From security em unicamp.br Wed Mar 11 14:58:37 2020 From: security em unicamp.br (CSIRT Unicamp) Date: Wed, 11 Mar 2020 14:58:37 -0300 Subject: [SECURITY-L] [Security-news] SAML Service Provider - Critical - Access bypass - SA-CONTRIB-2020-006 In-Reply-To: References: Message-ID: View online: https://www.drupal.org/sa-contrib-2020-006 Project: SAML Service Provider [1] Date: 2020-March-11 Security risk: *Critical* 15?25 AC:Basic/A:None/CI:Some/II:Some/E:Theoretical/TD:Default [2] Vulnerability: Access bypass Description: This module enables you to authenticate Drupal users using an external SAML Identity Provider. If the site is configured to allow visitors to register for user accounts but administrator approval is required, the module doesn't sufficiently enforce the administrative approval requirement, in the case where the requesting user has already authenticated through SAML. This vulnerability is mitigated by the fact that user accounts created in this way have only default roles, which may not have access significantly beyond that of an anonymous user. To mitigate the vulnerability without upgrading sites could disable public registration. Solution: Install the latest version: * If you use the SAML Service Provider module for Drupal 8.x, upgrade to SAML Service Provider 8.x-3.7 [3] Also see the SAML Service Provider [4] project page. Reported By: * J Proctor [5] Fixed By: * J Proctor [6] * James Glasgow [7] Coordinated By: * Greg Knaddison [8] of the Drupal Security Team [1] https://www.drupal.org/project/saml_sp [2] https://www.drupal.org/security-team/risk-levels [3] https://www.drupal.org/project/saml_sp/releases/8.x-3.7 [4] https://www.drupal.org/project/saml_sp [5] https://www.drupal.org/user/1194192 [6] https://www.drupal.org/user/1194192 [7] https://www.drupal.org/user/36590 [8] https://www.drupal.org/user/36762 === Computer Security Incident Response Team - CSIRT Universidade Estadual de Campinas - Unicamp Centro de Computacao - CCUEC GnuPG Public Key: http://www.security.unicamp.br/security.asc [^] Contato: +55 19 3521-2289 ou INOC-DBA: 1251*830 -------------- Próxima Parte ---------- Um anexo em HTML foi limpo... URL: From security em unicamp.br Thu Mar 12 15:05:41 2020 From: security em unicamp.br (CSIRT Unicamp) Date: Thu, 12 Mar 2020 15:05:41 -0300 Subject: [SECURITY-L] Critical: Red Hat JBoss Enterprise Application Platform 7.2 security update In-Reply-To: <202003121708.02CH8TEl030196@lists01.pubmisc.prod.ext.phx2.redhat.com> References: <202003121708.02CH8TEl030196@lists01.pubmisc.prod.ext.phx2.redhat.com> Message-ID: ===================================================================== Red Hat Security Advisory Synopsis: Critical: Red Hat JBoss Enterprise Application Platform 7.2 security update Advisory ID: RHSA-2020:0812-01 Product: Red Hat JBoss Enterprise Application Platform Advisory URL: https://access.redhat.com/errata/RHSA-2020:0812 Issue date: 2020-03-12 CVE Names: CVE-2020-1745 ===================================================================== 1. Summary: An update is now available for Red Hat JBoss Enterprise Application Platform 7.2. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for the Undertow package in Red Hat JBoss Enterprise Application Platform 7.2. Security Fix(es): * undertow: AJP File Read/Inclusion Vulnerability (CVE-2020-1745) For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section. 3. Solution: Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications. The References section of this erratum contains a download link (you must log in to download the update). You must restart the JBoss server process for the update to take effect. 4. Bugs fixed (https://bugzilla.redhat.com/): 1807305 - CVE-2020-1745 undertow: AJP File Read/Inclusion Vulnerability 5. References: https://access.redhat.com/security/cve/CVE-2020-1745 https://access.redhat.com/security/updates/classification/#critical https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=7.2 https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/ https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/ 6. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ === Computer Security Incident Response Team - CSIRT Universidade Estadual de Campinas - Unicamp Centro de Computacao - CCUEC GnuPG Public Key: http://www.security.unicamp.br/security.asc [^] Contato: +55 19 3521-2289 ou INOC-DBA: 1251*830 -------------- Próxima Parte ---------- Um anexo em HTML foi limpo... URL: From security em unicamp.br Thu Mar 26 09:02:29 2020 From: security em unicamp.br (CSIRT Unicamp) Date: Thu, 26 Mar 2020 09:02:29 -0300 Subject: [SECURITY-L] Fwd: [Security-news] Svg Image - Critical - Cross site scripting - SA-CONTRIB-2020-008 In-Reply-To: References: Message-ID: ---------- Forwarded message --------- De: Date: qua., 25 de mar. de 2020 às 16:52 Subject: [Security-news] Svg Image - Critical - Cross site scripting - SA-CONTRIB-2020-008 To: View online: https://www.drupal.org/sa-contrib-2020-008 Project: Svg Image [1] Date: 2020-March-25 Security risk: *Critical* 15?25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2] Vulnerability: Cross site scripting Description: SVG Image module allows to upload SVG files. The module did not sufficiently protect against malicious code inside SVG files leading to a Cross Site Scripting vulnerability. This vulnerability is mitigated by the fact that an attacker must have permission to upload an SVG file. Solution: Install the latest version: * If you use the SVG Image module for Drupal 8.x, upgrade to Svg Image 8.x-1.10 [3] Also see the Svg Image [4] project page. Reported By: * Dmitry Kiselev [5] Fixed By: * Yaroslav Lushnikov [6] * Dmitry Kiselev [7] * Jeroen Tubex [8] Coordinated By: * Greg Knaddison [9] of the Drupal Security Team [1] https://www.drupal.org/project/svg_image [2] https://www.drupal.org/security-team/risk-levels [3] https://www.drupal.org/project/svg_image/releases/8.x-1.10 [4] https://www.drupal.org/project/svg_image [5] https://www.drupal.org/user/1945174 [6] https://www.drupal.org/user/2870933 [7] https://www.drupal.org/user/1945174 [8] https://www.drupal.org/user/2228934 [9] https://www.drupal.org/user/36762 _______________________________________________ Security-news mailing list Security-news em drupal.org Unsubscribe at https://lists.drupal.org/mailman/listinfo/security-news -------------- Próxima Parte ---------- Um anexo em HTML foi limpo... URL: