In LibRaw, an out-of-bounds read vulnerability exists within the get_huffman_diff() function (libraw\src\x3f\x3f_utils_patched.cpp) when reading data from an image file.

**Description**

An out-of-bounds read vulnerability exists within the "get\_huffman\_diff()" function (libraw\\src\\x3f\\x3f\_utils\_patched.cpp) when parsing a crafted X3F file.

**Steps to Reproduce**

(poc archive password= girlelecta):  
https://drive.google.com/file/d/1Yhqo6idPqWMisvPKrlzjsUKRApHmz2M\_/view

cmd:  
magick.exe convert poc1.X3F new.png

Upon running this, following crash happens (Note: I enabled page heap on magick.exe):

Microsoft (R) Windows Debugger Version 10.0.18362.1 AMD64  
Copyright (c) Microsoft Corporation. All rights reserved.

CommandLine: E:\\Workspace\\imageMagick\\ImageMagick-windows\\ImageMagick-7.0.9-16\\VisualMagick\\bin\\magick.exe convert E:\\Workspace\\poc1.X3F E:\\Workspace\\new.png

\*\*\*\*\*\*\*\*\*\*\*\*\* Path validation summary \*\*\*\*\*\*\*\*\*\*\*\*\*\*  
Symbol search path is: srv\*  
Executable search path is:  
ModLoad: 00007ff6 5a870000 00007ff6 5a882000 magick.exe  
ModLoad: 00007ffe c1500000 00007ffe c16f0000 ntdll.dll  
ModLoad: 00007ffe a8a10000 00007ffe a8a81000 C:\\WINDOWS\\System32\\verifier.dll  
Page heap: pid 0x2264: page heap enabled with flags 0x3.  
ModLoad: 00007ffe bf9a0000 00007ffe bfa52000 C:\\WINDOWS\\System32\\KERNEL32.DLL  
ModLoad: 00007ffe be510000 00007ffe be7b3000 C:\\WINDOWS\\System32\\KERNELBASE.dll  
ModLoad: 00007ffe 82020000 00007ffe 822a9000 E:\\Workspace\\imageMagick\\ImageMagick-windows\\ImageMagick-7.0.9-16\\VisualMagick\\bin\\CORE\_DB\_MagickCore\_.dll  
ModLoad: 00007ffe c0ea0000 00007ffe c1034000 C:\\WINDOWS\\System32\\USER32.dll  
ModLoad: 00007ffe 92500000 00007ffe 926c9000 E:\\Workspace\\imageMagick\\ImageMagick-windows\\ImageMagick-7.0.9-16\\VisualMagick\\bin\\CORE\_DB\_MagickWand\_.dll  
ModLoad: 00007ffe bf580000 00007ffe bf5a1000 C:\\WINDOWS\\System32\\win32u.dll  
ModLoad: 00007ffe c0910000 00007ffe c0936000 C:\\WINDOWS\\System32\\GDI32.dll  
ModLoad: 00007ffe be7c0000 00007ffe be954000 C:\\WINDOWS\\System32\\gdi32full.dll  
ModLoad: 00007ffe a8d20000 00007ffe a8d42000 C:\\WINDOWS\\SYSTEM32\\VCRUNTIME140D.dll  
ModLoad: 00007ffe 8b440000 00007ffe 8b5fb000 C:\\WINDOWS\\SYSTEM32\\ucrtbased.dll  
ModLoad: 00007ffe beab0000 00007ffe beb4e000 C:\\WINDOWS\\System32\\msvcp\_win.dll  
ModLoad: 00007ffe beb80000 00007ffe bec7a000 C:\\WINDOWS\\System32\\ucrtbase.dll  
ModLoad: 00007ffe c1280000 00007ffe c1323000 C:\\WINDOWS\\System32\\ADVAPI32.dll  
ModLoad: 00007ffe c0bb0000 00007ffe c0c4e000 C:\\WINDOWS\\System32\\msvcrt.dll  
ModLoad: 00007ffe c0cc0000 00007ffe c0d57000 C:\\WINDOWS\\System32\\sechost.dll  
ModLoad: 00007ffe c02a0000 00007ffe c03c0000 C:\\WINDOWS\\System32\\RPCRT4.dll  
ModLoad: 00007ffe a88b0000 00007ffe a88d7000 E:\\Workspace\\imageMagick\\ImageMagick-windows\\ImageMagick-7.0.9-16\\VisualMagick\\bin\\CORE\_DB\_bzlib\_.dll  
ModLoad: 00007ffe a8220000 00007ffe a833f000 E:\\Workspace\\imageMagick\\ImageMagick-windows\\ImageMagick-7.0.9-16\\VisualMagick\\bin\\CORE\_DB\_freetype\_.dll  
ModLoad: 00007ffe a8190000 00007ffe a8216000 E:\\Workspace\\imageMagick\\ImageMagick-windows\\ImageMagick-7.0.9-16\\VisualMagick\\bin\\CORE\_DB\_lcms\_.dll  
ModLoad: 00007ffe a7a50000 00007ffe a7af0000 E:\\Workspace\\imageMagick\\ImageMagick-windows\\ImageMagick-7.0.9-16\\VisualMagick\\bin\\CORE\_DB\_libxml\_.dll  
ModLoad: 00007ffe a87f0000 00007ffe a881a000 E:\\Workspace\\imageMagick\\ImageMagick-windows\\ImageMagick-7.0.9-16\\VisualMagick\\bin\\CORE\_DB\_zlib\_.dll  
ModLoad: 00007ffe a87c0000 00007ffe a87e3000 E:\\Workspace\\imageMagick\\ImageMagick-windows\\ImageMagick-7.0.9-16\\VisualMagick\\bin\\CORE\_DB\_lqr\_.dll  
ModLoad: 00007ffe 81ce0000 00007ffe 8201b000 E:\\Workspace\\imageMagick\\ImageMagick-windows\\ImageMagick-7.0.9-16\\VisualMagick\\bin\\CORE\_DB\_glib\_.dll  
ModLoad: 00007ffe bfa60000 00007ffe c0145000 C:\\WINDOWS\\System32\\SHELL32.dll  
ModLoad: 00007ffe bf530000 00007ffe bf57a000 C:\\WINDOWS\\System32\\cfgmgr32.dll  
ModLoad: 00007ffe c0b00000 00007ffe c0ba9000 C:\\WINDOWS\\System32\\shcore.dll  
ModLoad: 00007ffe bf5b0000 00007ffe bf8e6000 C:\\WINDOWS\\System32\\combase.dll  
ModLoad: 00007ffe be490000 00007ffe be510000 C:\\WINDOWS\\System32\\bcryptPrimitives.dll  
ModLoad: 00007ffe bec80000 00007ffe bf3ff000 C:\\WINDOWS\\System32\\windows.storage.dll  
ModLoad: 00007ffe c1430000 00007ffe c149f000 C:\\WINDOWS\\System32\\WS2\_32.dll  
ModLoad: 00007ffe be470000 00007ffe be48f000 C:\\WINDOWS\\System32\\profapi.dll  
ModLoad: 00007ffe be400000 00007ffe be44a000 C:\\WINDOWS\\System32\\powrprof.dll  
ModLoad: 00007ffe be3d0000 00007ffe be3e0000 C:\\WINDOWS\\System32\\UMPDC.dll  
ModLoad: 00007ffe c1220000 00007ffe c1272000 C:\\WINDOWS\\System32\\shlwapi.dll  
ModLoad: 00007ffe be3e0000 00007ffe be3f1000 C:\\WINDOWS\\System32\\kernel.appcore.dll  
ModLoad: 00007ffe bf510000 00007ffe bf527000 C:\\WINDOWS\\System32\\cryptsp.dll  
ModLoad: 00007ffe c1040000 00007ffe c1196000 C:\\WINDOWS\\System32\\ole32.dll  
ModLoad: 00007ffe bd950000 00007ffe bd98a000 C:\\WINDOWS\\SYSTEM32\\IPHLPAPI.DLL  
ModLoad: 00007ffe bd990000 00007ffe bda5a000 C:\\WINDOWS\\SYSTEM32\\DNSAPI.dll  
ModLoad: 00007ffe c0220000 00007ffe c0228000 C:\\WINDOWS\\System32\\NSI.dll  
(2264.3f58): Break instruction exception - code 80000003 (first chance)  
ntdll!LdrpDoDebuggerBreak+0x30:  
00007ffe c15d121c cc int 3  
0:000> g  
ModLoad: 00007ffe c1400000 00007ffe c142e000 C:\\WINDOWS\\System32\\IMM32.DLL  
ModLoad: 00007ffe b4720000 00007ffe b472f000 E:\\Workspace\\imageMagick\\ImageMagick-windows\\ImageMagick-7.0.9-16\\VisualMagick\\bin\\IM\_MOD\_DB\_DNG\_.dll  
ModLoad: 00007ffe 81b30000 00007ffe 81cdb000 E:\\Workspace\\imageMagick\\ImageMagick-windows\\ImageMagick-7.0.9-16\\VisualMagick\\bin\\CORE\_DB\_libraw\_.dll  
ModLoad: 00007ffe 9a850000 00007ffe 9a946000 C:\\WINDOWS\\SYSTEM32\\MSVCP140D.dll  
(2264.3f58): Access violation - code c0000005 (first chance)  
First chance exceptions are reported before any exception handling.  
This exception may be expected and handled.  
\*\*\* WARNING: Unable to verify checksum for E:\\Workspace\\imageMagick\\ImageMagick-windows\\ImageMagick-7.0.9-16\\VisualMagick\\bin\\CORE\_DB\_libraw\_.dll  
CORE\_DB\_libraw\_!get\_bit+0x34:  
00007ffe 81c20bb4 0fb600 movzx eax,byte ptr \[rax\] ds:0000014b bf836da4=??  
0:000> k  
Child-SP RetAddr Call Site  
00 00000038 853e32a0 00007ffe 81c219fe CORE\_DB\_libraw\_!get\_bit+0x34 \[e:\\workspace\\imagemagick\\imagemagick-windows\\imagemagick-7.0.9-16\\libraw\\src\\x3f\\x3f\_utils\_patched.cpp @ 857\]  
01 00000038 853e32c0 00007ffe 81c2251a CORE\_DB\_libraw\_!get\_huffman\_diff+0x6e \[e:\\workspace\\imagemagick\\imagemagick-windows\\imagemagick-7.0.9-16\\libraw\\src\\x3f\\x3f\_utils\_patched.cpp @ 1017\]  
02 00000038 853e3320 00007ffe 81c22352 CORE\_DB\_libraw\_!huffman\_decode\_row+0x13a \[e:\\workspace\\imagemagick\\imagemagick-windows\\imagemagick-7.0.9-16\\libraw\\src\\x3f\\x3f\_utils\_patched.cpp @ 1055\]  
03 00000038 853e33f0 00007ffe 81c37cee CORE\_DB\_libraw\_!huffman\_decode+0xb2 \[e:\\workspace\\imagemagick\\imagemagick-windows\\imagemagick-7.0.9-16\\libraw\\src\\x3f\\x3f\_utils\_patched.cpp @ 1095\]  
04 00000038 853e3470 00007ffe 81c37a93 CORE\_DB\_libraw\_!x3f\_load\_huffman\_compressed+0x21e \[e:\\workspace\\imagemagick\\imagemagick-windows\\imagemagick-7.0.9-16\\libraw\\src\\x3f\\x3f\_utils\_patched.cpp @ 1411\]  
05 00000038 853e34e0 00007ffe 81c37ecd CORE\_DB\_libraw\_!x3f\_load\_huffman+0x283 \[e:\\workspace\\imagemagick\\imagemagick-windows\\imagemagick-7.0.9-16\\libraw\\src\\x3f\\x3f\_utils\_patched.cpp @ 1468\]  
06 00000038 853e3550 00007ffe 81c37768 CORE\_DB\_libraw\_!x3f\_load\_image+0x12d \[e:\\workspace\\imagemagick\\imagemagick-windows\\imagemagick-7.0.9-16\\libraw\\src\\x3f\\x3f\_utils\_patched.cpp @ 1514\]  
07 00000038 853e35b0 00007ffe 81c38504 CORE\_DB\_libraw\_!x3f\_load\_data+0x88 \[e:\\workspace\\imagemagick\\imagemagick-windows\\imagemagick-7.0.9-16\\libraw\\src\\x3f\\x3f\_utils\_patched.cpp @ 2059\]  
08 00000038 853e35f0 00007ffe 81c33628 CORE\_DB\_libraw\_!LibRaw::x3f\_load\_raw+0x64 \[e:\\workspace\\imagemagick\\imagemagick-windows\\imagemagick-7.0.9-16\\libraw\\src\\x3f\\x3f\_parse\_process.cpp @ 579\]  
09 00000038 853e36e0 00007ffe 81c3d358 CORE\_DB\_libraw\_!LibRaw::unpack+0xc18 \[e:\\workspace\\imagemagick\\imagemagick-windows\\imagemagick-7.0.9-16\\libraw\\src\\decoders\\unpack.cpp @ 283\]  
\*\*\* WARNING: Unable to verify checksum for E:\\Workspace\\imageMagick\\ImageMagick-windows\\ImageMagick-7.0.9-16\\VisualMagick\\bin\\IM\_MOD\_DB\_DNG\_.dll  
0a 00000038 853e38a0 00007ffe b4721989 CORE\_DB\_libraw\_!libraw\_unpack+0x48 \[e:\\workspace\\imagemagick\\imagemagick-windows\\imagemagick-7.0.9-16\\libraw\\src\\libraw\_c\_api.cpp @ 136\]  
\*\*\* WARNING: Unable to verify checksum for E:\\Workspace\\imageMagick\\ImageMagick-windows\\ImageMagick-7.0.9-16\\VisualMagick\\bin\\CORE\_DB\_MagickCore\_.dll  
0b 00000038 853e38e0 00007ffe 820783b7 IM\_MOD\_DB\_DNG\_!ReadDNGImage+0x479 \[e:\\workspace\\imagemagick\\imagemagick-windows\\imagemagick-7.0.9-16\\imagemagick\\coders\\dng.c @ 425\]  
0c 00000038 853e59f0 00007ffe 82079af3 CORE\_DB\_MagickCore\_!ReadImage+0x5e7 \[e:\\workspace\\imagemagick\\imagemagick-windows\\imagemagick-7.0.9-16\\imagemagick\\magickcore\\constitute.c @ 553\]  
\*\*\* WARNING: Unable to verify checksum for E:\\Workspace\\imageMagick\\ImageMagick-windows\\ImageMagick-7.0.9-16\\VisualMagick\\bin\\CORE\_DB\_MagickWand\_.dll  
0d 00000038 853eac10 00007ffe 9253aac3 CORE\_DB\_MagickCore\_!ReadImages+0x393 \[e:\\workspace\\imagemagick\\imagemagick-windows\\imagemagick-7.0.9-16\\imagemagick\\magickcore\\constitute.c @ 927\]  
0e 00000038 853ebcc0 00007ffe 925d3fe8 CORE\_DB\_MagickWand\_!ConvertImageCommand+0x1523 \[e:\\workspace\\imagemagick\\imagemagick-windows\\imagemagick-7.0.9-16\\imagemagick\\magickwand\\convert.c @ 606\]  
\*\*\* WARNING: Unable to verify checksum for magick.exe  
0f 00000038 853ed810 00007ff6 5a8714ea CORE\_DB\_MagickWand\_!MagickCommandGenesis+0x338 \[e:\\workspace\\imagemagick\\imagemagick-windows\\imagemagick-7.0.9-16\\imagemagick\\magickwand\\mogrify.c @ 185\]  
10 00000038 853ee980 00007ff6 5a871693 magick!MagickMain+0x4ea \[e:\\workspace\\imagemagick\\imagemagick-windows\\imagemagick-7.0.9-16\\imagemagick\\utilities\\magick.c @ 149\]  
11 00000038 853efbf0 00007ff6 5a871f24 magick!wmain+0x43 \[e:\\workspace\\imagemagick\\imagemagick-windows\\imagemagick-7.0.9-16\\imagemagick\\utilities\\magick.c @ 195\]  
12 00000038 853efc30 00007ff6 5a871e37 magick!invoke\_main+0x34 \[f:\\dd\\vctools\\crt\\vcstartup\\src\\startup\\exe\_common.inl @ 80\]  
13 00000038 853efc70 00007ff6 5a871cfe magick!\_\_scrt\_common\_main\_seh+0x127 \[f:\\dd\\vctools\\crt\\vcstartup\\src\\startup\\exe\_common.inl @ 253\]  
14 00000038 853efcd0 00007ff6 5a871f39 magick!\_\_scrt\_common\_main+0xe \[f:\\dd\\vctools\\crt\\vcstartup\\src\\startup\\exe\_common.inl @ 296\]  
15 00000038 853efd00 00007ffe bf9b7bd4 magick!wmainCRTStartup+0x9 \[f:\\dd\\vctools\\crt\\vcstartup\\src\\startup\\exe\_wmain.cpp @ 17\]  
16 00000038 853efd30 00007ffe c156ced1 KERNEL32!BaseThreadInitThunk+0x14  
17 00000038 853efd60 00000000 00000000 ntdll!RtlUserThreadStart+0x21

