Vulnerabilities |
110 via 110 paths |
---|---|
Dependencies |
103 |
Source |
Docker |
Target OS |
amzn:2018.03 |
high severity
- Vulnerable module: glib2
- Introduced through: glib2@2.36.3-5.22.amzn1
- Fixed in: 0:2.36.3-5.23.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › glib2@2.36.3-5.22.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream glib2
package and not the glib2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference.
Remediation
Upgrade Amazon-Linux:2018.03
glib2
to version 0:2.36.3-5.23.amzn1 or higher.
This issue was patched in ALAS-2023-1742
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16428
- https://gitlab.gnome.org/GNOME/glib/issues/1364
- https://gitlab.gnome.org/GNOME/glib/commit/fccef3cc822af74699cca84cd202719ae61ca3b9
- http://www.securityfocus.com/bid/105210
- https://usn.ubuntu.com/3767-1/
- https://usn.ubuntu.com/3767-2/
- https://lists.debian.org/debian-lts-announce/2019/07/msg00029.html
- http://www.openwall.com/lists/oss-security/2020/02/14/3
high severity
- Vulnerable module: ca-certificates
- Introduced through: ca-certificates@2018.2.22-65.1.28.amzn1
- Fixed in: 0:2018.2.22-65.1.31.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › ca-certificates@2018.2.22-65.1.28.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream ca-certificates
package and not the ca-certificates
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from "e-Tugra" from the root store.
Remediation
Upgrade Amazon-Linux:2018.03
ca-certificates
to version 0:2018.2.22-65.1.31.amzn1 or higher.
This issue was patched in ALAS-2023-1817
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37920
- https://github.com/certifi/python-certifi/commit/8fb96ed81f71e7097ed11bc4d9b19afd7ea5c909
- https://github.com/certifi/python-certifi/security/advisories/GHSA-xqr8-7jwr-rhp7
- https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/C-HrP1SEq1A
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5EX6NG7WUFNUKGFHLM35KHHU3GAKXRTG/
high severity
- Vulnerable module: nss
- Introduced through: nss@3.53.1-7.87.amzn1
- Fixed in: 0:3.53.1-7.88.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › nss@3.53.1-7.87.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream nss
package and not the nss
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
Remediation
Upgrade Amazon-Linux:2018.03
nss
to version 0:3.53.1-7.88.amzn1 or higher.
This issue was patched in ALAS-2023-1736
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767
- https://bugzilla.mozilla.org/show_bug.cgi?id=1804640
- https://www.mozilla.org/security/advisories/mfsa2023-05/
- https://www.mozilla.org/security/advisories/mfsa2023-06/
- https://www.mozilla.org/security/advisories/mfsa2023-07/
- https://alas.aws.amazon.com/AL2/ALAS-2023-1992.html
high severity
- Vulnerable module: nss-sysinit
- Introduced through: nss-sysinit@3.53.1-7.87.amzn1
- Fixed in: 0:3.53.1-7.88.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › nss-sysinit@3.53.1-7.87.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream nss-sysinit
package and not the nss-sysinit
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
Remediation
Upgrade Amazon-Linux:2018.03
nss-sysinit
to version 0:3.53.1-7.88.amzn1 or higher.
This issue was patched in ALAS-2023-1736
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767
- https://bugzilla.mozilla.org/show_bug.cgi?id=1804640
- https://www.mozilla.org/security/advisories/mfsa2023-05/
- https://www.mozilla.org/security/advisories/mfsa2023-06/
- https://www.mozilla.org/security/advisories/mfsa2023-07/
- https://alas.aws.amazon.com/AL2/ALAS-2023-1992.html
high severity
- Vulnerable module: nss-tools
- Introduced through: nss-tools@3.53.1-7.87.amzn1
- Fixed in: 0:3.53.1-7.88.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › nss-tools@3.53.1-7.87.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream nss-tools
package and not the nss-tools
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
Remediation
Upgrade Amazon-Linux:2018.03
nss-tools
to version 0:3.53.1-7.88.amzn1 or higher.
This issue was patched in ALAS-2023-1736
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767
- https://bugzilla.mozilla.org/show_bug.cgi?id=1804640
- https://www.mozilla.org/security/advisories/mfsa2023-05/
- https://www.mozilla.org/security/advisories/mfsa2023-06/
- https://www.mozilla.org/security/advisories/mfsa2023-07/
- https://alas.aws.amazon.com/AL2/ALAS-2023-1992.html
high severity
- Vulnerable module: python27
- Introduced through: python27@2.7.18-2.142.amzn1
- Fixed in: 0:2.7.18-2.148.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › python27@2.7.18-2.142.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream python27
package and not the python27
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is a brief window where the SSLSocket instance will detect the socket as "not connected" and won't initiate a handshake, but buffered data will still be readable from the socket buffer. This data will not be authenticated if the server-side TLS peer is expecting client certificate authentication, and is indistinguishable from valid TLS stream data. Data is limited in size to the amount that will fit in the buffer. (The TLS connection cannot directly be used for data exfiltration because the vulnerable code path requires that the connection be closed on initialization of the SSLSocket.)
Remediation
Upgrade Amazon-Linux:2018.03
python27
to version 0:2.7.18-2.148.amzn1 or higher.
This issue was patched in ALAS-2023-1876
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40217
- https://mail.python.org/archives/list/security-announce@python.org/thread/PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY/
- https://www.python.org/dev/security/
- https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html
- https://security.netapp.com/advisory/ntap-20231006-0014/
- https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html
- https://mail.python.org/archives/list/security-announce%40python.org/thread/PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY/
high severity
- Vulnerable module: python27-libs
- Introduced through: python27-libs@2.7.18-2.142.amzn1
- Fixed in: 0:2.7.18-2.148.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › python27-libs@2.7.18-2.142.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream python27-libs
package and not the python27-libs
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is a brief window where the SSLSocket instance will detect the socket as "not connected" and won't initiate a handshake, but buffered data will still be readable from the socket buffer. This data will not be authenticated if the server-side TLS peer is expecting client certificate authentication, and is indistinguishable from valid TLS stream data. Data is limited in size to the amount that will fit in the buffer. (The TLS connection cannot directly be used for data exfiltration because the vulnerable code path requires that the connection be closed on initialization of the SSLSocket.)
Remediation
Upgrade Amazon-Linux:2018.03
python27-libs
to version 0:2.7.18-2.148.amzn1 or higher.
This issue was patched in ALAS-2023-1876
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40217
- https://mail.python.org/archives/list/security-announce@python.org/thread/PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY/
- https://www.python.org/dev/security/
- https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html
- https://security.netapp.com/advisory/ntap-20231006-0014/
- https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html
- https://mail.python.org/archives/list/security-announce%40python.org/thread/PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY/
high severity
new
- Vulnerable module: glib2
- Introduced through: glib2@2.36.3-5.22.amzn1
- Fixed in: 0:2.36.3-5.27.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › glib2@2.36.3-5.22.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream glib2
package and not the glib2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
GNOME GLib before 2.65.3 has an integer overflow, that might lead to an out-of-bounds write, in g_option_group_add_entries. NOTE: the vendor's position is "Realistically this is not a security issue. The standard pattern is for callers to provide a static list of option entries in a fixed number of calls to g_option_group_add_entries()." The researcher states that this pattern is undocumented
Remediation
Upgrade Amazon-Linux:2018.03
glib2
to version 0:2.36.3-5.27.amzn1 or higher.
This issue was patched in ALAS-2024-1929
.
References
high severity
- Vulnerable module: ncurses
- Introduced through: ncurses@5.7-4.20090207.14.amzn1
- Fixed in: 0:5.7-4.20090207.15.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › ncurses@5.7-4.20090207.14.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream ncurses
package and not the ncurses
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.
Remediation
Upgrade Amazon-Linux:2018.03
ncurses
to version 0:5.7-4.20090207.15.amzn1 or higher.
This issue was patched in ALAS-2023-1778
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491
- http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56
- https://www.openwall.com/lists/oss-security/2023/04/12/5
- https://www.openwall.com/lists/oss-security/2023/04/13/4
- http://www.openwall.com/lists/oss-security/2023/04/19/10
- http://www.openwall.com/lists/oss-security/2023/04/19/11
- https://security.netapp.com/advisory/ntap-20230517-0009/
- https://support.apple.com/kb/HT213843
- https://support.apple.com/kb/HT213844
- https://support.apple.com/kb/HT213845
- http://ncurses.scripts.mit.edu/?p=ncurses.git%3Ba=commit%3Bh=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56
- https://lists.debian.org/debian-lts-announce/2023/12/msg00004.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/
high severity
- Vulnerable module: ncurses-base
- Introduced through: ncurses-base@5.7-4.20090207.14.amzn1
- Fixed in: 0:5.7-4.20090207.15.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › ncurses-base@5.7-4.20090207.14.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream ncurses-base
package and not the ncurses-base
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.
Remediation
Upgrade Amazon-Linux:2018.03
ncurses-base
to version 0:5.7-4.20090207.15.amzn1 or higher.
This issue was patched in ALAS-2023-1778
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491
- http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56
- https://www.openwall.com/lists/oss-security/2023/04/12/5
- https://www.openwall.com/lists/oss-security/2023/04/13/4
- http://www.openwall.com/lists/oss-security/2023/04/19/10
- http://www.openwall.com/lists/oss-security/2023/04/19/11
- https://security.netapp.com/advisory/ntap-20230517-0009/
- https://support.apple.com/kb/HT213843
- https://support.apple.com/kb/HT213844
- https://support.apple.com/kb/HT213845
- http://ncurses.scripts.mit.edu/?p=ncurses.git%3Ba=commit%3Bh=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56
- https://lists.debian.org/debian-lts-announce/2023/12/msg00004.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/
high severity
- Vulnerable module: ncurses-libs
- Introduced through: ncurses-libs@5.7-4.20090207.14.amzn1
- Fixed in: 0:5.7-4.20090207.15.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › ncurses-libs@5.7-4.20090207.14.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream ncurses-libs
package and not the ncurses-libs
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.
Remediation
Upgrade Amazon-Linux:2018.03
ncurses-libs
to version 0:5.7-4.20090207.15.amzn1 or higher.
This issue was patched in ALAS-2023-1778
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491
- http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56
- https://www.openwall.com/lists/oss-security/2023/04/12/5
- https://www.openwall.com/lists/oss-security/2023/04/13/4
- http://www.openwall.com/lists/oss-security/2023/04/19/10
- http://www.openwall.com/lists/oss-security/2023/04/19/11
- https://security.netapp.com/advisory/ntap-20230517-0009/
- https://support.apple.com/kb/HT213843
- https://support.apple.com/kb/HT213844
- https://support.apple.com/kb/HT213845
- http://ncurses.scripts.mit.edu/?p=ncurses.git%3Ba=commit%3Bh=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56
- https://lists.debian.org/debian-lts-announce/2023/12/msg00004.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/
high severity
- Vulnerable module: python27
- Introduced through: python27@2.7.18-2.142.amzn1
- Fixed in: 0:2.7.18-2.149.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › python27@2.7.18-2.142.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream python27
package and not the python27
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities.
Remediation
Upgrade Amazon-Linux:2018.03
python27
to version 0:2.7.18-2.149.amzn1 or higher.
This issue was patched in ALAS-2023-1880
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48565
- https://bugs.python.org/issue42051
- https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html
- https://security.netapp.com/advisory/ntap-20231006-0007/
- https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AFHYAGWBFBNUGWU6XWKBHTCV5NH77MB7/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KZRZRJHWLZ7MOJNPQBWGJVXMVYDC5BRA/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAYWJD576JUKLHCWKDLMJSUGTRDKPF3M/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AFHYAGWBFBNUGWU6XWKBHTCV5NH77MB7/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAYWJD576JUKLHCWKDLMJSUGTRDKPF3M/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KZRZRJHWLZ7MOJNPQBWGJVXMVYDC5BRA/
high severity
- Vulnerable module: python27-libs
- Introduced through: python27-libs@2.7.18-2.142.amzn1
- Fixed in: 0:2.7.18-2.149.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › python27-libs@2.7.18-2.142.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream python27-libs
package and not the python27-libs
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities.
Remediation
Upgrade Amazon-Linux:2018.03
python27-libs
to version 0:2.7.18-2.149.amzn1 or higher.
This issue was patched in ALAS-2023-1880
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48565
- https://bugs.python.org/issue42051
- https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html
- https://security.netapp.com/advisory/ntap-20231006-0007/
- https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AFHYAGWBFBNUGWU6XWKBHTCV5NH77MB7/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KZRZRJHWLZ7MOJNPQBWGJVXMVYDC5BRA/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAYWJD576JUKLHCWKDLMJSUGTRDKPF3M/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AFHYAGWBFBNUGWU6XWKBHTCV5NH77MB7/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAYWJD576JUKLHCWKDLMJSUGTRDKPF3M/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KZRZRJHWLZ7MOJNPQBWGJVXMVYDC5BRA/
high severity
- Vulnerable module: ca-certificates
- Introduced through: ca-certificates@2018.2.22-65.1.28.amzn1
- Fixed in: 0:2018.2.22-65.1.29.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › ca-certificates@2018.2.22-65.1.28.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream ca-certificates
package and not the ca-certificates
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 2022.12.07 removes root certificates from "TrustCor" from the root store. These are in the process of being removed from Mozilla's trust store. TrustCor's root certificates are being removed pursuant to an investigation prompted by media reporting that TrustCor's ownership also operated a business that produced spyware. Conclusions of Mozilla's investigation can be found in the linked google group discussion.
Remediation
Upgrade Amazon-Linux:2018.03
ca-certificates
to version 0:2018.2.22-65.1.29.amzn1 or higher.
This issue was patched in ALAS-2023-1690
.
References
high severity
- Vulnerable module: glib2
- Introduced through: glib2@2.36.3-5.22.amzn1
- Fixed in: 0:2.36.3-5.23.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › glib2@2.36.3-5.22.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream glib2
package and not the glib2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c, related to utf8_str().
Remediation
Upgrade Amazon-Linux:2018.03
glib2
to version 0:2.36.3-5.23.amzn1 or higher.
This issue was patched in ALAS-2023-1742
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16429
- https://gitlab.gnome.org/GNOME/glib/issues/1361
- https://gitlab.gnome.org/GNOME/glib/commit/cec71705406f0b2790422f0c1aa0ff3b4b464b1b
- https://usn.ubuntu.com/3767-1/
- https://usn.ubuntu.com/3767-2/
- https://lists.debian.org/debian-lts-announce/2019/07/msg00029.html
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
high severity
- Vulnerable module: glib2
- Introduced through: glib2@2.36.3-5.22.amzn1
- Fixed in: 0:2.36.3-5.24.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › glib2@2.36.3-5.22.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream glib2
package and not the glib2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c, related to utf8_str().
