2022-40 - Canonical, Red Hat, Cisco, GitHub Published on October 10, 2022

Advisory Week

Week 40, 2022

National Cyber Awareness System

FBI and CISA Publish a PSA on Information Manipulation Tactics for 2022 Midterm Elections Top CVEs Actively Exploited by People’s Republic of China State-Sponsored Cyber Actors    Cisco Releases Security Updates for Multiple Products CISA Releases Two Industrial Control Systems Advisories FBI and CISA Publish a PSA on Malicious Cyber Activity Against Election Infrastructure Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization CISA Releases Five Industrial Control Systems Advisories CISA Issues Binding Operational Directive 23-01: Improving Asset Visibility and Vulnerability Detection on Federal Networks

Ubuntu Security Notices

USN-5663-1: Thunderbird vulnerabilities USN-5371-3: nginx vulnerability USN-5661-1: LibreOffice vulnerabilities USN-5660-1: Linux kernel (GCP) vulnerabilities USN-5659-1: kitty vulnerabilities USN-5657-1: Graphite2 vulnerability USN-5658-1: DHCP vulnerabilities USN-5656-1: JACK vulnerability USN-5655-1: Linux kernel (Intel IoTG) vulnerabilities USN-5654-1: Linux kernel (GKE) vulnerabilities USN-5653-1: Django vulnerability USN-5651-2: strongSwan vulnerability USN-5651-1: strongSwan vulnerability USN-5614-2: Wayland vulnerability USN-5652-1: Linux kernel (Azure) vulnerabilities

Red Hat Security Advisory

(RHSA-2022:6850) Important: openvswitch2.11 security update (RHSA-2022:6839) Important: squid security update (RHSA-2022:6838) Important: expat security update (RHSA-2022:6835) Important: Service Registry (container images) release and security update [2.3.0.GA] (RHSA-2022:6834) Important: expat security update (RHSA-2022:6833) Important: expat security update (RHSA-2022:6832) Important: expat security update (RHSA-2022:6831) Important: expat security update (RHSA-2022:6820) Moderate: prometheus-jmx-exporter security update (RHSA-2022:6825) Important: Red Hat JBoss Enterprise Application Platform 7.4.7 Security update (RHSA-2022:6822) Important: Red Hat JBoss Enterprise Application Platform 7.4.7 Security update (RHSA-2022:6823) Important: Red Hat JBoss Enterprise Application Platform 7.4.7 Security update (RHSA-2022:6821) Important: Red Hat JBoss Enterprise Application Platform 7.4.7 Security update (RHSA-2022:6757) Important: Red Hat build of Eclipse Vert.x 4.3.3 security update (RHSA-2022:6819) Important: Red Hat AMQ Streams 2.2.0 release and security update (RHSA-2022:6815) Important: squid security update (RHSA-2022:6813) Important: Red Hat Process Automation Manager 7.13.1 security update (RHSA-2022:6787) Moderate: Red Hat Single Sign-On 7.5.3 security update (RHSA-2022:6783) Moderate: Red Hat Single Sign-On 7.5.3 security update on RHEL 8 (RHSA-2022:6782) Moderate: Red Hat Single Sign-On 7.5.3 security update on RHEL 7 (RHSA-2022:6781) Important: bind9.16 security update (RHSA-2022:6780) Important: bind security update (RHSA-2022:6779) Important: bind security update (RHSA-2022:6778) Important: bind security update (RHSA-2022:6777) Important: squid:4 security update (RHSA-2022:6776) Important: squid:4 security update (RHSA-2022:6775) Important: squid:4 security update (RHSA-2022:6774) Important: squid:4 security update (RHSA-2022:6766) Moderate: rh-python38-python security update (RHSA-2022:6765) Important: bind security update (RHSA-2022:6764) Important: bind security update (RHSA-2022:6763) Important: bind security update

Cisco Security Advisory

Cisco Secure Web Appliance Content Encoding Filter Bypass Vulnerability Cisco Touch 10 Devices Insufficient Identity Verification Vulnerability Cisco Enterprise NFV Infrastructure Software Improper Signature Verification Vulnerability Cisco ATA 190 Series Analog Telephone Adapter Software Vulnerabilities Cisco BroadWorks Hosted Thin Receptionist Cross-Site Scripting Vulnerability Cisco Smart Software Manager On-Prem Privilege Escalation Vulnerability Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities Cisco Jabber Client Software Extensible Messaging and Presence Protocol Stanza Smuggling Vulnerability Cisco Touch 10 Devices Downgrade Vulnerability

Github Security Advisories

[GHSA-pj2c-h76w-vv6f] tiny-csrf has openly visible CSRF tokens [GHSA-p75c-5x3h-cxcg] Fat Free CRM vulnerable to Remote Denial of Service via Tasks endpoint [GHSA-xrx9-gj26-5wx9] v8n vulnerable to Inefficient Regular Expression Complexity [GHSA-8r99-h8j2-rw64] Twisted vulnerable to HTTP Request Smuggling Attacks [GHSA-x279-68rr-jp4p] Blst vulnerable to incorrect results for some inputs in blst_fp_eucl_inverse function [GHSA-p658-8693-mhvg] Tendermint Core vulnerable to Uncontrolled Resource Consumption [GHSA-9jjw-hf72-3mxw] TensorFlow vulnerable to heap out of bounds read in filesystem glob matching [GHSA-4xqx-pqpj-9fqw] gajira-create GitHub action vulnerable to arbitrary code execution [GHSA-9gp7-6833-wv89] etcd having a negative value for cluster node size results in an index out-of-bound panic during service discovery [GHSA-528j-9r78-wffx] etcd user credentials are stored in WAL logs in plaintext [GHSA-4993-m7g5-r9hh] etcd has no minimum password length [GHSA-h8g9-6gvh-5mrc] etcd vulnerable to TOCTOU of gateway endpoint authentication [GHSA-m332-53r6-2w93] etcd's WAL `ReadAll` method vulnerable to an entry with large index causing panic [GHSA-8w7w-67mw-r5p7] generator-jhipster vulnerable to login check Regular Expression Denial of Service [GHSA-398j-f7m7-795j] PHPMailer vulnerable to email header injection [GHSA-745p-r637-7vvp] Codeigniter4's Secure or HttpOnly flag set in Config\Cookie is not reflected in Cookies issued [GHSA-m5m3-46gj-wch8] SIF's Digital Signature Hash Algorithms Not Validated [GHSA-px9g-8hgv-jvg2] kamadak-exif vulnerable to Infinite loop when parsing PNG files [GHSA-67x4-qr35-qvrm] FlyteAdmin's Default OAuth Authorization Server secret must be rotated [GHSA-h4h5-3hr4-j3g2] protobuf-java has a potential Denial of Service issue [GHSA-mgvv-5mxp-xq67] SQLite3 addresses vulnerability in packaged version of libsqlite [GHSA-vh7g-p26c-j2cw] Dex vulnerable to Man-in-the-Middle allowing ID token capture via intercepted authorization code