From security em unicamp.br Thu Jan 20 09:58:04 2022 From: security em unicamp.br (CSIRT Unicamp) Date: Thu, 20 Jan 2022 09:58:04 -0300 Subject: [SECURITY-L] Fwd: [Security-news] Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2022-001 In-Reply-To: References: Message-ID: ---------- Forwarded message --------- De: Date: qua., 19 de jan. de 2022 às 14:50 Subject: [Security-news] Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2022-001 To: View online: https://www.drupal.org/sa-core-2022-001 Project: Drupal core [1] Date: 2022-January-19 Security risk: *Moderately critical* 14?25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:Default [2] Vulnerability: Cross Site Scripting Description: jQuery UI is a third-party library used by Drupal. This library was previously thought to be end-of-life. Late in 2021, jQuery UI announced that they would be continuing development, and released a jQuery UI 1.13.0 [3] version. As part of this 1.13.0 update, they disclosed the following security issue that may affect Drupal 9 and 7: * CVE-2021-41183: XSS in the of option of the .position() util [4] It is possible that this vulnerability is exploitable with some Drupal modules. As a precaution, this Drupal security release applies the fix for the above cross-site description issue, without making any of the other changes to the jQuery version that is included in Drupal. This advisory is not covered by Drupal Steward [5]. Solution: Install the latest version: * If you are using Drupal 9.3, update to Drupal 9.3.3 [6]. * If you are using Drupal 9.2, update to Drupal 9.2.11 [7]. * If you are using Drupal 7, update to Drupal 7.86 [8]. All versions of Drupal 8 and 9 prior to 9.2.x are end-of-life and do not receive security coverage. Note that Drupal 8 has reached its end of life [9]. Reported By: * Lauri Eskola [10] Fixed By: * Lauri Eskola [11] * Chris [12] of the Drupal Security Team * Drew Webber [13] of the Drupal Security Team * Alex Bronstein [14] of the Drupal Security Team * Ben Mullins [15] * xjm [16] of the Drupal Security Team * Théodore Biadala [17] [1] https://www.drupal.org/project/drupal [2] https://www.drupal.org/security-team/risk-levels [3] https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/ [4] https://github.com/jquery/jquery-ui/security/advisories/GHSA-j7qv-pgf6-hvh4 [5] https://www.drupal.org/steward [6] https://www.drupal.org/project/drupal/releases/9.3.3 [7] https://www.drupal.org/project/drupal/releases/9.2.11 [8] https://www.drupal.org/project/drupal/releases/7.86 [9] https://www.drupal.org/psa-2021-06-29 [10] https://www.drupal.org/user/1078742 [11] https://www.drupal.org/user/1078742 [12] https://www.drupal.org/user/1850070 [13] https://www.drupal.org/user/255969 [14] https://www.drupal.org/user/78040 [15] https://www.drupal.org/user/2369194 [16] https://www.drupal.org/user/65776 [17] https://www.drupal.org/user/598310 _______________________________________________ Security-news mailing list Security-news em drupal.org Unsubscribe at https://lists.drupal.org/mailman/listinfo/security-news -------------- Próxima Parte ---------- Um anexo em HTML foi limpo... URL: From security em unicamp.br Wed Jan 26 16:07:42 2022 From: security em unicamp.br (CSIRT Unicamp) Date: Wed, 26 Jan 2022 16:07:42 -0300 Subject: [SECURITY-L] Diversas vulnerabilidades Criticas do Drupal Message-ID: View online: https://www.drupal.org/sa-contrib-2022-006 Project: Taxonomy Access Control Lite [1] Date: 2022-January-25 Security risk: *Critical* 15?25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2] Vulnerability: Unsupported View online: https://www.drupal.org/sa-contrib-2022-007 Project: Colorbox [1] Date: 2022-January-25 Security risk: *Critical* 15?25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2] Vulnerability: Unsupported View online: https://www.drupal.org/sa-contrib-2022-008 Project: Admin Toolbar Search [1] Date: 2022-January-25 Security risk: *Critical* 15?25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2] Vulnerability: Unsupported View online: https://www.drupal.org/sa-contrib-2022-009 Project: Expire reset password link [1] Date: 2022-January-25 Security risk: *Critical* 15?25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2] Vulnerability: Unsupported View online: https://www.drupal.org/sa-contrib-2022-010 Project: Rate [1] Date: 2022-January-25 Security risk: *Critical* 15?25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2] Vulnerability: Unsupported View online: https://www.drupal.org/sa-contrib-2022-011 Project: Navbar [1] Date: 2022-January-25 Security risk: *Moderately critical* 13?25 AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:Default [2] Vulnerability: Cross Site Scripting View online: https://www.drupal.org/sa-contrib-2022-012 Project: Swiftype integration [1] Date: 2022-January-25 Security risk: *Critical* 15?25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2] Vulnerability: Unsupported View online: https://www.drupal.org/sa-contrib-2022-013 Project: Business Responsive Theme [1] Date: 2022-January-25 Security risk: *Critical* 15?25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2] Vulnerability: Unsupported View online: https://www.drupal.org/sa-contrib-2022-014 Project: Private Taxonomy Terms [1] Date: 2022-January-26 Security risk: *Critical* 15?25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:All [2] Vulnerability: Access bypass, Information Disclosure, Multiple