Remediation
Upgrade Amazon-Linux:2018.03
glib2
to version 0:2.36.3-5.24.amzn1 or higher.
This issue was patched in ALAS-2023-1749
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16429
- https://gitlab.gnome.org/GNOME/glib/issues/1361
- https://gitlab.gnome.org/GNOME/glib/commit/cec71705406f0b2790422f0c1aa0ff3b4b464b1b
- https://usn.ubuntu.com/3767-1/
- https://usn.ubuntu.com/3767-2/
- https://lists.debian.org/debian-lts-announce/2019/07/msg00029.html
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
high severity
- Vulnerable module: libnghttp2
- Introduced through: libnghttp2@1.33.0-1.1.6.amzn1
- Fixed in: 0:1.33.0-1.1.7.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libnghttp2@1.33.0-1.1.6.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libnghttp2
package and not the libnghttp2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy’s HTTP/2 codec may leak a header map and bookkeeping structures upon receiving RST_STREAM
immediately followed by the GOAWAY
frames from an upstream server. In nghttp2, cleanup of pending requests due to receipt of the GOAWAY
frame skips de-allocation of the bookkeeping structure and pending compressed header. The error return [code path] is taken if connection is already marked for not sending more requests due to GOAWAY
frame. The clean-up code is right after the return statement, causing memory leak. Denial of service through memory exhaustion. This vulnerability was patched in versions(s) 1.26.3, 1.25.8, 1.24.9, 1.23.11.
Remediation
Upgrade Amazon-Linux:2018.03
libnghttp2
to version 0:1.33.0-1.1.7.amzn1 or higher.
This issue was patched in ALAS-2023-1793
.
References
high severity
- Vulnerable module: libnghttp2
- Introduced through: libnghttp2@1.33.0-1.1.6.amzn1
- Fixed in: 0:1.33.0-1.1.8.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libnghttp2@1.33.0-1.1.6.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libnghttp2
package and not the libnghttp2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Remediation
Upgrade Amazon-Linux:2018.03
libnghttp2
to version 0:1.33.0-1.1.8.amzn1 or higher.
This issue was patched in ALAS-2023-1869
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487
- https://aws.amazon.com/security/security-bulletins/AWS-2023-011/
- https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
- https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/
- https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/
- https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack
- https://news.ycombinator.com/item?id=37831062
- https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/
- https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack
- https://chaos.social/@icing/111210915918780532
- https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764
- https://github.com/alibaba/tengine/issues/1872
- https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2
- https://github.com/bcdannyboy/CVE-2023-44487
- https://github.com/caddyserver/caddy/issues/5877
- https://github.com/eclipse/jetty.project/issues/10679
- https://github.com/envoyproxy/envoy/pull/30055
- https://github.com/haproxy/haproxy/issues/2312
- https://github.com/hyperium/hyper/issues/3337
- https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61
- https://github.com/nghttp2/nghttp2/pull/1961
- https://news.ycombinator.com/item?id=37830987
- https://news.ycombinator.com/item?id=37830998
- https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/
- https://github.com/grpc/grpc-go/pull/6703
- https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244
- https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0
- https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html
- https://my.f5.com/manage/s/article/K000137106
- https://bugzilla.proxmox.com/show_bug.cgi?id=4988
- https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9
- https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/
- https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve
- https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088
- https://github.com/advisories/GHSA-vx74-f528-fxqg
- https://github.com/apache/trafficserver/pull/10564
- https://github.com/dotnet/announcements/issues/277
- https://github.com/facebook/proxygen/pull/466
- https://github.com/golang/go/issues/63417
- https://github.com/h2o/h2o/pull/3291
- https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf
- https://github.com/micrictor/http2-rst-stream
- https://github.com/microsoft/CBL-Mariner/pull/6381
- https://github.com/nodejs/node/pull/50121
- https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487
- https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/
- https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q
- https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected
- https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14
- https://www.openwall.com/lists/oss-security/2023/10/10/6
- https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73
- https://github.com/advisories/GHSA-xpw8-rcwv-8f8p
- https://github.com/kubernetes/kubernetes/pull/121120
- https://github.com/opensearch-project/data-prepper/issues/3474
- https://github.com/oqtane/oqtane.framework/discussions/3367
- https://netty.io/news/2023/10/10/4-1-100-Final.html
- https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487
- https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack
- https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113
- https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1
- https://github.com/kazu-yamamoto/http2/issues/93
- https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html
- https://news.ycombinator.com/item?id=37837043
- https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487
- https://www.debian.org/security/2023/dsa-5521
- https://www.debian.org/security/2023/dsa-5522
- https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
- https://access.redhat.com/security/cve/cve-2023-44487
- https://blog.vespa.ai/cve-2023-44487/
- https://bugzilla.redhat.com/show_bug.cgi?id=2242803
- https://bugzilla.suse.com/show_bug.cgi?id=1216123
- https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125
- https://github.com/advisories/GHSA-qppj-fm5r-hxr3
- https://github.com/etcd-io/etcd/issues/16740
- https://github.com/junkurihara/rust-rpxy/issues/97
- https://github.com/ninenines/cowboy/issues/1615
- https://github.com/tempesta-tech/tempesta/issues/1986
- https://github.com/varnishcache/varnish-cache/issues/3996
- https://istio.io/latest/news/security/istio-security-2023-004/
- https://ubuntu.com/security/CVE-2023-44487
- https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event
- https://github.com/apache/httpd-site/pull/10
- https://github.com/line/armeria/pull/5232
- https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632
- https://github.com/projectcontour/contour/pull/5826
- https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/
- https://github.com/Azure/AKS/issues/3947
- https://github.com/Kong/kong/discussions/11741
- https://github.com/akka/akka-http/issues/4323
- https://github.com/apache/apisix/issues/10320
- https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487
- https://github.com/openresty/openresty/issues/930
- https://security.paloaltonetworks.com/CVE-2023-44487
- https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/
- https://github.com/caddyserver/caddy/releases/tag/v2.7.5
- https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html
- http://www.openwall.com/lists/oss-security/2023/10/13/4
- http://www.openwall.com/lists/oss-security/2023/10/13/9
- https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/
- https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/
- https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/
- https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html
- https://security.netapp.com/advisory/ntap-20231016-0001/
- https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html
- http://www.openwall.com/lists/oss-security/2023/10/18/4
- http://www.openwall.com/lists/oss-security/2023/10/18/8
- http://www.openwall.com/lists/oss-security/2023/10/19/6
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/
- http://www.openwall.com/lists/oss-security/2023/10/20/8
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/
- https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html
- https://www.debian.org/security/2023/dsa-5540
- https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html
- https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/
- https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html
- https://www.debian.org/security/2023/dsa-5549
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/
- https://www.debian.org/security/2023/dsa-5558
- https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html
- https://security.gentoo.org/glsa/202311-09
- https://www.debian.org/security/2023/dsa-5570
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog
high severity
- Vulnerable module: libssh2
- Introduced through: libssh2@1.4.2-3.12.amzn1
- Fixed in: 0:1.4.2-3.14.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libssh2@1.4.2-3.12.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libssh2
package and not the libssh2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory.
Remediation
Upgrade Amazon-Linux:2018.03
libssh2
to version 0:1.4.2-3.14.amzn1 or higher.
This issue was patched in ALAS-2023-1834
.
References
high severity
- Vulnerable module: openldap
- Introduced through: openldap@2.4.40-16.32.amzn1
- Fixed in: 0:2.4.40-16.36.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › openldap@2.4.40-16.32.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream openldap
package and not the openldap
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service.
Remediation
Upgrade Amazon-Linux:2018.03
openldap
to version 0:2.4.40-16.36.amzn1 or higher.
This issue was patched in ALAS-2023-1741
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36229
- https://bugs.openldap.org/show_bug.cgi?id=9425
- https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57
- https://git.openldap.org/openldap/openldap/-/commit/4bdfffd2889c0c5cdf58bebafbdc8fce4bb2bff0
- https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html
- https://www.debian.org/security/2021/dsa-4845
- https://security.netapp.com/advisory/ntap-20210226-0002/
- https://support.apple.com/kb/HT212529
- http://seclists.org/fulldisclosure/2021/May/70
- http://seclists.org/fulldisclosure/2021/May/64
- http://seclists.org/fulldisclosure/2021/May/65
- https://support.apple.com/kb/HT212530
- https://support.apple.com/kb/HT212531
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
high severity
- Vulnerable module: openldap
- Introduced through: openldap@2.4.40-16.32.amzn1
- Fixed in: 0:2.4.40-16.36.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › openldap@2.4.40-16.32.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream openldap
package and not the openldap
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service.
Remediation
Upgrade Amazon-Linux:2018.03
openldap
to version 0:2.4.40-16.36.amzn1 or higher.
This issue was patched in ALAS-2023-1741
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36226
- https://git.openldap.org/openldap/openldap/-/commit/5a2017d4e61a6ddc4dcb4415028e0d08eb6bca26
- https://git.openldap.org/openldap/openldap/-/commit/c0b61a9486508e5202aa2e0cfb68c9813731b439
- https://git.openldap.org/openldap/openldap/-/commit/554dff1927176579d652f2fe60c90e9abbad4c65
- https://git.openldap.org/openldap/openldap/-/commit/d169e7958a3e0dc70f59c8374bf8a59833b7bdd8
- https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57
- https://bugs.openldap.org/show_bug.cgi?id=9413
- https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html
- https://www.debian.org/security/2021/dsa-4845
- https://security.netapp.com/advisory/ntap-20210226-0002/
- https://support.apple.com/kb/HT212529
- https://support.apple.com/kb/HT212531
- http://seclists.org/fulldisclosure/2021/May/70
- http://seclists.org/fulldisclosure/2021/May/64
- http://seclists.org/fulldisclosure/2021/May/65
- https://support.apple.com/kb/HT212530
- https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
high severity
- Vulnerable module: openldap
- Introduced through: openldap@2.4.40-16.32.amzn1
- Fixed in: 0:2.4.40-16.36.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › openldap@2.4.40-16.32.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream openldap
package and not the openldap
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck).
Remediation
Upgrade Amazon-Linux:2018.03
openldap
to version 0:2.4.40-16.36.amzn1 or higher.
This issue was patched in ALAS-2023-1741
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36221
- https://bugs.openldap.org/show_bug.cgi?id=9404
- https://git.openldap.org/openldap/openldap/-/commit/58c1748e81c843c5b6e61648d2a4d1d82b47e842
- https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57
- https://bugs.openldap.org/show_bug.cgi?id=9424
- https://git.openldap.org/openldap/openldap/-/commit/38ac838e4150c626bbfa0082b7e2cf3a2bb4df31
- https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html
- https://www.debian.org/security/2021/dsa-4845
- https://security.netapp.com/advisory/ntap-20210226-0002/
- https://support.apple.com/kb/HT212529
- https://support.apple.com/kb/HT212531
- http://seclists.org/fulldisclosure/2021/May/70
- http://seclists.org/fulldisclosure/2021/May/64
- http://seclists.org/fulldisclosure/2021/May/65
- https://support.apple.com/kb/HT212530
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
high severity
- Vulnerable module: openldap
- Introduced through: openldap@2.4.40-16.32.amzn1
- Fixed in: 0:2.4.40-16.36.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › openldap@2.4.40-16.32.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream openldap
package and not the openldap
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service.
Remediation
Upgrade Amazon-Linux:2018.03
openldap
to version 0:2.4.40-16.36.amzn1 or higher.
This issue was patched in ALAS-2023-1741
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36228
- https://bugs.openldap.org/show_bug.cgi?id=9427
- https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57
- https://git.openldap.org/openldap/openldap/-/commit/91dccd25c347733b365adc74cb07d074512ed5ad
- https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html
- https://www.debian.org/security/2021/dsa-4845
- https://security.netapp.com/advisory/ntap-20210226-0002/
- https://support.apple.com/kb/HT212529
- http://seclists.org/fulldisclosure/2021/May/70
- http://seclists.org/fulldisclosure/2021/May/64
- http://seclists.org/fulldisclosure/2021/May/65
- https://support.apple.com/kb/HT212530
- https://support.apple.com/kb/HT212531
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
high severity
- Vulnerable module: openldap
- Introduced through: openldap@2.4.40-16.32.amzn1
- Fixed in: 0:2.4.40-16.36.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › openldap@2.4.40-16.32.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream openldap
package and not the openldap
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service.
Remediation
Upgrade Amazon-Linux:2018.03
openldap
to version 0:2.4.40-16.36.amzn1 or higher.
This issue was patched in ALAS-2023-1741
.
References
high severity
- Vulnerable module: openldap
- Introduced through: openldap@2.4.40-16.32.amzn1
- Fixed in: 0:2.4.40-16.36.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › openldap@2.4.40-16.32.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream openldap
package and not the openldap
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read).
Remediation
Upgrade Amazon-Linux:2018.03
openldap
to version 0:2.4.40-16.36.amzn1 or higher.
This issue was patched in ALAS-2023-1741
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36223
- https://bugs.openldap.org/show_bug.cgi?id=9408
- https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57
- https://git.openldap.org/openldap/openldap/-/commit/21981053a1195ae1555e23df4d9ac68d34ede9dd
- https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html
- https://www.debian.org/security/2021/dsa-4845
- https://security.netapp.com/advisory/ntap-20210226-0002/
- https://support.apple.com/kb/HT212529
- https://support.apple.com/kb/HT212531
- http://seclists.org/fulldisclosure/2021/May/70
- http://seclists.org/fulldisclosure/2021/May/64
- http://seclists.org/fulldisclosure/2021/May/65
- https://support.apple.com/kb/HT212530
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
high severity
- Vulnerable module: openldap
- Introduced through: openldap@2.4.40-16.32.amzn1
- Fixed in: 0:2.4.40-16.36.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › openldap@2.4.40-16.32.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream openldap
package and not the openldap
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service.
Remediation
Upgrade Amazon-Linux:2018.03
openldap
to version 0:2.4.40-16.36.amzn1 or higher.
This issue was patched in ALAS-2023-1741
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36222
- https://bugs.openldap.org/show_bug.cgi?id=9407
- https://git.openldap.org/openldap/openldap/-/commit/6ed057b5b728b50746c869bcc9c1f85d0bbbf6ed
- https://bugs.openldap.org/show_bug.cgi?id=9406
- https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57
- https://git.openldap.org/openldap/openldap/-/commit/02dfc32d658fadc25e4040f78e36592f6e1e1ca0
- https://git.openldap.org/openldap/openldap/-/commit/6ed057b5b728b50746c869bcc9c1f85d0bbbf6ed.aa
- https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html
- https://www.debian.org/security/2021/dsa-4845
- https://security.netapp.com/advisory/ntap-20210226-0002/
- https://support.apple.com/kb/HT212529
- https://support.apple.com/kb/HT212531
- http://seclists.org/fulldisclosure/2021/May/70
- http://seclists.org/fulldisclosure/2021/May/64
- http://seclists.org/fulldisclosure/2021/May/65
- https://support.apple.com/kb/HT212530
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
high severity
- Vulnerable module: openldap
- Introduced through: openldap@2.4.40-16.32.amzn1
- Fixed in: 0:2.4.40-16.36.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › openldap@2.4.40-16.32.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream openldap
package and not the openldap
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service.
Remediation
Upgrade Amazon-Linux:2018.03
openldap
to version 0:2.4.40-16.36.amzn1 or higher.
This issue was patched in ALAS-2023-1741
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36230
- https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57
- https://bugs.openldap.org/show_bug.cgi?id=9423
- https://git.openldap.org/openldap/openldap/-/commit/8c1d96ee36ed98b32cd0e28b7069c7b8ea09d793
- https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html
- https://www.debian.org/security/2021/dsa-4845
- https://security.netapp.com/advisory/ntap-20210226-0002/
- https://support.apple.com/kb/HT212529
- https://support.apple.com/kb/HT212531
- http://seclists.org/fulldisclosure/2021/May/70
- http://seclists.org/fulldisclosure/2021/May/64
- http://seclists.org/fulldisclosure/2021/May/65
- https://support.apple.com/kb/HT212530
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
high severity
- Vulnerable module: openldap
- Introduced through: openldap@2.4.40-16.32.amzn1
- Fixed in: 0:2.4.40-16.36.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › openldap@2.4.40-16.32.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream openldap
package and not the openldap
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service.
Remediation
Upgrade Amazon-Linux:2018.03
openldap
to version 0:2.4.40-16.36.amzn1 or higher.
This issue was patched in ALAS-2023-1741
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36224
- https://git.openldap.org/openldap/openldap/-/commit/5a2017d4e61a6ddc4dcb4415028e0d08eb6bca26
- https://bugs.openldap.org/show_bug.cgi?id=9409
- https://git.openldap.org/openldap/openldap/-/commit/c0b61a9486508e5202aa2e0cfb68c9813731b439
- https://git.openldap.org/openldap/openldap/-/commit/554dff1927176579d652f2fe60c90e9abbad4c65
- https://git.openldap.org/openldap/openldap/-/commit/d169e7958a3e0dc70f59c8374bf8a59833b7bdd8
- https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57
- https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html
- https://www.debian.org/security/2021/dsa-4845
- https://security.netapp.com/advisory/ntap-20210226-0002/
- https://support.apple.com/kb/HT212529
- https://support.apple.com/kb/HT212531
- http://seclists.org/fulldisclosure/2021/May/70
- http://seclists.org/fulldisclosure/2021/May/64
- http://seclists.org/fulldisclosure/2021/May/65
- https://support.apple.com/kb/HT212530
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
high severity
- Vulnerable module: openldap
- Introduced through: openldap@2.4.40-16.32.amzn1
- Fixed in: 0:2.4.40-16.36.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › openldap@2.4.40-16.32.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream openldap
package and not the openldap
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service.
Remediation
Upgrade Amazon-Linux:2018.03
openldap
to version 0:2.4.40-16.36.amzn1 or higher.
This issue was patched in ALAS-2023-1741
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36225
- https://git.openldap.org/openldap/openldap/-/commit/5a2017d4e61a6ddc4dcb4415028e0d08eb6bca26
- https://git.openldap.org/openldap/openldap/-/commit/c0b61a9486508e5202aa2e0cfb68c9813731b439
- https://git.openldap.org/openldap/openldap/-/commit/554dff1927176579d652f2fe60c90e9abbad4c65
- https://git.openldap.org/openldap/openldap/-/commit/d169e7958a3e0dc70f59c8374bf8a59833b7bdd8
- https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57
- https://bugs.openldap.org/show_bug.cgi?id=9412
- https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html
- https://www.debian.org/security/2021/dsa-4845
- https://security.netapp.com/advisory/ntap-20210226-0002/
- https://support.apple.com/kb/HT212529
- http://seclists.org/fulldisclosure/2021/May/70
- http://seclists.org/fulldisclosure/2021/May/64
- http://seclists.org/fulldisclosure/2021/May/65
- https://support.apple.com/kb/HT212530
- https://support.apple.com/kb/HT212531
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
high severity
- Vulnerable module: openldap
- Introduced through: openldap@2.4.40-16.32.amzn1
- Fixed in: 0:2.4.40-16.36.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › openldap@2.4.40-16.32.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream openldap
package and not the openldap
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime.
Remediation
Upgrade Amazon-Linux:2018.03
openldap
to version 0:2.4.40-16.36.amzn1 or higher.
This issue was patched in ALAS-2023-1741
.
References
high severity
- Vulnerable module: python27
- Introduced through: python27@2.7.18-2.142.amzn1
- Fixed in: 0:2.7.18-2.145.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › python27@2.7.18-2.142.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream python27
package and not the python27
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.
Remediation
Upgrade Amazon-Linux:2018.03
python27
to version 0:2.7.18-2.145.amzn1 or higher.
This issue was patched in ALAS-2023-1713
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24329
- https://github.com/python/cpython/pull/99421
- https://pointernull.com/security/python-url-parse-problem.html
- https://security.netapp.com/advisory/ntap-20230324-0004/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PEVICI7YNGGMSL3UCMWGE66QFLATH72/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU/
- https://github.com/python/cpython/issues/102153
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RA2MBEEES6L46OD64OBSVUUMGKNGMOWW/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI/
- https://www.kb.cert.org/vuls/id/127587
- https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6PEVICI7YNGGMSL3UCMWGE66QFLATH72/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RA2MBEEES6L46OD64OBSVUUMGKNGMOWW/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU/
high severity
- Vulnerable module: python27
- Introduced through: python27@2.7.18-2.142.amzn1
- Fixed in: 0:2.7.18-2.145.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › python27@2.7.18-2.142.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream python27
package and not the python27
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname. For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. A fix is planned in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16.
Remediation
Upgrade Amazon-Linux:2018.03
python27
to version 0:2.7.18-2.145.amzn1 or higher.
This issue was patched in ALAS-2023-1713
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45061
- https://github.com/python/cpython/issues/98433
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O67LRHDTJWH544KXB6KY4HMHQLYDXFPK/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4WBZJNSALFGMPYTINIF57HAAK46U72WQ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GTPVDZDATRQFE6KAT6B4BQIQ4GRHIIIJ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTN2OOLKYTG34DODUEJGT5MLC2PFGPBA/
- https://security.netapp.com/advisory/ntap-20221209-0007/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB5YCMIRVX35RUB6XPOWKENCVCJEVDRK/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PLQ2BNZVBBAQPV3SPRU24ZD37UYJJS7W/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMDX6IFKLOA3NXUQEV524L5LHTPI2JI/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ORVCQGJCCAVLN4DJDTWGREFCUWXKQRML/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3D5TX4TDJPXHXD2QICKTY3OCQC3JARP/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63FS6VHY4DCS74HBTEINUDOECQ2X6ZCH/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCDJXNBHWXNYUTOEV4H2HCFSRKV3SYL3/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RH57BNT4VQERGEJ5SXNXSVMDYP66YD4H/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YPNWZKXPKTNHS5FVMN7UQZ2UPCSEFJUK/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKWAMPURWUV3DCCT4J7VHRF4NT2CFVBR/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/35YDIWCUMWTMDBWFRAVENFH6BLB65D6S/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B3YI6JYARWU6GULWOHNUROSACT54XFFS/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JTYVESWVBPD57ZJC35G5722Q6TS37WSB/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KNE4GMD45RGC2HWUAAIGTDHT5VJ2E4O4/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UHVW73QZJMHA4MK7JBT7CXX7XSNYQEGF/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2AOUKI72ACV6CHY2QUFO6VK2DNMVJ2MB/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3EJ6J7PXVQOULBQZQGBXCXY6LFF6LZD/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XXZJL3CNAFS5PAIR7K4RL62S3Y7THR7O/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IN26PWZTYG6IF3APLRXQJBVACQHZUPT2/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7WQPHKGNXUJC3TC3BDW5RKGROWRJVSFR/
- https://security.gentoo.org/glsa/202305-02
- https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html
- https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QCKD4AFBHXIMHS64ZER2U7QRT33HNE7L/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BWJREJHWVRBYDP43YB5WRL3QC7UBA7BR/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4MYQ3IV6NWA4CKSXEHW45CH2YNDHEPH/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2AOUKI72ACV6CHY2QUFO6VK2DNMVJ2MB/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/35YDIWCUMWTMDBWFRAVENFH6BLB65D6S/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4WBZJNSALFGMPYTINIF57HAAK46U72WQ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63FS6VHY4DCS74HBTEINUDOECQ2X6ZCH/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WQPHKGNXUJC3TC3BDW5RKGROWRJVSFR/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B3YI6JYARWU6GULWOHNUROSACT54XFFS/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B4MYQ3IV6NWA4CKSXEHW45CH2YNDHEPH/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BWJREJHWVRBYDP43YB5WRL3QC7UBA7BR/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTPVDZDATRQFE6KAT6B4BQIQ4GRHIIIJ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN26PWZTYG6IF3APLRXQJBVACQHZUPT2/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCDJXNBHWXNYUTOEV4H2HCFSRKV3SYL3/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JTYVESWVBPD57ZJC35G5722Q6TS37WSB/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KNE4GMD45RGC2HWUAAIGTDHT5VJ2E4O4/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKWAMPURWUV3DCCT4J7VHRF4NT2CFVBR/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O67LRHDTJWH544KXB6KY4HMHQLYDXFPK/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORVCQGJCCAVLN4DJDTWGREFCUWXKQRML/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PLQ2BNZVBBAQPV3SPRU24ZD37UYJJS7W/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCKD4AFBHXIMHS64ZER2U7QRT33HNE7L/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RH57BNT4VQERGEJ5SXNXSVMDYP66YD4H/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTN2OOLKYTG34DODUEJGT5MLC2PFGPBA/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T3D5TX4TDJPXHXD2QICKTY3OCQC3JARP/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHVW73QZJMHA4MK7JBT7CXX7XSNYQEGF/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMDX6IFKLOA3NXUQEV524L5LHTPI2JI/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3EJ6J7PXVQOULBQZQGBXCXY6LFF6LZD/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XXZJL3CNAFS5PAIR7K4RL62S3Y7THR7O/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPNWZKXPKTNHS5FVMN7UQZ2UPCSEFJUK/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB5YCMIRVX35RUB6XPOWKENCVCJEVDRK/
high severity
- Vulnerable module: python27-libs
- Introduced through: python27-libs@2.7.18-2.142.amzn1
- Fixed in: 0:2.7.18-2.145.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › python27-libs@2.7.18-2.142.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream python27-libs
package and not the python27-libs
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.
Remediation
Upgrade Amazon-Linux:2018.03
python27-libs
to version 0:2.7.18-2.145.amzn1 or higher.
This issue was patched in ALAS-2023-1713
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24329
- https://github.com/python/cpython/pull/99421
- https://pointernull.com/security/python-url-parse-problem.html
- https://security.netapp.com/advisory/ntap-20230324-0004/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PEVICI7YNGGMSL3UCMWGE66QFLATH72/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU/
- https://github.com/python/cpython/issues/102153
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RA2MBEEES6L46OD64OBSVUUMGKNGMOWW/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI/
- https://www.kb.cert.org/vuls/id/127587
- https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6PEVICI7YNGGMSL3UCMWGE66QFLATH72/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RA2MBEEES6L46OD64OBSVUUMGKNGMOWW/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU/
high severity
- Vulnerable module: python27-libs
- Introduced through: python27-libs@2.7.18-2.142.amzn1
- Fixed in: 0:2.7.18-2.145.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › python27-libs@2.7.18-2.142.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream python27-libs
package and not the python27-libs
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname. For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. A fix is planned in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16.
Remediation
Upgrade Amazon-Linux:2018.03
python27-libs
to version 0:2.7.18-2.145.amzn1 or higher.
This issue was patched in ALAS-2023-1713
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45061
- https://github.com/python/cpython/issues/98433
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O67LRHDTJWH544KXB6KY4HMHQLYDXFPK/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4WBZJNSALFGMPYTINIF57HAAK46U72WQ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GTPVDZDATRQFE6KAT6B4BQIQ4GRHIIIJ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTN2OOLKYTG34DODUEJGT5MLC2PFGPBA/
- https://security.netapp.com/advisory/ntap-20221209-0007/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB5YCMIRVX35RUB6XPOWKENCVCJEVDRK/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PLQ2BNZVBBAQPV3SPRU24ZD37UYJJS7W/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMDX6IFKLOA3NXUQEV524L5LHTPI2JI/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ORVCQGJCCAVLN4DJDTWGREFCUWXKQRML/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3D5TX4TDJPXHXD2QICKTY3OCQC3JARP/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63FS6VHY4DCS74HBTEINUDOECQ2X6ZCH/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCDJXNBHWXNYUTOEV4H2HCFSRKV3SYL3/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RH57BNT4VQERGEJ5SXNXSVMDYP66YD4H/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YPNWZKXPKTNHS5FVMN7UQZ2UPCSEFJUK/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKWAMPURWUV3DCCT4J7VHRF4NT2CFVBR/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/35YDIWCUMWTMDBWFRAVENFH6BLB65D6S/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B3YI6JYARWU6GULWOHNUROSACT54XFFS/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JTYVESWVBPD57ZJC35G5722Q6TS37WSB/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KNE4GMD45RGC2HWUAAIGTDHT5VJ2E4O4/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UHVW73QZJMHA4MK7JBT7CXX7XSNYQEGF/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2AOUKI72ACV6CHY2QUFO6VK2DNMVJ2MB/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3EJ6J7PXVQOULBQZQGBXCXY6LFF6LZD/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XXZJL3CNAFS5PAIR7K4RL62S3Y7THR7O/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IN26PWZTYG6IF3APLRXQJBVACQHZUPT2/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7WQPHKGNXUJC3TC3BDW5RKGROWRJVSFR/
- https://security.gentoo.org/glsa/202305-02
- https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html
- https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QCKD4AFBHXIMHS64ZER2U7QRT33HNE7L/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BWJREJHWVRBYDP43YB5WRL3QC7UBA7BR/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4MYQ3IV6NWA4CKSXEHW45CH2YNDHEPH/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2AOUKI72ACV6CHY2QUFO6VK2DNMVJ2MB/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/35YDIWCUMWTMDBWFRAVENFH6BLB65D6S/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4WBZJNSALFGMPYTINIF57HAAK46U72WQ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63FS6VHY4DCS74HBTEINUDOECQ2X6ZCH/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WQPHKGNXUJC3TC3BDW5RKGROWRJVSFR/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B3YI6JYARWU6GULWOHNUROSACT54XFFS/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B4MYQ3IV6NWA4CKSXEHW45CH2YNDHEPH/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BWJREJHWVRBYDP43YB5WRL3QC7UBA7BR/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTPVDZDATRQFE6KAT6B4BQIQ4GRHIIIJ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN26PWZTYG6IF3APLRXQJBVACQHZUPT2/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCDJXNBHWXNYUTOEV4H2HCFSRKV3SYL3/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JTYVESWVBPD57ZJC35G5722Q6TS37WSB/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KNE4GMD45RGC2HWUAAIGTDHT5VJ2E4O4/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKWAMPURWUV3DCCT4J7VHRF4NT2CFVBR/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O67LRHDTJWH544KXB6KY4HMHQLYDXFPK/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORVCQGJCCAVLN4DJDTWGREFCUWXKQRML/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PLQ2BNZVBBAQPV3SPRU24ZD37UYJJS7W/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCKD4AFBHXIMHS64ZER2U7QRT33HNE7L/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RH57BNT4VQERGEJ5SXNXSVMDYP66YD4H/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTN2OOLKYTG34DODUEJGT5MLC2PFGPBA/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T3D5TX4TDJPXHXD2QICKTY3OCQC3JARP/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHVW73QZJMHA4MK7JBT7CXX7XSNYQEGF/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMDX6IFKLOA3NXUQEV524L5LHTPI2JI/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3EJ6J7PXVQOULBQZQGBXCXY6LFF6LZD/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XXZJL3CNAFS5PAIR7K4RL62S3Y7THR7O/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPNWZKXPKTNHS5FVMN7UQZ2UPCSEFJUK/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB5YCMIRVX35RUB6XPOWKENCVCJEVDRK/
high severity
- Vulnerable module: openldap
- Introduced through: openldap@2.4.40-16.32.amzn1
- Fixed in: 0:2.4.40-16.36.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › openldap@2.4.40-16.32.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream openldap
package and not the openldap
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs. After the first SASL bind is completed, the sasl_ssf value is retained for all new non-SASL connections. Depending on the ACL configuration, this can affect different types of operations (searches, modifications, etc.). In other words, a successful authorization step completed by one user affects the authorization requirement for a different user.
Remediation
Upgrade Amazon-Linux:2018.03
openldap
to version 0:2.4.40-16.36.amzn1 or higher.
This issue was patched in ALAS-2023-1741
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13565
- https://www.openldap.org/lists/openldap-announce/201907/msg00001.html
- https://www.openldap.org/its/index.cgi/?findid=9052
- https://usn.ubuntu.com/4078-1/
- https://lists.debian.org/debian-lts-announce/2019/08/msg00024.html
- https://usn.ubuntu.com/4078-2/
- http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html
- http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html
- https://support.f5.com/csp/article/K98008862?utm_source=f5support&utm_medium=RSS
- https://support.apple.com/kb/HT210788
- https://seclists.org/bugtraq/2019/Dec/23
- http://seclists.org/fulldisclosure/2019/Dec/26
- https://www.oracle.com/security-alerts/cpuapr2020.html
- https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
- https://support.f5.com/csp/article/K98008862?utm_source=f5support&%3Butm_medium=RSS
high severity
- Vulnerable module: glib2
- Introduced through: glib2@2.36.3-5.22.amzn1
- Fixed in: 0:2.36.3-5.23.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › glib2@2.36.3-5.22.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream glib2
package and not the glib2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
Rejected reason: Rejected by upstream.
Remediation
Upgrade Amazon-Linux:2018.03
glib2
to version 0:2.36.3-5.23.amzn1 or higher.
This issue was patched in ALAS-2023-1742
.
References
high severity
- Vulnerable module: glib2
- Introduced through: glib2@2.36.3-5.22.amzn1
- Fixed in: 0:2.36.3-5.23.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › glib2@2.36.3-5.22.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream glib2
package and not the glib2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
Rejected reason: Rejected by upstream.
Remediation
Upgrade Amazon-Linux:2018.03
glib2
to version 0:2.36.3-5.23.amzn1 or higher.
This issue was patched in ALAS-2023-1742
.
References
high severity
- Vulnerable module: libxml2
- Introduced through: libxml2@2.9.1-6.4.41.amzn1
- Fixed in: 0:2.9.1-6.6.44.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libxml2@2.9.1-6.4.41.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2
package and not the libxml2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is "I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically can't control when memory allocations fail."
Remediation
Upgrade Amazon-Linux:2018.03
libxml2
to version 0:2.9.1-6.6.44.amzn1 or higher.
This issue was patched in ALAS-2023-1874
.
References
high severity
- Vulnerable module: libxml2-python27
- Introduced through: libxml2-python27@2.9.1-6.4.41.amzn1
- Fixed in: 0:2.9.1-6.6.44.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libxml2-python27@2.9.1-6.4.41.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2-python27
package and not the libxml2-python27
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is "I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically can't control when memory allocations fail."
Remediation
Upgrade Amazon-Linux:2018.03
libxml2-python27
to version 0:2.9.1-6.6.44.amzn1 or higher.
This issue was patched in ALAS-2023-1874
.
References
high severity
- Vulnerable module: glib2
- Introduced through: glib2@2.36.3-5.22.amzn1
- Fixed in: 0:2.36.3-5.23.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › glib2@2.36.3-5.22.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream glib2
package and not the glib2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content from files owned by privileged users to unprivileged ones under the right condition.
Remediation
Upgrade Amazon-Linux:2018.03
glib2
to version 0:2.36.3-5.23.amzn1 or higher.
This issue was patched in ALAS-2023-1742
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3800
- https://access.redhat.com/security/cve/CVE-2021-3800
- https://www.openwall.com/lists/oss-security/2017/06/23/8
- https://gitlab.gnome.org/GNOME/glib/-/commit/3529bb4450a51995
- https://bugzilla.redhat.com/show_bug.cgi?id=1938284
- https://lists.debian.org/debian-lts-announce/2022/09/msg00020.html
- https://security.netapp.com/advisory/ntap-20221028-0004/
high severity
- Vulnerable module: tar
- Introduced through: tar@2:1.26-31.22.amzn1
- Fixed in: 2:1.26-31.23.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › tar@2:1.26-31.22.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream tar
package and not the tar
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.
Remediation
Upgrade Amazon-Linux:2018.03
tar
to version 2:1.26-31.23.amzn1 or higher.
This issue was patched in ALAS-2023-1704
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303
- https://savannah.gnu.org/bugs/?62387
- https://savannah.gnu.org/patch/?10307
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/
high severity
- Vulnerable module: glib2
- Introduced through: glib2@2.36.3-5.22.amzn1
- Fixed in: 0:2.36.3-5.23.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › glib2@2.36.3-5.22.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream glib2
package and not the glib2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an empty file, which could conceivably have security relevance if the symlink is attacker-controlled. (If the path is a symlink to a file that already exists, then the contents of that file correctly remain unchanged.)
Remediation
Upgrade Amazon-Linux:2018.03
glib2
to version 0:2.36.3-5.23.amzn1 or higher.
This issue was patched in ALAS-2023-1742
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28153
- https://gitlab.gnome.org/GNOME/glib/-/issues/2325
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6RXTD5HCP2K4AAUSWWZTBKQNHRCTAEOF/
- https://security.netapp.com/advisory/ntap-20210416-0003/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ICUTQPHZNZWX2DZR46QFLQZRHVMHIILJ/
- https://security.gentoo.org/glsa/202107-13
- https://lists.debian.org/debian-lts-announce/2022/06/msg00006.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6RXTD5HCP2K4AAUSWWZTBKQNHRCTAEOF/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICUTQPHZNZWX2DZR46QFLQZRHVMHIILJ/
high severity
- Vulnerable module: db4
- Introduced through: db4@4.7.25-18.11.amzn1
- Fixed in: 0:4.7.25-22.13.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › db4@4.7.25-18.11.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream db4
package and not the db4
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 might allow local users to gain privileges by leveraging undocumented functionality in Berkeley DB 2.x and later, related to reading settings from DB_CONFIG in the current directory.
Remediation
Upgrade Amazon-Linux:2018.03
db4
to version 0:4.7.25-22.13.amzn1 or higher.
This issue was patched in ALAS-2023-1726
.
References
high severity
- Vulnerable module: db4-utils
- Introduced through: db4-utils@4.7.25-18.11.amzn1
- Fixed in: 0:4.7.25-22.13.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › db4-utils@4.7.25-18.11.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream db4-utils
package and not the db4-utils
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 might allow local users to gain privileges by leveraging undocumented functionality in Berkeley DB 2.x and later, related to reading settings from DB_CONFIG in the current directory.
Remediation
Upgrade Amazon-Linux:2018.03
db4-utils
to version 0:4.7.25-22.13.amzn1 or higher.
This issue was patched in ALAS-2023-1726
.
References
high severity
- Vulnerable module: glib2
- Introduced through: glib2@2.36.3-5.22.amzn1
- Fixed in: 0:2.36.3-5.23.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › glib2@2.36.3-5.22.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream glib2
package and not the glib2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 creates directories using g_file_make_directory_with_parents (kfsb->dir, NULL, NULL) and files using g_file_replace_contents (kfsb->file, contents, length, NULL, FALSE, G_FILE_CREATE_REPLACE_DESTINATION, NULL, NULL, NULL). Consequently, it does not properly restrict directory (and file) permissions. Instead, for directories, 0777 permissions are used; for files, default file permissions are used. This is similar to CVE-2019-12450.
Remediation
Upgrade Amazon-Linux:2018.03
glib2
to version 0:2.36.3-5.23.amzn1 or higher.
This issue was patched in ALAS-2023-1742
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13012
- https://gitlab.gnome.org/GNOME/glib/merge_requests/450
- https://gitlab.gnome.org/GNOME/glib/commit/5e4da714f00f6bfb2ccd6d73d61329c6f3a08429
- https://gitlab.gnome.org/GNOME/glib/issues/1658
- https://usn.ubuntu.com/4049-1/
- https://usn.ubuntu.com/4049-2/
- http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00022.html
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931234#12
- https://lists.debian.org/debian-lts-announce/2019/07/msg00029.html
- https://lists.debian.org/debian-lts-announce/2019/08/msg00004.html
- https://security.netapp.com/advisory/ntap-20190806-0003/
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
high severity
- Vulnerable module: ca-certificates
- Introduced through: ca-certificates@2018.2.22-65.1.28.amzn1
- Fixed in: 0:2018.2.22-65.1.30.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › ca-certificates@2018.2.22-65.1.28.amzn1
NVD Description
This vulnerability has not been analyzed by NVD yet.
Remediation
Upgrade Amazon-Linux:2018.03
ca-certificates
to version 0:2018.2.22-65.1.30.amzn1 or higher.
This issue was patched in ALAS-2023-1795
.
References
medium severity
- Vulnerable module: glib2
- Introduced through: glib2@2.36.3-5.22.amzn1
- Fixed in: 0:2.36.3-5.26.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › glib2@2.36.3-5.22.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream glib2
package and not the glib2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
PCRE before 8.38 mishandles the (?(<digits>) and (?(R<digits>) conditions, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
Remediation
Upgrade Amazon-Linux:2018.03
glib2
to version 0:2.36.3-5.26.amzn1 or higher.
This issue was patched in ALAS-2023-1775
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8394
- http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup
- http://www.openwall.com/lists/oss-security/2015/11/29/1
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731
- http://www.securityfocus.com/bid/82990
- http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html
- https://bto.bluecoat.com/security-advisory/sa128
- https://security.gentoo.org/glsa/201607-02
- https://security.netapp.com/advisory/ntap-20230216-0002/
medium severity
- Vulnerable module: glib2
- Introduced through: glib2@2.36.3-5.22.amzn1
- Fixed in: 0:2.36.3-5.26.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › glib2@2.36.3-5.22.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream glib2
package and not the glib2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
PCRE before 8.38 mishandles the [: and \ substrings in character classes, which allows remote attackers to cause a denial of service (uninitialized memory read) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
Remediation
Upgrade Amazon-Linux:2018.03
glib2
to version 0:2.36.3-5.26.amzn1 or higher.
This issue was patched in ALAS-2023-1775
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8390
- http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup
- http://www.openwall.com/lists/oss-security/2015/11/29/1
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731
- http://www.securityfocus.com/bid/82990
- http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html
- https://bto.bluecoat.com/security-advisory/sa128
- https://security.gentoo.org/glsa/201607-02
- https://security.netapp.com/advisory/ntap-20230216-0002/
medium severity
- Vulnerable module: pcre
- Introduced through: pcre@8.21-7.8.amzn1
- Fixed in: 0:8.21-7.9.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › pcre@8.21-7.8.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream pcre
package and not the pcre
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
PCRE before 8.38 mishandles the (?(<digits>) and (?(R<digits>) conditions, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
Remediation
Upgrade Amazon-Linux:2018.03
pcre
to version 0:8.21-7.9.amzn1 or higher.
This issue was patched in ALAS-2023-1767
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8394
- http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup
- http://www.openwall.com/lists/oss-security/2015/11/29/1
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731
- http://www.securityfocus.com/bid/82990
- http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html
- https://bto.bluecoat.com/security-advisory/sa128
- https://security.gentoo.org/glsa/201607-02
- https://security.netapp.com/advisory/ntap-20230216-0002/
medium severity
- Vulnerable module: pcre
- Introduced through: pcre@8.21-7.8.amzn1
- Fixed in: 0:8.21-7.9.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › pcre@8.21-7.8.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream pcre
package and not the pcre
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
PCRE before 8.38 mishandles the [: and \ substrings in character classes, which allows remote attackers to cause a denial of service (uninitialized memory read) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
Remediation
Upgrade Amazon-Linux:2018.03
pcre
to version 0:8.21-7.9.amzn1 or higher.
This issue was patched in ALAS-2023-1767
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8390
- http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup
- http://www.openwall.com/lists/oss-security/2015/11/29/1
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731
- http://www.securityfocus.com/bid/82990
- http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html
- https://bto.bluecoat.com/security-advisory/sa128
- https://security.gentoo.org/glsa/201607-02
- https://security.netapp.com/advisory/ntap-20230216-0002/
medium severity
- Vulnerable module: libxml2
- Introduced through: libxml2@2.9.1-6.4.41.amzn1
- Fixed in: 0:2.9.1-6.6.42.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libxml2@2.9.1-6.4.41.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2
package and not the libxml2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application availability, with some potential impact to confidentiality and integrity if an attacker is able to use memory information to further exploit the application.
Remediation
Upgrade Amazon-Linux:2018.03
libxml2
to version 0:2.9.1-6.6.42.amzn1 or higher.
This issue was patched in ALAS-2023-1743
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3517
- https://bugzilla.redhat.com/show_bug.cgi?id=1954232
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
- https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
- https://security.netapp.com/advisory/ntap-20210625-0002/
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
- https://security.gentoo.org/glsa/202107-05
- https://www.oracle.com/security-alerts/cpuoct2021.html
- https://security.netapp.com/advisory/ntap-20211022-0004/
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
medium severity
- Vulnerable module: libxml2
- Introduced through: libxml2@2.9.1-6.4.41.amzn1
- Fixed in: 0:2.9.1-6.6.42.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libxml2@2.9.1-6.4.41.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2
package and not the libxml2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability.
Remediation
Upgrade Amazon-Linux:2018.03
libxml2
to version 0:2.9.1-6.6.42.amzn1 or higher.
This issue was patched in ALAS-2023-1743
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3518
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
- https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1954242
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
- https://security.netapp.com/advisory/ntap-20210625-0002/
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
- https://security.gentoo.org/glsa/202107-05
- https://support.apple.com/kb/HT212604
- https://support.apple.com/kb/HT212605
- https://support.apple.com/kb/HT212602
- https://support.apple.com/kb/HT212601
- http://seclists.org/fulldisclosure/2021/Jul/55
- http://seclists.org/fulldisclosure/2021/Jul/54
- http://seclists.org/fulldisclosure/2021/Jul/58
- http://seclists.org/fulldisclosure/2021/Jul/59
- https://www.oracle.com/security-alerts/cpuoct2021.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
medium severity
- Vulnerable module: libxml2-python27
- Introduced through: libxml2-python27@2.9.1-6.4.41.amzn1
- Fixed in: 0:2.9.1-6.6.42.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libxml2-python27@2.9.1-6.4.41.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2-python27
package and not the libxml2-python27
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application availability, with some potential impact to confidentiality and integrity if an attacker is able to use memory information to further exploit the application.
Remediation
Upgrade Amazon-Linux:2018.03
libxml2-python27
to version 0:2.9.1-6.6.42.amzn1 or higher.
This issue was patched in ALAS-2023-1743
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3517
- https://bugzilla.redhat.com/show_bug.cgi?id=1954232
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
- https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
- https://security.netapp.com/advisory/ntap-20210625-0002/
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
- https://security.gentoo.org/glsa/202107-05
- https://www.oracle.com/security-alerts/cpuoct2021.html
- https://security.netapp.com/advisory/ntap-20211022-0004/
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
medium severity
- Vulnerable module: libxml2-python27
- Introduced through: libxml2-python27@2.9.1-6.4.41.amzn1
- Fixed in: 0:2.9.1-6.6.42.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libxml2-python27@2.9.1-6.4.41.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2-python27
package and not the libxml2-python27
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability.
Remediation
Upgrade Amazon-Linux:2018.03
libxml2-python27
to version 0:2.9.1-6.6.42.amzn1 or higher.
This issue was patched in ALAS-2023-1743
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3518
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
- https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1954242
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
- https://security.netapp.com/advisory/ntap-20210625-0002/
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
- https://security.gentoo.org/glsa/202107-05
- https://support.apple.com/kb/HT212604
- https://support.apple.com/kb/HT212605
- https://support.apple.com/kb/HT212602
- https://support.apple.com/kb/HT212601
- http://seclists.org/fulldisclosure/2021/Jul/55
- http://seclists.org/fulldisclosure/2021/Jul/54
- http://seclists.org/fulldisclosure/2021/Jul/58
- http://seclists.org/fulldisclosure/2021/Jul/59
- https://www.oracle.com/security-alerts/cpuoct2021.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
medium severity
- Vulnerable module: libxml2
- Introduced through: libxml2@2.9.1-6.4.41.amzn1
- Fixed in: 0:2.9.1-6.6.42.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libxml2@2.9.1-6.4.41.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2
package and not the libxml2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.
Remediation
Upgrade Amazon-Linux:2018.03
libxml2
to version 0:2.9.1-6.6.42.amzn1 or higher.
This issue was patched in ALAS-2023-1743
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23308
- https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS
- https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LA3MWWAYZADWJ5F6JOUBX65UZAMQB7RF/
- https://security.netapp.com/advisory/ntap-20220331-0008/
- https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html
- https://support.apple.com/kb/HT213253
- https://support.apple.com/kb/HT213255
- https://support.apple.com/kb/HT213256
- https://support.apple.com/kb/HT213257
- https://support.apple.com/kb/HT213258
- https://support.apple.com/kb/HT213254
- http://seclists.org/fulldisclosure/2022/May/33
- http://seclists.org/fulldisclosure/2022/May/35
- http://seclists.org/fulldisclosure/2022/May/34
- http://seclists.org/fulldisclosure/2022/May/37
- http://seclists.org/fulldisclosure/2022/May/36
- http://seclists.org/fulldisclosure/2022/May/38
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://security.gentoo.org/glsa/202210-03
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LA3MWWAYZADWJ5F6JOUBX65UZAMQB7RF/
medium severity
- Vulnerable module: libxml2-python27
- Introduced through: libxml2-python27@2.9.1-6.4.41.amzn1
- Fixed in: 0:2.9.1-6.6.42.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libxml2-python27@2.9.1-6.4.41.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2-python27
package and not the libxml2-python27
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.
Remediation
Upgrade Amazon-Linux:2018.03
libxml2-python27
to version 0:2.9.1-6.6.42.amzn1 or higher.
This issue was patched in ALAS-2023-1743
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23308
- https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS
- https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LA3MWWAYZADWJ5F6JOUBX65UZAMQB7RF/
- https://security.netapp.com/advisory/ntap-20220331-0008/
- https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html
- https://support.apple.com/kb/HT213253
- https://support.apple.com/kb/HT213255
- https://support.apple.com/kb/HT213256
- https://support.apple.com/kb/HT213257
- https://support.apple.com/kb/HT213258
- https://support.apple.com/kb/HT213254
- http://seclists.org/fulldisclosure/2022/May/33
- http://seclists.org/fulldisclosure/2022/May/35
- http://seclists.org/fulldisclosure/2022/May/34
- http://seclists.org/fulldisclosure/2022/May/37
- http://seclists.org/fulldisclosure/2022/May/36
- http://seclists.org/fulldisclosure/2022/May/38
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://security.gentoo.org/glsa/202210-03
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LA3MWWAYZADWJ5F6JOUBX65UZAMQB7RF/
medium severity
- Vulnerable module: libxml2
- Introduced through: libxml2@2.9.1-6.4.41.amzn1
- Fixed in: 0:2.9.1-6.6.42.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libxml2@2.9.1-6.4.41.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2
package and not the libxml2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.
Remediation
Upgrade Amazon-Linux:2018.03
libxml2
to version 0:2.9.1-6.6.42.amzn1 or higher.
This issue was patched in ALAS-2023-1743
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40304
- https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3
- https://gitlab.gnome.org/GNOME/libxml2/-/commit/1b41ec4e9433b05bb0376be4725804c54ef1d80b
- https://gitlab.gnome.org/GNOME/libxml2/-/tags
- https://security.netapp.com/advisory/ntap-20221209-0003/
- https://support.apple.com/kb/HT213534
- https://support.apple.com/kb/HT213535
- https://support.apple.com/kb/HT213536
- https://support.apple.com/kb/HT213531
- https://support.apple.com/kb/HT213533
- http://seclists.org/fulldisclosure/2022/Dec/21
- http://seclists.org/fulldisclosure/2022/Dec/25
- http://seclists.org/fulldisclosure/2022/Dec/24
- http://seclists.org/fulldisclosure/2022/Dec/26
- http://seclists.org/fulldisclosure/2022/Dec/27
medium severity
- Vulnerable module: libxml2
- Introduced through: libxml2@2.9.1-6.4.41.amzn1
- Fixed in: 0:2.9.1-6.6.42.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libxml2@2.9.1-6.4.41.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2
package and not the libxml2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability.
Remediation
Upgrade Amazon-Linux:2018.03
libxml2
to version 0:2.9.1-6.6.42.amzn1 or higher.
This issue was patched in ALAS-2023-1743
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3516
- https://bugzilla.redhat.com/show_bug.cgi?id=1954225
- https://gitlab.gnome.org/GNOME/libxml2/-/commit/1358d157d0bd83be1dfe356a69213df9fac0b539
- https://gitlab.gnome.org/GNOME/libxml2/-/issues/230
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
- https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
- https://security.gentoo.org/glsa/202107-05
- https://security.netapp.com/advisory/ntap-20210716-0005/
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
medium severity
- Vulnerable module: libxml2-python27
- Introduced through: libxml2-python27@2.9.1-6.4.41.amzn1
- Fixed in: 0:2.9.1-6.6.42.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libxml2-python27@2.9.1-6.4.41.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2-python27
package and not the libxml2-python27
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.
Remediation
Upgrade Amazon-Linux:2018.03
libxml2-python27
to version 0:2.9.1-6.6.42.amzn1 or higher.
This issue was patched in ALAS-2023-1743
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40304
- https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3
- https://gitlab.gnome.org/GNOME/libxml2/-/commit/1b41ec4e9433b05bb0376be4725804c54ef1d80b
- https://gitlab.gnome.org/GNOME/libxml2/-/tags
- https://security.netapp.com/advisory/ntap-20221209-0003/
- https://support.apple.com/kb/HT213534
- https://support.apple.com/kb/HT213535
- https://support.apple.com/kb/HT213536
- https://support.apple.com/kb/HT213531
- https://support.apple.com/kb/HT213533
- http://seclists.org/fulldisclosure/2022/Dec/21
- http://seclists.org/fulldisclosure/2022/Dec/25
- http://seclists.org/fulldisclosure/2022/Dec/24
- http://seclists.org/fulldisclosure/2022/Dec/26
- http://seclists.org/fulldisclosure/2022/Dec/27
medium severity
- Vulnerable module: libxml2-python27
- Introduced through: libxml2-python27@2.9.1-6.4.41.amzn1
- Fixed in: 0:2.9.1-6.6.42.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libxml2-python27@2.9.1-6.4.41.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2-python27
package and not the libxml2-python27
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability.
Remediation
Upgrade Amazon-Linux:2018.03
libxml2-python27
to version 0:2.9.1-6.6.42.amzn1 or higher.
This issue was patched in ALAS-2023-1743
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3516
- https://bugzilla.redhat.com/show_bug.cgi?id=1954225
- https://gitlab.gnome.org/GNOME/libxml2/-/commit/1358d157d0bd83be1dfe356a69213df9fac0b539
- https://gitlab.gnome.org/GNOME/libxml2/-/issues/230
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
- https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
- https://security.gentoo.org/glsa/202107-05
- https://security.netapp.com/advisory/ntap-20210716-0005/
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
medium severity
- Vulnerable module: libxml2
- Introduced through: libxml2@2.9.1-6.4.41.amzn1
- Fixed in: 0:2.9.1-6.6.42.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libxml2@2.9.1-6.4.41.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2
package and not the libxml2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name.
Remediation
Upgrade Amazon-Linux:2018.03
libxml2
to version 0:2.9.1-6.6.42.amzn1 or higher.
This issue was patched in ALAS-2023-1743
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16931
- https://github.com/GNOME/libxml2/commit/e26630548e7d138d2c560844c43820b6767251e3
- https://bugzilla.gnome.org/show_bug.cgi?id=766956
- http://xmlsoft.org/news.html
- https://lists.debian.org/debian-lts-announce/2017/11/msg00041.html
- https://www.oracle.com//security-alerts/cpujul2021.html
medium severity
- Vulnerable module: libxml2
- Introduced through: libxml2@2.9.1-6.4.41.amzn1
- Fixed in: 0:2.9.1-6.6.42.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libxml2@2.9.1-6.4.41.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2
package and not the libxml2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.
Remediation
Upgrade Amazon-Linux:2018.03
libxml2
to version 0:2.9.1-6.6.42.amzn1 or higher.
This issue was patched in ALAS-2023-1743
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40303
- https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0
- https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3
- https://security.netapp.com/advisory/ntap-20221209-0003/
- https://support.apple.com/kb/HT213534
- https://support.apple.com/kb/HT213535
- https://support.apple.com/kb/HT213536
- https://support.apple.com/kb/HT213531
- https://support.apple.com/kb/HT213533
- http://seclists.org/fulldisclosure/2022/Dec/26
- http://seclists.org/fulldisclosure/2022/Dec/21
- http://seclists.org/fulldisclosure/2022/Dec/25
- http://seclists.org/fulldisclosure/2022/Dec/24
- http://seclists.org/fulldisclosure/2022/Dec/27
medium severity
- Vulnerable module: libxml2
- Introduced through: libxml2@2.9.1-6.4.41.amzn1
- Fixed in: 0:2.9.1-6.6.42.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libxml2@2.9.1-6.4.41.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2
package and not the libxml2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability.
Remediation
Upgrade Amazon-Linux:2018.03
libxml2
to version 0:2.9.1-6.6.42.amzn1 or higher.
This issue was patched in ALAS-2023-1743
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3537
- https://bugzilla.redhat.com/show_bug.cgi?id=1956522
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
- https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
- https://security.netapp.com/advisory/ntap-20210625-0002/
- https://security.gentoo.org/glsa/202107-05
- https://www.oracle.com/security-alerts/cpuoct2021.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
medium severity
- Vulnerable module: libxml2-python27
- Introduced through: libxml2-python27@2.9.1-6.4.41.amzn1
- Fixed in: 0:2.9.1-6.6.42.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libxml2-python27@2.9.1-6.4.41.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2-python27
package and not the libxml2-python27
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name.
Remediation
Upgrade Amazon-Linux:2018.03
libxml2-python27
to version 0:2.9.1-6.6.42.amzn1 or higher.
This issue was patched in ALAS-2023-1743
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16931
- https://github.com/GNOME/libxml2/commit/e26630548e7d138d2c560844c43820b6767251e3
- https://bugzilla.gnome.org/show_bug.cgi?id=766956
- http://xmlsoft.org/news.html
- https://lists.debian.org/debian-lts-announce/2017/11/msg00041.html
- https://www.oracle.com//security-alerts/cpujul2021.html
medium severity
- Vulnerable module: libxml2-python27
- Introduced through: libxml2-python27@2.9.1-6.4.41.amzn1
- Fixed in: 0:2.9.1-6.6.42.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libxml2-python27@2.9.1-6.4.41.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2-python27
package and not the libxml2-python27
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.
Remediation
Upgrade Amazon-Linux:2018.03
libxml2-python27
to version 0:2.9.1-6.6.42.amzn1 or higher.
This issue was patched in ALAS-2023-1743
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40303
- https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0
- https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3
- https://security.netapp.com/advisory/ntap-20221209-0003/
- https://support.apple.com/kb/HT213534
- https://support.apple.com/kb/HT213535
- https://support.apple.com/kb/HT213536
- https://support.apple.com/kb/HT213531
- https://support.apple.com/kb/HT213533
- http://seclists.org/fulldisclosure/2022/Dec/26
- http://seclists.org/fulldisclosure/2022/Dec/21
- http://seclists.org/fulldisclosure/2022/Dec/25
- http://seclists.org/fulldisclosure/2022/Dec/24
- http://seclists.org/fulldisclosure/2022/Dec/27
medium severity
- Vulnerable module: libxml2-python27
- Introduced through: libxml2-python27@2.9.1-6.4.41.amzn1
- Fixed in: 0:2.9.1-6.6.42.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libxml2-python27@2.9.1-6.4.41.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2-python27
package and not the libxml2-python27
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability.
Remediation
Upgrade Amazon-Linux:2018.03
libxml2-python27
to version 0:2.9.1-6.6.42.amzn1 or higher.
This issue was patched in ALAS-2023-1743
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3537
- https://bugzilla.redhat.com/show_bug.cgi?id=1956522
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
- https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
- https://security.netapp.com/advisory/ntap-20210625-0002/
- https://security.gentoo.org/glsa/202107-05
- https://www.oracle.com/security-alerts/cpuoct2021.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
medium severity
- Vulnerable module: libxml2
- Introduced through: libxml2@2.9.1-6.4.41.amzn1
- Fixed in: 0:2.9.1-6.6.42.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libxml2@2.9.1-6.4.41.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2
package and not the libxml2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well.
Remediation
Upgrade Amazon-Linux:2018.03
libxml2
to version 0:2.9.1-6.6.42.amzn1 or higher.
This issue was patched in ALAS-2023-1743
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824
- https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14
- https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd
- https://gitlab.gnome.org/GNOME/libxslt/-/tags
- https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5363EDV5VHZ5C77ODA43RYDCPMA7ARM/
- https://lists.debian.org/debian-lts-announce/2022/05/msg00023.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3NVZVWFRBXBI3AKZZWUWY6INQQPQVSF/
- https://www.debian.org/security/2022/dsa-5142
- http://packetstormsecurity.com/files/167345/libxml2-xmlBufAdd-Heap-Buffer-Overflow.html
- https://security.netapp.com/advisory/ntap-20220715-0006/
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://security.gentoo.org/glsa/202210-03
- http://packetstormsecurity.com/files/169825/libxml2-xmlParseNameComplex-Integer-Overflow.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P3NVZVWFRBXBI3AKZZWUWY6INQQPQVSF/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P5363EDV5VHZ5C77ODA43RYDCPMA7ARM/
medium severity
- Vulnerable module: libxml2-python27
- Introduced through: libxml2-python27@2.9.1-6.4.41.amzn1
- Fixed in: 0:2.9.1-6.6.42.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libxml2-python27@2.9.1-6.4.41.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2-python27
package and not the libxml2-python27
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well.
Remediation
Upgrade Amazon-Linux:2018.03
libxml2-python27
to version 0:2.9.1-6.6.42.amzn1 or higher.
This issue was patched in ALAS-2023-1743
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824
- https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14
- https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd
- https://gitlab.gnome.org/GNOME/libxslt/-/tags
- https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5363EDV5VHZ5C77ODA43RYDCPMA7ARM/
- https://lists.debian.org/debian-lts-announce/2022/05/msg00023.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3NVZVWFRBXBI3AKZZWUWY6INQQPQVSF/
- https://www.debian.org/security/2022/dsa-5142
- http://packetstormsecurity.com/files/167345/libxml2-xmlBufAdd-Heap-Buffer-Overflow.html
- https://security.netapp.com/advisory/ntap-20220715-0006/
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://security.gentoo.org/glsa/202210-03
- http://packetstormsecurity.com/files/169825/libxml2-xmlParseNameComplex-Integer-Overflow.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P3NVZVWFRBXBI3AKZZWUWY6INQQPQVSF/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P5363EDV5VHZ5C77ODA43RYDCPMA7ARM/
medium severity
- Vulnerable module: openldap
- Introduced through: openldap@2.4.40-16.32.amzn1
- Fixed in: 0:2.4.40-16.37.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › openldap@2.4.40-16.32.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream openldap
package and not the openldap
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.
Remediation
Upgrade Amazon-Linux:2018.03
openldap
to version 0:2.4.40-16.37.amzn1 or higher.
This issue was patched in ALAS-2023-1804
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953
- https://access.redhat.com/security/cve/CVE-2023-2953
- https://bugs.openldap.org/show_bug.cgi?id=9904
- https://security.netapp.com/advisory/ntap-20230703-0005/
- https://support.apple.com/kb/HT213843
- https://support.apple.com/kb/HT213844
- https://support.apple.com/kb/HT213845
- http://seclists.org/fulldisclosure/2023/Jul/47
- http://seclists.org/fulldisclosure/2023/Jul/48
- http://seclists.org/fulldisclosure/2023/Jul/52
medium severity
- Vulnerable module: curl
- Introduced through: curl@7.61.1-12.101.amzn1
- Fixed in: 0:7.61.1-12.104.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › curl@7.61.1-12.101.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream curl
package and not the curl
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this "decompression chain" wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The use of such a decompression chain could result in a "malloc bomb", making curl end up spending enormous amounts of allocated heap memory, or trying to and returning out of memory errors.
Remediation
Upgrade Amazon-Linux:2018.03
curl
to version 0:7.61.1-12.104.amzn1 or higher.
This issue was patched in ALAS-2023-1729
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23916
- https://hackerone.com/reports/1826048
- https://lists.debian.org/debian-lts-announce/2023/02/msg00035.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BQKE6TXYDHOTFHLTBZ5X73GTKI7II5KO/
- https://www.debian.org/security/2023/dsa-5365
- https://security.netapp.com/advisory/ntap-20230309-0006/
- https://security.gentoo.org/glsa/202310-12
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQKE6TXYDHOTFHLTBZ5X73GTKI7II5KO/
medium severity
- Vulnerable module: expat
- Introduced through: expat@2.1.0-15.33.amzn1
- Fixed in: 0:2.1.0-15.34.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › expat@2.1.0-15.33.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream expat
package and not the expat
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.
Remediation
Upgrade Amazon-Linux:2018.03
expat
to version 0:2.1.0-15.34.amzn1 or higher.
This issue was patched in ALAS-2023-1882
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
- https://github.com/libexpat/libexpat/pull/551
- https://www.tenable.com/security/tns-2022-05
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7FF2UH7MPXKTADYSJUAHI2Y5UHBSHUH/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/34NXVL2RZC2YZRV74ZQ3RNFB7WCEUP7D/
- https://www.debian.org/security/2022/dsa-5073
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
- https://security.gentoo.org/glsa/202209-24
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/34NXVL2RZC2YZRV74ZQ3RNFB7WCEUP7D/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R7FF2UH7MPXKTADYSJUAHI2Y5UHBSHUH/
medium severity
- Vulnerable module: krb5-libs
- Introduced through: krb5-libs@1.15.1-55.51.amzn1
- Fixed in: 0:1.15.1-55.52.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › krb5-libs@1.15.1-55.51.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream krb5-libs
package and not the krb5-libs
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.
Remediation
Upgrade Amazon-Linux:2018.03
krb5-libs
to version 0:1.15.1-55.52.amzn1 or higher.
This issue was patched in ALAS-2023-1818
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36054
- https://github.com/krb5/krb5/commit/ef08b09c9459551aabbe7924fb176f1583053cdd
- https://github.com/krb5/krb5/compare/krb5-1.20.1-final...krb5-1.20.2-final
- https://github.com/krb5/krb5/compare/krb5-1.21-final...krb5-1.21.1-final
- https://web.mit.edu/kerberos/www/advisories/
- https://security.netapp.com/advisory/ntap-20230908-0004/
- https://lists.debian.org/debian-lts-announce/2023/10/msg00031.html
medium severity
- Vulnerable module: libcurl
- Introduced through: libcurl@7.61.1-12.101.amzn1
- Fixed in: 0:7.61.1-12.104.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libcurl@7.61.1-12.101.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libcurl
package and not the libcurl
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this "decompression chain" wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The use of such a decompression chain could result in a "malloc bomb", making curl end up spending enormous amounts of allocated heap memory, or trying to and returning out of memory errors.
Remediation
Upgrade Amazon-Linux:2018.03
libcurl
to version 0:7.61.1-12.104.amzn1 or higher.
This issue was patched in ALAS-2023-1729
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23916
- https://hackerone.com/reports/1826048
- https://lists.debian.org/debian-lts-announce/2023/02/msg00035.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BQKE6TXYDHOTFHLTBZ5X73GTKI7II5KO/
- https://www.debian.org/security/2023/dsa-5365
- https://security.netapp.com/advisory/ntap-20230309-0006/
- https://security.gentoo.org/glsa/202310-12
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQKE6TXYDHOTFHLTBZ5X73GTKI7II5KO/
medium severity
- Vulnerable module: libxml2
- Introduced through: libxml2@2.9.1-6.4.41.amzn1
- Fixed in: 0:2.9.1-6.6.42.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libxml2@2.9.1-6.4.41.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2
package and not the libxml2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.
Remediation
Upgrade Amazon-Linux:2018.03
libxml2
to version 0:2.9.1-6.6.42.amzn1 or higher.
This issue was patched in ALAS-2023-1743
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24977
- https://gitlab.gnome.org/GNOME/libxml2/-/issues/178
- https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html
- http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00036.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NQ5GTDYOVH26PBCPYXXMGW5ZZXWMGZC/
- http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00061.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7MEWYKIKMV2SKMGH4IDWVU3ZGJXBCPQ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H3IQ7OQXBKWD3YP7HO6KCNOMLE5ZO2IR/
- https://security.netapp.com/advisory/ntap-20200924-0001/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7KQXOHIE3MNY3VQXEN7LDQUJNIHOVHAW/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCHXIWR5DHYO3RSO7RAHEC6VJKXD2EH2/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J3ICASXZI2UQYFJAOQWHSTNWGED3VXOE/
- https://gitlab.gnome.org/GNOME/libxml2/-/commit/50f06b3efb638efb0abd95dc62dca05ae67882c2
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ENEHQIBMSI6TZVS35Y6I4FCTYUQDLJVP/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RIQAMBA2IJUTQG5VOP5LZVIZRNCKXHEQ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KTUAGDLEHTH6HU66HBFAFTSQ3OKRAN3/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/674LQPJO2P2XTBTREFR5LOZMBTZ4PZAY/
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
- https://security.gentoo.org/glsa/202107-05
- https://www.oracle.com/security-alerts/cpuoct2021.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2NQ5GTDYOVH26PBCPYXXMGW5ZZXWMGZC/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5KTUAGDLEHTH6HU66HBFAFTSQ3OKRAN3/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/674LQPJO2P2XTBTREFR5LOZMBTZ4PZAY/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7KQXOHIE3MNY3VQXEN7LDQUJNIHOVHAW/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ENEHQIBMSI6TZVS35Y6I4FCTYUQDLJVP/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H3IQ7OQXBKWD3YP7HO6KCNOMLE5ZO2IR/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J3ICASXZI2UQYFJAOQWHSTNWGED3VXOE/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCHXIWR5DHYO3RSO7RAHEC6VJKXD2EH2/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O7MEWYKIKMV2SKMGH4IDWVU3ZGJXBCPQ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RIQAMBA2IJUTQG5VOP5LZVIZRNCKXHEQ/
medium severity
- Vulnerable module: libxml2
- Introduced through: libxml2@2.9.1-6.4.41.amzn1
- Fixed in: 0:2.9.1-6.6.43.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libxml2@2.9.1-6.4.41.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2
package and not the libxml2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file. NOTE: the vendor's position is that the product does not support the legacy SAX1 interface with custom callbacks; there is a crash even without crafted input.
Remediation
Upgrade Amazon-Linux:2018.03
libxml2
to version 0:2.9.1-6.6.43.amzn1 or higher.
This issue was patched in ALAS-2023-1841
.
References
medium severity
- Vulnerable module: libxml2
- Introduced through: libxml2@2.9.1-6.4.41.amzn1
- Fixed in: 0:2.9.1-6.6.42.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libxml2@2.9.1-6.4.41.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2
package and not the libxml2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.
Remediation
Upgrade Amazon-Linux:2018.03
libxml2
to version 0:2.9.1-6.6.42.amzn1 or higher.
This issue was patched in ALAS-2023-1743
.
References
medium severity
- Vulnerable module: libxml2-python27
- Introduced through: libxml2-python27@2.9.1-6.4.41.amzn1
- Fixed in: 0:2.9.1-6.6.42.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libxml2-python27@2.9.1-6.4.41.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2-python27
package and not the libxml2-python27
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.
Remediation
Upgrade Amazon-Linux:2018.03
libxml2-python27
to version 0:2.9.1-6.6.42.amzn1 or higher.
This issue was patched in ALAS-2023-1743
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24977
- https://gitlab.gnome.org/GNOME/libxml2/-/issues/178
- https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html
- http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00036.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NQ5GTDYOVH26PBCPYXXMGW5ZZXWMGZC/
- http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00061.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7MEWYKIKMV2SKMGH4IDWVU3ZGJXBCPQ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H3IQ7OQXBKWD3YP7HO6KCNOMLE5ZO2IR/
- https://security.netapp.com/advisory/ntap-20200924-0001/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7KQXOHIE3MNY3VQXEN7LDQUJNIHOVHAW/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCHXIWR5DHYO3RSO7RAHEC6VJKXD2EH2/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J3ICASXZI2UQYFJAOQWHSTNWGED3VXOE/
- https://gitlab.gnome.org/GNOME/libxml2/-/commit/50f06b3efb638efb0abd95dc62dca05ae67882c2
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ENEHQIBMSI6TZVS35Y6I4FCTYUQDLJVP/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RIQAMBA2IJUTQG5VOP5LZVIZRNCKXHEQ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KTUAGDLEHTH6HU66HBFAFTSQ3OKRAN3/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/674LQPJO2P2XTBTREFR5LOZMBTZ4PZAY/
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
- https://security.gentoo.org/glsa/202107-05
- https://www.oracle.com/security-alerts/cpuoct2021.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2NQ5GTDYOVH26PBCPYXXMGW5ZZXWMGZC/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5KTUAGDLEHTH6HU66HBFAFTSQ3OKRAN3/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/674LQPJO2P2XTBTREFR5LOZMBTZ4PZAY/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7KQXOHIE3MNY3VQXEN7LDQUJNIHOVHAW/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ENEHQIBMSI6TZVS35Y6I4FCTYUQDLJVP/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H3IQ7OQXBKWD3YP7HO6KCNOMLE5ZO2IR/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J3ICASXZI2UQYFJAOQWHSTNWGED3VXOE/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCHXIWR5DHYO3RSO7RAHEC6VJKXD2EH2/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O7MEWYKIKMV2SKMGH4IDWVU3ZGJXBCPQ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RIQAMBA2IJUTQG5VOP5LZVIZRNCKXHEQ/
medium severity
- Vulnerable module: libxml2-python27
- Introduced through: libxml2-python27@2.9.1-6.4.41.amzn1
- Fixed in: 0:2.9.1-6.6.43.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libxml2-python27@2.9.1-6.4.41.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2-python27
package and not the libxml2-python27
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file. NOTE: the vendor's position is that the product does not support the legacy SAX1 interface with custom callbacks; there is a crash even without crafted input.
