Debian Linux Security Advisory 5576-2 - The initial fix for CVE-2023-6377 as applied in DSA 5576-1 did not fully fix the vulnerability. Updated packages correcting this issue including the upstream merged commit are now available.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5576-2                   security@debian.org  
https://www.debian.org/security/                     Salvatore Bonaccorso  
December 17, 2023                     https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : xorg-server  
CVE ID         : CVE-2023-6377

The initial fix for CVE-2023-6377 as applied in DSA 5576-1 did not fully  
fix the vulnerability. Updated packages correcting this issue including  
the upstream merged commit are now available.

For the oldstable distribution (bullseye), this problem has been fixed  
in version 2:1.20.11-1+deb11u10.

For the stable distribution (bookworm), this problem has been fixed in  
version 2:21.1.7-3+deb12u4.

We recommend that you upgrade your xorg-server packages.

For the detailed security status of xorg-server please refer to its  
security tracker page at:  
https://security-tracker.debian.org/tracker/xorg-server

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmV+8INfFIAAAAAALgAo  
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2  
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND  
z0RTSRAAmuUhWkJzbFNJZzIZxvPxX4grTvBw5TlvOs9VovPtHWmlvnqzIvA3Q47Z  
6asqdnWqTgEamK3Bgb/+s6qOzqK4G8cRtP1dq1dvg/OimwKRY96x/Z6+aySW4UEC  
SPDroT7AXAEMPzYMbgsZh+SIfQLtevEKf0SiuFpF3/e5qWajpZspn+/1o/WEGvxY  
CqjX+fOrXTWaR17faUiV8fCyZn0ApXv/XSnimgSXniYiK8tmXWNMbl4lyhP1XTuc  
NP3wNU0NFmsOXJNtxqpz/IQUvS/OzkNye9v9s/usmigLBlVo7J0wwM7r2d/BMVpt  
PiwBgo6vFf67l53X7iSG6OkMWUazmO5K9xEGuOdHsmKkZg96V7mJPyuSfsk8vXrN  
aXsHBXk4EwbYFcGXpH8l62GJ5QwzhYnlwIvmGh+DuQbrI6bk/wOdTVe99PbduGm8  
tftGQFryg9Uy5KHyegMl9zR7jT/KkE/hGEB9KCwyWVPYmUxAEo5WMRL0YFMH2R4n  
4luimBbgLMTi7yWmkG7TLgfedPOvW6cJxs5Qnft0DH0q1sJVYinZ0nvfdCPROF2N  
+t2Ko/oDHSyD+ylX9h4VVKoI505cqvdn1mzGXRa8O7d0nyA0O5OPF+2MJPTlvn1d  
qmcbU1om+fKAdZdSIkHF4cZ3yymmQYoc0udUJk1q2csLOivks2A=  
=pTcv  
-----END PGP SIGNATURE-----

Debian Security Advisory 5576-2

Debian Linux Security Advisory 5578-1 - It was discovered that Ghostscript, the GPL PostScript/PDF interpreter, does not properly handle errors in the gdev_prn_open_printer_seekable() function, which could result in the execution of arbitrary commands if malformed document files are processed.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5578-1                   security@debian.orghttps://www.debian.org/security/                     Salvatore BonaccorsoDecember 15, 2023                     https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : ghostscriptCVE ID         : CVE-2023-46751It was discovered that Ghostscript, the GPL PostScript/PDF interpreter,does not properly handle errors in the gdev_prn_open_printer_seekable()function, which could result in the execution of arbitrary commands ifmalformed document files are processed.For the stable distribution (bookworm), this problem has been fixed inversion 10.0.0~dfsg-11+deb12u3.We recommend that you upgrade your ghostscript packages.For the detailed security status of ghostscript please refer to itssecurity tracker page at:https://security-tracker.debian.org/tracker/ghostscriptFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmV8yaFfFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xNDz0TAJg//dwWvcufMw6RfXljQUkeYvT0LHK8QqRPD7Hv64h+OYGV3O5ptm6vMsWQN2PEhtrkfQdl7zSugPHcBb0w2M7ZhzwvtbTgVCy0ljnLqucH1H5sE6MEy81hy2UXHc6Cu67h5pbvTaqFE+NhtLpd3ewAhTjTYvIKewm5izrk4XYIr9pzsNWGJACZoX2Pd5qgCdmkPLm8yCBsZp8J5zNxRNr1z9SWp61o6QWkvdaUGRvUe83/5hn3nS+14dgA/0W/3REra8w5kr6tzYdqd2Xwwr/fYYC091XdPejykI/Bv/nxBc6+B+cI8vw+kpqgmptspuN7LbrjkdQ8ovz1xoDQyyhWt/gVLraNP5Hy/KvX89XF/C+HEeUPDELGJkLMiAIsLzz7NkJ/iOPAiQNk9Qr0/k+Vz9ThTKrFRTCu1CaHOuTB2dzrYfXpJCBktzls7t1fsDgGlDabR3fYX5WhvRABTFn2yxSl1KVcKfnRZvF3z2kSoQlj9Jqb/IrVdNm4N21w+2C52fZAHqVv5ccTE7OncKXddevvPXacq8eZuOTSJJAuhgxqIQyetfYABOdEWeIPxc/lvfvaD+O8jDxXQR2Xs9Gf3dMgk9BZCUMkPsK02JXJIfq7rCjk5pnHacv7lWS14r23/EPPXhEn9Sb78Jvn4YrDF1hC1fPiBVulZteMWiRhEWNQ==Vah7-----END PGP SIGNATURE-----