**System Configuration**

*   ImageMagick:  
    Version: ImageMagick-7.0.9-Q16 https://imagemagick.org  
    License: https://imagemagick.org/script/license.php
*   Environment (Operating system, version and so on):  
    Distributor ID: Microsoft Windows  
    Description: Windows 10

CVE-2020-35531: LibRaw "get_huffman_diff()" Out-of-bounds read vulnerability · Issue #270 · LibRaw/LibRaw

Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Simon Ward MP3 jPlayer plugin <= 2.7.3 at WordPress.

CVE-2022-36373: MP3-jPlayer

Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) in CallRail, Inc. CallRail Phone Call Tracking plugin <= 0.4.9 at WordPress.

*   Details
*   Reviews
*   Installation
*   Support
*   Development

CallRail is here to bring complete visibility to the marketers who rely on quality inbound leads to measure success. Our customers live in a results-driven world, and giving them a clear view into their digital marketing efforts is a first priority for CallRail. We see the opportunities in surfacing and connecting data from calls, forms, chat and beyond — helping our customers get to better outcomes.

Our WordPress plugin allows you to learn detailed information about the source and web session of every caller from your website using a process called Dynamic Number Insertion. It also powers our form tracking tool, which gives you the power to attribute form submissions back to their source and learn about what the user did on your site before submitting the form.

*   Learn more about CallRail.
*   Check out our WP plugin support documentation.

1.  Sign in to your CallRail account and click the **Settings tab**.
2.  Select the company you want from the dropdown menu.
3.  Find the WordPress plugin in the list of integrations and click **Instructions**.
4.  Download the plugin and follow the instructions listed.

Full documentation can be found here.

Constant integration issues with Adwords make our conversion data mostly useless. In Adwords this is a huge problem. They recently lost 2/3 of our all time call recordings!!!!! This data was priceless and is unrecoverable. Callrail's support is some of the worst I have encountered and even during emergency situations they are not in a hurry to help. Calls to support go unanswered and if we get a callback it is often the next day by someone who has little knowledge. We are finding a new company to work with and I would suggest others to do the same. I will update this post with a full breakdown of all our callrail issues once we have migrated to a new provider. Too many to list at the current moment 🙁

Read all 4 reviews

“CallRail Phone Call Tracking” is open source software. The following people have contributed to this plugin.

Contributors

*    apowellgt

**0.2**

*   Initial public release.

**0.3**

*   Update to version 2 of the javascript tracking script (swap.js)
*   Prompt the user to add an API key after installation.
*   Don’t insert the CallRail script if no API key is present.
*   Trim whitespace surrounding the API key before saving.

**0.3.1**

*   Update to version 3 of the javascript tracking script (swap.js)

**0.3.2**

*   Update to version 4 of the javascript tracking script (swap.js) which supports more advanced number replacement.

**0.3.3**

*   Update to version 5 of the javascript tracking script (swap.js)

**0.3.4**

*   Update to version 7 of the javascript tracking script (swap.js) and serve the script via the MaxCDN network (cdn.callrail.com).

**0.3.5**

*   Update to version 8 of the javascript tracking script (swap.js).

**0.3.6**

*   Update to version 10 of the javascript tracking script (swap.js).

**0.3.7**

*   Add a HTML comment so the CallRail support team can see when swap.js is installed via WordPress.

**0.3.8**

*   Update to version 11 of the javascript tracking script (swap.js).

**0.3.11**

*   Set Callrail cookies via HTTP using xhr request from swap.js script.

**0.4.0**

*   Added an optional feature to load required scripts as first-party through WordPress.

**0.4.1**

*   Various bug fixes.
*   Default first-party swap.js to on after testing if it is supported or not.

**0.4.2**

*   Fix bug where forms were not rendering for first-party enabled sites.

**0.4.3**

*   update the readme.

**0.4.4**

*   Change the default value for the “Enable As First Party Script” flag to false for initial Installations.

**0.4.5**

*   Add the newly required parameter “permission\_callback” to all custom REST endpoint definitions

**0.4.6**

*   Updating tested up to version.

**0.4.7**

*   Updating tested up to version. redeploy.

**0.4.8**

*   Updating tested up to version. redeploy.

**0.4.9**

*   Fixed End User IP Address detection

CVE-2022-36796: CallRail Phone Call Tracking

Red Hat Security Advisory 2022-6312-01 - The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Issues addressed include a privilege escalation vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: pcs security update  
Advisory ID:       RHSA-2022:6312-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:6312  
Issue date:        2022-09-01  
CVE Names:         CVE-2022-2735  
====================================================================  
1. Summary:

An update for pcs is now available for Red Hat Enterprise Linux 8.4  
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux High Availability EUS (v.8.4) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux Resilient Storage EUS (v.8.4) - ppc64le, s390x, x86_64

3. Description:

The pcs packages provide a command-line configuration system for the  
Pacemaker and Corosync utilities.

Security Fix(es):

* pcs: obtaining an authentication token for hacluster user could lead to  
privilege escalation (CVE-2022-2735)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2116815 - CVE-2022-2735 pcs: obtaining an authentication token for hacluster user could lead to privilege escalation

6. Package List:

Red Hat Enterprise Linux High Availability EUS (v.8.4):

Source:  
pcs-0.10.8-1.el8_4.2.src.rpm

aarch64:  
pcs-0.10.8-1.el8_4.2.aarch64.rpm  
pcs-snmp-0.10.8-1.el8_4.2.aarch64.rpm

ppc64le:  
pcs-0.10.8-1.el8_4.2.ppc64le.rpm  
pcs-snmp-0.10.8-1.el8_4.2.ppc64le.rpm

s390x:  
pcs-0.10.8-1.el8_4.2.s390x.rpm  
pcs-snmp-0.10.8-1.el8_4.2.s390x.rpm

x86_64:  
pcs-0.10.8-1.el8_4.2.x86_64.rpm  
pcs-snmp-0.10.8-1.el8_4.2.x86_64.rpm

Red Hat Enterprise Linux Resilient Storage EUS (v.8.4):

Source:  
pcs-0.10.8-1.el8_4.2.src.rpm

ppc64le:  
pcs-0.10.8-1.el8_4.2.ppc64le.rpm  
pcs-snmp-0.10.8-1.el8_4.2.ppc64le.rpm

s390x:  
pcs-0.10.8-1.el8_4.2.s390x.rpm  
pcs-snmp-0.10.8-1.el8_4.2.s390x.rpm

x86_64:  
pcs-0.10.8-1.el8_4.2.x86_64.rpm  
pcs-snmp-0.10.8-1.el8_4.2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-2735  
https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id!16836

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYxDdT9zjgjWX9erEAQh7ShAAla4hzjBXI+Ba9Y0IIr/1QLR9/2LVV/dv  
bLPDnfzxcNivBlEKwifFvrti0mT+Br9bv6UV9aFa8IowlUUwP71grZm/Rx/hO1kH  
a7RFxGCJZ+LqDVr9jDpiGe9yOu1cb6b+hMhpzKwvO/KsAfxu70o9MjXdds0CV0qH  
inRChminbpkVEf8GIZOUDuQcq5IEd3Zo/JzD7wjgf3CHe1iC2f98t0WbCEjSmERG  
1wh2W5ht05cW7iZPj4Oo8SOj4RRSVqUhoWhapZG9HO+E9QGCIeX39sMz8ICRCosi  
fKNor4OEMCpt52u6UlJg+1a3fQNXIVoUav6dZNEKOLx/bRr0kZMpyOSHC+pqLiuY  
rcosCtUvUhBbsKgIu7iE3GWDfCbToJoBBXlD7e+8wzvTXEAE/wjI0RprBE4ceabZ  
OniXom8txVgUwEqWvyf+UwagcEfYv2Nip8blAJPzEHQ8O3zO9CxuvsblPKJD4IYa  
V9D4cxw8+RXdAGOW+d0FNDuf0dJo86weF+iCn4TteIU4boq5iQ9321Lc6b8bBSz9  
8adhTzhtyQeCDrHqqnSQndnNDG0jAYBlXECKCo01IlGHy2s1SlXflDZoGNKjmv8v  
qY1VN00xR+T3iASGH6ksp4oXAqfZRh7KvEDE3Zmsu1Bq+2LImKSHNOCXzhPa/4FT  
5/AkhU6ibu4=OieI  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-6312-01

Red Hat Security Advisory 2022-6313-01 - The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Issues addressed include a privilege escalation vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: pcs security update  
Advisory ID:       RHSA-2022:6313-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:6313  
Issue date:        2022-09-01  
CVE Names:         CVE-2022-2735  
====================================================================  
1. Summary:

An update for pcs is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux High Availability (v. 9) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux Resilient Storage (v. 9) - ppc64le, s390x, x86_64

3. Description:

The pcs packages provide a command-line configuration system for the  
Pacemaker and Corosync utilities.

Security Fix(es):

* pcs: obtaining an authentication token for hacluster user could lead to  
privilege escalation (CVE-2022-2735)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2116815 - CVE-2022-2735 pcs: obtaining an authentication token for hacluster user could lead to privilege escalation

6. Package List:

Red Hat Enterprise Linux High Availability (v. 9):

Source:  
pcs-0.11.1-10.el9_0.2.src.rpm

aarch64:  
pcs-0.11.1-10.el9_0.2.aarch64.rpm  
pcs-snmp-0.11.1-10.el9_0.2.aarch64.rpm

ppc64le:  
pcs-0.11.1-10.el9_0.2.ppc64le.rpm  
pcs-snmp-0.11.1-10.el9_0.2.ppc64le.rpm

s390x:  
pcs-0.11.1-10.el9_0.2.s390x.rpm  
pcs-snmp-0.11.1-10.el9_0.2.s390x.rpm

x86_64:  
pcs-0.11.1-10.el9_0.2.x86_64.rpm  
pcs-snmp-0.11.1-10.el9_0.2.x86_64.rpm

Red Hat Enterprise Linux Resilient Storage (v. 9):

Source:  
pcs-0.11.1-10.el9_0.2.src.rpm

ppc64le:  
pcs-0.11.1-10.el9_0.2.ppc64le.rpm  
pcs-snmp-0.11.1-10.el9_0.2.ppc64le.rpm

s390x:  
pcs-0.11.1-10.el9_0.2.s390x.rpm  
pcs-snmp-0.11.1-10.el9_0.2.s390x.rpm

x86_64:  
pcs-0.11.1-10.el9_0.2.x86_64.rpm  
pcs-snmp-0.11.1-10.el9_0.2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-2735  
https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id!16839

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYxDdStzjgjWX9erEAQjUJg/9Hov0AK9DBgtNQt6oxIIrWhs7TYvehdzJ  
qIPh1BbZmyuRrOMM1a7hrMH9UYfBK0pwrXs+U0NkY6NjKflQq3VKAi1nGuZbLy3r  
tkX032KlknHbSDVyHUl8mKsPRVYW/obelia23F22IIAXdjU/aEY3UzGMwQGW9lh9  
CVKVNu2/fDhZtII7AUJw5UlOdvlMSaeND0RmqiOhRJSoaE8jP2pLklL1Q4L48txX  
Dhyq2CzCgGBHSkcZ6Yn3FRus1kTRRDjIMQABLZVSSsZF8xTMI3EDPmagl8ynS5uE  
LZk5k3BNNGXsyP8sF23iZ66z5Ue7mFbqioRcY8pSrkOZ9nM66S5+TA3TNmeK0Gde  
Pxhdryo9Btu1Tkku7NwaY1uZD14wgj4O6gTCDSoPQy+PcbUKlOxDm3DBCfZwHl4r  
BB2qOmbSkBUcYLV10qPzdik8UTl64dB2z7DXWSy3nqpD0avTnDe66JwXcBYmVK44  
DaVWe2YKfkNtQQJ3mf2WuFqRmcuOSUQloWJvTmlzDwSy7kpBJTDCfnBQORIbkYa7  
eIc8PUj0GjfZqRZ7Ku+y0UKR0UOpXLtm4V0TsdAF9V6kbLd4aA7Y1tP+3RyFfsTR  
SMl77kwTVV52m1KZ1bLC6hEnWMKk9MdaZhY+HFSKWy9nkYwmtV42YR1UXcBeJ5OU  
CQXUykjXU9c=KFjU  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-6313-01

Red Hat Security Advisory 2022-6152-01 - Secondary Scheduler Operator for Red Hat OpenShift 1.1.0.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: Secondary Scheduler Operator for Red Hat OpenShift 1.1.0 security update  
Advisory ID:       RHSA-2022:6152-01  
Product:           OSSO  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:6152  
Issue date:        2022-09-01  
CVE Names:         CVE-2022-1705 CVE-2022-1962 CVE-2022-24675  
                   CVE-2022-28131 CVE-2022-28327 CVE-2022-30629  
                   CVE-2022-30630 CVE-2022-30631 CVE-2022-30632  
                   CVE-2022-30633 CVE-2022-30635 CVE-2022-32148  
====================================================================  
1. Summary:

Secondary Scheduler Operator for Red Hat OpenShift 1.1.0

Red Hat Product Security has rated this update as having a security impact  
of  
Important. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a  
detailed severity rating, is available for each vulnerability from the CVE  
link(s) in the References section.

2. Description:

Secondary Scheduler Operator for Red Hat OpenShift 1.1.0

Security Fix(es):

* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)  
* golang: net/http: improper sanitization of Transfer-Encoding header  
(CVE-2022-1705)  
* golang: go/parser: stack exhaustion in all Parse* functions  
(CVE-2022-1962)  
* golang: encoding/pem: fix stack overflow in Decode (CVE-2022-24675)  
* golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)  
* golang: crypto/elliptic: panic caused by oversized scalar  
(CVE-2022-28327)  
* golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)  
* golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)  
* golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)  
* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)  
* golang: net/http/httputil: NewSingleHostReverseProxy - omit  
X-Forwarded-For not working (CVE-2022-32148)  
* golang: crypto/tls: session tickets lack random ticket_age_add  
(CVE-2022-30629)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s)  
listed in the References section.

3. Solution:

For Secondary Scheduler Operator 1.1.0 see the following documentation,  
which  
will be updated shortly, for detailed release notes:

For more information on Secondary Scheduler Operator for Red Hat OpenShift  
1.1.0, see the following release notes:

https://docs.openshift.com/container-platform/4.11/nodes/scheduling/secondary_scheduler/nodes-secondary-scheduler-release-notes.html#secondary-scheduler-operator-release-notes-1.1.0

4. Bugs fixed (https://bugzilla.redhat.com/):

2077688 - CVE-2022-24675 golang: encoding/pem: fix stack overflow in Decode  
2077689 - CVE-2022-28327 golang: crypto/elliptic: panic caused by oversized scalar  
2092793 - CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add  
2105001 - [SSO] Secondary scheduler version is shown as unknown in the operator logs  
2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read  
2107371 - CVE-2022-30630 golang: io/fs: stack exhaustion in Glob  
2107374 - CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header  
2107376 - CVE-2022-1962 golang: go/parser: stack exhaustion in all Parse* functions  
2107383 - CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working  
2107386 - CVE-2022-30632 golang: path/filepath: stack exhaustion in Glob  
2107388 - CVE-2022-30635 golang: encoding/gob: stack exhaustion in Decoder.Decode  
2107390 - CVE-2022-28131 golang: encoding/xml: stack exhaustion in Decoder.Skip  
2107392 - CVE-2022-30633 golang: encoding/xml: stack exhaustion in Unmarshal

5. JIRA issues fixed (https://issues.jboss.org/):

WRKLDS-466 - Secondary Scheduler Operator for Red Hat OpenShift 1.1 release

6. References:

https://access.redhat.com/security/cve/CVE-2022-1705  
https://access.redhat.com/security/cve/CVE-2022-1962  
https://access.redhat.com/security/cve/CVE-2022-24675  
https://access.redhat.com/security/cve/CVE-2022-28131  
https://access.redhat.com/security/cve/CVE-2022-28327  
https://access.redhat.com/security/cve/CVE-2022-30629  
https://access.redhat.com/security/cve/CVE-2022-30630  
https://access.redhat.com/security/cve/CVE-2022-30631  
https://access.redhat.com/security/cve/CVE-2022-30632  
https://access.redhat.com/security/cve/CVE-2022-30633  
https://access.redhat.com/security/cve/CVE-2022-30635  
https://access.redhat.com/security/cve/CVE-2022-32148  
https://access.redhat.com/security/updates/classification/#important

7. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYxCI69zjgjWX9erEAQhXXxAAosQlZxGWGILaGuYUJr/S/jXROYtor0Wv  
z8na9oZNTgJG086tiPehf+HAUIbwIRlExUg/fI0TkkQILou0JDqDKbMfxuvZ3You  
vgUzKoLHnf541JJp1tjLFbHl+dcG1ohoXEFdh6UpmhxILu56hnC7jB7hfAXnye/E  
wIwwtRkG7tzS2f81vFG1TwWunVddvtNy6ITnqkBLWvjRP0ihk6mBt4iBz4NOKYFi  
x/7TRZUGV+ILeP++g7qsbehOwZLj2p9NzqE2cRw/A1DP3WVRglKaGuhd46kR9mtn  
o0LK9jSBJ0QMPXDvEk52PU4J8yDqhhvTWSeCrFg0rwC3Xd3/41xxKTo9htbLOHfQ  
Ei359sevhBTpLH1sdS7/jjmd8jMYe9CZXxk0Ck87e+T17MXOyKVHSsMFjZR1Pgfu  
wXAMZaIut1l23RA+3T79jYUnrbB+zD4rDk5mwLuurO8n6y7Bw1Dr1Rr2r1mKgr7N  
rxIpHDhw2nWjEhnhl91+2r2ucLvfD6qqsdnV58XTKdLUqNbYAOL1p3tGljqmUVsH  
f2YWDoEc3LpbVoT12xbxqnmJRQGmWwfsNRY4tr6w+qVHgKjBAjMGaDhd4gIVEuGi  
08mdVFBRqUPBbkIZu9ku5Eh8dgg2NcOFN1naDYb3AaNJp7+garNbcGFL1lIK0cBM  
ZO93shdrUmc=3goO  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-6152-01

Apple Security Advisory 2022-08-31-1 - iOS 12.5.6 addresses code execution and out of bounds write vulnerabilities.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256APPLE-SA-2022-08-31-1 iOS 12.5.6iOS 12.5.6 addresses the following issues.Information about the security content is also available athttps://support.apple.com/HT213428.iOS 12 is not impacted by CVE-2022-32894.WebKitAvailable for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPadmini 2, iPad mini 3, and iPod touch (6th generation)Impact: Processing maliciously crafted web content may lead toarbitrary code execution. Apple is aware of a report that this issuemay have been actively exploited.Description: An out-of-bounds write issue was addressed with improvedbounds checking.WebKit Bugzilla: 243557CVE-2022-32893: an anonymous researcherThis update is available through iTunes and Software Update on youriOS device, and will not appear in your computer's Software Updateapplication, or in the Apple Downloads site. Make sure you have anInternet connection and have installed the latest version of iTunesfrom https://www.apple.com/itunes/  iTunes and Software Update on thedevice will automatically check Apple's update server on its weeklyschedule. When an update is detected, it is downloaded and the optionto be installed is presented to the user when the iOS device isdocked. We recommend applying the update immediately if possible.Selecting Don't Install will present the option the next time youconnect your iOS device.  The automatic update process may take up toa week depending on the day that iTunes or the device checks forupdates. You may manually obtain the update via the Check for Updatesbutton within iTunes, or the Software Update on your device.  Tocheck that the iPhone, iPod touch, or iPad has been updated:  *Navigate to Settings * Select General * Select About. The versionafter applying this update will be "iOS 12.5.6".All information is also posted on the Apple Security Updatesweb site: https://support.apple.com/en-us/HT201222.This message is signed with Apple's Product Security PGP key,and details are available at:https://www.apple.com/support/security/pgp/-----BEGIN PGP SIGNATURE-----iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmMPsMkACgkQ4RjMIDkeNxmXTQ//TeGVIwqrnMbCv1iIzp5NfxAMYv0pnALmXOkXFFEWLmowM3zGknGHYk5SHyMTDhpbMVEoNtyY/CKH71gZC08mt7p13Y08lbAphMZzbsSvsEjnxiKHE1cqaIp+Txv9kZXHo4C1xT2LSJtfxy9EgF6aqjD8nYgNUueE8vZUg7KIOYdnCPACcGuWOonGNkg4bsgGhMHuWay7Om6kjoyYv2AVDisfaF4lkFKD+c+5E1A2BYbz+OQt68XLqFT9LZJY8LvUTWuYC6dmaZ3VJKDmlu3fybWyn1EAL5tpYzgEwmR/ooRkRuDWI4muj+Mm+WfuQdF53RlKSB91Mw1djMJu2puhcNkVNjLKiz22XFqt3MXaYkAcx/Ih7Bvt9AjgGkH+asd7HvgODgiQNXq/PTz6+7JUx8XHlef+efBjIITNuAbTBO1bvdaojUQ8rd3QpWXIUoMht6YlzYETf/ZeyZOvltIIdHxFnplh7YBI4Alw11NFFXeUyynjSQc14/Q0ne1LT/JBNxaT0s8tudyRiqOZGn+xdgsDA63lWnOcuoqSCDEXlNhkJECFr492xzsApe93jpskXfMeAw8FNXhl8UrRav5TbxOhMz60lac6hO7KPodbKh2fiIYZairZrEJhWrAmWos4/sYLMQyafQSCkTs7sy2jNQxjMWPhoZhsXZTy/w/ty1g=/yG9-----END PGP SIGNATURE-----

Apple Security Advisory 2022-08-31-1

Red Hat Security Advisory 2022-6277-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation. This advisory covers the RPM packages for the release. Issues addressed include denial of service and traversal vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: Red Hat OpenShift Service Mesh 2.1.5 security update  
Advisory ID:       RHSA-2022:6277-01  
Product:           Red Hat OpenShift Service Mesh  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:6277  
Issue date:        2022-08-31  
CVE Names:         CVE-2022-24675 CVE-2022-24785 CVE-2022-24921  
                   CVE-2022-28327 CVE-2022-29526 CVE-2022-30629  
                   CVE-2022-31129  
====================================================================  
1. Summary:

Red Hat OpenShift Service Mesh 2.1.5

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

OpenShift Service Mesh 2.1 - noarch, ppc64le, s390x, x86_64

3. Description:

Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio  
service mesh project, tailored for installation into an OpenShift Container  
Platform installation.

This advisory covers the RPM packages for the release.

Security Fix(es):

* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)  
* golang: encoding/pem: fix stack overflow in Decode (CVE-2022-24675)  
* moment: Moment.js: Path traversal in moment.locale (CVE-2022-24785)  
* golang: regexp: stack exhaustion via a deeply nested expression  
(CVE-2022-24921)  
* golang: crypto/elliptic: panic caused by oversized scalar  
(CVE-2022-28327)  
* golang: syscall: faccessat checks wrong group (CVE-2022-29526)  
* golang: crypto/tls: session tickets lack random ticket_age_add  
(CVE-2022-30629)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

The OpenShift Service Mesh Release Notes provide information on the  
features and known issues:

https://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html

5. Bugs fixed (https://bugzilla.redhat.com/):

2064857 - CVE-2022-24921 golang: regexp: stack exhaustion via a deeply nested expression  
2072009 - CVE-2022-24785 Moment.js: Path traversal  in moment.locale  
2077688 - CVE-2022-24675 golang: encoding/pem: fix stack overflow in Decode  
2077689 - CVE-2022-28327 golang: crypto/elliptic: panic caused by oversized scalar  
2084085 - CVE-2022-29526 golang: syscall: faccessat checks wrong group  
2092793 - CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add  
2105075 - CVE-2022-31129 moment: inefficient parsing algorithm resulting in DoS

6. Package List:

OpenShift Service Mesh 2.1:

Source:  
servicemesh-2.1.5-1.el8.src.rpm  
servicemesh-operator-2.1.5-1.el8.src.rpm  
servicemesh-prometheus-2.23.0-9.el8.src.rpm  
servicemesh-proxy-2.1.5-1.el8.src.rpm  
servicemesh-ratelimit-2.1.5-1.el8.src.rpm

noarch:  
servicemesh-proxy-wasm-2.1.5-1.el8.noarch.rpm

ppc64le:  
servicemesh-2.1.5-1.el8.ppc64le.rpm  
servicemesh-cni-2.1.5-1.el8.ppc64le.rpm  
servicemesh-operator-2.1.5-1.el8.ppc64le.rpm  
servicemesh-pilot-agent-2.1.5-1.el8.ppc64le.rpm  
servicemesh-pilot-discovery-2.1.5-1.el8.ppc64le.rpm  
servicemesh-prometheus-2.23.0-9.el8.ppc64le.rpm  
servicemesh-proxy-2.1.5-1.el8.ppc64le.rpm  
servicemesh-proxy-debuginfo-2.1.5-1.el8.ppc64le.rpm  
servicemesh-proxy-debugsource-2.1.5-1.el8.ppc64le.rpm  
servicemesh-ratelimit-2.1.5-1.el8.ppc64le.rpm

s390x:  
servicemesh-2.1.5-1.el8.s390x.rpm  
servicemesh-cni-2.1.5-1.el8.s390x.rpm  
servicemesh-operator-2.1.5-1.el8.s390x.rpm  
servicemesh-pilot-agent-2.1.5-1.el8.s390x.rpm  
servicemesh-pilot-discovery-2.1.5-1.el8.s390x.rpm  
servicemesh-prometheus-2.23.0-9.el8.s390x.rpm  
servicemesh-proxy-2.1.5-1.el8.s390x.rpm  
servicemesh-proxy-debuginfo-2.1.5-1.el8.s390x.rpm  
servicemesh-proxy-debugsource-2.1.5-1.el8.s390x.rpm  
servicemesh-ratelimit-2.1.5-1.el8.s390x.rpm

x86_64:  
servicemesh-2.1.5-1.el8.x86_64.rpm  
servicemesh-cni-2.1.5-1.el8.x86_64.rpm  
servicemesh-operator-2.1.5-1.el8.x86_64.rpm  
servicemesh-pilot-agent-2.1.5-1.el8.x86_64.rpm  
servicemesh-pilot-discovery-2.1.5-1.el8.x86_64.rpm  
servicemesh-prometheus-2.23.0-9.el8.x86_64.rpm  
servicemesh-proxy-2.1.5-1.el8.x86_64.rpm  
servicemesh-proxy-debuginfo-2.1.5-1.el8.x86_64.rpm  
servicemesh-proxy-debugsource-2.1.5-1.el8.x86_64.rpm  
servicemesh-ratelimit-2.1.5-1.el8.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-24675  
https://access.redhat.com/security/cve/CVE-2022-24785  
https://access.redhat.com/security/cve/CVE-2022-24921  
https://access.redhat.com/security/cve/CVE-2022-28327  
https://access.redhat.com/security/cve/CVE-2022-29526  
https://access.redhat.com/security/cve/CVE-2022-30629  
https://access.redhat.com/security/cve/CVE-2022-31129  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYw/gI9zjgjWX9erEAQifIQ//YwnTe6Nn5vgn9won2gFtjcCtUJV8lsqD  
+SB1rTd4vlU8qu6uX0lIWKy3AE8EBcb/kGO47Qyah8H+/AG1mTWpRz3KAYVeHUXx  
vBni5XNsgd7nw9jGf1mPLaGPzS0wB1DB07FzdrNqWXp/CZJTLidzG8wHO27TzTFD  
Rnjq+MHQ3lnjrotjwsk9YgT1jxirHUKK0t5S6/xPxMRmPQeA67Rtqfwydx4l9rDk  
npKrDczBAHNM1jgdF9OQGq5EOSDrzlcCmac5KmJbqjLU7E9JyKeqxd4GhnswfJM+  
WMhpzNnp7+NrACDY1Iyrkvj84mri/wby1AzW5YMSdlbWbdMD0VraIAUl2VFTumm9  
i28sJsoA6YIgSjNwtr4tfsrMPAaB7z/geHr1GXGXOQVkVe4HDw1q/RSXRdKSsosj  
AN7M2FFM5lenJCFbCJVtDWQW8AMrT0YQ2POfr4bMf8FaB6yWlzkk/OgqcBp1FjAh  
H7fNMFiHAVxSf63dL/9okP1J6ibUvdDHzoLT2Pg4jSGnbs9J9nJUfKceLOc7JK3D  
2x7WaRludd40qFZKYj4lPeHeTDzKay55Xv/yvToZegzPVW9JXLCiRcr2HJI82Ow0  
WpbCY7x7qpWYKJShE9nxVq8DrFdGNmb6wrL85KocT5KBNRMWwXUk/cFQZTjAUJ/K  
Zr5mAm3CAjw=QTJn  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-6277-01

Red Hat Security Advisory 2022-6272-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation. This advisory covers the RPM packages for the release. Issues addressed include denial of service and traversal vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: Red Hat OpenShift Service Mesh 2.0.11 security update  
Advisory ID:       RHSA-2022:6272-01  
Product:           Red Hat OpenShift Service Mesh  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:6272  
Issue date:        2022-08-31  
CVE Names:         CVE-2022-24785 CVE-2022-31129  
====================================================================  
1. Summary:

An update is now available for Red Hat OpenShift Service Mesh 2.0.11.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

2.0 - ppc64le, s390x, x86_64

3. Description:

Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio  
service mesh project, tailored for installation into an OpenShift Container  
Platform installation.

This advisory covers the RPM packages for the release.

Security Fix(es):

* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)  
* Moment.js: Path traversal in moment.locale (CVE-2022-24785)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

The OpenShift Service Mesh release notes provide information on the  
features and known issues:

https://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html

5. Bugs fixed (https://bugzilla.redhat.com/):

2072009 - CVE-2022-24785 Moment.js: Path traversal  in moment.locale  
2105075 - CVE-2022-31129 moment: inefficient parsing algorithm resulting in DoS

6. JIRA issues fixed (https://issues.jboss.org/):

OSSM-1864 - RPM Release for Maistra 2.0.11

7. Package List:

2.0:

Source:  
servicemesh-2.0.11-1.el8.src.rpm  
servicemesh-cni-2.0.11-1.el8.src.rpm  
servicemesh-operator-2.0.11-1.el8.src.rpm  
servicemesh-prometheus-2.14.0-18.el8.1.src.rpm  
servicemesh-proxy-2.0.11-1.el8.src.rpm

ppc64le:  
servicemesh-2.0.11-1.el8.ppc64le.rpm  
servicemesh-cni-2.0.11-1.el8.ppc64le.rpm  
servicemesh-istioctl-2.0.11-1.el8.ppc64le.rpm  
servicemesh-mixc-2.0.11-1.el8.ppc64le.rpm  
servicemesh-mixs-2.0.11-1.el8.ppc64le.rpm  
servicemesh-operator-2.0.11-1.el8.ppc64le.rpm  
servicemesh-pilot-agent-2.0.11-1.el8.ppc64le.rpm  
servicemesh-pilot-discovery-2.0.11-1.el8.ppc64le.rpm  
servicemesh-prometheus-2.14.0-18.el8.1.ppc64le.rpm  
servicemesh-proxy-2.0.11-1.el8.ppc64le.rpm

s390x:  
servicemesh-2.0.11-1.el8.s390x.rpm  
servicemesh-cni-2.0.11-1.el8.s390x.rpm  
servicemesh-istioctl-2.0.11-1.el8.s390x.rpm  
servicemesh-mixc-2.0.11-1.el8.s390x.rpm  
servicemesh-mixs-2.0.11-1.el8.s390x.rpm  
servicemesh-operator-2.0.11-1.el8.s390x.rpm  
servicemesh-pilot-agent-2.0.11-1.el8.s390x.rpm  
servicemesh-pilot-discovery-2.0.11-1.el8.s390x.rpm  
servicemesh-prometheus-2.14.0-18.el8.1.s390x.rpm  
servicemesh-proxy-2.0.11-1.el8.s390x.rpm

x86_64:  
servicemesh-2.0.11-1.el8.x86_64.rpm  
servicemesh-cni-2.0.11-1.el8.x86_64.rpm  
servicemesh-istioctl-2.0.11-1.el8.x86_64.rpm  
servicemesh-mixc-2.0.11-1.el8.x86_64.rpm  
servicemesh-mixs-2.0.11-1.el8.x86_64.rpm  
servicemesh-operator-2.0.11-1.el8.x86_64.rpm  
servicemesh-pilot-agent-2.0.11-1.el8.x86_64.rpm  
servicemesh-pilot-discovery-2.0.11-1.el8.x86_64.rpm  
servicemesh-prometheus-2.14.0-18.el8.1.x86_64.rpm  
servicemesh-proxy-2.0.11-1.el8.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

8. References:

https://access.redhat.com/security/cve/CVE-2022-24785  
https://access.redhat.com/security/cve/CVE-2022-31129  
https://access.redhat.com/security/updates/classification/#moderate

9. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYw+LudzjgjWX9erEAQimJA//YxGrkJ7ZLyJTwbhWfuH4etK/uvnFp7ZU  
yY+IDwtoifbVtS7LLwFuouOJ3DhAfcZfYUJjTSU7LeygrVdv9CcskDeKzMGVSp1p  
XejRfkWguwgOQfRibOIWusfqGfN9URb67JgRst3vBj0VpRcEVS5Oh+JPyxR2RiLQ  
keRIoHcJj+4YeUlu2Bq7/RuRv1AkFhzsFiY2zc4urrtWzyl6m0Uo6gVqbJ/M7f67  
fAs6tSrPtqv0HGEyle+eBCDxGOjhBqU3B4LmaVn2f4Djkwnz61JSAO1VUwjTDZqj  
OQiqyT+SxfkKrBC9dYzxAuGDTq7Zjsz2/cZup4oOxmlc8NkqOaAr4TPQUlriuD3s  
HdJDdSxA43Vn7vfwkPpj9hAu5X90VJ3hw0rraSdQeR2yfiJpnJBpWzxMaugmAiEw  
7Blp98XYEQ32J1ilJ3Y6OfZ6fVuKqwAYLqf7CKi6P02SkKe9XKdbPj4YRFL8sl1w  
SSAoj8PAJopZt9+bdII3nzRKIb3vpzuh99B03YRDQ+XNabtr+IYEBn+4W5vdIMCu  
wDJ51sIABOsBxq3n/m31FoCHbeV/0Dy5NXFqjw2tBrMoD6Ax+Fk2ERd8KI8X3omD  
UAmHxp3YfELrgzfGo7Fq5pNhFG+HIrwDzI+WlMjPTtKg9H5rIFysYpKMYnh/8h7L  
uq8ENVfZoz8=OMv7  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-6272-01

Red Hat Security Advisory 2022-6268-01 - The convert2rhel package provides the Convert2RHEL utility, which performs operating system conversion. During the conversion process, Convert2RHEL replaces all RPM packages from the original Linux distribution with their Red Hat Enterprise Linux versions.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: convert2rhel security, bug fix, and enhancement update  
Advisory ID:       RHSA-2022:6268-01  
Product:           Convert2RHEL  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:6268  
Issue date:        2022-08-31  
CVE Names:         CVE-2022-0851  
====================================================================  
1. Summary:

An update for convert2rhel is now available for Convert2RHEL for RHEL-7.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Convert2RHEL for RHEL-7 - noarch

3. Description:

The convert2rhel package provides the Convert2RHEL utility, which performs  
operating system conversion. During the conversion process, Convert2RHEL  
replaces all RPM packages from the original Linux distribution with their  
Red Hat Enteprise Linux versions.

Security Fix(es):

* convert2rhel: Activation key passed via command line by code  
(CVE-2022-0851)

Bug Fix(es):

* Conversion fails due to gnome-documents-libs conflict (BZ#2043724)  
* Using dbus API for RHSM registration to safely pass the activation key  
* Verifying GPG key for UBI repositories

Deprecation:

* Deprecated `-f|--password-from-file` parameter option

Enhancement(s):

* Checking if a new version of convert2rhel is available  
* Warning if multiple authentication sources are specified  
* Fixed logging error with unavailable RHSM certificate  
* Fixed gnome-documents-libs package conflict  
* Fixed handling shim-x64 package protection on non-UEFI systems

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2043724 - Conversion fails due to gnome-documents-libs conflict  
2060217 - CVE-2022-0851 convert2rhel: Activation key passed via command line by code

6. JIRA issues fixed (https://issues.jboss.org/):

RHELC-700 - Move yum clean metadata and yum makecache to the beginning of conversion  
RHELC-701 - Unknown tag in rpm query format call  
RHELC-702 - Incorrectly logging error with unavailable RHSM certificate  
RHELC-703 - Use dbus API for RHSM registration  
RHELC-704 - Update grub bootloader images  
RHELC-705 - Check for a new version available  
RHELC-706 - Add the ability to take the activation key from a config file rather than the command line  
RHELC-707 - Check whether the user has specified multiple authentication sources and warn if so  
RHELC-708 - Remove UEFI condition from shim-x64 workaround

7. Package List:

Convert2RHEL for RHEL-7:

Source:  
convert2rhel-1.0-1.el7.src.rpm

noarch:  
convert2rhel-1.0-1.el7.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

8. References:

https://access.redhat.com/security/cve/CVE-2022-0851  
https://access.redhat.com/security/updates/classification/#moderate

9. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYw+LzNzjgjWX9erEAQiQrxAAhQYSSCd/8idpwx/5UdPzZsvKcZujBl6Q  
anuflYs/d/P5V6bnw4YOzgVxtVzHAzQ5ea3fWKvaA2GO680cQWTYHPvlFzA0yVeS  
/teg8pmcQ8RQAiU3nZ7xa2G8YRfZReTARADQbUeZBF3DA+FzVc0zxP+bplRDeNTN  
Jd9JZlYFs17F2VIJLJou944mr8en3X2Du7i5Ui0fHMBxmB0kHhmb3rD9kccDjKQP  
KzIZFl+Tn+EXyw5wNG0zXPvBuqDEMDWH2y6QYMyYDLxGRFQfaulxdVzg++BQbKD1  
GAewTQzBhxpgvo5yWV4M9BmhrwoKxu8hMHIsx32VaAvNRG+wXJxHutwdV7vlyvf9  
qU/ApWpNeriVQC2jmTC+4arAslZyz3JixPSF1ybsVr07MmB/xTNh+ywaAXH8KBac  
+Q38S5h/bsp4dCWKjzjDofUoolTa6bRP2Hl8J6nHvfY5jKZb+2Nkg2LE1ouwniQ5  
j907YHXHUO8EEhEbWxR+kVAOTItIrwBa/3znnXeN7ipmCJOIvvoRcNAkTDFgo5mV  
oEJx5jrabmawCbIWYbHGh6oVZ8jrj9T8WEl5x0frNFl4bZ2S2rHjS6DNCs+eAa61  
5ZkeC1Emr3oLmT7jQkqpztpgeiQGzIymVWH2ItD74niCJ4Z8psN05/OTYkU6wqqG  
qwyhzhQSx/0=PhnH  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Tag

#js