Monthly Release Notes - July 2023

Jump to:

Agari	Automate	Beyond Security	Boldon James
Bytware	CCSS	Clearswift	Cobalt Strike
Core Security	Digital Defense	Digital Guardian	Document Management (RJS)
FileCatalyst	Globalscape	GoAnywhere	Halcyon
HelpSystems One	IBM Partnership	Insite	InterMapper
JAMS	Powertech	Robot	Safestone
Sequel	Showcase	Skybot	Tango/04
TeamQuest	Titus	Vera

Core Security

Core Impact

Version: 21.4

July 24, 2023

New Features

BloodHound integration: discover users and paths to high value targets and import users as Identities.
IBM i pentesting: added IBM i as a supported platform to run tests against. Development of InformationGathering modules as well as attack and privilege escalation ones.
Add ability to create ServiceNow incidents for discovered vulnerabilities.

Enhancements

Updated dependencies.
Updated Web browser engine of UI frames.

Fixes

Fixed error "Failed to validate Impact license" when upgrading system.

Digital Defense

Frontline Agent

Version 1.58.7

July 11, 2023

Current Windows agent version: 1.53.0

Current macOS agent version: 1.58.0

Current Linux agent version: 1.60.1

New Features

Support is ending for the Windows Server 2008 and 2008 R2 versions of the Frontline Agent as both of these versions of Windows are no longer supported by Microsoft.
Support is ending for the x86 (32-bit) version of Frontline Agent to focus on providing the best possible experience using the x86_64 and ARM64 versions of the agent.
Support for these agent versions will end on September 1, 2023.

Enhancements

Implemented the following new vulnerability checks:
- 1152394 Apache Log4j Remote Code Execution (Critical) - Linux
- 152628 Apple Security Update: Safari 16.5.1 (High) - Mac
- 152602 ELSA-2023-12393: Unbreakable Enterprise kernel security update (Medium) - Linux
- 152586 ELSA-2023-12412: Unbreakable Enterprise kernel-container security update (Medium) - Linux
- 152588 ELSA-2023-3559: c-ares security update (Medium) - Linux
- 152603 ELSA-2023-3577: 18 security update (Medium) - Linux
- 152601 ELSA-2023-3579: firefox security update (Medium) - Linux
- 152584 ELSA-2023-3581: .NET 6.0 security, bug fix, and enhancement update (Medium) - Linux
- 152582 ELSA-2023-3582: .NET 6.0 security, bug fix, and enhancement update (Medium) - Linux
- 152580 ELSA-2023-3584: c-ares security update (Medium) - Linux
- 152595 ELSA-2023-3585: python3.11 security update (Medium) - Linux
- 152604 ELSA-2023-3586: nodejs security update (Medium) - Linux
- 152596 ELSA-2023-3587: thunderbird security update (Medium) - Linux
- 152593 ELSA-2023-3588: thunderbird security update (Medium) - Linux
- 152597 ELSA-2023-3589: firefox security update (Medium) - Linux
- 152591 ELSA-2023-3590: firefox security update (Medium) - Linux
- 152598 ELSA-2023-3591: python3 security update (Medium) - Linux
- 152600 ELSA-2023-3592: .NET 7.0 security, bug fix, and enhancement update (Medium) - Linux
- 152587 ELSA-2023-3593: .NET 7.0 security, bug fix, and enhancement update (Medium) - Linux
- 152594 ELSA-2023-3594: python3.11 security update (Medium) - Linux
- 152585 ELSA-2023-3595: python3.9 security update (Medium) - Linux
- 152589 ELSA-2023-3661: texlive security update (Medium) - Linux
- 152599 ELSA-2023-3711: libtiff security update (Low) - Linux
- 152592 ELSA-2023-3714: postgresql security update (Low) - Linux
- 152581 ELSA-2023-3715: libvirt security update (Low) - Linux
- 152605 ELSA-2023-3722: openssl security and bug fix update (Low) - Linux
- 152590 ELSA-2023-3725: less security update (Low) - Linux
- 152583 ELSA-2023-3741: c-ares security update (Medium) - Linux
- 152614 Globalscape EFT Authentication Bypass via Out-of-Bounds Memory Read (Medium) - Windows
- 152615 Globalscape EFT Denial of Service via Recursive Deflate Stream (Medium) - Windows
- 152616 Globalscape EFT Password Leak Due to Insecure Defaults (Trivial) - Windows
- 152579 Microsoft Edge (Chromium): Multiple Vulnerabilities in Versions Less Than 109.0.1518.115 (High) -Windows
- 152578 Microsoft Edge (Chromium): Multiple Vulnerabilities in Versions Less Than 114.0.1823.51 (High) -Windows
- 152571 Progress MOVEit SQL Injection Vulnerabilities (High) - Windows
- 152572 Progress MOVEit SQL Injection Vulnerability (High) - Windows
- 152576 Zoom MacOS Client Improper Access Control Vulnerability (Medium) - Mac
- 152577 Zoom MacOS Client Network Information Disclosure (Medium) - Mac
- 152611 [USN-6143-3] Firefox regressions (Medium) - Linux
- 152606 [USN-6155-2] Requests vulnerability (Medium) - Linux
- 152609 [USN-6166-2] libcap2 vulnerability (Medium) - Linux
- 152607 [USN-6167-1] QEMU vulnerabilities (Medium) - Linux
- 152610 [USN-6168-2] libx11 vulnerability (Medium) - Linux
- 152608 [USN-6170-1] Podman vulnerabilities (Medium) - Linux
- 152612 [USN-6181-1] Ruby vulnerabilities (Medium) - Linux

Fixes

Updated Vulnerability Descriptions:
- 152192 Amazon Linux 2 Security Advisory: ALAS-2023-2012 (Low)
- 152195 Amazon Linux 2 Security Advisory: ALAS-2023-2013 (Low)
- 152196 Amazon Linux 2 Security Advisory: ALAS-2023-2014 (Low)
- 152191 Amazon Linux 2 Security Advisory: ALAS-2023-2015 (Low)
- 152194 Amazon Linux 2 Security Advisory: ALAS-2023-2016 (Low)
- 152193 Amazon Linux 2 Security Advisory: ALAS-2023-2017 (Medium)
- 152190 Amazon Linux 2 Security Advisory: ALAS-2023-2018 (Medium)
- 152269 Amazon Linux 2 Security Advisory: ALAS-2023-2019 (Low)
- 152261 Amazon Linux 2 Security Advisory: ALAS-2023-2020 (Low)
- 152272 Amazon Linux 2 Security Advisory: ALAS-2023-2021 (Low)
- 152265 Amazon Linux 2 Security Advisory: ALAS-2023-2022 (Low)
- 152273 Amazon Linux 2 Security Advisory: ALAS-2023-2023 (Low)
- 152267 Amazon Linux 2 Security Advisory: ALAS-2023-2024 (Low)
- 152262 Amazon Linux 2 Security Advisory: ALAS-2023-2025 (Low)
- 152266 Amazon Linux 2 Security Advisory: ALAS-2023-2026 (Low)
- 152264 Amazon Linux 2 Security Advisory: ALAS-2023-2027 (Low)
- 152259 Amazon Linux 2 Security Advisory: ALAS-2023-2028 (Low)
- 152271 Amazon Linux 2 Security Advisory: ALAS-2023-2029 (Low)
- 152263 Amazon Linux 2 Security Advisory: ALAS-2023-2030 (Medium)
- 152270 Amazon Linux 2 Security Advisory: ALAS-2023-2031 (Medium)
- 152260 Amazon Linux 2 Security Advisory: ALAS-2023-2032 (Medium)
- 152268 Amazon Linux 2 Security Advisory: ALAS-2023-2033 (Medium)
- 152188 Amazon Linux Security Advisory: ALAS-2023-1727 (Low)
- 152187 Amazon Linux Security Advisory: ALAS-2023-1729 (Low)
- 152186 Amazon Linux Security Advisory: ALAS-2023-1730 (Low)
- 152189 Amazon Linux Security Advisory: ALAS-2023-1731 (Low)
- 152185 Amazon Linux Security Advisory: ALAS-2023-1732 (Low)
- 152184 Amazon Linux Security Advisory: ALAS-2023-1733 (Medium)
- 152251 Amazon Linux Security Advisory: ALAS-2023-1734 (Low)
- 152250 Amazon Linux Security Advisory: ALAS-2023-1735 (Low)
- 152254 Amazon Linux Security Advisory: ALAS-2023-1736 (Low)
- 152249 Amazon Linux Security Advisory: ALAS-2023-1737 (Low)
- 152253 Amazon Linux Security Advisory: ALAS-2023-1738 (Low)
- 152256 Amazon Linux Security Advisory: ALAS-2023-1739 (Medium)
- 152257 Amazon Linux Security Advisory: ALAS-2023-1740 (Medium)
- 152252 Amazon Linux Security Advisory: ALAS-2023-1741 (Medium)
- 152258 Amazon Linux Security Advisory: ALAS-2023-1742 (High)
- 152255 Amazon Linux Security Advisory: ALAS-2023-1743 (High)
- 152182 Debian Security Advisory: DLA-3388-1 (Medium)
- 152183 Debian Security Advisory: DLA-3393-1 (Medium)
- 152180 Debian Security Advisory: DLA-3395-1 (High)
- 152181 Debian Security Advisory: DLA-3399-1 (Medium)
- 152246 Debian Security Advisory: DLA-3408-1 (High)
- 152245 Debian Security Advisory: DLA-3409-1 (Medium)
- 152247 Debian Security Advisory: DSA-5396-1 (Medium)
- 152248 Debian Security Advisory: DSA-5397-1 (Medium)
- 152209 ELSA-2023-12255: Unbreakable Enterprise kernel security update (Medium)
- 152200 ELSA-2023-12256: Unbreakable Enterprise kernel-container security update (Medium)
- 152215 ELSA-2023-12297: openssl security update (Medium)
- 152276 ELSA-2023-12298: cloud-init security update (Medium)
- 152277 ELSA-2023-12299: cloud-init security update (Medium)
- 152274 ELSA-2023-12323: Unbreakable Enterprise kernel security update (Medium)
- 152282 ELSA-2023-12326: openssl security update (Medium)
- 152275 ELSA-2023-12331: spacewalk-admin security update (High)
- 152279 ELSA-2023-12339: Unbreakable Enterprise kernel security update (Medium)
- 152198 ELSA-2023-1786: firefox security update (Medium)
- 152197 ELSA-2023-1787: firefox security update (Medium)
- 152212 ELSA-2023-1791: firefox security update (Medium)
- 152214 ELSA-2023-1802: thunderbird security update (Medium)
- 152217 ELSA-2023-1806: thunderbird security update (Medium)
- 152205 ELSA-2023-1809: thunderbird security update (Medium)
- 152216 ELSA-2023-1875: java-11-openjdk security update (Medium)
- 152199 ELSA-2023-1879: java-17-openjdk security and bug fix update (Medium)
- 152203 ELSA-2023-1880: java-11-openjdk security update (Medium)
- 152211 ELSA-2023-1895: java-11-openjdk security update (Medium)
- 152210 ELSA-2023-1898: java-17-openjdk security and bug fix update (Medium)
- 152207 ELSA-2023-1904: java-1.8.0-openjdk security and bug fix update (Medium)
- 152202 ELSA-2023-1908: java-1.8.0-openjdk security update (Medium)
- 152208 ELSA-2023-1909: java-1.8.0-openjdk security and bug fix update (Medium)
- 152204 ELSA-2023-1918: webkit2gtk3 security update (Medium)
- 152213 ELSA-2023-1919: webkit2gtk3 security update (Medium)
- 152206 ELSA-2023-1930: emacs security update (Medium)
- 152201 ELSA-2023-1987: kernel security and bug fix update (Low)
- 152278 ELSA-2023-2074: emacs security update (Medium)
- 152281 ELSA-2023-2076: libwebp security update (Medium)
- 152280 ELSA-2023-2077: libwebp security update (Medium)
- 152285 ELSA-2023-2078: libwebp security update (Medium)
- 152284 ELSA-2023-2120: libreswan security update (Medium)
- 152283 ELSA-2023-2122: libreswan security update (Medium)
- 152286 ELSA-2023-2127: samba security update (Medium)
- 113791 Oracle Java End of Life (High)
- 133831 Oracle Java Installed (Info)
- 152165 [USN-6010-2] Firefox regressions (Medium)
- 152170 [USN-6010-3] Firefox regressions (Medium)
- 152162 [USN-6019-1] Flask-CORS vulnerability (Medium)
- 152164 [USN-6022-1] Kamailio vulnerabilities (Medium)
- 152163 [USN-6023-1] LibreOffice vulnerability (Medium)
- 152166 [USN-6026-1] Vim vulnerabilities (Medium)
- 152167 [USN-6028-1] libxml2 vulnerabilities (Medium)
- 152168 [USN-6035-1] KAuth vulnerability (Medium)
- 152169 [USN-6038-1] Go vulnerabilities (Medium)
- 152236 [USN-6042-1] Cloud-init vulnerability (Medium)
- 152237 [USN-6046-1] OpenSSL-ibmca vulnerabilities (Medium)
- 152238 [USN-6050-1] Git vulnerabilities (Medium)
- 152239 [USN-6055-1] Ruby vulnerabilities (Medium)
- 152240 [USN-6055-2] Ruby regression (Medium)
- 152241 [USN-6059-1] Erlang vulnerability (Medium)
- 152242 [USN-6060-2] MySQL vulnerabilities (Medium)
- 152243 [USN-6062-1] FreeType vulnerability (Medium)
- 152244 [USN-6064-1] SQL parse vulnerability (Medium)