Debian Security Advisory 5578-1

A buffer overflow in websockets in UnrealIRCd 6.1.0 through 6.1.3 before 6.1.4 allows an unauthenticated remote attacker to crash the server by sending an oversized packet (if a websocket port is open). Remote code execution might be possible on some uncommon, older platforms.

CVE-2023-50784: UnrealIRCd - The most widely deployed IRC server

By Deeba Ahmed
The malware, dubbed NKAbuse, uses New Kind of Network (NKN) technology, a blockchain-powered peer-to-peer network protocol to spread its infection.
This is a post from HackRead.com Read the original post: New ‘NKAbuse’ Linux Malware Uses Blockchain Technology to Spread

Cybersecurity researchers from Kaspersky’s Global Emergency Response Team (GERT) have identified that the NKAbuse malware is actively targeting devices in Colombia, Mexico, and Vietnam.

Kaspersky’s Global Emergency Response Team (GERT) has discovered a new multiplatform malware threat that uses innovative tactics to hijack victims. The malware, dubbed NKAbuse, uses New Kind of Network (NKN) technology, a blockchain-powered peer-to-peer network protocol to spread its infection.

NKAbuse is a Go-based backdoor used as a botnet to target Linux desktops and potentially IoT devices. The malware allows attackers to launch Distributed Denial of Service (DDoS) attacks or fling remote access trojans (RATs).

It is worth noting that the backdoor relies on NKN for anonymous yet reliable data exchange. For your information, NKN is an open-source protocol that allows peer-to-peer data exchange over a public blockchain with over 60,000 active nodes. It aims to provide a decentralized alternative to client-to-server methods while preserving speed and privacy.

The botnet can carry out flooding attacks using the 60,000 official nodes and links back to its C2 (command & control) servers. It features an extensive arsenal of DDoS attacks and multiple features to turn into a powerful backdoor or RAT.

The malware implant creates a structure called “Heartbeat” that communicates with the bot master regularly. It stores information about the infected host, including the victim’s PID, IP address, free memory, and current configuration.

Kaspersky researchers uncovered NKAbuse while investigating an incident targeting one of its customers in the finance sector. Further examination revealed that NKAbuse exploits an old Apache Struts 2 vulnerability (tracked as CVE-2017-5638).

The vulnerability, as reported by Hackread.com in December 2017, allows attackers to execute commands on the server using a “shell” header and Bash and then execute a command to download the initial script.

NKAbuse leverages the NKN protocol to communicate with the bot master and send/receive information. It creates a new account and multiclient to simultaneously send/receive data from multiple clients.

The NKN account is initialized with a 64-character string representing the public key and remote address. Once the client is set up, the malware establishes a handler to accept incoming messages, which contains 42 cases, each performing different actions based on the sent code.

NKN data routing diagram (Image: Kaspersky’s GERT)

Researchers observed that attackers exploited the Struts 2 flaw using a publicly available proof of concept exploit. They executed a remote shell script, determining the victim’s operating system and installing a second-stage payload. Using NKAbuse’s amd64 version, the attack achieved persistence through cron jobs.

> _“This particular implant appears to have been meticulously crafted for integration into a botnet, yet it can adapt to functioning as a backdoor in a specific host and its use of blockchain technology ensures both reliability and anonymity, which indicates the potential for this botnet to expand steadily over time, seemingly devoid of an identifiable central controller.”_
> 
> Kaspersky’s Global Emergency Response Team (GERT)

NKAbuse has no self-propagation functionality and can target at least eight different architectures, although Linux is the priority. Successful implantation can lead to data compromise, theft, remote administration, persistence, and DDoS attacks.

For now, its operators are focusing on infecting devices in Colombia, Mexico, and Vietnam. However, researchers suspect its potential for expansion over time.

