Open-Xchange Security Advisory 2022-09-01

Read Time:22 Second

Posted by Martin Heiland via Fulldisclosure on Sep 01

Dear subscribers,

we’re sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those
vulnerabilities. Feel free to join our bug bounty programs for OX AppSuite, Dovecot and PowerDNS at HackerOne.

Yours sincerely,
Martin Heiland, Open-Xchange GmbH

Product: OX App Suite
Vendor: OX Software GmbH

Internal reference: MWB-1540
Vulnerability type: Cross-Site Scripting (CWE-80)
Vulnerable…

Read More

mediawiki-1.37.4-1.fc36

Read Time:1 Minute, 53 Second

FEDORA-2022-f83aec6d57

Packages in this update:

mediawiki-1.37.4-1.fc36

Update description:

MediaWiki 1.37.4

This is a maintenance release of the MediaWiki 1.37 branch.
Changes since MediaWiki 1.37.3

Localisation updates.
(T311568) UploadBase::setTempFile() handle $tempPath being passed as null.
(T311559) SpecialListFiles: user parameter isn’t always present.
(T311561) ImageListPager: Don’t call htmlspecialchars() on null.
(T311920) SpecialBlockList: Prevent passing null to trim().
(T311921) SpecialUserrights: Don’t pass null to str_replace.
(T311570) SpecialWithoutInterwiki: Don’t pass null through to

Title::capitalize().

(T311574, T311576) SpecialLinkSearch: Don’t pass null through to the parser.
(T312059) Update guzzlehttp/guzzle to 7.4.5 in vendor.
(T296435, T297669) cache: Add four fields to LinkCache::getSelectFields.

MediaWiki 1.37.3

This is a security and maintenance release of the MediaWiki 1.37 branch.
Changes since MediaWiki 1.37.2

Localisation updates.
(T289879) Type hints for ArrayAccess and JsonSerializable.
(T304783) TemplateParser: avoid warnings when called by NoLocalSettings.
Rebuilt vendor with composer 2.3.3.
Fix old_name in UserLogoutComplete hook.
(T289879) Address some deprecations for PHP 8.1.
(T193565) UserGroupManager: Fix dbDomain in addUserToGroup() deferred update.
(T309114) LocalFile::prerenderThumbnails: Limit the number of thumbnail jobs

triggered.

(T307982) Updated wikimedia/parsoid from v0.14.0 to v0.14.1.
(T308471) SECURITY: Escape welcomeuser message passed to showSuccessPage().
(T308473) SECURITY: Escape contributions-title msg for use within page title.
(T311272) Call parent constructor of AddSite maintenance script first.
MediaWiki: Don’t eagerly initialize action name.
Updated wikimedia/shellbox from v2.0.0 to v2.1.1.
(T311384, CVE-2022-27776) Updated guzzlehttp/guzzle from 7.2.0 to 7.4.5.
(T289926) Avoid passing null to trim() in SkinTemplate.
(T311473) rollbackEdits: Pass user identity to RollbackPage.
(T307282) Avoid passing null to strcasecmp(), for PHP 8.1.
(T311551) ShellboxClientFactory::getUrl(): Check if $this->key is null.
(T311552) ChangesListSpecialPage: Don’t pass null to FormatJson::decode().
(T311569) FileBackend::isStoragePath() Handle being passed null.
(T311544) Pass int to ApiUsageException::newWithMessage()’s $httpCode param.
(T311678) SpecialEditWatchlist: Prevent passing null to strtolower().
(T281741) ChangeTags: Fix adding CSS classes for hidden tags.
(T296642) changetags: Fix management of a ‘0’ tag.
(T311554) ChangeTags: Return early in formatSummaryRow() if $tags === null.
(T303033) Handle null in ChangeTags::modifyDisplayQuery.
Updated wikimedia/common-passwords from 0.3.0 to 0.4.0.

Read More

mediawiki-1.38.2-1.fc37

Read Time:1 Minute, 0 Second

FEDORA-2022-bca2c95559

Packages in this update:

mediawiki-1.38.2-1.fc37

Update description:

MediaWiki 1.38.2

This is a security and maintenance release of the MediaWiki 1.38 branch.
Changes since MediaWiki 1.38.1

Localisation updates.
(T309426) Repair language selector for SVGs.
(T310013) Fix default value for $wgShowEXIF and $wgUsePathInfo.
(T308471) SECURITY: Escape welcomeuser message passed to showSuccessPage().
(T308473) SECURITY: Escape contributions-title msg for use within page title.
(T311272) Call parent constructor of AddSite maintenance script first.
MediaWiki: Don’t eagerly initialize action name.
(T311384, CVE-2022-27776) Updated guzzlehttp/guzzle from 7.4.1 to 7.4.5.
(T289926) Avoid passing null to trim() in SkinTemplate.
(T289879) Address deprecations for PHP 8.1.
(T311473) rollbackEdits: Pass user identity to RollbackPage.
Upgrade wikimedia/remex-html from 3.0.1 to 3.0.2.
(T311551) ShellboxClientFactory::getUrl(): Check if $this->key is null.
(T311552) ChangesListSpecialPage: Don’t pass null to FormatJson::decode().
(T311569) FileBackend::isStoragePath() Handle being passed null.
(T311544) Pass int to ApiUsageException::newWithMessage()’s $httpCode param.
(T311678) SpecialEditWatchlist: Prevent passing null to strtolower().
(T311554) ChangeTags: Return early in formatSummaryRow() if $tags === null.
Upgrade wikimedia/common-passwords from 0.3.0 to 0.4.0.

Read More

Ragnar Locker continues trend of ransomware targeting energy sector

Read Time:30 Second

The recent attack on Greece’s largest natural gas transmission operator DESFA by ransomware gang Ragnar Locker is the latest on a growing list of incidents where ransomware groups attacked energy companies. This gang seems to prefer critical infrastructure sectors, having targeted over 50 such organizations in the U.S. over the past two years.

According to a new analysis by researchers from Cybereason, Ragnar Locker is a growing threat that uses layers of encryption to hide instructions in its binary and kills various processes associated with remote login and support.

To read this article in full, please click here

Read More

CVE-2020-35532

Read Time:10 Second

In LibRaw, an out-of-bounds read vulnerability exists within the “simple_decode_row()” function (librawsrcx3fx3f_utils_patched.cpp) which can be triggered via an image with a large row_stride field.

Read More