bugzilla.redhat.com/show_bug.cgi?id=2271456  
https://bugzilla.redhat.com/show_bug.cgi?id=2279689  
https://bugzilla.redhat.com/show_bug.cgi?id=2301841  
https://bugzilla.redhat.com/show_bug.cgi?id=2302067  
https://bugzilla.redhat.com/show_bug.cgi?id=2302069  
https://bugzilla.redhat.com/show_bug.cgi?id=2302070  
https://bugzilla.redhat.com/show_bug.cgi?id=2302071  
https://bugzilla.redhat.com/show_bug.cgi?id=2314697  
https://bugzilla.redhat.com/show_bug.cgi?id=2314698  
https://bugzilla.redhat.com/show_bug.cgi?id=2314700  
https://bugzilla.redhat.com/show_bug.cgi?id=2314704  
https://bugzilla.redhat.com/show_bug.cgi?id=2323263  
https://bugzilla.redhat.com/show_bug.cgi?id=2323278

Red Hat Security Advisory 2024-9680-03

Red Hat Security Advisory 2024-9654-03 - An update for libsoup is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Issues addressed include a HTTP request smuggling vulnerability.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9654.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: libsoup security updateAdvisory ID:        RHSA-2024:9654-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:9654Issue date:         2024-11-15Revision:           03CVE Names:          CVE-2024-52530====================================================================Summary: An update for libsoup is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The libsoup packages provide an HTTP client and server library for GNOME.Security Fix(es):* libsoup: HTTP request smuggling via stripping null bytes from the ends of header names (CVE-2024-52530)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-52530References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2325284

Red Hat Security Advisory 2024-9654-03

Red Hat Security Advisory 2024-9653-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include code execution, out of bounds read, and use-after-free vulnerabilities.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9653.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: webkit2gtk3 security update  
Advisory ID:        RHSA-2024:9653-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:9653  
Issue date:         2024-11-15  
Revision:           03  
CVE Names:          CVE-2022-32885  
====================================================================

Summary: 

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.

Security Fix(es):

* webkitgtk: Memory corruption issue when processing web content (CVE-2022-32885)

* webkitgtk: arbitrary javascript code execution (CVE-2023-40397)

* webkitgtk: Arbitrary Remote Code Execution (CVE-2023-42917)

* webkitgtk: type confusion may lead to arbitrary code execution (CVE-2024-23222)

* webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2023-42852)

* chromium-browser: Use after free in ANGLE (CVE-2024-4558)

* webkitgtk: webkit2gtk: Use after free may lead to Remote Code Execution (CVE-2024-40776)

* webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2024-40789)

* webkitgtk: webkit2gtk: Out-of-bounds read was addressed with improved bounds checking (CVE-2024-40780)

* webkitgtk: webkit2gtk: Out-of-bounds read was addressed with improved bounds checking (CVE-2024-40779)

* webkitgtk: webkit2gtk: Use-after-free was addressed with improved memory management (CVE-2024-40782)

* webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2024-27808)

* webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2024-27820)

* webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2024-27833)

* webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2024-27851)

* webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2024-44185)

* webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2024-44244)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2022-32885

References:

https://access.redhat.com/security/updates/classification/#important  
https://access.redhat.com/security/vulnerabilities/  
https://bugzilla.redhat.com/show_bug.cgi?id=2236842  
https://bugzilla.redhat.com/show_bug.cgi?id=2238945  
https://bugzilla.redhat.com/show_bug.cgi?id=2253058  
https://bugzilla.redhat.com/show_bug.cgi?id=2259893  
https://bugzilla.redhat.com/show_bug.cgi?id=2271456  
https://bugzilla.redhat.com/show_bug.cgi?id=2279689  
https://bugzilla.redhat.com/show_bug.cgi?id=2301841  
https://bugzilla.redhat.com/show_bug.cgi?id=2302067  
https://bugzilla.redhat.com/show_bug.cgi?id=2302069  
https://bugzilla.redhat.com/show_bug.cgi?id=2302070  
https://bugzilla.redhat.com/show_bug.cgi?id=2302071  
https://bugzilla.redhat.com/show_bug.cgi?id=2314697  
https://bugzilla.redhat.com/show_bug.cgi?id=2314698  
https://bugzilla.redhat.com/show_bug.cgi?id=2314700  
https://bugzilla.redhat.com/show_bug.cgi?id=2314704  
https://bugzilla.redhat.com/show_bug.cgi?id=2323263  
https://bugzilla.redhat.com/show_bug.cgi?id=2323278

Red Hat Security Advisory 2024-9653-03

Red Hat Security Advisory 2024-9644-03 - An update for the squid:4 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9644.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: squid:4 security updateAdvisory ID:        RHSA-2024:9644-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:9644Issue date:         2024-11-15Revision:           03CVE Names:          CVE-2024-23638====================================================================Summary: An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.Security Fix(es):* squid: vulnerable to a Denial of Service attack against Cache Manager error responses (CVE-2024-23638)* squid: Denial of Service processing ESI response content (CVE-2024-45802)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-23638References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2260051https://bugzilla.redhat.com/show_bug.cgi?id=2322154

Red Hat Security Advisory 2024-9644-03

Red Hat Security Advisory 2024-9637-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9637.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: webkit2gtk3 security updateAdvisory ID:        RHSA-2024:9637-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:9637Issue date:         2024-11-15Revision:           03CVE Names:          CVE-2024-44185====================================================================Summary: An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.Security Fix(es):* webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2024-44185)* webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2024-44244)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-44185References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2323263https://bugzilla.redhat.com/show_bug.cgi?id=2323278

Red Hat Security Advisory 2024-9637-03

Red Hat Security Advisory 2024-9627-03 - Red Hat OpenShift Service Mesh Containers for 2.6.3. Issues addressed include a denial of service vulnerability.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9627.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: Red Hat OpenShift Service Mesh Containers for 2.6.3Advisory ID:        RHSA-2024:9627-03Product:            Red Hat OpenShift Service MeshAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:9627Issue date:         2024-11-15Revision:           03CVE Names:          CVE-2024-21536====================================================================Summary: Red Hat OpenShift Service Mesh Containers for 2.6.3This update has a security impact of Moderate. A Common Vulnerability ScoringSystem (CVSS) base score, which gives a detailed severity rating, is availablefor each vulnerability from the CVE link(s) in the References section.Description:Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.Security Fix(es):* kiali-ossmc-container: Denial of Service [ossm-2.6] (CVE-2024-21536) (OSSM-8280)* openshift-istio-kiali-rhel8-container: Denial of Service [ossm-2.6] (CVE-2024-21536) (OSSM-8281)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-21536References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2319884

Red Hat Security Advisory 2024-9627-03

Red Hat Security Advisory 2024-9624-03 - An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include a denial of service vulnerability.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9624.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: squid:4 security updateAdvisory ID:        RHSA-2024:9624-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:9624Issue date:         2024-11-15Revision:           03CVE Names:          CVE-2024-45802====================================================================Summary: An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.Security Fix(es):* squid: Denial of Service processing ESI response content (CVE-2024-45802)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-45802References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2322154

Red Hat Security Advisory 2024-9624-03

Firebase JavaScript SDK utilizes a "FIREBASE_DEFAULTS" cookie to store configuration data, including an "_authTokenSyncURL" field used for session synchronization.  If this cookie field is preset via an attacker by any other method, the attacker can manipulate the "_authTokenSyncURL" to point to their own server and it would allow am actor to capture user session data transmitted by the SDK. We recommend upgrading Firebase JS SDK at least to 10.9.0.

**Exploitability Metrics**

Attack Vector: This metric reflects the context by which vulnerability exploitation is possible. This metric value (and consequently the resulting severity) will be larger the more remote (logically, and physically) an attacker can be in order to exploit the vulnerable system. The assumption is that the number of potential attackers for a vulnerability that could be exploited from across a network is larger than the number of potential attackers that could exploit a vulnerability requiring physical access to a device, and therefore warrants a greater severity.

Attack Complexity: This metric captures measurable actions that must be taken by the attacker to actively evade or circumvent existing built-in security-enhancing conditions in order to obtain a working exploit. These are conditions whose primary purpose is to increase security and/or increase exploit engineering complexity. A vulnerability exploitable without a target-specific variable has a lower complexity than a vulnerability that would require non-trivial customization. This metric is meant to capture security mechanisms utilized by the vulnerable system.

Attack Requirements: This metric captures the prerequisite deployment and execution conditions or variables of the vulnerable system that enable the attack. These differ from security-enhancing techniques/technologies (ref Attack Complexity) as the primary purpose of these conditions is not to explicitly mitigate attacks, but rather, emerge naturally as a consequence of the deployment and execution of the vulnerable system.

Privileges Required: This metric describes the level of privileges an attacker must possess prior to successfully exploiting the vulnerability. The method by which the attacker obtains privileged credentials prior to the attack (e.g., free trial accounts), is outside the scope of this metric. Generally, self-service provisioned accounts do not constitute a privilege requirement if the attacker can grant themselves privileges as part of the attack.

User interaction: This metric captures the requirement for a human user, other than the attacker, to participate in the successful compromise of the vulnerable system. This metric determines whether the vulnerability can be exploited solely at the will of the attacker, or whether a separate user (or user-initiated process) must participate in some manner.

**Vulnerable System Impact Metrics**

Confidentiality: This metric measures the impact to the confidentiality of the information managed by the VULNERABLE SYSTEM due to a successfully exploited vulnerability. Confidentiality refers to limiting information access and disclosure to only authorized users, as well as preventing access by, or disclosure to, unauthorized ones.

Integrity: This metric measures the impact to integrity of a successfully exploited vulnerability. Integrity refers to the trustworthiness and veracity of information. Integrity of the VULNERABLE SYSTEM is impacted when an attacker makes unauthorized modification of system data. Integrity is also impacted when a system user can repudiate critical actions taken in the context of the system (e.g. due to insufficient logging).

Availability: This metric measures the impact to the availability of the VULNERABLE SYSTEM resulting from a successfully exploited vulnerability. While the Confidentiality and Integrity impact metrics apply to the loss of confidentiality or integrity of data (e.g., information, files) used by the system, this metric refers to the loss of availability of the impacted system itself, such as a networked service (e.g., web, database, email). Since availability refers to the accessibility of information resources, attacks that consume network bandwidth, processor cycles, or disk space all impact the availability of a system.

**Subsequent System Impact Metrics**

Confidentiality: This metric measures the impact to the confidentiality of the information managed by the SUBSEQUENT SYSTEM due to a successfully exploited vulnerability. Confidentiality refers to limiting information access and disclosure to only authorized users, as well as preventing access by, or disclosure to, unauthorized ones.

Integrity: This metric measures the impact to integrity of a successfully exploited vulnerability. Integrity refers to the trustworthiness and veracity of information. Integrity of the SUBSEQUENT SYSTEM is impacted when an attacker makes unauthorized modification of system data. Integrity is also impacted when a system user can repudiate critical actions taken in the context of the system (e.g. due to insufficient logging).

Availability: This metric measures the impact to the availability of the SUBSEQUENT SYSTEM resulting from a successfully exploited vulnerability. While the Confidentiality and Integrity impact metrics apply to the loss of confidentiality or integrity of data (e.g., information, files) used by the system, this metric refers to the loss of availability of the impacted system itself, such as a networked service (e.g., web, database, email). Since availability refers to the accessibility of information resources, attacks that consume network bandwidth, processor cycles, or disk space all impact the availability of a system.

Tag

#js