From security em unicamp.br Mon Jan 11 08:40:36 2021 From: security em unicamp.br (CSIRT Unicamp) Date: Mon, 11 Jan 2021 08:40:36 -0300 Subject: [SECURITY-L] [RHSA-2021:0053-01] Critical: firefox security update In-Reply-To: <202101111047.10BAlOiP022615@lists01.pubmisc.prod.ext.phx2.redhat.com> References: <202101111047.10BAlOiP022615@lists01.pubmisc.prod.ext.phx2.redhat.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Critical: firefox security update Advisory ID: RHSA-2021:0053-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0053 Issue date: 2021-01-11 CVE Names: CVE-2020-16044 ===================================================================== 1. Summary: An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.6.1 ESR. Security Fix(es): * Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk (CVE-2020-16044) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the update, Firefox must be restarted for the changes to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1913503 - CVE-2020-16044 Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: firefox-78.6.1-1.el7_9.src.rpm x86_64: firefox-78.6.1-1.el7_9.x86_64.rpm firefox-debuginfo-78.6.1-1.el7_9.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: firefox-78.6.1-1.el7_9.i686.rpm Red Hat Enterprise Linux Server (v. 7): Source: firefox-78.6.1-1.el7_9.src.rpm ppc64: firefox-78.6.1-1.el7_9.ppc64.rpm firefox-debuginfo-78.6.1-1.el7_9.ppc64.rpm ppc64le: firefox-78.6.1-1.el7_9.ppc64le.rpm firefox-debuginfo-78.6.1-1.el7_9.ppc64le.rpm s390x: firefox-78.6.1-1.el7_9.s390x.rpm firefox-debuginfo-78.6.1-1.el7_9.s390x.rpm x86_64: firefox-78.6.1-1.el7_9.x86_64.rpm firefox-debuginfo-78.6.1-1.el7_9.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): x86_64: firefox-78.6.1-1.el7_9.i686.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: firefox-78.6.1-1.el7_9.src.rpm x86_64: firefox-78.6.1-1.el7_9.x86_64.rpm firefox-debuginfo-78.6.1-1.el7_9.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: firefox-78.6.1-1.el7_9.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-16044 https://access.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX/wsttzjgjWX9erEAQjEDhAAlL8ETAXLvAfIB1sm0+rlRlyg1iuaSchf P6wJ7Tps+tfn8B0ysae7PcZtBWCOm+TrHhMXDoamhHbE71X95f1xpz962GlwPCHF gRKASCJE1mw8Qixi6Nn604J7ispKRYXmNYLdOZQgenMseSDdFZSrLb8EagvQG+sZ Ac3mgV+uuBx5rWLqQXnuu3vUMm9qVt4HmClAg+i406fgexOCLaneSkwV3xLxDPN8 myfBA7Sc7/nt42KDJHG+Ep+MIICFl9ZOmcHpFinu1xTo0gZJ5Zabh1mnIF0JXlvw XcEd0FEA3eDPexlTRsPZtzpK4uZeYGpUZlpLuRWAx2yMtbduqniVKEoq7SB5Rx1X /Jtw5dlfQW8jB1TQaNIDmM7Y7DRT64+xNcAi9NJH0LdjhPJNjodb1vR1Va3ykeue N+CjPfHIfoPasaHJ32JNvjBXp+BrNA3+nrS9MHHaBk0W93hTmu3DNCSvzoiz0oo7 eaREdAL48QY1mo23dEYgoNFd7gefj65vx+0td/IeEEJ6ZNazIGk6tlXhQPnFIn6i 0DuWO6ojVXU1rmWA42I/5oT7gDa5qk777lanRihLL+A1/O+sPrhq5XCpfgw0pQE9 0frNxB6USQX0vDNRdYxJamZ+flnYLbqpghWRqfrS5X/cjH2KcaV6ymLN0PJ/rB8z h4HzaadPcGI= =d9tc -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce em redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce === Computer Security Incident Response Team - CSIRT Universidade Estadual de Campinas - Unicamp Centro de Computacao - CCUEC GnuPG Public Key: http://www.security.unicamp.br/security.asc [^] Contato: +55 19 3521-2289 ou INOC-DBA: 1251*830 -------------- Próxima Parte ---------- Um anexo em HTML foi limpo... URL: From security em unicamp.br Wed Jan 27 15:34:00 2021 From: security em unicamp.br (CSIRT Unicamp) Date: Wed, 27 Jan 2021 15:34:00 -0300 Subject: [SECURITY-L] [Security-news] Open Social - Moderately critical - Access bypass - SA-CONTRIB-2021-002 In-Reply-To: References: Message-ID: View online: https://www.drupal.org/sa-contrib-2021-002 Project: Open Social [1] Version: 8.x-9.x-dev8.x-8.x-dev Date: 2021-January-27 Security risk: *Moderately critical* 10?25 AC:Basic/A:User/CI:Some/II:None/E:Theoretical/TD:Default [2] Vulnerability: Access bypass Description: The Social User Export module enables users within Open Social to create an export of users and download this to a CSV file. The module doesn't sufficiently check access when building the CSV file, allowing logged-in users without the manage members permission to be able to export all data from a selected user in certain scenarios. This vulnerability is mitigated by the fact that an attacker must have the authenticated user role and the site must have the configuration set in such a way a logged in user is able to export users. Solution: Install the latest version: * If you use Open Social major version 8, upgrade to 8.x-8.10 [3] * If you use Open Social major version 9, upgrade to 8.x-9.8 [4] Reported By: * Robert Ragas [5] Fixed By: * Ronald te Brake [6] * Alexander Varwijk [7] * Bram ten Hove [8] Coordinated By: * Greg Knaddison [9] of the Drupal Security Team [1] https://www.drupal.org/project/social [2] https://www.drupal.org/security-team/risk-levels [3] https://www.drupal.org/project/social/releases/8.x-8.10 [4] https://www.drupal.org/project/social/releases/8.x-9.8 [5] https://www.drupal.org/user/2723261 [6] https://www.drupal.org/user/2314038 [7] https://www.drupal.org/user/1868952 [8] https://www.drupal.org/user/1549848 [9] https://www.drupal.org/user/36762 _______________________________________________ Security-news mailing list Security-news em drupal.org Computer Security Incident Response Team - CSIRT Universidade Estadual de Campinas - Unicamp Centro de Computacao - CCUEC GnuPG Public Key: http://www.security.unicamp.br/security.asc [^] Contato: +55 19 3521-2289 ou INOC-DBA: 1251*830 -------------- Próxima Parte ---------- Um anexo em HTML foi limpo... URL: From security em unicamp.br Thu Jan 28 16:35:01 2021 From: security em unicamp.br (CSIRT Unicamp) Date: Thu, 28 Jan 2021 16:35:01 -0300 Subject: [SECURITY-L] [RNP/CAIS Alerta #0064] Vulnerabilidade no software sudo In-Reply-To: <815293326.34641910.1611794950574.JavaMail.zimbra@rnp.br> References: <815293326.34641910.1611794950574.JavaMail.zimbra@rnp.br> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 CAIS-Alerta [27/01/2021]: Vulnerabilidade no software sudo Prezados, O CAIS alerta para a recente vulnerabilidade divulgada no software/comando "sudo". O "sudo" é um comando que permite a elevação de privilégios para execução de determinadas ações dentro do sistema operacional em questão baseado em configurações específicas. Foi identificado a possibilidade de execução de comandos com privilégios