****_RELATED ARTICLES_****

1.  **Free Download Manager Site Pushed Linux Password Stealer**
2.  **New XorDdos-Linked Linux RAT Krasue Targeting Telecom Firms**
3.  **Hamas Hackers Targeting Israelis with New BiBi-Linux Wiper Malware**
4.  **Kinsing Crypto Malware Hits Linux Systems via Apache ActiveMQ Flaw**
5.  **Looney Tunables Linux Vulnerability Exposes Millions of Systems to Attack**

New ‘NKAbuse’ Linux Malware Uses Blockchain Technology to Spread

Red Hat Security Advisory 2023-7856-03 - New Red Hat Single Sign-On 7.6.6 packages are now available for Red Hat Enterprise Linux 8. Issues addressed include bypass, cross site scripting, and denial of service vulnerabilities.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7856.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: Red Hat Single Sign-On 7.6.6 security update on RHEL 8Advisory ID:        RHSA-2023:7856-03Product:            Red Hat Single Sign-OnAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:7856Issue date:         2023-12-14Revision:           03CVE Names:          CVE-2023-6134====================================================================Summary: New Red Hat Single Sign-On 7.6.6 packages are now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.This release of Red Hat Single Sign-On 7.6.6 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.6.5, and includes bug fixes and enhancements.Security Fix(es):* keycloak: reflected XSS via wildcard in OIDC redirect_uri (CVE-2023-6291)* keycloak: redirect_uri validation logic that allows for a bypass of otherwise explicitly allowed hosts (CVE-2023-6134)* keycloak: offline session token DoS (CVE-2023-6563)For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-6134References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2249673https://bugzilla.redhat.com/show_bug.cgi?id=2251407https://bugzilla.redhat.com/show_bug.cgi?id=2253308

Red Hat Security Advisory 2023-7856-03

Red Hat Security Advisory 2023-7855-03 - New Red Hat Single Sign-On 7.6.6 packages are now available for Red Hat Enterprise Linux 9. Issues addressed include bypass, cross site scripting, and denial of service vulnerabilities.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7855.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: Red Hat Single Sign-On 7.6.6 security update on RHEL 9Advisory ID:        RHSA-2023:7855-03Product:            Red Hat Single Sign-OnAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:7855Issue date:         2023-12-14Revision:           03CVE Names:          CVE-2023-6134====================================================================Summary: New Red Hat Single Sign-On 7.6.6 packages are now available for Red Hat Enterprise Linux 9.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.This release of Red Hat Single Sign-On 7.6.6 on RHEL 9 serves as a replacement for Red Hat Single Sign-On 7.6.5, and includes bug fixes and enhancements.Security Fix(es):* keycloak: redirect_uri validation logic that allows for a bypass of otherwise explicitly allowed hosts (CVE-2023-6134)* keycloak: reflected XSS via wildcard in OIDC redirect_uri (CVE-2023-6291)* keycloak: offline session token DoS (CVE-2023-6563)For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-6134References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2249673https://bugzilla.redhat.com/show_bug.cgi?id=2251407https://bugzilla.redhat.com/show_bug.cgi?id=2253308

Red Hat Security Advisory 2023-7855-03

Red Hat Security Advisory 2023-7854-03 - New Red Hat Single Sign-On 7.6.6 packages are now available for Red Hat Enterprise Linux 7. Issues addressed include bypass, cross site scripting, and denial of service vulnerabilities.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7854.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: Red Hat Single Sign-On 7.6.6 security update on RHEL 7Advisory ID:        RHSA-2023:7854-03Product:            Red Hat Single Sign-OnAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:7854Issue date:         2023-12-14Revision:           03CVE Names:          CVE-2023-6134====================================================================Summary: New Red Hat Single Sign-On 7.6.6 packages are now available for Red Hat Enterprise Linux 7.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.This release of Red Hat Single Sign-On 7.6.6 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.6.5, and includes bug fixes and enhancements.Security Fix(es):* keycloak: reflected XSS via wildcard in OIDC redirect_uri (CVE-2023-6291)* keycloak: redirect_uri validation logic that allows for a bypass of otherwise explicitly allowed hosts (CVE-2023-6134)* keycloak: offline session token DoS (CVE-2023-6563)For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-6134References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2249673https://bugzilla.redhat.com/show_bug.cgi?id=2251407https://bugzilla.redhat.com/show_bug.cgi?id=2253308

Red Hat Security Advisory 2023-7854-03

Red Hat Security Advisory 2023-7851-03 - Updated Satellite 6.14 packages that fixes Important security bugs and several regular bugs are now available for Red Hat Satellite. Issues addressed include cross site scripting and local file inclusion vulnerabilities.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7851.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Moderate: Satellite 6.14.1 Async Security Update  
Advisory ID:        RHSA-2023:7851-03  
Product:            Red Hat Satellite 6  
Advisory URL:       https://access.redhat.com/errata/RHSA-2023:7851  
Issue date:         2023-12-14  
Revision:           03  
CVE Names:          CVE-2023-4886  
====================================================================

Summary: 

Updated Satellite 6.14 packages that fixes Important security bugs and several  
regular bugs are now available for Red Hat Satellite.