Remediation
Upgrade Amazon-Linux:2018.03
libxml2-python27
to version 0:2.9.1-6.6.43.amzn1 or higher.
This issue was patched in ALAS-2023-1841
.
References
medium severity
- Vulnerable module: libxml2-python27
- Introduced through: libxml2-python27@2.9.1-6.4.41.amzn1
- Fixed in: 0:2.9.1-6.6.42.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libxml2-python27@2.9.1-6.4.41.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2-python27
package and not the libxml2-python27
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.
Remediation
Upgrade Amazon-Linux:2018.03
libxml2-python27
to version 0:2.9.1-6.6.42.amzn1 or higher.
This issue was patched in ALAS-2023-1743
.
References
medium severity
- Vulnerable module: nss-softokn
- Introduced through: nss-softokn@3.53.1-6.46.amzn1
- Fixed in: 0:3.53.1-6.48.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › nss-softokn@3.53.1-6.46.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream nss-softokn
package and not the nss-softokn
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
The NSS code used for checking PKCS#1 v1.5 was leaking information useful in mounting Bleichenbacher-like attacks. Both the overall correctness of the padding as well as the length of the encrypted message was leaking through timing side-channel. By sending large number of attacker-selected ciphertexts, the attacker would be able to decrypt a previously intercepted PKCS#1 v1.5 ciphertext (for example, to decrypt a TLS session that used RSA key exchange), or forge a signature using the victim's key. The issue was fixed by implementing the implicit rejection algorithm, in which the NSS returns a deterministic random message in case invalid padding is detected, as proposed in the Marvin Attack paper. This vulnerability affects NSS < 3.61.
Remediation
Upgrade Amazon-Linux:2018.03
nss-softokn
to version 0:3.53.1-6.48.amzn1 or higher.
This issue was patched in ALAS-2023-1858
.
References
medium severity
- Vulnerable module: nss-softokn
- Introduced through: nss-softokn@3.53.1-6.46.amzn1
- Fixed in: 0:3.53.1-6.49.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › nss-softokn@3.53.1-6.46.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream nss-softokn
package and not the nss-softokn
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
Remediation
Upgrade Amazon-Linux:2018.03
nss-softokn
to version 0:3.53.1-6.49.amzn1 or higher.
This issue was patched in ALAS-2024-1907
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5388
- https://bugzilla.mozilla.org/show_bug.cgi?id=1780432
- https://www.mozilla.org/security/advisories/mfsa2024-12/
- https://www.mozilla.org/security/advisories/mfsa2024-13/
- https://www.mozilla.org/security/advisories/mfsa2024-14/
- https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html
medium severity
- Vulnerable module: nss-softokn-freebl
- Introduced through: nss-softokn-freebl@3.53.1-6.46.amzn1
- Fixed in: 0:3.53.1-6.48.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › nss-softokn-freebl@3.53.1-6.46.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream nss-softokn-freebl
package and not the nss-softokn-freebl
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
The NSS code used for checking PKCS#1 v1.5 was leaking information useful in mounting Bleichenbacher-like attacks. Both the overall correctness of the padding as well as the length of the encrypted message was leaking through timing side-channel. By sending large number of attacker-selected ciphertexts, the attacker would be able to decrypt a previously intercepted PKCS#1 v1.5 ciphertext (for example, to decrypt a TLS session that used RSA key exchange), or forge a signature using the victim's key. The issue was fixed by implementing the implicit rejection algorithm, in which the NSS returns a deterministic random message in case invalid padding is detected, as proposed in the Marvin Attack paper. This vulnerability affects NSS < 3.61.
Remediation
Upgrade Amazon-Linux:2018.03
nss-softokn-freebl
to version 0:3.53.1-6.48.amzn1 or higher.
This issue was patched in ALAS-2023-1858
.
References
medium severity
- Vulnerable module: nss-softokn-freebl
- Introduced through: nss-softokn-freebl@3.53.1-6.46.amzn1
- Fixed in: 0:3.53.1-6.49.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › nss-softokn-freebl@3.53.1-6.46.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream nss-softokn-freebl
package and not the nss-softokn-freebl
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
Remediation
Upgrade Amazon-Linux:2018.03
nss-softokn-freebl
to version 0:3.53.1-6.49.amzn1 or higher.
This issue was patched in ALAS-2024-1907
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5388
- https://bugzilla.mozilla.org/show_bug.cgi?id=1780432
- https://www.mozilla.org/security/advisories/mfsa2024-12/
- https://www.mozilla.org/security/advisories/mfsa2024-13/
- https://www.mozilla.org/security/advisories/mfsa2024-14/
- https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html
medium severity
- Vulnerable module: openssl
- Introduced through: openssl@1:1.0.2k-16.162.amzn1
- Fixed in: 1:1.0.2k-16.163.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › openssl@1:1.0.2k-16.162.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream openssl
package and not the openssl
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow.
Impact summary: Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience notable to very long delays when processing those messages, which may lead to a Denial of Service.
An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - most of which have no size limit. OBJ_obj2txt() may be used to translate an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL type ASN1_OBJECT) to its canonical numeric text form, which are the sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by periods.
When one of the sub-identifiers in the OBJECT IDENTIFIER is very large (these are sizes that are seen as absurdly large, taking up tens or hundreds of KiBs), the translation to a decimal number in text may take a very long time. The time complexity is O(n^2) with 'n' being the size of the sub-identifiers in bytes (*).
With OpenSSL 3.0, support to fetch cryptographic algorithms using names / identifiers in string form was introduced. This includes using OBJECT IDENTIFIERs in canonical numeric text form as identifiers for fetching algorithms.
Such OBJECT IDENTIFIERs may be received through the ASN.1 structure AlgorithmIdentifier, which is commonly used in multiple protocols to specify what cryptographic algorithm should be used to sign or verify, encrypt or decrypt, or digest passed data.
Applications that call OBJ_obj2txt() directly with untrusted data are affected, with any version of OpenSSL. If the use is for the mere purpose of display, the severity is considered low.
In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 certificates, including simple things like verifying its signature.
The impact on TLS is relatively low, because all versions of OpenSSL have a 100KiB limit on the peer's certificate chain. Additionally, this only impacts clients, or servers that have explicitly enabled client authentication.
In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, such as X.509 certificates. This is assumed to not happen in such a way that it would cause a Denial of Service, so these versions are considered not affected by this issue in such a way that it would be cause for concern, and the severity is therefore considered low.
Remediation
Upgrade Amazon-Linux:2018.03
openssl
to version 1:1.0.2k-16.163.amzn1 or higher.
This issue was patched in ALAS-2023-1762
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a
- https://www.openssl.org/news/secadv/20230530.txt
- http://www.openwall.com/lists/oss-security/2023/05/30/1
- https://www.debian.org/security/2023/dsa-5417
- https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009
- https://security.netapp.com/advisory/ntap-20230703-0001/
- https://security.netapp.com/advisory/ntap-20231027-0009/
- https://security.gentoo.org/glsa/202402-08
medium severity
- Vulnerable module: curl
- Introduced through: curl@7.61.1-12.101.amzn1
- Fixed in: 0:7.61.1-12.105.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › curl@7.61.1-12.101.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream curl
package and not the curl
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information.
Remediation
Upgrade Amazon-Linux:2018.03
curl
to version 0:7.61.1-12.105.amzn1 or higher.
This issue was patched in ALAS-2023-1727
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27535
- https://hackerone.com/reports/1892780
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
- https://security.netapp.com/advisory/ntap-20230420-0010/
- https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html
- https://security.gentoo.org/glsa/202310-12
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
medium severity
- Vulnerable module: curl
- Introduced through: curl@7.61.1-12.101.amzn1
- Fixed in: 0:7.61.1-12.105.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › curl@7.61.1-12.101.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream curl
package and not the curl
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed.
Remediation
Upgrade Amazon-Linux:2018.03
curl
to version 0:7.61.1-12.105.amzn1 or higher.
This issue was patched in ALAS-2023-1727
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27536
- https://hackerone.com/reports/1895135
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
- https://security.netapp.com/advisory/ntap-20230420-0010/
- https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html
- https://security.gentoo.org/glsa/202310-12
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
medium severity
- Vulnerable module: curl
- Introduced through: curl@7.61.1-12.101.amzn1
- Fixed in: 0:7.61.1-12.104.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › curl@7.61.1-12.101.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream curl
package and not the curl
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
A use after free vulnerability exists in curl <7.87.0. Curl can be asked to tunnel virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocated struct after it had been freed, in its transfer shutdown code path.
Remediation
Upgrade Amazon-Linux:2018.03
curl
to version 0:7.61.1-12.104.amzn1 or higher.
This issue was patched in ALAS-2023-1729
.
References
medium severity
- Vulnerable module: libcurl
- Introduced through: libcurl@7.61.1-12.101.amzn1
- Fixed in: 0:7.61.1-12.105.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libcurl@7.61.1-12.101.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libcurl
package and not the libcurl
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information.
Remediation
Upgrade Amazon-Linux:2018.03
libcurl
to version 0:7.61.1-12.105.amzn1 or higher.
This issue was patched in ALAS-2023-1727
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27535
- https://hackerone.com/reports/1892780
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
- https://security.netapp.com/advisory/ntap-20230420-0010/
- https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html
- https://security.gentoo.org/glsa/202310-12
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
medium severity
- Vulnerable module: libcurl
- Introduced through: libcurl@7.61.1-12.101.amzn1
- Fixed in: 0:7.61.1-12.105.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libcurl@7.61.1-12.101.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libcurl
package and not the libcurl
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed.
Remediation
Upgrade Amazon-Linux:2018.03
libcurl
to version 0:7.61.1-12.105.amzn1 or higher.
This issue was patched in ALAS-2023-1727
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27536
- https://hackerone.com/reports/1895135
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
- https://security.netapp.com/advisory/ntap-20230420-0010/
- https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html
- https://security.gentoo.org/glsa/202310-12
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
medium severity
- Vulnerable module: libcurl
- Introduced through: libcurl@7.61.1-12.101.amzn1
- Fixed in: 0:7.61.1-12.104.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libcurl@7.61.1-12.101.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libcurl
package and not the libcurl
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
A use after free vulnerability exists in curl <7.87.0. Curl can be asked to tunnel virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocated struct after it had been freed, in its transfer shutdown code path.
Remediation
Upgrade Amazon-Linux:2018.03
libcurl
to version 0:7.61.1-12.104.amzn1 or higher.
This issue was patched in ALAS-2023-1729
.
References
medium severity
- Vulnerable module: libxml2
- Introduced through: libxml2@2.9.1-6.4.41.amzn1
- Fixed in: 0:2.9.1-6.6.42.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libxml2@2.9.1-6.4.41.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2
package and not the libxml2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\0' value).
Remediation
Upgrade Amazon-Linux:2018.03
libxml2
to version 0:2.9.1-6.6.42.amzn1 or higher.
This issue was patched in ALAS-2023-1743
.
References
medium severity
- Vulnerable module: libxml2
- Introduced through: libxml2@2.9.1-6.4.41.amzn1
- Fixed in: 0:2.9.1-6.6.42.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libxml2@2.9.1-6.4.41.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2
package and not the libxml2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c.
Remediation
Upgrade Amazon-Linux:2018.03
libxml2
to version 0:2.9.1-6.6.42.amzn1 or higher.
This issue was patched in ALAS-2023-1743
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28484
- https://gitlab.gnome.org/GNOME/libxml2/-/issues/491
- https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.4
- https://lists.debian.org/debian-lts-announce/2023/04/msg00031.html
- https://security.netapp.com/advisory/ntap-20230601-0006/
- https://security.netapp.com/advisory/ntap-20240201-0005/
medium severity
- Vulnerable module: libxml2-python27
- Introduced through: libxml2-python27@2.9.1-6.4.41.amzn1
- Fixed in: 0:2.9.1-6.6.42.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libxml2-python27@2.9.1-6.4.41.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2-python27
package and not the libxml2-python27
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c.
Remediation
Upgrade Amazon-Linux:2018.03
libxml2-python27
to version 0:2.9.1-6.6.42.amzn1 or higher.
This issue was patched in ALAS-2023-1743
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28484
- https://gitlab.gnome.org/GNOME/libxml2/-/issues/491
- https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.4
- https://lists.debian.org/debian-lts-announce/2023/04/msg00031.html
- https://security.netapp.com/advisory/ntap-20230601-0006/
- https://security.netapp.com/advisory/ntap-20240201-0005/
medium severity
- Vulnerable module: libxml2-python27
- Introduced through: libxml2-python27@2.9.1-6.4.41.amzn1
- Fixed in: 0:2.9.1-6.6.42.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libxml2-python27@2.9.1-6.4.41.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libxml2-python27
package and not the libxml2-python27
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\0' value).
Remediation
Upgrade Amazon-Linux:2018.03
libxml2-python27
to version 0:2.9.1-6.6.42.amzn1 or higher.
This issue was patched in ALAS-2023-1743
.
References
medium severity
- Vulnerable module: openssl
- Introduced through: openssl@1:1.0.2k-16.162.amzn1
- Fixed in: 1:1.0.2k-16.163.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › openssl@1:1.0.2k-16.162.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream openssl
package and not the openssl
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
A security vulnerability has been identified in all supported versions
of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems.
Policy processing is disabled by default but can be enabled by passing
the -policy' argument to the command line utilities or by calling the
X509_VERIFY_PARAM_set1_policies()' function.
Remediation
Upgrade Amazon-Linux:2018.03
openssl
to version 1:1.0.2k-16.163.amzn1 or higher.
This issue was patched in ALAS-2023-1762
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1
- https://www.openssl.org/news/secadv/20230322.txt
- https://www.debian.org/security/2023/dsa-5417
- https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html
- https://www.couchbase.com/alerts/
- https://security.gentoo.org/glsa/202402-08
medium severity
- Vulnerable module: openssl
- Introduced through: openssl@1:1.0.2k-16.162.amzn1
- Fixed in: 1:1.0.2k-16.164.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › openssl@1:1.0.2k-16.162.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream openssl
package and not the openssl
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
Issue summary: Checking excessively long DH keys or parameters may be very slow.
Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service.
The function DH_check() performs various checks on DH parameters. After fixing CVE-2023-3446 it was discovered that a large q parameter value can also trigger an overly long computation during some of these checks. A correct q value, if present, cannot be larger than the modulus p parameter, thus it is unnecessary to perform these checks if q is larger than p.
An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack.
The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check().
Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the "-check" option.
The OpenSSL SSL/TLS implementation is not affected by this issue.
The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.
