Category Archives: Advisories

Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution

Read Time:44 Second

Multiple vulnerabilities have been discovered in Mozilla Firefox and Mozilla Thunderbird, the most severe of which could allow for arbitrary code execution.

Mozilla Firefox is a web browser used to access the Internet.
Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations.
Mozilla Thunderbird is a free and open-source cross-platform email client, personal information manager, news client, RSS and chat client
Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Read More

Drupal core – Critical – Multiple vulnerabilities – SA-CORE-2022-016

Read Time:1 Minute, 36 Second
Project: 
Date: 
2022-September-28
Vulnerability: 
Multiple vulnerabilities
Affected versions: 
>= 8.0.0 <9.3.22 || >= 9.4.0 <9.4.7
CVE IDs: 
CVE-2022-39261
Description: 

Drupal uses the Twig third-party library for content templating and sanitization. Twig has released a security update that affects Drupal. Twig has rated the vulnerability as high severity.

Drupal core’s code extending Twig has also been updated to mitigate a related vulnerability.

Multiple vulnerabilities are possible if an untrusted user has access to write Twig code, including potential unauthorized read access to private files, the contents of other files on the server, or database credentials.

The vulnerability is mitigated by the fact that an exploit is only possible in Drupal core with a restricted access administrative permission. Additional exploit paths for the same vulnerability may exist with contributed or custom code that allows users to write Twig templates.

Solution: 

Install the latest version:

If you are using Drupal 9.4, update to Drupal 9.4.7.

If you are using Drupal 9.3, update to Drupal 9.3.22.

All versions of Drupal 9 prior to 9.3.x are end-of-life and do not receive security coverage. Note that Drupal 8 has reached its end of life.

Drupal 7 core does not include Twig and therefore is not affected.

Fixed By: 
xjm of the Drupal Security Team
Alex Pott of the Drupal Security Team
Sascha Grossenbacher
Lee Rowlands of the Drupal Security Team
Lauri Eskola, provisional member of the Drupal Security Team
Nathaniel Catchpole of the Drupal Security Team
Dave Long, provisional member of the Drupal Security Team
cilefen of the Drupal Security Team
James Williams
Benji Fisher, provisional member of the Drupal Security Team

Read More

nodejs-16.17.1-1.fc35

Read Time:28 Second

FEDORA-2022-58055cb1ef

Packages in this update:

nodejs-16.17.1-1.fc35

Update description:

September Security Updates for Node.js

Update to Node.js 16.17.0

https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V16.md#16.17.0

Fix dependency typo

Update to 16.15.0

Update to Node.js 16.14.1

Note that we will be skipping 16.14.2 since the only changes were in the bundled copy of OpenSSL, which we do not use. The relevant security patches are handled in Fedora’s openssl package.

Read More

nodejs-16.17.1-1.fc36

Read Time:28 Second

FEDORA-2022-3793987b02

Packages in this update:

nodejs-16.17.1-1.fc36

Update description:

September Security Updates for Node.js

Update to Node.js 16.17.0

https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V16.md#16.17.0

Fix dependency typo

Update to 16.15.0

Update to Node.js 16.14.1

Note that we will be skipping 16.14.2 since the only changes were in the bundled copy of OpenSSL, which we do not use. The relevant security patches are handled in Fedora’s openssl package.

Read More

php-8.1.11-1.fc36

Read Time:1 Minute, 16 Second

FEDORA-2022-0b77fbd9e7

Packages in this update:

php-8.1.11-1.fc36

Update description:

PHP version 8.1.11 (29 Sep 2022)

Core:

Fixed bug php#81726: phar wrapper: DOS when using quine gzip file. (CVE-2022-31628). (cmb)
Fixed bug php#81727: Don’t mangle HTTP variable names that clash with ones that have a specific semantic meaning. (CVE-2022-31629). (Derick)
Fixed bug GH-9323 (Crash in ZEND_RETURN/GC/zend_call_function) (Tim Starling)
Fixed bug GH-9361 (Segmentation fault on script exit php#9379). (cmb, Christian Schneider)
Fixed bug GH-9447 (Invalid class FQN emitted by AST dump for new and class constants in constant expressions). (ilutov)

DOM:

Fixed bug php#79451 (DOMDocument->replaceChild on doctype causes double free). (Nathan Freeman)

FPM:

Fixed bug GH-8885 (FPM access.log with stderr begins to write logs to error_log after daemon reload). (Dmitry Menshikov)
Fixed bug php#77780 (“Headers already sent…” when previous connection was aborted). (Jakub Zelenka)

GMP

Fixed bug GH-9308 (GMP throws the wrong error when a GMP object is passed to gmp_init()). (Girgias)

Intl

Fixed bug GH-9421 (Incorrect argument number for ValueError in NumberFormatter). (Girgias)

PCRE:

Fixed pcre.jit on Apple Silicon. (Niklas Keller)

PDO_PGSQL:

Fixed bug GH-9411 (PgSQL large object resource is incorrectly closed). (Yurunsoft)

Reflection:

Fixed bug GH-8932 (ReflectionFunction provides no way to get the called class of a Closure). (cmb, Nicolas Grekas)

Streams:

Fixed bug GH-9316 ($http_response_header is wrong for long status line). (cmb, timwolla)

Read More

php-8.1.11-1.fc37

Read Time:1 Minute, 16 Second

FEDORA-2022-580da6af27

Packages in this update:

php-8.1.11-1.fc37

Update description:

PHP version 8.1.11 (29 Sep 2022)

Core:

Fixed bug php#81726: phar wrapper: DOS when using quine gzip file. (CVE-2022-31628). (cmb)
Fixed bug php#81727: Don’t mangle HTTP variable names that clash with ones that have a specific semantic meaning. (CVE-2022-31629). (Derick)
Fixed bug GH-9323 (Crash in ZEND_RETURN/GC/zend_call_function) (Tim Starling)
Fixed bug GH-9361 (Segmentation fault on script exit php#9379). (cmb, Christian Schneider)
Fixed bug GH-9447 (Invalid class FQN emitted by AST dump for new and class constants in constant expressions). (ilutov)

DOM:

Fixed bug php#79451 (DOMDocument->replaceChild on doctype causes double free). (Nathan Freeman)

FPM:

Fixed bug GH-8885 (FPM access.log with stderr begins to write logs to error_log after daemon reload). (Dmitry Menshikov)
Fixed bug php#77780 (“Headers already sent…” when previous connection was aborted). (Jakub Zelenka)

GMP

Fixed bug GH-9308 (GMP throws the wrong error when a GMP object is passed to gmp_init()). (Girgias)

Intl

Fixed bug GH-9421 (Incorrect argument number for ValueError in NumberFormatter). (Girgias)

PCRE:

Fixed pcre.jit on Apple Silicon. (Niklas Keller)

PDO_PGSQL:

Fixed bug GH-9411 (PgSQL large object resource is incorrectly closed). (Yurunsoft)

Reflection:

Fixed bug GH-8932 (ReflectionFunction provides no way to get the called class of a Closure). (cmb, Nicolas Grekas)

Streams:

Fixed bug GH-9316 ($http_response_header is wrong for long status line). (cmb, timwolla)

Read More