Frontline VM

Version 6.5.5.2

July 7, 2023

Enhancements

One-Time Scans: Add OTS configuration for IBM i DDM Service Unauthenticated RCE One-Time Scan

Fixes

One-Time Scans: Updated verbiage for consistency and grammatical correctness
PCI Self-Service: Fix the incorrectly filtered global view of the PCI dispute list
Multi-scan reports potentially error from setting value on incorrect field

Frontline WAS

Version 6.5.5.2

July 7, 2023

Enhancements

This version of Frontline Web Application Scanner introduces various bug fixes and enhancements to improve overall usability and quality.
One-Time Scans: Add OTS configuration for IBM i DDM Service Unauthenticated RCE One-Time Scan.

Fixes

One-Time Scans: Updated verbiage for consistency and grammatical correctness.
PCI Self -Service: Fix the incorrectly filtered global view of the PCI dispute list.
Multi-scan reports potentially error from setting value on incorrect field.

Container Scanner

Version 1.11.0

July 10, 2023

Enhancements

This release includes several fixes and enhancements to the scanning engine and existing vulnerability checks.
Frontline Container Scanner contains the following new vulnerability checks:
- 1152623 Alpine Linux: Multiple Vulnerabilities in 'libdwarf' in Versions Less Than 0.6.0-r0 (Medium)
- 152626 Alpine Linux: Multiple Vulnerabilities in 'pjproject' in Versions Less Than 2.13-r0 (Medium)
- 152621 Alpine Linux: Multiple Vulnerabilities in 'tiff' in Versions Less Than 4.4.0-r3 (Medium)
- 152625 Alpine Linux: Vulnerability in 'avahi' in Versions Less Than 0.8-r5 (Low)
- 152627 Alpine Linux: Vulnerability in 'grub' in Versions Less Than 2.06-r12 (Medium)
- 152622 Alpine Linux: Vulnerability in 'grub' in Versions Less Than 2.06-r8 (Medium)
- 152620 Alpine Linux: Vulnerability in 'libfastjson' in Versions Less Than 1.2304.0-r0 (Medium)
- 152624 Alpine Linux: Vulnerability in 'opus' in Versions Less Than 0 (Medium)
- 152192 Amazon Linux 2 Security Advisory: ALAS-2023-2012 (Low)
- 152195 Amazon Linux 2 Security Advisory: ALAS-2023-2013 (Low)
- 152196 Amazon Linux 2 Security Advisory: ALAS-2023-2014 (Low)
- 152191 Amazon Linux 2 Security Advisory: ALAS-2023-2015 (Low)
- 152194 Amazon Linux 2 Security Advisory: ALAS-2023-2016 (Low)
- 152193 Amazon Linux 2 Security Advisory: ALAS-2023-2017 (Medium)
- 152190 Amazon Linux 2 Security Advisory: ALAS-2023-2018 (Medium)
- 152269 Amazon Linux 2 Security Advisory: ALAS-2023-2019 (Low)
- 152261 Amazon Linux 2 Security Advisory: ALAS-2023-2020 (Low)
- 152272 Amazon Linux 2 Security Advisory: ALAS-2023-2021 (Low)
- 152265 Amazon Linux 2 Security Advisory: ALAS-2023-2022 (Low)
- 152273 Amazon Linux 2 Security Advisory: ALAS-2023-2023 (Low)
- 152267 Amazon Linux 2 Security Advisory: ALAS-2023-2024 (Low)
- 152262 Amazon Linux 2 Security Advisory: ALAS-2023-2025 (Low)
- 152266 Amazon Linux 2 Security Advisory: ALAS-2023-2026 (Low)
- 152264 Amazon Linux 2 Security Advisory: ALAS-2023-2027 (Low)
- 152259 Amazon Linux 2 Security Advisory: ALAS-2023-2028 (Low)
- 152271 Amazon Linux 2 Security Advisory: ALAS-2023-2029 (Low)
- 152263 Amazon Linux 2 Security Advisory: ALAS-2023-2030 (Medium)
- 152270 Amazon Linux 2 Security Advisory: ALAS-2023-2031 (Medium)
- 152260 Amazon Linux 2 Security Advisory: ALAS-2023-2032 (Medium)
- 152268 Amazon Linux 2 Security Advisory: ALAS-2023-2033 (Medium)
- 152379 Amazon Linux 2 Security Advisory: ALAS-2023-2034 (Low)
- 152371 Amazon Linux 2 Security Advisory: ALAS-2023-2035 (Low)
- 152385 Amazon Linux 2 Security Advisory: ALAS-2023-2036 (Low)
- 152370 Amazon Linux 2 Security Advisory: ALAS-2023-2037 (Low)
- 152384 Amazon Linux 2 Security Advisory: ALAS-2023-2038 (Low)
- 152382 Amazon Linux 2 Security Advisory: ALAS-2023-2039 (Low)
- 152375 Amazon Linux 2 Security Advisory: ALAS-2023-2040 (Low)
- 152372 Amazon Linux 2 Security Advisory: ALAS-2023-2041 (Low)
- 152378 Amazon Linux 2 Security Advisory: ALAS-2023-2042 (Low)
- 152383 Amazon Linux 2 Security Advisory: ALAS-2023-2043 (Medium)
- 152373 Amazon Linux 2 Security Advisory: ALAS-2023-2044 (Medium)
- 152380 Amazon Linux 2 Security Advisory: ALAS-2023-2045 (Medium)
- 152374 Amazon Linux 2 Security Advisory: ALAS-2023-2046 (Medium)
- 152381 Amazon Linux 2 Security Advisory: ALAS-2023-2047 (Medium)
- 152376 Amazon Linux 2 Security Advisory: ALAS-2023-2048 (Medium)
- 152377 Amazon Linux 2 Security Advisory: ALAS-2023-2049 (High)
- 152546 Amazon Linux 2 Security Advisory: ALAS-2023-2050 (Low)
- 152538 Amazon Linux 2 Security Advisory: ALAS-2023-2051 (Low)
- 152530 Amazon Linux 2 Security Advisory: ALAS-2023-2052 (Low)
- 152545 Amazon Linux 2 Security Advisory: ALAS-2023-2053 (Low)
- 152537 Amazon Linux 2 Security Advisory: ALAS-2023-2054 (Low)
- 152539 Amazon Linux 2 Security Advisory: ALAS-2023-2055 (Low)
- 152548 Amazon Linux 2 Security Advisory: ALAS-2023-2056 (Low)
- 152533 Amazon Linux 2 Security Advisory: ALAS-2023-2057 (Medium)
- 152521 Amazon Linux 2 Security Advisory: ALAS-2023-2058 (Low)
- 152522 Amazon Linux 2 Security Advisory: ALAS-2023-2059 (Medium)
- 152532 Amazon Linux 2 Security Advisory: ALAS-2023-2060 (Low)
- 152541 Amazon Linux 2 Security Advisory: ALAS-2023-2061 (Medium)
- 152549 Amazon Linux 2 Security Advisory: ALAS-2023-2062 (Medium)
- 152534 Amazon Linux 2 Security Advisory: ALAS-2023-2063 (Medium)
- 152542 Amazon Linux 2 Security Advisory: ALAS-2023-2064 (Medium)
- 152540 Amazon Linux 2 Security Advisory: ALAS-2023-2065 (Medium)
- 152531 Amazon Linux 2 Security Advisory: ALAS-2023-2066 (Medium)
- 152547 Amazon Linux 2 Security Advisory: ALAS-2023-2067 (Medium)
- 152557 Amazon Linux 2 Security Advisory: ALAS-2023-2068 (Low)
- 152558 Amazon Linux 2 Security Advisory: ALAS-2023-2069 (Low)
- 152553 Amazon Linux 2 Security Advisory: ALAS-2023-2070 (Low)
- 152523 Amazon Linux 2 Security Advisory: ALAS-2023-2071 (Low)
- 152525 Amazon Linux 2 Security Advisory: ALAS-2023-2072 (Low)
- 152550 Amazon Linux 2 Security Advisory: ALAS-2023-2073 (Low)
- 152520 Amazon Linux 2 Security Advisory: ALAS-2023-2074 (Low)
- 152524 Amazon Linux 2 Security Advisory: ALAS-2023-2075 (Medium)
- 152551 Amazon Linux 2 Security Advisory: ALAS-2023-2076 (Medium)
- 152526 Amazon Linux 2 Security Advisory: ALAS-2023-2077 (Low)
- 152536 Amazon Linux 2 Security Advisory: ALAS-2023-2078 (Medium)
- 152535 Amazon Linux 2 Security Advisory: ALAS-2023-2079 (Medium)
- 152528 Amazon Linux 2 Security Advisory: ALAS-2023-2080 (High)
- 152556 Amazon Linux 2 Security Advisory: ALAS-2023-2081 (High)
- 152554 Amazon Linux 2 Security Advisory: ALAS-2023-2082 (High)
- 152529 Amazon Linux 2 Security Advisory: ALAS-2023-2083 (High)
- 152559 Amazon Linux 2 Security Advisory: ALAS-2023-2084 (Low)
- 152555 Amazon Linux 2 Security Advisory: ALAS-2023-2085 (Low)
- 152527 Amazon Linux 2 Security Advisory: ALAS-2023-2086 (Low)
- 152552 Amazon Linux 2 Security Advisory: ALAS-2023-2087 (Medium)
- 152543 Amazon Linux 2 Security Advisory: ALAS-2023-2088 (High)
- 152544 Amazon Linux 2 Security Advisory: ALAS-2023-2089 (High)
- 152188 Amazon Linux Security Advisory: ALAS-2023-1727 (Low)
- 152187 Amazon Linux Security Advisory: ALAS-2023-1729 (Low)
- 152186 Amazon Linux Security Advisory: ALAS-2023-1730 (Low)
- 152189 Amazon Linux Security Advisory: ALAS-2023-1731 (Low)
- 152185 Amazon Linux Security Advisory: ALAS-2023-1732 (Low)
- 152184 Amazon Linux Security Advisory: ALAS-2023-1733 (Medium)
- 152251 Amazon Linux Security Advisory: ALAS-2023-1734 (Low)
- 152250 Amazon Linux Security Advisory: ALAS-2023-1735 (Low)
- 152254 Amazon Linux Security Advisory: ALAS-2023-1736 (Low)
- 152249 Amazon Linux Security Advisory: ALAS-2023-1737 (Low)
- 152253 Amazon Linux Security Advisory: ALAS-2023-1738 (Low)
- 152256 Amazon Linux Security Advisory: ALAS-2023-1739 (Medium)
- 152257 Amazon Linux Security Advisory: ALAS-2023-1740 (Medium)
- 152252 Amazon Linux Security Advisory: ALAS-2023-1741 (Medium)
- 152258 Amazon Linux Security Advisory: ALAS-2023-1742 (High)
- 152255 Amazon Linux Security Advisory: ALAS-2023-1743 (High)
- 152367 Amazon Linux Security Advisory: ALAS-2023-1744 (Low)
- 152364 Amazon Linux Security Advisory: ALAS-2023-1745 (Low)
- 152368 Amazon Linux Security Advisory: ALAS-2023-1746 (Low)
- 152366 Amazon Linux Security Advisory: ALAS-2023-1747 (Low)
- 152365 Amazon Linux Security Advisory: ALAS-2023-1748 (Medium)
- 152369 Amazon Linux Security Advisory: ALAS-2023-1749 (Medium)
- 152514 Amazon Linux Security Advisory: ALAS-2023-1750 (Low)
- 152511 Amazon Linux Security Advisory: ALAS-2023-1751 (Low)
- 152510 Amazon Linux Security Advisory: ALAS-2023-1752 (Low)
- 152516 Amazon Linux Security Advisory: ALAS-2023-1753 (Low)
- 152508 Amazon Linux Security Advisory: ALAS-2023-1754 (Medium)
- 152513 Amazon Linux Security Advisory: ALAS-2023-1755 (Medium)
- 152518 Amazon Linux Security Advisory: ALAS-2023-1756 (Medium)
- 152505 Amazon Linux Security Advisory: ALAS-2023-1757 (Medium)
- 152517 Amazon Linux Security Advisory: ALAS-2023-1758 (Low)
- 152504 Amazon Linux Security Advisory: ALAS-2023-1759 (Low)
- 152501 Amazon Linux Security Advisory: ALAS-2023-1760 (Low)
- 152502 Amazon Linux Security Advisory: ALAS-2023-1761 (Low)
- 152503 Amazon Linux Security Advisory: ALAS-2023-1762 (Low)
- 152506 Amazon Linux Security Advisory: ALAS-2023-1763 (Low)
- 152519 Amazon Linux Security Advisory: ALAS-2023-1764 (Medium)
- 152500 Amazon Linux Security Advisory: ALAS-2023-1765 (Low)
- 152509 Amazon Linux Security Advisory: ALAS-2023-1766 (Medium)
- 152515 Amazon Linux Security Advisory: ALAS-2023-1767 (High)
- 152507 Amazon Linux Security Advisory: ALAS-2023-1768 (Low)
- 152512 Amazon Linux Security Advisory: ALAS-2023-1769 (High)
- 152477 Debian Security Advisory: DLA-3290-1 (Low)
- 152182 Debian Security Advisory: DLA-3388-1 (Medium)
- 152183 Debian Security Advisory: DLA-3393-1 (Medium)
- 152180 Debian Security Advisory: DLA-3395-1 (High)
- 152181 Debian Security Advisory: DLA-3399-1 (Medium)
- 152246 Debian Security Advisory: DLA-3408-1 (High)
- 152245 Debian Security Advisory: DLA-3409-1 (Medium)
- 152247 Debian Security Advisory: DSA-5396-1 (Medium)
- 152248 Debian Security Advisory: DSA-5397-1 (Medium)
- 152433 ELSA-2023-0752: grub2 security update (Low)
- 152209 ELSA-2023-12255: Unbreakable Enterprise kernel security update (Medium)
- 152200 ELSA-2023-12256: Unbreakable Enterprise kernel-container security update (Medium)
- 152215 ELSA-2023-12297: openssl security update (Medium)
- 152276 ELSA-2023-12298: cloud-init security update (Medium)
- 152277 ELSA-2023-12299: cloud-init security update (Medium)
- 152274 ELSA-2023-12323: Unbreakable Enterprise kernel security update (Medium)
- 152282 ELSA-2023-12326: openssl security update (Medium)
- 152348 ELSA-2023-12328: qemu-kvm security update (Medium)
- 152275 ELSA-2023-12331: spacewalk-admin security update (High)
- 152279 ELSA-2023-12339: Unbreakable Enterprise kernel security update (Medium)
- 152327 ELSA-2023-12342: virt:kvm_utils security update (Medium)
- 152409 ELSA-2023-12348: python3-setuptools security update (Medium)
- 152446 ELSA-2023-12349: python-pip security update (Low)
- 152461 ELSA-2023-12354: istio security update (Medium)
- 152463 ELSA-2023-12355: istio security update (Medium)
- 152468 ELSA-2023-12356: istio security update (Medium)
- 152425 ELSA-2023-12357: istio security update (Medium)
- 152423 ELSA-2023-12358: virt:kvm_utils2 security update (Medium)
- 152408 ELSA-2023-12368: qemu security update (Medium)
- 152473 ELSA-2023-12375: Unbreakable Enterprise kernel security update (Medium)
- 152602 ELSA-2023-12393: Unbreakable Enterprise kernel security update (Medium)
- 152586 ELSA-2023-12412: Unbreakable Enterprise kernel-container security update (Medium)
- 152407 ELSA-2023-12413: Unbreakable Enterprise kernel-container security update (Medium)
- 152198 ELSA-2023-1786: firefox security update (Medium)
- 152197 ELSA-2023-1787: firefox security update (Medium)
- 152212 ELSA-2023-1791: firefox security update (Medium)
- 152214 ELSA-2023-1802: thunderbird security update (Medium)
- 152217 ELSA-2023-1806: thunderbird security update (Medium)
- 152205 ELSA-2023-1809: thunderbird security update (Medium)
- 152216 ELSA-2023-1875: java-11-openjdk security update (Medium)
- 152199 ELSA-2023-1879: java-17-openjdk security and bug fix update (Medium)
- 152203 ELSA-2023-1880: java-11-openjdk security update (Medium)
- 152211 ELSA-2023-1895: java-11-openjdk security update (Medium)
- 152210 ELSA-2023-1898: java-17-openjdk security and bug fix update (Medium)
- 152207 ELSA-2023-1904: java-1.8.0-openjdk security and bug fix update (Medium)
- 152202 ELSA-2023-1908: java-1.8.0-openjdk security update (Medium)
- 152208 ELSA-2023-1909: java-1.8.0-openjdk security and bug fix update (Medium)
- 152204 ELSA-2023-1918: webkit2gtk3 security update (Medium)
- 152213 ELSA-2023-1919: webkit2gtk3 security update (Medium)
- 152206 ELSA-2023-1930: emacs security update (Medium)
- 152201 ELSA-2023-1987: kernel security and bug fix update (Low)
- 152278 ELSA-2023-2074: emacs security update (Medium)
- 152281 ELSA-2023-2076: libwebp security update (Medium)
- 152280 ELSA-2023-2077: libwebp security update (Medium)
- 152285 ELSA-2023-2078: libwebp security update (Medium)
- 152284 ELSA-2023-2120: libreswan security update (Medium)
- 152283 ELSA-2023-2122: libreswan security update (Medium)
- 152286 ELSA-2023-2127: samba security update (Medium)
- 152343 ELSA-2023-2161: fence-agents security and bug fix update (Low)
- 152295 ELSA-2023-2162: qemu-kvm security, bug fix, and enhancement update (Low)
- 152356 ELSA-2023-2165: edk2 security, bug fix, and enhancement update (High)
- 152294 ELSA-2023-2166: freeradius security and bug fix update (Low)
- 152339 ELSA-2023-2167: grafana security and enhancement update (Low)
- 152318 ELSA-2023-2177: grafana-pcp security and enhancement update (Low)
- 152325 ELSA-2023-2179: libguestfs-winsupport security update (Medium)
- 152342 ELSA-2023-2202: frr security, bug fix, and enhancement update (Low)
- 152351 ELSA-2023-2204: Image Builder security, bug fix, and enhancement update (Low)
- 152355 ELSA-2023-2216: gdk-pixbuf2 security update (Medium)
- 152305 ELSA-2023-2222: conmon security and bug fix update (Low)
- 152353 ELSA-2023-2234: sysstat security and bug fix update (Low)
- 152337 ELSA-2023-2248: xorg-x11-server security and bug fix update (Low)
- 152298 ELSA-2023-2249: xorg-x11-server-Xwayland security update (Low)
- 152296 ELSA-2023-2253: buildah security and bug fix update (Low)
- 152306 ELSA-2023-2256: webkit2gtk3 security and bug fix update (Medium)
- 152324 ELSA-2023-2257: tigervnc security and bug fix update (Low)
- 152328 ELSA-2023-2258: python-mako security update (Low)
- 152319 ELSA-2023-2259: poppler security and bug fix update (Low)
- 152349 ELSA-2023-2260: gstreamer1-plugins-good security update (Low)
- 152345 ELSA-2023-2261: bind security and bug fix update (Low)
- 152326 ELSA-2023-2282: podman security and bug fix update (Low)
- 152341 ELSA-2023-2283: skopeo security and bug fix update (Low)
- 152302 ELSA-2023-2293: pki-core security, bug fix, and enhancement update (Low)
- 152350 ELSA-2023-2312: jackson security update (Medium)
- 152301 ELSA-2023-2326: freerdp security update (Low)
- 152346 ELSA-2023-2340: libtiff security update (Low)
- 152320 ELSA-2023-2357: git-lfs security and bug fix update (Low)
- 152432 ELSA-2023-23649: olcne security update (Medium)
- 152300 ELSA-2023-2366: emacs security and bug fix update (Low)
- 152357 ELSA-2023-2367: containernetworking-plugins security and bug fix update (Low)
- 152308 ELSA-2023-2370: unbound security update (Low)
- 152336 ELSA-2023-2373: wireshark security and bug fix update (Low)
- 152314 ELSA-2023-2378: postgresql-jdbc security update (Low)
- 152344 ELSA-2023-2417: 8.1 security update (Low)
- 152347 ELSA-2023-2444: net-snmp security and bug fix update (Low)
- 152354 ELSA-2023-2453: libtpms security update (Low)
- 152321 ELSA-2023-2459: device-mapper-multipath security and bug fix update (Low)
- 152322 ELSA-2023-2478: curl security update (Low)
- 152331 ELSA-2023-2487: fwupd security and bug fix update (Low)
- 152334 ELSA-2023-2502: dhcp security and enhancement update (Low)
- 152338 ELSA-2023-2519: samba security, bug fix, and enhancement update (Low)
- 152312 ELSA-2023-2523: openssl security and bug fix update (Low)
- 152340 ELSA-2023-2532: libarchive security update (Low)
- 152309 ELSA-2023-2570: krb5 security, bug fix, and enhancement update (High)
- 152323 ELSA-2023-2582: lua security update (Medium)
- 152329 ELSA-2023-2589: autotrace security update (Medium)
- 152313 ELSA-2023-2592: golang-github-cpuguy83-md2man security, bug fix, and enhancement update (Low)
- 152299 ELSA-2023-2621: mysql security update (Medium)
- 152352 ELSA-2023-2626: emacs security update (Medium)
- 152307 ELSA-2023-2633: libreswan security update (Low)
- 152297 ELSA-2023-2645: openssh security update (Low)
- 152311 ELSA-2023-2650: curl security update (Low)
- 152333 ELSA-2023-2653: webkit2gtk3 security update (Medium)
- 152332 ELSA-2023-2654: nodejs:18 security, bug fix, and enhancement update (Low)
- 152316 ELSA-2023-2655: nodejs and nodejs-nodemon security, bug fix, and enhancement update (Low)
- 152431 ELSA-2023-2757: virt:ol and virt-devel:rhel security, bug fix, and enhancement update (Medium)
- 152459 ELSA-2023-2771: unbound security and bug fix update (Low)
- 152456 ELSA-2023-2780: Image Builder security, bug fix, and enhancement update (Low)
- 152441 ELSA-2023-2784: grafana security update (Low)
- 152466 ELSA-2023-2785: grafana-pcp security update (Low)
- 152442 ELSA-2023-2786: wayland security, bug fix, and enhancement update (Low)
- 152410 ELSA-2023-2792: bind9.16 security and bug fix update (Low)
- 152443 ELSA-2023-2800: sysstat security and bug fix update (Low)
- 152415 ELSA-2023-2801: frr security and bug fix update (Low)
- 152437 ELSA-2023-2805: xorg-x11-server-Xwayland security update (Low)
- 152458 ELSA-2023-2806: xorg-x11-server security and bug fix update (Low)
- 152438 ELSA-2023-2810: poppler security update (Low)
- 152447 ELSA-2023-2830: tigervnc security and bug fix update (Low)
- 152472 ELSA-2023-2834: webkit2gtk3 security and bug fix update (Medium)
- 152475 ELSA-2023-2851: freerdp security update (Low)
- 152465 ELSA-2023-2860: python27:2.7 security update (Low)
- 152420 ELSA-2023-2863: ctags security update (Low)
- 152440 ELSA-2023-2866: git-lfs security and bug fix update (Low)
- 152469 ELSA-2023-2867: postgresql-jdbc security update (Low)
- 152430 ELSA-2023-2870: freeradius:3.0 security update (Low)
- 152474 ELSA-2023-2873: gcc-toolset-12-binutils security update (Low)
- 152422 ELSA-2023-2883: libtiff security update (Low)
- 152429 ELSA-2023-2893: python-mako security update (Low)
- 152471 ELSA-2023-2898: libtar security update (Low)
- 152428 ELSA-2023-2903: php:7.4 security update (Low)
- 152418 ELSA-2023-2932: edk2 security update (Medium)
- 152444 ELSA-2023-2948: device-mapper-multipath security and bug fix update (Low)
- 152412 ELSA-2023-2963: curl security and bug fix update (Low)
- 152414 ELSA-2023-2969: net-snmp security and bug fix update (Low)
- 152448 ELSA-2023-3000: dhcp security and bug fix update (Low)
- 152424 ELSA-2023-3002: bind security and bug fix update (Low)
- 152449 ELSA-2023-3018: libarchive security update (Low)
- 152413 ELSA-2023-3042: emacs security and bug fix update (Low)
- 152411 ELSA-2023-3082: pcs security update (Low)
- 152435 ELSA-2023-3083: go-toolset:ol8 security and bug fix update (Low)
- 152462 ELSA-2023-3087: mysql:8.0 security, bug fix, and enhancement update (Medium)
- 152467 ELSA-2023-3095: libreswan security and bug fix update (Low)
- 152476 ELSA-2023-3097: gssntlmssp security update (Low)
- 152453 ELSA-2023-3104: emacs security update (Medium)
- 152451 ELSA-2023-3106: curl security and bug fix update (Low)
- 152454 ELSA-2023-3107: libreswan security update (Medium)
- 152470 ELSA-2023-3108: webkit2gtk3 security update (Medium)
- 152434 ELSA-2023-3109: apr-util security update (Medium)
- 152330 ELSA-2023-3137: firefox security update (Medium)
- 152335 ELSA-2023-3143: firefox security update (Medium)
- 152317 ELSA-2023-3145: apr-util security update (Medium)
- 152310 ELSA-2023-3147: apr-util security update (Medium)
- 152315 ELSA-2023-3148: libreswan security update (Medium)
- 152303 ELSA-2023-3150: thunderbird security update (Medium)
- 152304 ELSA-2023-3151: thunderbird security update (Medium)
- 152464 ELSA-2023-3220: firefox security update (Medium)
- 152427 ELSA-2023-3221: thunderbird security update (Medium)
- 152436 ELSA-2023-3245: git security update (Medium)
- 152419 ELSA-2023-3246: git security update (Medium)
- 152457 ELSA-2023-3263: git security update (Medium)
- 152421 ELSA-2023-3318: go-toolset and golang security update (Medium)
- 152455 ELSA-2023-3319: go-toolset:ol8 security update (Medium)
- 152452 ELSA-2023-3349: kernel security and bug fix update (Medium)
- 152450 ELSA-2023-3423: cups-filters security update (Medium)
- 152416 ELSA-2023-3425: cups-filters security update (Medium)
- 152417 ELSA-2023-3432: webkit2gtk3 security update (Medium)
- 152426 ELSA-2023-3433: webkit2gtk3 security update (Medium)
- 152406 ELSA-2023-3481: emacs security update (Low)
- 152439 ELSA-2023-3555: python security update (Medium)
- 152460 ELSA-2023-3556: python3 security update (Medium)
- 152588 ELSA-2023-3559: c-ares security update (Medium)
- 152445 ELSA-2023-3563: thunderbird security update (Medium)
- 152603 ELSA-2023-3577: 18 security update (Medium)
- 152601 ELSA-2023-3579: firefox security update (Medium)
- 152584 ELSA-2023-3581: .NET 6.0 security, bug fix, and enhancement update (Medium)
- 152582 ELSA-2023-3582: .NET 6.0 security, bug fix, and enhancement update (Medium)
- 152580 ELSA-2023-3584: c-ares security update (Medium)
- 152595 ELSA-2023-3585: python3.11 security update (Medium)
- 152604 ELSA-2023-3586: nodejs security update (Medium)
- 152596 ELSA-2023-3587: thunderbird security update (Medium)
- 152593 ELSA-2023-3588: thunderbird security update (Medium)
- 152597 ELSA-2023-3589: firefox security update (Medium)
- 152591 ELSA-2023-3590: firefox security update (Medium)
- 152598 ELSA-2023-3591: python3 security update (Medium)
- 152600 ELSA-2023-3592: .NET 7.0 security, bug fix, and enhancement update (Medium)
- 152587 ELSA-2023-3593: .NET 7.0 security, bug fix, and enhancement update (Medium)
- 152594 ELSA-2023-3594: python3.11 security update (Medium)
- 152585 ELSA-2023-3595: python3.9 security update (Medium)
- 152589 ELSA-2023-3661: texlive security update (Medium)
- 152599 ELSA-2023-3711: libtiff security update (Low)
- 152592 ELSA-2023-3714: postgresql security update (Low)
- 152581 ELSA-2023-3715: libvirt security update (Low)
- 152605 ELSA-2023-3722: openssl security and bug fix update (Low)
- 152590 ELSA-2023-3725: less security update (Low)
- 152583 ELSA-2023-3741: c-ares security update (Medium)
- 152363 [USN-5900-2] tar vulnerability (Medium)
- 152478 [USN-5996-2] Libloius vulnerabilities (Medium)
- 152165 [USN-6010-2] Firefox regressions (Medium)
- 152170 [USN-6010-3] Firefox regressions (Medium)
- 152162 [USN-6019-1] Flask-CORS vulnerability (Medium)
- 152164 [USN-6022-1] Kamailio vulnerabilities (Medium)
- 152163 [USN-6023-1] LibreOffice vulnerability (Medium)
- 152166 [USN-6026-1] Vim vulnerabilities (Medium)
- 152167 [USN-6028-1] libxml2 vulnerabilities (Medium)
- 152494 [USN-6028-2] libxml2 vulnerabilities (Medium)
- 152168 [USN-6035-1] KAuth vulnerability (Medium)
- 152169 [USN-6038-1] Go vulnerabilities (Medium)
- 152236 [USN-6042-1] Cloud-init vulnerability (Medium)
- 152237 [USN-6046-1] OpenSSL-ibmca vulnerabilities (Medium)
- 152238 [USN-6050-1] Git vulnerabilities (Medium)
- 152483 [USN-6054-2] Django vulnerability (Medium)
- 152239 [USN-6055-1] Ruby vulnerabilities (Medium)
- 152240 [USN-6055-2] Ruby regression (Medium)
- 152241 [USN-6059-1] Erlang vulnerability (Medium)
- 152242 [USN-6060-2] MySQL vulnerabilities (Medium)
- 152243 [USN-6062-1] FreeType vulnerability (Medium)
- 152244 [USN-6064-1] SQL parse vulnerability (Medium)
- 152358 [USN-6074-1] Firefox vulnerabilities (Medium)
- 152360 [USN-6074-2] Firefox regressions (Medium)
- 152479 [USN-6074-3] Firefox regressions (Medium)
- 152359 [USN-6075-1] Thunderbird vulnerabilities (Medium)
- 152361 [USN-6077-1] OpenJDK vulnerabilities (Medium)
- 152362 [USN-6087-1] Ruby vulnerabilities (Medium)
- 152481 [USN-6100-1] HTML::StripScripts vulnerability (Medium)
- 152480 [USN-6101-1] GNU binutils vulnerabilities (Medium)
- 152482 [USN-6105-2] ca-certificates update (Medium)
- 152486 [USN-6111-1] Flask vulnerability (Medium)
- 152484 [USN-6115-1] TeX Live vulnerability (Medium)
- 152487 [USN-6117-1] Apache Batik vulnerabilities (Medium)
- 152485 [USN-6121-1] Nanopb vulnerabilities (Medium)
- 152488 [USN-6125-1] snapd vulnerability (Medium)
- 152489 [USN-6128-2] CUPS vulnerability (Medium)
- 152490 [USN-6139-1] Python vulnerability (Medium)
- 152491 [USN-6140-1] Go vulnerabilities (Medium)
- 152492 [USN-6143-1] Firefox vulnerabilities (Medium)
- 152498 [USN-6143-2] Firefox regressions (Medium)
- 152611 [USN-6143-3] Firefox regressions (Medium)
- 152493 [USN-6144-1] LibreOffice vulnerabilities (Medium)
- 152495 [USN-6146-1] Netatalk vulnerabilities (Medium)
- 152497 [USN-6148-1] SNI Proxy vulnerability (Medium)
- 152496 [USN-6153-1] Jupyter Core vulnerability (Medium)
- 152606 [USN-6155-2] Requests vulnerability (Medium)
- 152499 [USN-6159-1] Tornado vulnerability (Medium)
- 152609 [USN-6166-2] libcap2 vulnerability (Medium)
- 152607 [USN-6167-1] QEMU vulnerabilities (Medium)
- 152610 [USN-6168-2] libx11 vulnerability (Medium)
- 152608 [USN-6170-1] Podman vulnerabilities (Medium)
- 152612 [USN-6181-1] Ruby vulnerabilities (Medium)
Fixes
Updated Vulnerability Descriptions:
- 105152 RHSA-2006:0451: xorg-x11 security update (Medium)
- 105024 RHSA-2006:0597: libwmf security update (Low)
- 105123 RHSA-2006:0598: gimp security update (Low)
- 105030 RHSA-2006:0610: firefox security update (High)
- 105071 RHSA-2006:0612: krb5 security update (Medium)
- 105080 RHSA-2006:0676: seamonkey security update (High)
- 105126 RHSA-2006:0734: seamonkey security update (High)
- 105041 RHSA-2007:0077: seamonkey security update (High)
- 105049 RHSA-2007:0150: freetype security update (Low)
- 105124 RHSA-2007:0155: php security update (Medium)
- 105149 RHSA-2007:0235: util-linux security and bug fix update (Low)
- 105055 RHSA-2007:0245: cpio security and bug fix update (Low)
- 105142 RHSA-2007:0276: shadow-utils security and bug fix update (Low)
- 105054 RHSA-2007:0389: quagga security update (Low)
- 105093 RHSA-2007:0406: openoffice.org security update (Medium)
- 105079 RHSA-2007:0555: pam security, bug fix, and enhancement update (Low)
- 105044 RHSA-2007:0723: thunderbird security update (Low)
- 105036 RHSA-2007:0740: bind security update (Low)
- 105052 RHSA-2007:0795: cyrus-sasl security and bug fix update (Low)
- 105051 RHSA-2007:0845: libvorbis security update (Medium)
- 105062 RHSA-2007:0936: kernel security update (Medium)
- 105074 RHSA-2007:1025: gpdf security update (Medium)
- 105102 RHSA-2007:1177: autofs5 security update (Medium)
- 105125 RHSA-2008:0104: seamonkey security update (High)
- 105048 RHSA-2008:0161: cups security update (Medium)
- 105133 RHSA-2008:0167: kernel security and bug fix update (Low)
- 105114 RHSA-2008:0175: openoffice.org security update (Medium)
- 105127 RHSA-2008:0197: gnome-screensaver security update (Low)
- 105021 RHSA-2008:0207: firefox security update (High)
- 105046 RHSA-2008:0224: thunderbird security update (Low)
- 105085 RHSA-2008:0300: bind security, bug fix, and enhancement update (Low)
- 105033 RHSA-2008:0492: gnutls security update (Medium)
- 105113 RHSA-2008:0529: net-snmp security update (Low)
- 105026 RHSA-2008:0847: libtiff security and bug fix update (Medium)
- 105112 RHSA-2008:0946: ed security update (Low)
- 105156 RHSA-2008:0976: thunderbird security update (Low)
- 105099 RHSA-2009:0008: dbus security update (Low)
- 105145 RHSA-2009:0205: dovecot security and bug fix update (Low)
- 105131 RHSA-2009:0256: firefox security update (High)
- 105035 RHSA-2009:0397: firefox security update (High)
- 105040 RHSA-2009:0431: kdegraphics security update (Medium)
- 105153 RHSA-2009:0437: seamonkey security update (High)
- 105070 RHSA-2009:1061: freetype security update (Medium)
- 105043 RHSA-2009:1116: cyrus-imapd security update (Medium)
- 105151 RHSA-2009:1130: kdegraphics security update (High)
- 105059 RHSA-2009:1206: libxml and libxml2 security update (Low)
- 105081 RHSA-2009:1219: libvorbis security update (Medium)
- 105135 RHSA-2009:1364: gdm security and bug fix update (Low)
- 105130 RHSA-2009:1430: firefox security update (High)
- 105029 RHSA-2009:1455: kernel security and bug fix update (Low)
- 105031 RHSA-2009:1490: squirrelmail security update (Low)
- 105073 RHSA-2009:1522: kernel security and bug fix update (Low)
- 105077 RHSA-2009:1561: libvorbis security update (Medium)
- 105104 RHSA-2009:1642: acpid security update (Medium)
- 105061 RHSA-2010:0002: PyXML security update (Low)
- 105042 RHSA-2010:0113: seamonkey security update (High)
- 105047 RHSA-2010:0271: kvm security, bug fix and enhancement update (Medium)
- 105039 RHSA-2010:0291: gfs-kmod security, bug fix and enhancement update (Low)
- 105110 RHSA-2010:0428: postgresql security update (Low)
- 105053 RHSA-2010:0457: perl security update (Low)
- 105019 RHSA-2010:0488: samba and samba3x security update (High)
- 105057 RHSA-2010:0534: libpng security update (Medium)
- 105090 RHSA-2010:0547: firefox security update (High)
- 105141 RHSA-2010:0676: kernel security update (Medium)
- 105092 RHSA-2010:0779: kernel security and bug fix update (Low)
- 105095 RHSA-2010:0811: cups security update (Medium)
- 105023 RHSA-2011:0007: kernel security and bug fix update (Medium)
- 105087 RHSA-2011:0183: openoffice.org security and bug fix update (Medium)
- 105111 RHSA-2011:0257: subversion security update (Low)
- 105083 RHSA-2011:0303: kernel security and bug fix update (Low)
- 105122 RHSA-2011:0390: rsync security update (Low)
- 105089 RHSA-2011:0433: xorg-x11-server-utils security update (Low)
- 105134 RHSA-2011:0506: rdesktop security update (Low)
- 105109 RHSA-2011:0839: gimp security update (Low)
- 105034 RHSA-2011:0887: thunderbird security update (High)
- 105028 RHSA-2011:0920: krb5-appl security update (Medium)
- 105121 RHSA-2011:0930: NetworkManager security update (Low)
- 105147 RHSA-2011:1083: fuse security update (Low)
- 105020 RHSA-2011:1165: thunderbird security update (High)
- 105159 RHSA-2011:1187: dovecot security update (Low)
- 105140 RHSA-2011:1327: frysk security update (Low)
- 105056 RHSA-2011:1507: libarchive security update (Low)
- 105146 RHSA-2011:1811: netpbm security update (Medium)
- 105158 RHSA-2012:0084: seamonkey security update (High)
- 105103 RHSA-2012:0135: java-1.6.0-openjdk security update (High)
- 105068 RHSA-2012:0321: cvs security update (Low)
- 105157 RHSA-2012:0376: systemtap security update (Low)
- 105136 RHSA-2012:0393: glibc security and bug fix update (Low)
- 105038 RHSA-2012:0474: tomcat5 security update (Low)
- 105037 RHSA-2012:0745: python security update (Low)
- 105144 RHSA-2012:0880: qt security and bug fix update (Low)
- 105066 RHSA-2012:0884: openssh security, bug fix, and enhancement update (Low)
- 105060 RHSA-2012:1090: nss and nspr security, bug fix, and enhancement update (Low)
- 105120 RHSA-2012:1151: openldap security and bug fix update (Low)
- 105082 RHSA-2012:1267: bind security and bug fix update (Medium)
- 105155 RHSA-2012:1362: thunderbird security update (High)
- 105058 RHSA-2012:1426: kernel security and bug fix update (Low)
- 105084 RHSA-2012:1580: kernel security, bug fix and enhancement update (Low)
- 105100 RHSA-2013:0169: vino security update (Low)
- 105076 RHSA-2013:0216: freetype security update (Medium)

NIRV Scanner

Version 4.24.0

July 13, 2023

Enhancements

Updated authenticated scanning checks and network explicit checks listed:

152683 AIX Security Advisory: curl_advisory2 (High)
152666 Amazon Linux 2 Security Advisory: ALAS-2023-2090 (Low)
152668 Amazon Linux 2 Security Advisory: ALAS-2023-2091 (Low)
152665 Amazon Linux 2 Security Advisory: ALAS-2023-2092 (Low)
152675 Amazon Linux 2 Security Advisory: ALAS-2023-2093 (Low)
152676 Amazon Linux 2 Security Advisory: ALAS-2023-2094 (Low)
152677 Amazon Linux 2 Security Advisory: ALAS-2023-2095 (Low)
152674 Amazon Linux 2 Security Advisory: ALAS-2023-2096 (Low)
152680 Amazon Linux 2 Security Advisory: ALAS-2023-2097 (Low)
152679 Amazon Linux 2 Security Advisory: ALAS-2023-2098 (Low)
152672 Amazon Linux 2 Security Advisory: ALAS-2023-2099 (Low)
152682 Amazon Linux 2 Security Advisory: ALAS-2023-2100 (High)
152678 Amazon Linux 2 Security Advisory: ALAS-2023-2101 (Medium)
152681 Amazon Linux 2 Security Advisory: ALAS-2023-2102 (Medium)
152673 Amazon Linux 2 Security Advisory: ALAS-2023-2103 (Low)
152670 Amazon Linux 2 Security Advisory: ALAS-2023-2104 (Medium)
152667 Amazon Linux 2 Security Advisory: ALAS-2023-2105 (Medium)
152671 Amazon Linux 2 Security Advisory: ALAS-2023-2106 (Low)
152664 Amazon Linux 2 Security Advisory: ALAS-2023-2107 (High)
152669 Amazon Linux 2 Security Advisory: ALAS-2023-2108 (Low)
152660 Amazon Linux Security Advisory: ALAS-2023-1770 (Low)
152658 Amazon Linux Security Advisory: ALAS-2023-1771 (Low)
152662 Amazon Linux Security Advisory: ALAS-2023-1772 (Low)
152661 Amazon Linux Security Advisory: ALAS-2023-1773 (High)
152659 Amazon Linux Security Advisory: ALAS-2023-1774 (High)
152657 Amazon Linux Security Advisory: ALAS-2023-1775 (High)
152663 Amazon Linux Security Advisory: ALAS-2023-1776 (Low)
152650 ELSA-2023-12527: kernel security update (High)
152637 ELSA-2023-12561: kubernetes security update (Medium)
152646 ELSA-2023-12562: kubernetes security update (Medium)
152651 ELSA-2023-12563: kubernetes security update (Medium)
152654 ELSA-2023-12564: kubernetes security update (Medium)
152645 ELSA-2023-12565: Unbreakable Enterprise kernel security update (High)
152656 ELSA-2023-12566: Unbreakable Enterprise kernel security update (High)
152652 ELSA-2023-25545: olcne security update (Medium)
152642 ELSA-2023-25546: olcne security update (Medium)
152636 ELSA-2023-3550: python security update (Medium)
152638 ELSA-2023-3780: python27:2.7 security update (Medium)
152635 ELSA-2023-3781: python38:3.8 and python38-devel:3.8 security update (Medium)
152649 ELSA-2023-3821: ruby:2.7 security, bug fix, and enhancement update (Low)
152655 ELSA-2023-3822: virt:ol and virt-devel:rhel security and bug fix update (Low)
152644 ELSA-2023-3827: libtiff security update (Low)
152639 ELSA-2023-3839: libssh security update (Low)
152653 ELSA-2023-3840: sqlite security update (Low)
152648 ELSA-2023-3922: go-toolset:ol8 security update (High)
152647 ELSA-2023-3923: go-toolset and golang security update (High)
152640 ELSA-2023-3944: open-vm-tools security and bug fix update (Low)
152643 ELSA-2023-3948: open-vm-tools security update (Low)
152641 ELSA-2023-3949: open-vm-tools security update (Low)
152629 Google Chrome: Multiple Vulnerabilities in Versions Less Than 114.0.5735.198 (High)
152690 Google Chrome: Multiple Vulnerabilities in Versions Less Than 99.0.4844.84 (High)
152686 Microsoft Edge (Chromium): Multiple Vulnerabilities in Versions Less Than 104.0.1293.47 (High)
152685 Microsoft Edge (Chromium): Multiple Vulnerabilities in Versions Less Than 104.0.1293.60 (High)
152688 Microsoft Edge (Chromium): Multiple Vulnerabilities in Versions Less Than 104.0.1293.63 (High)
152687 Microsoft Edge (Chromium): Multiple Vulnerabilities in Versions Less Than 106.0.1370.34 (High)
152689 Microsoft Edge (Chromium): Multiple Vulnerabilities in Versions Less Than 107.0.1418.24 (High)
152684 Microsoft Edge (Chromium): Multiple Vulnerabilities in Versions Less Than 107.0.1418.26 (High)
152631 Mozilla Firefox: Multiple Vulnerabilities in Versions Less Than Firefox 115.0.2 (High)
152630 Mozilla Firefox: Multiple Vulnerabilities in Versions Less Than Firefox 115 (High)
152632 Mozilla Firefox: Multiple Vulnerabilities in Versions Less Than Firefox ESR 102.13 (High)
152633 Mozilla Firefox: Multiple Vulnerabilities in Versions Less Than Firefox ESR 115.0.2 (High)
152634 Mozilla Thunderbird: Multiple Vulnerabilities in Versions Less Than Thunderbird 102.13 (High)
152703 MS23-JUL: Microsoft Internet Explorer Security Update (Medium)
152705 MS23-JUL: Microsoft Office Security Update (High)
152706 MS23-JUL: Microsoft Sharepoint Server Security Update (High)
152704 MS23-JUL: Microsoft Windows Security Update (High)
152701 Visual Studio Code Spoofing Vulnerability (Medium)
152694 Zoom Escalation of Privilege Vulnerability (High)
152695 Zoom Escalation of Privilege Vulnerability (Medium)
152696 Zoom Escalation of Privilege Vulnerability (Medium)
152698 Zoom Escalation of Privilege Vulnerability (High)
152691 Zoom HTML Injection Vulnerability (Medium)
152693 Zoom Improper Verification of Cryptographic Signature Vulnerability (High)
152699 Zoom Information Disclosure Vulnerability (High)
152700 Zoom Information Disclosure Vulnerability (High)
152576 Zoom MacOS Client Improper Access Control Vulnerability (Medium)
152577 Zoom MacOS Client Network Information Disclosure (Medium)
152692 Zoom Memory Buffer Vulnerability (Medium)

Fixes

Updated Vulnerability Descriptions:

152192 Amazon Linux 2 Security Advisory: ALAS-2023-2012 (Low)
152195 Amazon Linux 2 Security Advisory: ALAS-2023-2013 (Low)
152196 Amazon Linux 2 Security Advisory: ALAS-2023-2014 (Low)
152191 Amazon Linux 2 Security Advisory: ALAS-2023-2015 (Low)
152194 Amazon Linux 2 Security Advisory: ALAS-2023-2016 (Low)
152193 Amazon Linux 2 Security Advisory: ALAS-2023-2017 (Medium)
152190 Amazon Linux 2 Security Advisory: ALAS-2023-2018 (Medium)
152269 Amazon Linux 2 Security Advisory: ALAS-2023-2019 (Low)
152261 Amazon Linux 2 Security Advisory: ALAS-2023-2020 (Low)
152272 Amazon Linux 2 Security Advisory: ALAS-2023-2021 (Low)
152265 Amazon Linux 2 Security Advisory: ALAS-2023-2022 (Low)
152273 Amazon Linux 2 Security Advisory: ALAS-2023-2023 (Low)
152267 Amazon Linux 2 Security Advisory: ALAS-2023-2024 (Low)
152262 Amazon Linux 2 Security Advisory: ALAS-2023-2025 (Low)
152266 Amazon Linux 2 Security Advisory: ALAS-2023-2026 (Low)
152264 Amazon Linux 2 Security Advisory: ALAS-2023-2027 (Low)
152259 Amazon Linux 2 Security Advisory: ALAS-2023-2028 (Low)
152271 Amazon Linux 2 Security Advisory: ALAS-2023-2029 (Low)
152263 Amazon Linux 2 Security Advisory: ALAS-2023-2030 (Medium)
152270 Amazon Linux 2 Security Advisory: ALAS-2023-2031 (Medium)
152260 Amazon Linux 2 Security Advisory: ALAS-2023-2032 (Medium)
152268 Amazon Linux 2 Security Advisory: ALAS-2023-2033 (Medium)
152188 Amazon Linux Security Advisory: ALAS-2023-1727 (Low)
152187 Amazon Linux Security Advisory: ALAS-2023-1729 (Low)
152186 Amazon Linux Security Advisory: ALAS-2023-1730 (Low)
152189 Amazon Linux Security Advisory: ALAS-2023-1731 (Low)
152185 Amazon Linux Security Advisory: ALAS-2023-1732 (Low)
152184 Amazon Linux Security Advisory: ALAS-2023-1733 (Medium)
152251 Amazon Linux Security Advisory: ALAS-2023-1734 (Low)
152250 Amazon Linux Security Advisory: ALAS-2023-1735 (Low)
152254 Amazon Linux Security Advisory: ALAS-2023-1736 (Low)
152249 Amazon Linux Security Advisory: ALAS-2023-1737 (Low)
152253 Amazon Linux Security Advisory: ALAS-2023-1738 (Low)
152256 Amazon Linux Security Advisory: ALAS-2023-1739 (Medium)
152257 Amazon Linux Security Advisory: ALAS-2023-1740 (Medium)
152252 Amazon Linux Security Advisory: ALAS-2023-1741 (Medium)
152258 Amazon Linux Security Advisory: ALAS-2023-1742 (High)
152255 Amazon Linux Security Advisory: ALAS-2023-1743 (High)
152182 Debian Security Advisory: DLA-3388-1 (Medium)
152183 Debian Security Advisory: DLA-3393-1 (Medium)
152180 Debian Security Advisory: DLA-3395-1 (High)
152181 Debian Security Advisory: DLA-3399-1 (Medium)
152246 Debian Security Advisory: DLA-3408-1 (High)
152245 Debian Security Advisory: DLA-3409-1 (Medium)
152247 Debian Security Advisory: DSA-5396-1 (Medium)
152248 Debian Security Advisory: DSA-5397-1 (Medium)
152209 ELSA-2023-12255: Unbreakable Enterprise kernel security update (Medium)
152200 ELSA-2023-12256: Unbreakable Enterprise kernel-container security update (Medium)
152215 ELSA-2023-12297: openssl security update (Medium)
152276 ELSA-2023-12298: cloud-init security update (Medium)
152277 ELSA-2023-12299: cloud-init security update (Medium)
152274 ELSA-2023-12323: Unbreakable Enterprise kernel security update (Medium)
152282 ELSA-2023-12326: openssl security update (Medium)
152275 ELSA-2023-12331: spacewalk-admin security update (High)
152279 ELSA-2023-12339: Unbreakable Enterprise kernel security update (Medium)
152198 ELSA-2023-1786: firefox security update (Medium)
152197 ELSA-2023-1787: firefox security update (Medium)
152212 ELSA-2023-1791: firefox security update (Medium)
152214 ELSA-2023-1802: thunderbird security update (Medium)
152217 ELSA-2023-1806: thunderbird security update (Medium)
152205 ELSA-2023-1809: thunderbird security update (Medium)
152216 ELSA-2023-1875: java-11-openjdk security update (Medium)
152199 ELSA-2023-1879: java-17-openjdk security and bug fix update (Medium)
152203 ELSA-2023-1880: java-11-openjdk security update (Medium)
152211 ELSA-2023-1895: java-11-openjdk security update (Medium)
152210 ELSA-2023-1898: java-17-openjdk security and bug fix update (Medium)
152207 ELSA-2023-1904: java-1.8.0-openjdk security and bug fix update (Medium)
152202 ELSA-2023-1908: java-1.8.0-openjdk security update (Medium)
152208 ELSA-2023-1909: java-1.8.0-openjdk security and bug fix update (Medium)
152204 ELSA-2023-1918: webkit2gtk3 security update (Medium)
152213 ELSA-2023-1919: webkit2gtk3 security update (Medium)
152206 ELSA-2023-1930: emacs security update (Medium)
152201 ELSA-2023-1987: kernel security and bug fix update (Low)
152278 ELSA-2023-2074: emacs security update (Medium)
152281 ELSA-2023-2076: libwebp security update (Medium)
152280 ELSA-2023-2077: libwebp security update (Medium)
152285 ELSA-2023-2078: libwebp security update (Medium)
152284 ELSA-2023-2120: libreswan security update (Medium)
152283 ELSA-2023-2122: libreswan security update (Medium)
152286 ELSA-2023-2127: samba security update (Medium)
152295 ELSA-2023-2162: qemu-kvm security, bug fix, and enhancement update (Low)
152294 ELSA-2023-2166: freeradius security and bug fix update (Low)
152165 [USN-6010-2] Firefox regressions (Medium)
152170 [USN-6010-3] Firefox regressions (Medium)
152162 [USN-6019-1] Flask-CORS vulnerability (Medium)
152164 [USN-6022-1] Kamailio vulnerabilities (Medium)
152163 [USN-6023-1] LibreOffice vulnerability (Medium)
152166 [USN-6026-1] Vim vulnerabilities (Medium)
152167 [USN-6028-1] libxml2 vulnerabilities (Medium)
152168 [USN-6035-1] KAuth vulnerability (Medium)
152169 [USN-6038-1] Go vulnerabilities (Medium)
152236 [USN-6042-1] Cloud-init vulnerability (Medium)
152237 [USN-6046-1] OpenSSL-ibmca vulnerabilities (Medium)
152238 [USN-6050-1] Git vulnerabilities (Medium)
152239 [USN-6055-1] Ruby vulnerabilities (Medium)
152240 [USN-6055-2] Ruby regression (Medium)
152241 [USN-6059-1] Erlang vulnerability (Medium)
152242 [USN-6060-2] MySQL vulnerabilities (Medium)
152243 [USN-6062-1] FreeType vulnerability (Medium)
152244 [USN-6064-1] SQL parse vulnerability (Medium)

Version 4.23.2

July 7, 2023

New Features

Includes a new check for CVE-2023-30990 that covers an unauthenticated remote command execution (RCE) vulnerability in IBMi servers running the distributed data management (DDM) service.

Enhancements

Updated authenticated scanning checks and network explicit checks listed:

152614 Globalscape EFT Authentication Bypass via Out-of-Bounds Memory Road (Medium)
152615 Globalscape EFT Denial of Service via Recursive Deflate Stream (Medium)
152616 Globalscape EFT Password Leak Due to Insecure Defaults (Trivial)
152619 IBMi DDM Service Unauthenticated Remote Command Execution (High)
152618 IBMi Distributed Data Management Service Detected (Info)

Fixes

Updated Vulnerability Descriptions:

