CIS Controls Community Volunteer Spotlight: Staffan HuslidFri, 26 May 2023 02:37:00 -0400 Staffan Huslid has done a lot to support effective security controls for cyber defense as a volunteer of the CIS Controls Community. Hear his story.
Meet the GoldenJackal APT group. Don’t expect any howls GoldenJackal is an APT group, active since 2019, that usually targets government and diplomatic entities in the Middle East and South Asia. The main feature of this group is a specific toolset of .NET malware, JackalControl, JackalWorm, JackalSteal, JackalPerInfo and JackalScreenWatcher.
Debian Security Advisory 5411-1Fri, 26 May 2023 14:42:09 GMT Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.
Ubuntu Security Notice USN-6109-1Fri, 26 May 2023 14:41:53 GMT Ubuntu Security Notice 6109-1 - Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service. Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information.
Debian Security Advisory 5413-1Fri, 26 May 2023 14:36:57 GMT Debian Linux Security Advisory 5413-1 - An issue has been found in sniproxy, a transparent TLS and HTTP layer 4 proxy with SNI support. Due to bad handling of wildcard backend hosts, a crafted HTTP or TLS packet might lead to remote arbitrary code execution.
Red Hat Security Advisory 2023-3326-01Fri, 26 May 2023 14:34:05 GMT Red Hat Security Advisory 2023-3326-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.6 images. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs.
Red Hat Security Advisory 2023-3325-01Fri, 26 May 2023 14:28:59 GMT Red Hat Security Advisory 2023-3325-01 - Multicluster Engine for Kubernetes 2.1.7 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.
Red Hat Security Advisory 2023-3323-01Fri, 26 May 2023 14:27:01 GMT Red Hat Security Advisory 2023-3323-01 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
Ubuntu Security Notice USN-6054-2Fri, 26 May 2023 14:25:03 GMT Ubuntu Security Notice 6054-2 - USN-6054-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Moataz Al-Sharida and nawaik discovered that Django incorrectly handled uploading multiple files using one form field. A remote attacker could possibly use this issue to bypass certain validations.
Red Hat Security Advisory 2023-3319-01Fri, 26 May 2023 14:23:37 GMT Red Hat Security Advisory 2023-3319-01 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
Ubuntu Security Notice USN-6108-1Thu, 25 May 2023 15:10:54 GMT Ubuntu Security Notice 6108-1 - It was discovered that Jhead did not properly handle certain crafted images while rotating them. An attacker could possibly use this issue to crash Jhead, resulting in a denial of service. Kyle Brown discovered that Jhead did not properly handle certain crafted images while regenerating the Exif thumbnail. An attacker could possibly use this issue to execute arbitrary commands.
Ubuntu Security Notice USN-6106-1Thu, 25 May 2023 15:10:28 GMT Ubuntu Security Notice 6106-1 - It was discovered that calamares-settings-ubuntu allowed creating the first user with a blank password, contrary to expectations.
Red Hat Security Advisory 2023-3299-01Thu, 25 May 2023 15:06:23 GMT Red Hat Security Advisory 2023-3299-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include bypass, cross site scripting, denial of service, deserialization, improper authorization, and information leakage vulnerabilities.
Ubuntu Security Notice USN-6105-1Thu, 25 May 2023 15:06:05 GMT Ubuntu Security Notice 6105-1 - The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.60 version of the Mozilla certificate authority bundle.
Ubuntu Security Notice USN-6105-2Thu, 25 May 2023 15:05:46 GMT Ubuntu Security Notice 6105-2 - USN-6105-1 updated ca-certificates. This provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.60 version of the Mozilla certificate authority bundle.
Red Hat Security Advisory 2023-3318-01Thu, 25 May 2023 15:05:34 GMT Red Hat Security Advisory 2023-3318-01 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The golang packages provide the Go programming language compiler.
Ubuntu Security Notice USN-6100-1Thu, 25 May 2023 15:05:16 GMT Ubuntu Security Notice 6100-1 - It was discovered that HTML::StripScripts does not properly parse HTML content with certain style attributes. A remote attacker could use this issue to cause a regular expression denial of service.
Red Hat Security Advisory 2023-3296-01Thu, 25 May 2023 15:01:39 GMT Red Hat Security Advisory 2023-3296-01 - Multicluster Engine for Kubernetes 2.2.4 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.
Red Hat Security Advisory 2023-3297-01Thu, 25 May 2023 15:01:23 GMT Red Hat Security Advisory 2023-3297-01 - Red Hat Advanced Cluster Management for Kubernetes 2.7.4 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs.
Red Hat Security Advisory 2023-3291-01Thu, 25 May 2023 14:58:46 GMT Red Hat Security Advisory 2023-3291-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP response splitting and denial of service vulnerabilities.
Ubuntu Security Notice USN-6104-1Thu, 25 May 2023 14:50:59 GMT Ubuntu Security Notice 6104-1 - Alexander Lakhin discovered that PostgreSQL incorrectly handled certain CREATE privileges. An authenticated user could possibly use this issue to execute arbitrary code as the bootstrap supervisor. Wolfgang Walther discovered that PostgreSQL incorrectly handled certain row security policies. An authenticated user could possibly use this issue to complete otherwise forbidden reads and modifications.
Red Hat Security Advisory 2023-3216-01Thu, 25 May 2023 14:50:48 GMT Red Hat Security Advisory 2023-3216-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.60.
Red Hat Security Advisory 2023-3292-01Thu, 25 May 2023 14:43:14 GMT Red Hat Security Advisory 2023-3292-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Debian Security Advisory 5410-1Wed, 24 May 2023 15:56:10 GMT Debian Linux Security Advisory 5410-1 - Multiple security issues were discovered in Sofia-SIP, a SIP User-Agent library, which could result in denial of service.
Ubuntu Security Notice USN-6103-1Wed, 24 May 2023 15:56:00 GMT Ubuntu Security Notice 6103-1 - It was discovered that JSON Schema incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to exploit JavaScript runtimes and cause a denial of service or execute arbitrary code.
Red Hat Security Advisory 2023-3276-01Wed, 24 May 2023 15:54:27 GMT Red Hat Security Advisory 2023-3276-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root.
Red Hat Security Advisory 2023-3269-01Wed, 24 May 2023 15:54:08 GMT Red Hat Security Advisory 2023-3269-01 - The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Issues addressed include buffer overflow and null pointer vulnerabilities.