administrativos por qualquer usuário, ou aplicação, local indiferente das configurações do ambiente. DESCRIÇÃO A vulnerabilidade ocorre quando o comando "sudo" é utilizado no chamado "shell mode", onde os parâmetros "-s" ou "-i" são utilizados. Uma falha na forma como os parâmetros adicionais são tratados pelo comando "sudo" resulta no processamento destes antes de serem validados pelas políticas de configuração do ambiente. SISTEMAS IMPACTADOS Plataformas que utilizam "sudo" de acordo com as versões base entre 1.8.2 até 1.8.31p2 e 1.9.0 até 1.9.5p1. VERSÕES AFETADAS Versões do "sudo" entre 1.8.2 até 1.8.31p2 e 1.9.0 até 1.9.5p1. CORREÇÕES DISPONÍVEIS Atualizar a versão do "sudo" para 1.9.5p2 ou mais recente de acordo com os desenvolvedores; Atualizar o componente "sudo" de acordo com as versões disponibilizadas pelos mantenedores das plataformas específicas. IDENTIFICADORES CVE (http://cve.mitre.org) - CVE-2021-3156 MAIS INFORMAÇÕES [1] https://www.sudo.ws/alerts/unescape_overflow.html [2] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3156 [3] https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit O CAIS recomenda que os administradores mantenham seus sistemas e aplicativos sempre atualizados, de acordo com as últimas versões e correções oferecidas pelos fabricantes. Os alertas do CAIS também podem ser acompanhados pelas redes sociais da RNP. Siga-nos! Twitter: @caisRNP Facebook: facebook.com/RedeNacionaldeEnsinoePesquisaRNP Atenciosamente, CAIS/RNP ################################################################ # CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) # # Rede Nacional de Ensino e Pesquisa (RNP) # # # # cais em cais.rnp.br https://www.rnp.br/sistema-rnp/cais # # Tel. 019-37873300 Fax. 019-37873301 # # Chave PGP disponivel https://www.cais.rnp.br/cais-pgp.key # ################################################################ -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE04JqHmzxtIXrrCYafN6gNLj49JgFAmASCX4ACgkQfN6gNLj4 9JjdXg//YLKUPHwCFFVrfJ0D6ifVyvOWg3sQ6IpuK1wzjljaE55Vaz8lsSlmFgum iyUx7kXCMR9NmZHDID7Zw/BCzuM3u68u4cO6+b2BHWHu7R1I7QlV9Rw5b7/jljZg WfplGff61CUiSxDvEP+OO9NX7Z5Iidtw8Qtq9FlFGfQga0rZNi0mc+B7Ng2vCZus OF8B39/2skTdqD9w3KGcVz46fGO49sioJ59hopdmgIkQwqQPRsJt9t2lX1lOYWU/ pNo9dZdLUZRklxn2yvF3ch4IVH63Ju5J3rCr7tuOM7npRsm1JewtxKtecRWEcgqI mtNCvXTkbJcTQaoCz4Ls0iEKNlzhPrMyz3ta/VnlnXQyr1lr9dBb/4Nqp7T1XTKp XwjFZWj98eO16r4iovDP20qnFdev0Dyty14ZjEkkKnqDTCjfmXLtnLzHlw30QDxT EHIkwUh1QkOeOMsh+ej7aNw3Xyrf214LAy8KhjuYVpp7RMidhdaOIMx5aspwECIU 2DBnuyj2Hi5xnp/pQA8KidObQEJsuoH+zr2b1W0WB1xaeVe1NOcaUv5jaA9xGr42 56zQpwI+n+1NN6o5YjdgAYgoR3Ou78mfPq7QMORnzXKNS5DQQubd3tacNm4mKmcC 49L8xSAjvpHsgM6mLbcmax+19aAPAzhxAT43vp1DfM6tmSbWTSc= =/fMY -----END PGP SIGNATURE----- _______________________________________________ RNP-Alerta rnp-alerta em listas.rnp.br https://listas.rnp.br/mailman/listinfo/rnp-alerta === Computer Security Incident Response Team - CSIRT Universidade Estadual de Campinas - Unicamp Centro de Computacao - CCUEC GnuPG Public Key: http://www.security.unicamp.br/security.asc [^] Contato: +55 19 3521-2289 ou INOC-DBA: 1251*830 -------------- Próxima Parte ---------- Um anexo em HTML foi limpo... URL: