Category Archives: Advisories

Advisories

USN-5772-1: QEMU vulnerabilities

Read Time:1 Minute, 30 Second

It was discovered that QEMU incorrectly handled bulk transfers from SPICE
clients. A remote attacker could use this issue to cause QEMU to crash,
resulting in a denial of service, or possibly execute arbitrary code. This
issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2021-3682)

It was discovered that QEMU did not properly manage memory when it
transfers the USB packets. A malicious guest attacker could use this issue
to cause QEMU to crash, resulting in a denial of service, or possibly
execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu
20.04 LTS and Ubuntu 22.04 LTS. (CVE-2021-3750)

It was discovered that the QEMU SCSI device emulation incorrectly handled
certain MODE SELECT commands. An attacker inside the guest could possibly
use this issue to cause QEMU to crash, resulting in a denial of service.
This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
(CVE-2021-3930)

It was discovered that QEMU did not properly manage memory when it
processing repeated messages to cancel the current SCSI request. A
malicious privileged guest attacker could use this issue to cause QEMU to
crash, resulting in a denial of service. (CVE-2022-0216)

It was discovered that QEMU did not properly manage memory when it
using Tulip device emulation. A malicious guest attacker could use this
issue to cause QEMU to crash, resulting in a denial of service. This issue
only affected Ubuntu 22.10. (CVE-2022-2962)

It was discovered that QEMU did not properly manage memory when processing
ClientCutText messages. A attacker could use this issue to cause QEMU to
crash, resulting in a denial of service. This issue only affected Ubuntu
22.04 LTS and Ubuntu 22.10. (CVE-2022-3165)

Read More

Advisories

USN-5771-1: Squid regression

Read Time:1 Minute, 21 Second

USN-3557-1 fixed vulnerabilities in Squid. This update introduced a regression
which could cause the cache log to be filled with many Vary loop messages. This
update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

Mathias Fischer discovered that Squid incorrectly handled certain long
strings in headers. A malicious remote server could possibly cause Squid to
crash, resulting in a denial of service. This issue was only addressed in
Ubuntu 16.04 LTS. (CVE-2016-2569)

William Lima discovered that Squid incorrectly handled XML parsing when
processing Edge Side Includes (ESI). A malicious remote server could
possibly cause Squid to crash, resulting in a denial of service. This issue
was only addressed in Ubuntu 16.04 LTS. (CVE-2016-2570)

Alex Rousskov discovered that Squid incorrectly handled response-parsing
failures. A malicious remote server could possibly cause Squid to crash,
resulting in a denial of service. This issue only applied to Ubuntu 16.04
LTS. (CVE-2016-2571)

Santiago Ruano Rincón discovered that Squid incorrectly handled certain
Vary headers. A remote attacker could possibly use this issue to cause
Squid to crash, resulting in a denial of service. This issue was only
addressed in Ubuntu 16.04 LTS. (CVE-2016-3948)

Louis Dion-Marcil discovered that Squid incorrectly handled certain Edge
Side Includes (ESI) responses. A malicious remote server could possibly
cause Squid to crash, resulting in a denial of service. (CVE-2018-1000024)

Louis Dion-Marcil discovered that Squid incorrectly handled certain Edge
Side Includes (ESI) responses. A malicious remote server could possibly
cause Squid to crash, resulting in a denial of service. (CVE-2018-1000027)

Read More

Advisories

xrdp-0.9.21-1.el7

Read Time:1 Minute, 18 Second

FEDORA-EPEL-2022-0b26ab3924

Packages in this update:

xrdp-0.9.21-1.el7

Update description:

Release notes for xrdp v0.9.21 (2022/12/10)

General announcements

Running xrdp and xrdp-sesman on separate hosts is still supported by this release, but is now deprecated. This is not secure. A future v1.0 release will replace the TCP socket used between these processes with a Unix Domain Socket, and then cross-host running will not be possible.

Security fixes

This update is recommended for all xrdp users and provides following important security fixes:

CVE-2022-23468
CVE-2022-23477
CVE-2022-23478
CVE-2022-23479
CVE-2022-23480
CVE-2022-23481
CVE-2022-23483
CVE-2022-23482
CVE-2022-23484
CVE-2022-23493

These security issues are reported by Team BT5 (BoB 11th). We appreciate their great help with making and reviewing patches.
New features

openSuSE Tumbleweed move to /usr/lib/pam.d is now supported in the installation scripts (#2413)
VNC backend session now supports extra mouse buttons 6, 7 and 8 (#2426)

Bug fixes

Passwords are no longer left on the heap in sesman (#1599 #2439)
Set permissions on pcsc socket dir to owner only (#2454 #2460)

Internal changes

CI updates to cope with github upgrades (#2395)

Changes for packagers or developers

Nothing this time.

Known issues

On-the-fly resolution change requires the Microsoft Store version of Remote Desktop client but sometimes crashes on connect (#1869)
xrdp’s login dialog is not relocated at the center of the new resolution after on-the-fly resolution change happens (#1867)

Read More

Advisories

xrdp-0.9.21-1.el8

Read Time:1 Minute, 18 Second

FEDORA-EPEL-2022-aaf428feb8

Packages in this update:

xrdp-0.9.21-1.el8

Update description:

Release notes for xrdp v0.9.21 (2022/12/10)

General announcements

Running xrdp and xrdp-sesman on separate hosts is still supported by this release, but is now deprecated. This is not secure. A future v1.0 release will replace the TCP socket used between these processes with a Unix Domain Socket, and then cross-host running will not be possible.

Security fixes

This update is recommended for all xrdp users and provides following important security fixes:

CVE-2022-23468
CVE-2022-23477
CVE-2022-23478
CVE-2022-23479
CVE-2022-23480
CVE-2022-23481
CVE-2022-23483
CVE-2022-23482
CVE-2022-23484
CVE-2022-23493

These security issues are reported by Team BT5 (BoB 11th). We appreciate their great help with making and reviewing patches.
New features

openSuSE Tumbleweed move to /usr/lib/pam.d is now supported in the installation scripts (#2413)
VNC backend session now supports extra mouse buttons 6, 7 and 8 (#2426)

Bug fixes

Passwords are no longer left on the heap in sesman (#1599 #2439)
Set permissions on pcsc socket dir to owner only (#2454 #2460)

Internal changes

CI updates to cope with github upgrades (#2395)

Changes for packagers or developers

Nothing this time.

Known issues

On-the-fly resolution change requires the Microsoft Store version of Remote Desktop client but sometimes crashes on connect (#1869)
xrdp’s login dialog is not relocated at the center of the new resolution after on-the-fly resolution change happens (#1867)

Read More

Advisories

xrdp-0.9.21-1.fc37

Read Time:1 Minute, 18 Second

FEDORA-2022-6fe4046ae9

Packages in this update:

xrdp-0.9.21-1.fc37

Update description:

Release notes for xrdp v0.9.21 (2022/12/10)

General announcements

Running xrdp and xrdp-sesman on separate hosts is still supported by this release, but is now deprecated. This is not secure. A future v1.0 release will replace the TCP socket used between these processes with a Unix Domain Socket, and then cross-host running will not be possible.

Security fixes

This update is recommended for all xrdp users and provides following important security fixes:

CVE-2022-23468
CVE-2022-23477
CVE-2022-23478
CVE-2022-23479
CVE-2022-23480
CVE-2022-23481
CVE-2022-23483
CVE-2022-23482
CVE-2022-23484
CVE-2022-23493

These security issues are reported by Team BT5 (BoB 11th). We appreciate their great help with making and reviewing patches.
New features

openSuSE Tumbleweed move to /usr/lib/pam.d is now supported in the installation scripts (#2413)
VNC backend session now supports extra mouse buttons 6, 7 and 8 (#2426)

Bug fixes

Passwords are no longer left on the heap in sesman (#1599 #2439)
Set permissions on pcsc socket dir to owner only (#2454 #2460)

Internal changes

CI updates to cope with github upgrades (#2395)

Changes for packagers or developers

Nothing this time.

Known issues

On-the-fly resolution change requires the Microsoft Store version of Remote Desktop client but sometimes crashes on connect (#1869)
xrdp’s login dialog is not relocated at the center of the new resolution after on-the-fly resolution change happens (#1867)

Read More

Advisories

xrdp-0.9.21-1.fc36

Read Time:1 Minute, 18 Second

FEDORA-2022-08d2138578

Packages in this update:

xrdp-0.9.21-1.fc36

Update description:

Release notes for xrdp v0.9.21 (2022/12/10)

General announcements

Running xrdp and xrdp-sesman on separate hosts is still supported by this release, but is now deprecated. This is not secure. A future v1.0 release will replace the TCP socket used between these processes with a Unix Domain Socket, and then cross-host running will not be possible.

Security fixes

This update is recommended for all xrdp users and provides following important security fixes:

CVE-2022-23468
CVE-2022-23477
CVE-2022-23478
CVE-2022-23479
CVE-2022-23480
CVE-2022-23481
CVE-2022-23483
CVE-2022-23482
CVE-2022-23484
CVE-2022-23493

These security issues are reported by Team BT5 (BoB 11th). We appreciate their great help with making and reviewing patches.
New features

openSuSE Tumbleweed move to /usr/lib/pam.d is now supported in the installation scripts (#2413)
VNC backend session now supports extra mouse buttons 6, 7 and 8 (#2426)

Bug fixes

Passwords are no longer left on the heap in sesman (#1599 #2439)
Set permissions on pcsc socket dir to owner only (#2454 #2460)

Internal changes

CI updates to cope with github upgrades (#2395)

Changes for packagers or developers

Nothing this time.

Known issues

On-the-fly resolution change requires the Microsoft Store version of Remote Desktop client but sometimes crashes on connect (#1869)
xrdp’s login dialog is not relocated at the center of the new resolution after on-the-fly resolution change happens (#1867)

Read More

Advisories

xrdp-0.9.21-1.fc35

Read Time:1 Minute, 18 Second

FEDORA-2022-0a7ffb8709

Packages in this update:

xrdp-0.9.21-1.fc35

Update description:

Release notes for xrdp v0.9.21 (2022/12/10)

General announcements

Running xrdp and xrdp-sesman on separate hosts is still supported by this release, but is now deprecated. This is not secure. A future v1.0 release will replace the TCP socket used between these processes with a Unix Domain Socket, and then cross-host running will not be possible.

Security fixes

This update is recommended for all xrdp users and provides following important security fixes:

CVE-2022-23468
CVE-2022-23477
CVE-2022-23478
CVE-2022-23479
CVE-2022-23480
CVE-2022-23481
CVE-2022-23483
CVE-2022-23482
CVE-2022-23484
CVE-2022-23493

These security issues are reported by Team BT5 (BoB 11th). We appreciate their great help with making and reviewing patches.
New features

openSuSE Tumbleweed move to /usr/lib/pam.d is now supported in the installation scripts (#2413)
VNC backend session now supports extra mouse buttons 6, 7 and 8 (#2426)

Bug fixes

Passwords are no longer left on the heap in sesman (#1599 #2439)
Set permissions on pcsc socket dir to owner only (#2454 #2460)

Internal changes

CI updates to cope with github upgrades (#2395)

Changes for packagers or developers

Nothing this time.

Known issues

On-the-fly resolution change requires the Microsoft Store version of Remote Desktop client but sometimes crashes on connect (#1869)
xrdp’s login dialog is not relocated at the center of the new resolution after on-the-fly resolution change happens (#1867)

Read More

Advisories

xrdp-0.9.21-1.el9

Read Time:1 Minute, 18 Second

FEDORA-EPEL-2022-a0c828a573

Packages in this update:

xrdp-0.9.21-1.el9

Update description:

Release notes for xrdp v0.9.21 (2022/12/10)

General announcements

Running xrdp and xrdp-sesman on separate hosts is still supported by this release, but is now deprecated. This is not secure. A future v1.0 release will replace the TCP socket used between these processes with a Unix Domain Socket, and then cross-host running will not be possible.

Security fixes

This update is recommended for all xrdp users and provides following important security fixes:

CVE-2022-23468
CVE-2022-23477
CVE-2022-23478
CVE-2022-23479
CVE-2022-23480
CVE-2022-23481
CVE-2022-23483
CVE-2022-23482
CVE-2022-23484
CVE-2022-23493

These security issues are reported by Team BT5 (BoB 11th). We appreciate their great help with making and reviewing patches.
New features

openSuSE Tumbleweed move to /usr/lib/pam.d is now supported in the installation scripts (#2413)
VNC backend session now supports extra mouse buttons 6, 7 and 8 (#2426)

Bug fixes

Passwords are no longer left on the heap in sesman (#1599 #2439)
Set permissions on pcsc socket dir to owner only (#2454 #2460)

Internal changes

CI updates to cope with github upgrades (#2395)

Changes for packagers or developers

Nothing this time.

Known issues

On-the-fly resolution change requires the Microsoft Store version of Remote Desktop client but sometimes crashes on connect (#1869)
xrdp’s login dialog is not relocated at the center of the new resolution after on-the-fly resolution change happens (#1867)

Read More