2022-47 - Canonical, Red Hat, Amazon, GitHub Published on November 28, 2022

Advisory Week

Week 47, 2022

National Cyber Awareness System

CISA Releases Eight Industrial Control Systems Advisories

Ubuntu Security Notices

USN-5743-1: LibTIFF vulnerability USN-5742-1: JBIG-KIT vulnerability USN-5741-1: Exim vulnerability USN-5736-1: ImageMagick vulnerabilities USN-5740-1: X.Org X Server vulnerabilities USN-5739-1: MariaDB vulnerabilities USN-5638-3: Expat vulnerability USN-5737-1: APR-util vulnerability USN-5735-1: Sysstat vulnerability USN-5734-1: FreeRDP vulnerabilities USN-5716-2: SQLite vulnerability USN-5658-3: DHCP vulnerabilities USN-5733-1: FLAC vulnerabilities USN-5686-3: Git vulnerabilities

Red Hat Security Advisory

(RHSA-2022:8535) Moderate: OpenShift Container Platform 4.11.16 security update (RHSA-2022:8534) Low: OpenShift Container Platform 4.11.16 security update (RHSA-2022:8609) Important: OpenShift Virtualization 4.9.7 Images security update (RHSA-2022:8598) Important: Red Hat Virtualization Host security update [ovirt-4.5.3-1] (RHSA-2022:8580) Important: firefox security update (RHSA-2022:8561) Important: thunderbird security update (RHSA-2022:8560) Important: hsqldb security update (RHSA-2022:8559) Important: hsqldb security update (RHSA-2022:8556) Important: thunderbird security update (RHSA-2022:8555) Important: thunderbird security update (RHSA-2022:8554) Important: firefox security update (RHSA-2022:8553) Important: firefox security update (RHSA-2022:8552) Important: firefox security update (RHSA-2022:8550) Important: firefox security update (RHSA-2022:8549) Important: firefox security update (RHSA-2022:8548) Important: firefox security update (RHSA-2022:8545) Important: thunderbird security update (RHSA-2022:8544) Important: thunderbird security update (RHSA-2022:8543) Important: thunderbird security update

Amazon AWS Security Advisories

Reported AWS AppSync Issue

Github Security Advisories

[GHSA-562r-vg33-8x8h] TemporaryFolder on unix-like systems does not limit access to created files [GHSA-gpv5-rp6w-58r8] Remote code execution vulnerability in dependency System.Drawing.Common [GHSA-8w5g-3wcv-9g2j] Tensorflow vulnerable to Out-of-Bounds Read [GHSA-r7qp-cfhv-p84w] Uncaught exception in engine.io [GHSA-7x4w-j98p-854x] Cross site scripting vulnerability with discussion titles [GHSA-cqvq-fvhr-v6hc] `CHECK` failure in `SobolSample` via missing validation [GHSA-xf83-q765-xm6m] `CHECK` fail in `TensorListScatter` and `TensorListScatterV2` in eager mode [GHSA-q6jp-gcww-8v2j] Missing Authorization in Filter Stream Converter Application [GHSA-p88w-fhxw-xvcc] Exposure of Private Personal Information to an Unauthorized Actor in org.xwiki.platform:xwiki-platform-rest-server [GHSA-p2x4-6ghr-6vmq] Exposure of Sensitive Information to an Unauthorized Actor in org.xwiki.platform:xwiki-platform-livetable-ui [GHSA-6w8h-26xx-cf8q] Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in org.xwiki.platform:xwiki-platform-menu-ui [GHSA-q2hm-2h45-v5g3] Plaintext storage of password after a reset in org.xwiki.platform:xwiki-platform-security-authentication-default [GHSA-4x5r-6v26-7j4v] Creation of new database tables through login form on PostgreSQL [GHSA-5j7g-cf6r-g2h7] Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in xwiki-platform-icon-ui [GHSA-p5v9-g8w8-5q4v] Missing Authorization to enable or disable users in org.xwiki.platform:xwiki-platform-user-profile-ui [GHSA-2gj2-vj98-j2qq] Missing Authorization in User#setDisabledStatus in org.xwiki.platform:xwiki-platform-oldcore [GHSA-9hqh-fmhg-vq2j] Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in AttachmentSelector.xml [GHSA-mq7h-5574-hw9f] Cross-Site Request Forgery (CSRF) allowing to delete or rename tags [GHSA-qccm-wmcq-pwr6] Tailscale daemon is vulnerable to information disclosure via CSRF [GHSA-vqp6-rc3h-83cp] Tailscale Windows daemon is vulnerable to RCE via CSRF [GHSA-442f-wcwq-fpcf] Prevent RCE when deserializing untrusted user input [GHSA-pp3f-xrw5-q5j4] Lancet vulnerable to path traversal when unzipping files [GHSA-3fjj-p79j-c9hh] Fastify: Incorrect Content-Type parsing can lead to CSRF attack [GHSA-pf36-r9c6-h97j] Invalid char to bool conversion when printing a tensor [GHSA-frqp-wp83-qggv] Heap overflow in `QuantizeAndDequantizeV2` [GHSA-rjx6-v474-2ch9] Segfault in `CompositeTensorVariantToComponents` [GHSA-mv77-9g28-cwg3] `CHECK` fail via inputs in `PyFunc` [GHSA-368v-7v32-52fx] Overflow in `ResizeNearestNeighborGrad` [GHSA-cg88-rpvp-cjv5] Out of bounds write in grappler in Tensorflow [GHSA-g9fm-r5mm-rf9f] `CHECK_EQ` fail via input in `SparseMatrixNNZ` [GHSA-xvwp-h6jv-7472] FractionalMaxPool and FractionalAVGPool heap out-of-bounds acess [GHSA-27rc-728f-x5w2] `CHECK` fail via inputs in `SdcaOptimizer` [GHSA-hq7g-wwwp-q46h] `CHECK` fail via inputs in `SparseFillEmptyRowsGrad` [GHSA-f2w8-jw48-fr7j] `FractionalMaxPoolGrad` Heap out of bounds read [GHSA-rmg2-f698-wq35] `tf.raw_ops.Mfcc` crashes [GHSA-gq2j-cr96-gvqx] `MirrorPadGrad` heap out of bounds read [GHSA-h6q3-vv32-2cq5] Buffer overflow in `CONV_3D_TRANSPOSE` on TFLite [GHSA-67pf-62xr-q35m] `CHECK_EQ` fail in `tf.raw_ops.TensorListResize` [GHSA-66vq-54fq-6jvv] Segfault in `tf.raw_ops.TensorListConcat` [GHSA-h246-cgh4-7475] `CHECK` fail in `BCast` overflow [GHSA-xxcj-rhqg-m46g] Segfault via invalid attributes in `pywrap_tfe_src.cc` [GHSA-6x99-gv2v-q76v] FPE in `tf.image.generate_bounding_box_proposals` [GHSA-8fvv-46hw-vpg3] Overflow in `tf.keras.losses.poisson` [GHSA-54pp-c6pp-7fpx] Overflow in `ImageProjectiveTransformV2` [GHSA-762h-vpvw-3rcx] Overflow in `FusedResizeAndPadConv2D` [GHSA-jq6x-99hj-q636] Seg fault in `ndarray_tensor_bridge` due to zero and large inputs [GHSA-w58w-79xv-6vcj] Out of bounds segmentation fault due to unequal op inputs in Tensorflow [GHSA-3w3h-7xgx-grwc] Leakage Aliyun KeySecret [GHSA-6cqj-6969-p57x] Lack of proper validation of server UUID can be used by the server to trick the client to accept invalid proofs [GHSA-672p-m5jq-mrh8] Insufficient Verification of Proofs generated by the immudb server in client SDK.