vulnerabilities View online: https://www.drupal.org/sa-contrib-2022-015 Project: Exif [1] Date: 2022-January-25 Security risk: *Critical* 15?25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2] Vulnerability: Unsupported View online: https://www.drupal.org/sa-contrib-2022-016 Project: Vocabulary Permissions Per Role [1] Date: 2022-January-25 Security risk: *Critical* 15?25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2] Vulnerability: Unsupported View online: https://www.drupal.org/sa-contrib-2022-017 Project: Media Entity Flickr [1] Date: 2022-January-25 Security risk: *Critical* 15?25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2] Vulnerability: Unsupported View online: https://www.drupal.org/sa-contrib-2022-018 Project: Cog [1] Date: 2022-January-25 Security risk: *Critical* 15?25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2] Vulnerability: Unsupported View online: https://www.drupal.org/sa-contrib-2022-019 Project: Vendor Stream Wrapper [1] Date: 2022-January-25 Security risk: *Critical* 15?25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2] Vulnerability: Unsupported View online: https://www.drupal.org/sa-contrib-2022-020 Project: Remote Stream Wrapper [1] Date: 2022-January-25 Security risk: *Critical* 15?25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2] Vulnerability: Unsupported View online: https://www.drupal.org/sa-contrib-2022-021 Project: Image Media Export Import [1] Date: 2022-January-25 Security risk: *Critical* 15?25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2] Vulnerability: Unsupported View online: https://www.drupal.org/sa-contrib-2022-022 Project: Printer, email and PDF versions [1] Date: 2022-January-25 Security risk: *Critical* 15?25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2] Vulnerability: Unsupported === Computer Security Incident Response Team - CSIRT Universidade Estadual de Campinas - Unicamp Centro de Computacao - CCUEC GnuPG Public Key: http://www.security.unicamp.br/security.asc [^] Contato: +55 19 3521-2289 ou INOC-DBA: 1251*830 -------------- Próxima Parte ---------- Um anexo em HTML foi limpo... URL: From security em unicamp.br Thu Jan 27 10:18:06 2022 From: security em unicamp.br (CSIRT Unicamp) Date: Thu, 27 Jan 2022 10:18:06 -0300 Subject: [SECURITY-L] [RHSA-2022:0303-02] Important: httpd24-httpd security update Message-ID: ===================================================================== Red Hat Security Advisory Synopsis: Important: httpd24-httpd security update Advisory ID: RHSA-2022:0303-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2022:0303 Issue date: 2022-01-27 CVE Names: CVE-2021-44790 ===================================================================== 1. Summary: An update for httpd24-httpd is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 3. Description: The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): * httpd: mod_lua: Possible buffer overflow when parsing multipart content (CVE-2021-44790) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the updated packages, the httpd daemon will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 2034674 - CVE-2021-44790 httpd: mod_lua: Possible buffer overflow when parsing multipart content 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: httpd24-httpd-2.4.34-23.el7.1.src.rpm noarch: httpd24-httpd-manual-2.4.34-23.el7.1.noarch.rpm ppc64le: httpd24-httpd-2.4.34-23.el7.1.ppc64le.rpm httpd24-httpd-debuginfo-2.4.34-23.el7.1.ppc64le.rpm httpd24-httpd-devel-2.4.34-23.el7.1.ppc64le.rpm httpd24-httpd-tools-2.4.34-23.el7.1.ppc64le.rpm httpd24-mod_ldap-2.4.34-23.el7.1.ppc64le.rpm httpd24-mod_proxy_html-2.4.34-23.el7.1.ppc64le.rpm httpd24-mod_session-2.4.34-23.el7.1.ppc64le.rpm httpd24-mod_ssl-2.4.34-23.el7.1.ppc64le.rpm s390x: httpd24-httpd-2.4.34-23.el7.1.s390x.rpm httpd24-httpd-debuginfo-2.4.34-23.el7.1.s390x.rpm httpd24-httpd-devel-2.4.34-23.el7.1.s390x.rpm httpd24-httpd-tools-2.4.34-23.el7.1.s390x.rpm httpd24-mod_ldap-2.4.34-23.el7.1.s390x.rpm httpd24-mod_proxy_html-2.4.34-23.el7.1.s390x.rpm httpd24-mod_session-2.4.34-23.el7.1.s390x.rpm httpd24-mod_ssl-2.4.34-23.el7.1.s390x.rpm x86_64: httpd24-httpd-2.4.34-23.el7.1.x86_64.rpm httpd24-httpd-debuginfo-2.4.34-23.el7.1.x86_64.rpm httpd24-httpd-devel-2.4.34-23.el7.1.x86_64.rpm httpd24-httpd-tools-2.4.34-23.el7.1.x86_64.rpm httpd24-mod_ldap-2.4.34-23.el7.1.x86_64.rpm httpd24-mod_proxy_html-2.4.34-23.el7.1.x86_64.rpm httpd24-mod_session-2.4.34-23.el7.1.x86_64.rpm httpd24-mod_ssl-2.4.34-23.el7.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: httpd24-httpd-2.4.34-23.el7.1.src.rpm noarch: httpd24-httpd-manual-2.4.34-23.el7.1.noarch.rpm x86_64: httpd24-httpd-2.4.34-23.el7.1.x86_64.rpm httpd24-httpd-debuginfo-2.4.34-23.el7.1.x86_64.rpm httpd24-httpd-devel-2.4.34-23.el7.1.x86_64.rpm httpd24-httpd-tools-2.4.34-23.el7.1.x86_64.rpm httpd24-mod_ldap-2.4.34-23.el7.1.x86_64.rpm httpd24-mod_proxy_html-2.4.34-23.el7.1.x86_64.rpm httpd24-mod_session-2.4.34-23.el7.1.x86_64.rpm httpd24-mod_ssl-2.4.34-23.el7.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-44790 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. === Computer Security Incident Response Team - CSIRT Universidade Estadual de Campinas - Unicamp Centro de Computacao - CCUEC GnuPG Public Key: http://www.security.unicamp.br/security.asc [^] Contato: +55 19 3521-2289 ou INOC-DBA: 1251*830 -------------- Próxima Parte ---------- Um anexo em HTML foi limpo... URL: