Improper Restriction of XML External Entity Reference, XML Injection (aka Blind XPath Injection) vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy prior to 2.5.2.

When Apache Ivy prior to 2.5.2 parses XML files – either its own configuration, Ivy files or Apache Maven POMs – it will allow downloading external document type definitions and expand any entity references contained therein when used.

This can be used to exfiltrate data, access resources only the machine running Ivy has access to or disturb the execution of Ivy in different ways.

Starting with Ivy 2.5.2 DTD processing is disabled by default except when parsing Maven POMs where the default is to allow DTD processing but only to include a DTD snippet shipping with Ivy that is needed to deal with existing Maven POMs that are not valid XML files but are nevertheless accepted by Maven. Access can be be made more lenient via newly introduced system properties where needed.

Users of Ivy prior to version 2.5.2 can use Java system properties to restrict processing of external DTDs, see the section about “JAXP Properties for External Access restrictions” inside Oracle’s “Java API for XML Processing (JAXP) Security Guide”.

Read More

It was discovered that Vim incorrectly handled memory when opening certain
files. If an attacker could trick a user into opening a specially crafted
file, it could cause Vim to crash, or possibly execute arbitrary code. This
issue only affected Ubuntu 22.04 LTS. (CVE-2022-2522, CVE-2022-2580,
CVE-2022-2817, CVE-2022-2819, CVE-2022-2862, CVE-2022-2889, CVE-2022-2982,
CVE-2022-3134)

It was discovered that Vim did not properly perform bounds checks in the
diff mode in certain situations. An attacker could possibly use this issue
to cause a denial of service. This issue only affected Ubuntu 18.04 LTS,
Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-2598)

It was discovered that Vim did not properly perform bounds checks in
certain situations. An attacker could possibly use this issue to cause a
denial of service. This issue only affected Ubuntu 22.04 LTS.
(CVE-2022-2816)

It was discovered that Vim incorrectly handled memory when skipping
compiled code. An attacker could possibly use this issue to cause a denial
of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-2874)

It was discovered that Vim incorrectly handled memory when opening certain
files. If an attacker could trick a user into opening a specially crafted
file, it could cause Vim to crash, or possibly execute arbitrary code. This
issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-3016,
CVE-2022-3037)

It was discovered that Vim incorrectly handled memory when invalid line
number on “:for” is ignored. An attacker could possibly use this issue to
cause a denial of service. (CVE-2022-3099)

It was discovered that Vim incorrectly handled memory when passing invalid
arguments to the assert_fails() method. An attacker could possibly use this
issue to cause a denial of service. This issue only affected Ubuntu 22.04
LTS. (CVE-2022-3153)

Read More

This vulnerability allows remote attackers to bypass authentication on affected installations of Advantech R-SeeNet. Authentication is not required to exploit this vulnerability.

Read More

This vulnerability allows remote attackers to escalate privileges on affected installations of Advantech R-SeeNet. Authentication is required to exploit this vulnerability.

Read More

This vulnerability allows local attackers to escalate privileges on affected installations of McAfee Safe Connect VPN. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Read More

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SonicWALL GMS Virtual Appliance. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.

Read More

This vulnerability allows remote attackers to bypass authentication on affected installations of SonicWALL GMS Virtual Appliance. Authentication is not required to exploit this vulnerability.

Read More

This vulnerability allows local attackers to escalate privileges on affected installations of 3CX. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Read More

USN-6267-1 fixed vulnerabilities and USN-6267-2 fixed minor regressions in
Firefox. The update introduced several minor regressions. This update fixes
the problem.

We apologize for the inconvenience.

Original advisory details:

Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information across domains, or execute arbitrary code. (CVE-2023-4047,
CVE-2023-4048, CVE-2023-4049, CVE-2023-4051, CVE-2023-4053, CVE-2023-4055,
CVE-2023-4056, CVE-2023-4057, CVE-2023-4058)

Max Vlasov discovered that Firefox Offscreen Canvas did not properly track
cross-origin tainting. An attacker could potentially exploit this issue to
access image data from another site in violation of same-origin policy.
(CVE-2023-4045)

Alexander Guryanov discovered that Firefox did not properly update the
value of a global variable in WASM JIT analysis in some circumstances. An
attacker could potentially exploit this issue to cause a denial of service.
(CVE-2023-4046)

Mark Brand discovered that Firefox did not properly validate the size of
an untrusted input stream. An attacker could potentially exploit this issue
to cause a denial of service. (CVE-2023-4050)

Read More

FEDORA-2023-b29031a7aa

Packages in this update:

chisel-1.9.0-1.fc40

Update description:

Automatic update for chisel-1.9.0-1.fc40.

Changelog

* Sun Aug 20 2023 Filipe Rosset <rosset.filipe@gmail.com> – 1.9.0-1
– Update to 1.9.0 fixes rhbz#2113146 rhbz#2163065 rhbz#2165257
* Wed Jul 19 2023 Fedora Release Engineering <releng@fedoraproject.org> – 1.7.7-7
– Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Wed Jan 18 2023 Fedora Release Engineering <releng@fedoraproject.org> – 1.7.7-6
– Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Wed Jul 20 2022 Fedora Release Engineering <releng@fedoraproject.org> – 1.7.7-5
– Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Tue Jul 19 2022 Maxwell G <gotmax@e.email> – 1.7.7-4
– Rebuild for CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in
golang
* Fri Jun 17 2022 Robert-André Mauchin <zebob.m@gmail.com> – 1.7.7-3
– Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, CVE-2022-27191,
CVE-2022-29526, CVE-2022-30629

Read More