Description:

Red Hat Satellite is a system management solution that allows organizations  
to configure and maintain their systems without the necessity to provide  
public Internet access to their servers or other client systems. It  
performs provisioning and configuration management of predefined standard  
operating environments.

Security fix(es):

* rubygem-actionpack: actionpack: Possible XSS via User Supplied Values to redirect_to [rhn_satellite_6.14] (CVE-2023-28362)

* foreman: World readable file containing secrets [rhn_satellite_6.14] (CVE-2023-4886)

* python-urllib3: urllib3: Request body not stripped after redirect from 303 status changes request method to GET [rhn_satellite_6-default] (CVE-2023-45803 )

*  python-gitpython: GitPython: Blind local file inclusion [rhn_satellite_6-default] (CVE-2023-41040)

This update fixes the following bugs:

2250342 - REX job finished with exit code 0 but the script failed on client side due to no space.  
2250343 - Selinux denials are reported after following \"Chapter 13. Managing Custom File Type Content\" chapter step by step  
2250344 - Long running postgres threads during content-export  
2250345 - Upgrade django-import-export package to at least 3.1.0  
2250349 - After upstream repo switched to zst compression, Satellite 6.12.5.1 unable to sync  
2250350 - Slow generate applicability for Hosts with multiple modulestreams installed  
2250352 - Recalculate button for Errata is not available on Satellite 6.13/ Satellite 6.14 if no errata is present  
2250351 - Actions::ForemanLeapp::PreupgradeJob fails with null value in column \"preupgrade_report_id\" violates not-null constraint when run with non-admin user  
2251799 - REX Template for 'convert2rhel analyze' command  
2254085 - Getting '/usr/sbin/foreman-rake db:migrate' returned 1 instead of one of [0] ERROR while trying to upgrade Satellite 6.13 to 6.14   
2254080 - satellite-convert2rhel-toolkit rpm v1.0.0 in 6.14.z

Users of Red Hat Satellite are advised to upgrade to these updated  
packages, which fix these bugs.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-4886

References:

https://access.redhat.com/security/updates/classification/#moderate  
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.14/html/upgrading_red_hat_satellite_to_6.14/index  
https://bugzilla.redhat.com/show_bug.cgi?id=2217785  
https://bugzilla.redhat.com/show_bug.cgi?id=2230135  
https://bugzilla.redhat.com/show_bug.cgi?id=2246840  
https://bugzilla.redhat.com/show_bug.cgi?id=2247040  
https://bugzilla.redhat.com/show_bug.cgi?id=2250342  
https://bugzilla.redhat.com/show_bug.cgi?id=2250343  
https://bugzilla.redhat.com/show_bug.cgi?id=2250344  
https://bugzilla.redhat.com/show_bug.cgi?id=2250345  
https://bugzilla.redhat.com/show_bug.cgi?id=2250349  
https://bugzilla.redhat.com/show_bug.cgi?id=2250350  
https://bugzilla.redhat.com/show_bug.cgi?id=2250351  
https://bugzilla.redhat.com/show_bug.cgi?id=2250352  
https://bugzilla.redhat.com/show_bug.cgi?id=2251799  
https://bugzilla.redhat.com/show_bug.cgi?id=2254080  
https://bugzilla.redhat.com/show_bug.cgi?id=2254085

Red Hat Security Advisory 2023-7851-03

Red Hat Security Advisory 2023-7841-03 - An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 8. Issues addressed include a use-after-free vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7841.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: gstreamer1-plugins-bad-free security updateAdvisory ID:        RHSA-2023:7841-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:7841Issue date:         2023-12-14Revision:           03CVE Names:          CVE-2023-44446====================================================================Summary: An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer.Security Fix(es):* gstreamer: MXF demuxer use-after-free vulnerability (CVE-2023-44446)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-44446References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2250249

Red Hat Security Advisory 2023-7841-03

Red Hat Security Advisory 2023-7840-03 - An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a use-after-free vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7840.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: gstreamer1-plugins-bad-free security updateAdvisory ID:        RHSA-2023:7840-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:7840Issue date:         2023-12-14Revision:           03CVE Names:          CVE-2023-44446====================================================================Summary: An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer.Security Fix(es):* gstreamer: MXF demuxer use-after-free vulnerability (CVE-2023-44446)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-44446References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2250249

Tag

#linux