Remediation
Upgrade Amazon-Linux:2018.03
openssl
to version 1:1.0.2k-16.164.amzn1 or higher.
This issue was patched in ALAS-2023-1843
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3817
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a1eb62c29db6cb5eec707f9338aee00f44e26f5
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=869ad69aadd985c7b8ca6f4e5dd0eb274c9f3644
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9002fd07327a91f35ba6c1307e71fa6fd4409b7f
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=91ddeba0f2269b017dc06c46c993a788974b1aa5
- https://www.openssl.org/news/secadv/20230731.txt
- http://www.openwall.com/lists/oss-security/2023/07/31/1
- http://seclists.org/fulldisclosure/2023/Jul/43
- https://lists.debian.org/debian-lts-announce/2023/08/msg00019.html
- https://security.netapp.com/advisory/ntap-20230818-0014/
- http://www.openwall.com/lists/oss-security/2023/09/22/9
- http://www.openwall.com/lists/oss-security/2023/09/22/11
- https://security.netapp.com/advisory/ntap-20231027-0008/
- http://www.openwall.com/lists/oss-security/2023/11/06/2
- https://security.gentoo.org/glsa/202402-08
medium severity
- Vulnerable module: openssl
- Introduced through: openssl@1:1.0.2k-16.162.amzn1
- Fixed in: 1:1.0.2k-16.163.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › openssl@1:1.0.2k-16.162.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream openssl
package and not the openssl
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate verification.
As suddenly enabling the policy check could break existing deployments it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function.
Instead the applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument.
Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications.
Remediation
Upgrade Amazon-Linux:2018.03
openssl
to version 1:1.0.2k-16.163.amzn1 or higher.
This issue was patched in ALAS-2023-1762
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061
- https://www.openssl.org/news/secadv/20230328.txt
- https://security.netapp.com/advisory/ntap-20230414-0001/
- https://www.debian.org/security/2023/dsa-5417
- https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html
- http://www.openwall.com/lists/oss-security/2023/09/28/4
- https://security.gentoo.org/glsa/202402-08
medium severity
- Vulnerable module: openssl
- Introduced through: openssl@1:1.0.2k-16.162.amzn1
- Fixed in: 1:1.0.2k-16.163.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › openssl@1:1.0.2k-16.162.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream openssl
package and not the openssl
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks.
Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies in order to circumvent policy checking on the certificate altogether.
Policy processing is disabled by default but can be enabled by passing
the -policy' argument to the command line utilities or by calling the
X509_VERIFY_PARAM_set1_policies()' function.
Remediation
Upgrade Amazon-Linux:2018.03
openssl
to version 1:1.0.2k-16.163.amzn1 or higher.
This issue was patched in ALAS-2023-1762
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c
- https://www.openssl.org/news/secadv/20230328.txt
- https://security.netapp.com/advisory/ntap-20230414-0001/
- https://www.debian.org/security/2023/dsa-5417
- https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html
- https://security.gentoo.org/glsa/202402-08
medium severity
- Vulnerable module: openssl
- Introduced through: openssl@1:1.0.2k-16.162.amzn1
- Fixed in: 1:1.0.2k-16.165.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › openssl@1:1.0.2k-16.162.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream openssl
package and not the openssl
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow.
Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service.
While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is therefore vulnerable for excessively large P and Q parameters.
Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn't check for an excessively large Q.
An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack.
DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate().
Also vulnerable are the OpenSSL pkey command line application when using the "-pubcheck" option, as well as the OpenSSL genpkey command line application.
The OpenSSL SSL/TLS implementation is not affected by this issue.
The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.
Remediation
Upgrade Amazon-Linux:2018.03
openssl
to version 1:1.0.2k-16.165.amzn1 or higher.
This issue was patched in ALAS-2023-1891
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5678
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636ab507a0cc34dca4d3aecc055
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b6290fef0dd5536fbcedbc38ff0c
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6
- https://www.openssl.org/news/secadv/20231106.txt
- http://www.openwall.com/lists/oss-security/2023/11/06/2
- https://security.netapp.com/advisory/ntap-20231130-0010/
medium severity
- Vulnerable module: openssl
- Introduced through: openssl@1:1.0.2k-16.162.amzn1
- Fixed in: 1:1.0.2k-16.164.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › openssl@1:1.0.2k-16.162.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream openssl
package and not the openssl
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
Issue summary: Checking excessively long DH keys or parameters may be very slow.
Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service.
The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus ('p' parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length.
However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large.
An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack.
The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check().
Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the '-check' option.
The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.
Remediation
Upgrade Amazon-Linux:2018.03
openssl
to version 1:1.0.2k-16.164.amzn1 or higher.
This issue was patched in ALAS-2023-1843
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3446
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1fa20cf2f506113c761777127a38bce5068740eb
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8780a896543a654e757db1b9396383f9d8095528
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9a0a4d3c1e7138915563c0df4fe6a3f9377b839c
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc9867c1e03c22ebf56943be205202e576aabf23
- https://www.openssl.org/news/secadv/20230719.txt
- http://www.openwall.com/lists/oss-security/2023/07/19/4
- http://www.openwall.com/lists/oss-security/2023/07/19/5
- http://www.openwall.com/lists/oss-security/2023/07/19/6
- http://www.openwall.com/lists/oss-security/2023/07/31/1
- https://security.netapp.com/advisory/ntap-20230803-0011/
- https://lists.debian.org/debian-lts-announce/2023/08/msg00019.html
- https://security.gentoo.org/glsa/202402-08
medium severity
- Vulnerable module: libssh2
- Introduced through: libssh2@1.4.2-3.12.amzn1
- Fixed in: 0:1.4.2-3.13.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libssh2@1.4.2-3.12.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libssh2
package and not the libssh2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
Remediation
Upgrade Amazon-Linux:2018.03
libssh2
to version 0:1.4.2-3.13.amzn1 or higher.
This issue was patched in ALAS-2023-1756
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3859
- https://www.libssh2.org/CVE-2019-3859.html
- https://seclists.org/bugtraq/2019/Mar/25
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3859
- http://www.securityfocus.com/bid/107485
- http://www.openwall.com/lists/oss-security/2019/03/18/3
- http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/
- https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767
- https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html
- https://security.netapp.com/advisory/ntap-20190327-0005/
- http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html
- https://lists.debian.org/debian-lts-announce/2019/04/msg00006.html
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/
- https://www.debian.org/security/2019/dsa-4431
- https://seclists.org/bugtraq/2019/Apr/25
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00103.html
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00102.html
- https://lists.debian.org/debian-lts-announce/2019/07/msg00024.html
- https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/
medium severity
- Vulnerable module: libssh2
- Introduced through: libssh2@1.4.2-3.12.amzn1
- Fixed in: 0:1.4.2-3.13.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libssh2@1.4.2-3.12.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libssh2
package and not the libssh2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
Remediation
Upgrade Amazon-Linux:2018.03
libssh2
to version 0:1.4.2-3.13.amzn1 or higher.
This issue was patched in ALAS-2023-1756
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3860
- https://www.libssh2.org/CVE-2019-3860.html
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3860
- https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html
- https://security.netapp.com/advisory/ntap-20190327-0005/
- http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/
- https://www.debian.org/security/2019/dsa-4431
- https://seclists.org/bugtraq/2019/Apr/25
- http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00072.html
- https://lists.debian.org/debian-lts-announce/2019/07/msg00028.html
- https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/
medium severity
- Vulnerable module: curl
- Introduced through: curl@7.61.1-12.101.amzn1
- Fixed in: 0:7.61.1-12.105.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › curl@7.61.1-12.101.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream curl
package and not the curl
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application's intent. This vulnerability could be exploited if an application allows user input, thereby enabling attackers to execute arbitrary code on the system.
Remediation
Upgrade Amazon-Linux:2018.03
curl
to version 0:7.61.1-12.105.amzn1 or higher.
This issue was patched in ALAS-2023-1727
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27533
- https://hackerone.com/reports/1891474
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
- https://security.netapp.com/advisory/ntap-20230420-0011/
- https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html
- https://security.gentoo.org/glsa/202310-12
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
medium severity
- Vulnerable module: glib2
- Introduced through: glib2@2.36.3-5.22.amzn1
- Fixed in: 0:2.36.3-5.26.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › glib2@2.36.3-5.22.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream glib2
package and not the glib2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
Heap-based buffer overflow in the find_fixedlength function in pcre_compile.c in PCRE before 8.38 allows remote attackers to cause a denial of service (crash) or obtain sensitive information from heap memory and possibly bypass the ASLR protection mechanism via a crafted regular expression with an excess closing parenthesis.
Remediation
Upgrade Amazon-Linux:2018.03
glib2
to version 0:2.36.3-5.26.amzn1 or higher.
This issue was patched in ALAS-2023-1775
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5073
- http://www.openwall.com/lists/oss-security/2015/06/26/1
- http://vcs.pcre.org/pcre?view=revision&revision=1571
- https://bugs.exim.org/show_bug.cgi?id=1651
- http://www.openwall.com/lists/oss-security/2015/06/26/3
- http://www-01.ibm.com/support/docview.wss?uid=isg3T1023886
- http://www.securityfocus.com/bid/75430
- http://vcs.pcre.org/pcre/code/trunk/ChangeLog?revision=1609&view=markup
- http://www.securitytracker.com/id/1033154
- https://security.gentoo.org/glsa/201607-02
- https://access.redhat.com/errata/RHSA-2016:1132
- http://rhn.redhat.com/errata/RHSA-2016-2750.html
- http://rhn.redhat.com/errata/RHSA-2016-1025.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
medium severity
- Vulnerable module: libcurl
- Introduced through: libcurl@7.61.1-12.101.amzn1
- Fixed in: 0:7.61.1-12.105.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libcurl@7.61.1-12.101.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libcurl
package and not the libcurl
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application's intent. This vulnerability could be exploited if an application allows user input, thereby enabling attackers to execute arbitrary code on the system.
Remediation
Upgrade Amazon-Linux:2018.03
libcurl
to version 0:7.61.1-12.105.amzn1 or higher.
This issue was patched in ALAS-2023-1727
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27533
- https://hackerone.com/reports/1891474
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
- https://security.netapp.com/advisory/ntap-20230420-0011/
- https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html
- https://security.gentoo.org/glsa/202310-12
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
medium severity
- Vulnerable module: pcre
- Introduced through: pcre@8.21-7.8.amzn1
- Fixed in: 0:8.21-7.9.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › pcre@8.21-7.8.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream pcre
package and not the pcre
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
Heap-based buffer overflow in the find_fixedlength function in pcre_compile.c in PCRE before 8.38 allows remote attackers to cause a denial of service (crash) or obtain sensitive information from heap memory and possibly bypass the ASLR protection mechanism via a crafted regular expression with an excess closing parenthesis.
Remediation
Upgrade Amazon-Linux:2018.03
pcre
to version 0:8.21-7.9.amzn1 or higher.
This issue was patched in ALAS-2023-1767
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5073
- http://www.openwall.com/lists/oss-security/2015/06/26/1
- http://vcs.pcre.org/pcre?view=revision&revision=1571
- https://bugs.exim.org/show_bug.cgi?id=1651
- http://www.openwall.com/lists/oss-security/2015/06/26/3
- http://www-01.ibm.com/support/docview.wss?uid=isg3T1023886
- http://www.securityfocus.com/bid/75430
- http://vcs.pcre.org/pcre/code/trunk/ChangeLog?revision=1609&view=markup
- http://www.securitytracker.com/id/1033154
- https://security.gentoo.org/glsa/201607-02
- https://access.redhat.com/errata/RHSA-2016:1132
- http://rhn.redhat.com/errata/RHSA-2016-2750.html
- http://rhn.redhat.com/errata/RHSA-2016-1025.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
medium severity
- Vulnerable module: curl
- Introduced through: curl@7.61.1-12.101.amzn1
- Fixed in: 0:7.61.1-12.104.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › curl@7.61.1-12.101.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream curl
package and not the curl
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde () character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /2/foo while accessing a server with a specific user.
Remediation
Upgrade Amazon-Linux:2018.03
curl
to version 0:7.61.1-12.104.amzn1 or higher.
This issue was patched in ALAS-2023-1729
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27534
- https://hackerone.com/reports/1892351
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
- https://security.netapp.com/advisory/ntap-20230420-0012/
- https://security.gentoo.org/glsa/202310-12
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
- https://lists.debian.org/debian-lts-announce/2024/03/msg00016.html
medium severity
- Vulnerable module: glib2
- Introduced through: glib2@2.36.3-5.22.amzn1
- Fixed in: 0:2.36.3-5.25.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › glib2@2.36.3-5.22.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream glib2
package and not the glib2
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
Remediation
Upgrade Amazon-Linux:2018.03
glib2
to version 0:2.36.3-5.25.amzn1 or higher.
This issue was patched in ALAS-2023-1769
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8386
- http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup
- http://www.openwall.com/lists/oss-security/2015/11/29/1
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731
- http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
- http://www.securityfocus.com/bid/82990
- http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html
- http://www-01.ibm.com/support/docview.wss?uid=isg3T1023886
- https://bto.bluecoat.com/security-advisory/sa128
- https://security.gentoo.org/glsa/201607-02
- https://access.redhat.com/errata/RHSA-2016:1132
- http://rhn.redhat.com/errata/RHSA-2016-2750.html
- http://rhn.redhat.com/errata/RHSA-2016-1025.html
- https://security.netapp.com/advisory/ntap-20230216-0002/
medium severity
- Vulnerable module: libcurl
- Introduced through: libcurl@7.61.1-12.101.amzn1
- Fixed in: 0:7.61.1-12.104.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › libcurl@7.61.1-12.101.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libcurl
package and not the libcurl
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde () character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /2/foo while accessing a server with a specific user.
Remediation
Upgrade Amazon-Linux:2018.03
libcurl
to version 0:7.61.1-12.104.amzn1 or higher.
This issue was patched in ALAS-2023-1729
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27534
- https://hackerone.com/reports/1892351
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
- https://security.netapp.com/advisory/ntap-20230420-0012/
- https://security.gentoo.org/glsa/202310-12
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
- https://lists.debian.org/debian-lts-announce/2024/03/msg00016.html
medium severity
- Vulnerable module: tar
- Introduced through: tar@2:1.26-31.22.amzn1
- Fixed in: 2:1.26-31.24.amzn1
Detailed paths
-
Introduced through: amazonlinux@2018.03-with-sources › tar@2:1.26-31.22.amzn1
NVD Description
Note: Versions mentioned in the description apply only to the upstream tar
package and not the tar
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2018.03
relevant fixed versions and status.
pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.
Remediation
Upgrade Amazon-Linux:2018.03
tar
to version 2:1.26-31.24.amzn1 or higher.
This issue was patched in ALAS-2023-1755
.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923
- https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241
- http://savannah.gnu.org/bugs/?55369
- http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E