1152192 Amazon Linux 2 Security Advisory: ALAS-2023-2012 (Low)
152195 Amazon Linux 2 Security Advisory: ALAS-2023-2013 (Low)
152196 Amazon Linux 2 Security Advisory: ALAS-2023-2014 (Low)
152191 Amazon Linux 2 Security Advisory: ALAS-2023-2015 (Low)
152194 Amazon Linux 2 Security Advisory: ALAS-2023-2016 (Low)
152193 Amazon Linux 2 Security Advisory: ALAS-2023-2017 (Medium)
152190 Amazon Linux 2 Security Advisory: ALAS-2023-2018 (Medium)
152269 Amazon Linux 2 Security Advisory: ALAS-2023-2019 (Low)
152261 Amazon Linux 2 Security Advisory: ALAS-2023-2020 (Low)
152272 Amazon Linux 2 Security Advisory: ALAS-2023-2021 (Low)
152265 Amazon Linux 2 Security Advisory: ALAS-2023-2022 (Low)
152273 Amazon Linux 2 Security Advisory: ALAS-2023-2023 (Low)
152267 Amazon Linux 2 Security Advisory: ALAS-2023-2024 (Low)
152262 Amazon Linux 2 Security Advisory: ALAS-2023-2025 (Low)
152266 Amazon Linux 2 Security Advisory: ALAS-2023-2026 (Low)
152264 Amazon Linux 2 Security Advisory: ALAS-2023-2027 (Low)
152259 Amazon Linux 2 Security Advisory: ALAS-2023-2028 (Low)
152271 Amazon Linux 2 Security Advisory: ALAS-2023-2029 (Low)
152263 Amazon Linux 2 Security Advisory: ALAS-2023-2030 (Medium)
152270 Amazon Linux 2 Security Advisory: ALAS-2023-2031 (Medium)
152260 Amazon Linux 2 Security Advisory: ALAS-2023-2032 (Medium)
152268 Amazon Linux 2 Security Advisory: ALAS-2023-2033 (Medium)
152188 Amazon Linux Security Advisory: ALAS-2023-1727 (Low)
152187 Amazon Linux Security Advisory: ALAS-2023-1729 (Low)
152186 Amazon Linux Security Advisory: ALAS-2023-1730 (Low)
152189 Amazon Linux Security Advisory: ALAS-2023-1731 (Low)
152185 Amazon Linux Security Advisory: ALAS-2023-1732 (Low)
152184 Amazon Linux Security Advisory: ALAS-2023-1733 (Medium)
152251 Amazon Linux Security Advisory: ALAS-2023-1734 (Low)
152250 Amazon Linux Security Advisory: ALAS-2023-1735 (Low)
152254 Amazon Linux Security Advisory: ALAS-2023-1736 (Low)
152249 Amazon Linux Security Advisory: ALAS-2023-1737 (Low)
152253 Amazon Linux Security Advisory: ALAS-2023-1738 (Low)
152256 Amazon Linux Security Advisory: ALAS-2023-1739 (Medium)
152257 Amazon Linux Security Advisory: ALAS-2023-1740 (Medium)
152252 Amazon Linux Security Advisory: ALAS-2023-1741 (Medium)
152258 Amazon Linux Security Advisory: ALAS-2023-1742 (High)
152255 Amazon Linux Security Advisory: ALAS-2023-1743 (High)
152182 Debian Security Advisory: DLA-3388-1 (Medium)
152183 Debian Security Advisory: DLA-3393-1 (Medium)
152180 Debian Security Advisory: DLA-3395-1 (High)
152181 Debian Security Advisory: DLA-3399-1 (Medium)
152246 Debian Security Advisory: DLA-3408-1 (High)
152245 Debian Security Advisory: DLA-3409-1 (Medium)
152247 Debian Security Advisory: DSA-5396-1 (Medium)
152248 Debian Security Advisory: DSA-5397-1 (Medium)
152209 ELSA-2023-12255: Unbreakable Enterprise kernel security update (Medium)
152200 ELSA-2023-12256: Unbreakable Enterprise kernel-container security update (Medium)
152215 ELSA-2023-12297: openssl security update (Medium)
152276 ELSA-2023-12298: cloud-init security update (Medium)
152277 ELSA-2023-12299: cloud-init security update (Medium)
152274 ELSA-2023-12323: Unbreakable Enterprise kernel security update (Medium)
152282 ELSA-2023-12326: openssl security update (Medium)
152275 ELSA-2023-12331: spacewalk-admin security update (High)
152279 ELSA-2023-12339: Unbreakable Enterprise kernel security update (Medium)
152198 ELSA-2023-1786: firefox security update (Medium)
152197 ELSA-2023-1787: firefox security update (Medium)
152212 ELSA-2023-1791: firefox security update (Medium)
152214 ELSA-2023-1802: thunderbird security update (Medium)
152217 ELSA-2023-1806: thunderbird security update (Medium)
152205 ELSA-2023-1809: thunderbird security update (Medium)
152216 ELSA-2023-1875: java-11-openjdk security update (Medium)
152199 ELSA-2023-1879: java-17-openjdk security and bug fix update (Medium)
152203 ELSA-2023-1880: java-11-openjdk security update (Medium)
152211 ELSA-2023-1895: java-11-openjdk security update (Medium)
152210 ELSA-2023-1898: java-17-openjdk security and bug fix update (Medium)
152207 ELSA-2023-1904: java-1.8.0-openjdk security and bug fix update (Medium)
152202 ELSA-2023-1908: java-1.8.0-openjdk security update (Medium)
152208 ELSA-2023-1909: java-1.8.0-openjdk security and bug fix update (Medium)
152204 ELSA-2023-1918: webkit2gtk3 security update (Medium)
152213 ELSA-2023-1919: webkit2gtk3 security update (Medium)
152206 ELSA-2023-1930: emacs security update (Medium)
152201 ELSA-2023-1987: kernel security and bug fix update (Low)
152278 ELSA-2023-2074: emacs security update (Medium)
152281 ELSA-2023-2076: libwebp security update (Medium)
152280 ELSA-2023-2077: libwebp security update (Medium)
152285 ELSA-2023-2078: libwebp security update (Medium)
152284 ELSA-2023-2120: libreswan security update (Medium)
152283 ELSA-2023-2122: libreswan security update (Medium)
152286 ELSA-2023-2127: samba security update (Medium)
113791 Oracle Java End of Life (High)
133831 Oracle Java Installed (Info)
152165 [USN-6010-2] Firefox regressions (Medium)
152170 [USN-6010-3] Firefox regressions (Medium)
152162 [USN-6019-1] Flask-CORS vulnerability (Medium)
152164 [USN-6022-1] Kamailio vulnerabilities (Medium)
152163 [USN-6023-1] LibreOffice vulnerability (Medium)
152166 [USN-6026-1] Vim vulnerabilities (Medium)
152167 [USN-6028-1] libxml2 vulnerabilities (Medium)
152168 [USN-6035-1] KAuth vulnerability (Medium)
152169 [USN-6038-1] Go vulnerabilities (Medium)
152236 [USN-6042-1] Cloud-init vulnerability (Medium)
152237 [USN-6046-1] OpenSSL-ibmca vulnerabilities (Medium)
152238 [USN-6050-1] Git vulnerabilities (Medium)
152239 [USN-6055-1] Ruby vulnerabilities (Medium)
152240 [USN-6055-2] Ruby regression (Medium)
152241 [USN-6059-1] Erlang vulnerability (Medium)
152242 [USN-6060-2] MySQL vulnerabilities (Medium)
152243 [USN-6062-1] FreeType vulnerability (Medium)
152244 [USN-6064-1] SQL parse vulnerability (Medium)

Digital Guardian

Agent for Windows

Version: 7.9.2

July, 2023

New Features

Enhancement of the Buffer Classification Details for the ADE Paste Event: Agent now has the ability to generate the Buffer Classification Details for the ADE PASTE event. When a user performs an ADE PASTE operation, the agent generates the content of the clipboard’s buffer. The content inspection’s result can be used to write control rules against the ADE PASTE event. The Local Forensic Report for the ADE Paste event that has classified information will now have an additional row named Buffer Details. This new row will present the user with the capability to analyze the clipboard’s buffer information. This information can be viewed on both the DGMC server and the ARC server. This can also be -used in conjunction with the sample match feature.

Fixes

The user experience was affected when pasting into Google Sheets due to its slow performance. This problem arose because DGWIP was initiating buffer inspections for all logs and diagnostics that Google uploaded to their servers. This issue has been resolved now by identifying the URLs associated with these buffer uploads and excluding them from buffer inspection.
The issue was related to the user cache not fully reloading upon restart, leading to some users being mistakenly identified as new users during their first login after a restart. This issue has been resolved now. The agent will now perform regular checks to detect and register new users whenever they are encountered.
Certain files on OneDrive lost the "Always keep on disk" attribute despite being initially set. The problem was identified as DG Agent temporarily modifying file attributes to write a DG Stream. During the restoration process of the original attributes, the "keep on disk" attribute was unintentionally skipped. This issue has been resolved now.
Previously, users encountered significant delays while navigating through folders in OneDrive. Decrease in responsiveness was seen in the explorer pane while refreshing the list of files. The problem was related to the unpinned files and recall on data access were being downloaded by DG Agent action. This issue has now been resolved.
The customer reported an issue where the process hung on the exit. This issue was addressed by adding a defensive code to handle the new use case.
The customer reported a performance issue when opening directories with a large number of files. The issue has been addressed by enhancing Windows Explorer's enumeration.
There was a gap in the Agent functionality; the Buffer Classification Details were not seen in ARC. Now, an additional row, "Buffer Details", has been included in the Local Forensic Report for the ADE Paste event that has classified information. This new row will present the user with the capability to analyse the clipboard’s buffer information.
The DGAgent has encountered an issue on Windows operating systems with foreign languages. When customers utilize an Office Application, they have the option to save a file either through the SaveAs screen or the Save Icon. The DGAgent needs to differentiate between these two methods in order to extract the provided file path, name, and extension accurately. This issue has been resolved now.
When using Outlook to attach a file from OneDrive or SharePoint to an email, the application could prompt to attach the file as a copy of the original file. The Local Forensic will have information about the copied file. To meet the customer's request, the Send Mail event has been modified to include details of the original file, showing OneDrive or SharePoint information. This issue is resolved now and the Agent has been updated accordingly.
When the customer copied and pasted text from a browser screen to another application, it was noticed that the ADE Paste event sent to the DGMC Server did not accurately reflect the URL in SRC_FILE_NAME and SRC_FILE_DIRECTORY fields from which the text was copied. This issue is now resolved and the URL in these fields are displayed correctly.
The customer reported that the DocXTool Word plugin stopped functioning correctly. The problem was due to the DGAgent's interactions with the Clipboard, which caused interoperability issues with DocXTool. However, this issue has been resolved now.
An isolated code path failed to copy one structure member to another. The new archive analysis code later accessed this null value causing an exception. This issue is now resolved by adding the required copy operation and validating parameters.
It was discovered that the DGAgent had difficulty starting under certain conditions due to a corrupted configuration file. As a result, necessary improvements have been made and the issue is now resolved.
A security loophole was discovered by a customer that could replace the DGCleaner.exe executable. To prevent this scenario, the DGCleaner.exe is now modified to remove non-system/non-admin user/file access rights and add system-level user/file access. As a result, only system or admin level users, who are more trusted, are allowed to execute the DGCleaner.exe.
There were missing source file classification details on NTU events and an inability to control NTU events based on source file classification when the source file was from a remote drive and DgMinFlt was in use. However, the issue is now resolved.
After a customer selects text while editing a Word application and uses Ctrl-C to copy it, they noticed that Bookmarks with the prefix "OLE_LINK" were being generated by the DGAgent. However, the issue with the DGAgent creating these Bookmarks is now resolved.
Previously, the DG Agent would try to reclassify any file accessed via Chrome or Edge browsers on remote shares by copying it to a temporary location and back, even if it did not meet the reclassification process. To address this issue, the DG Agent has been modified to check whether the file qualifies the reclassification criteria before proceeding with the reclassification process.
An issue with performance was reported during the content inspection of an XML document that resulted from using a text reader to filter it. However, this issue is now resolved.
In version 7.9.2, domain flag and script pack resource file modifications were made to enhance the efficiency and to decrease the need for excessive content inspection and classification.

nDLP Appliance

Version: 11.8.2

June, 2023

New Features

A new host filter (URL_host_filter) is added specifically for ICAP request filtering in the policy creation section under “Sources/Dest.” tab. When selecting the URL host filter, other sources/destination network filters are disabled automatically as they are not relevant for this feature. In the previous releases, the Network Filters, allowed configuration of source/destination IP address or address group to add a source/destination constraint for an IP address host, range, network, or any grouping of hosts, ranges, or networks. However, in this release we can add a domain or a group of domains to the URL filter which will be utilized by ICAP traffic monitor in the appliance.
Whenever modifications are made to the user/roles and diagnostic modules, the logs will now include comprehensive details about the actions performed. Logging capabilities have been enhanced to capture any changes made to the user/roles and diagnostic modules.

Server

Version: 8.6.0

Jul 25, 2023

New Features

Configuration Settings for MIP Labeling—The Server supports the following new Agent configuration settings, which can be applied when using the MIP labeling feature with DG Agent 7.9 and later for Windows—allowEgressOnFailedMIPLabeling and showAllRecommendedMIPLabel
Sample Matching for Content Inspection—When you use Adaptive Context Inspection on your Agents, you get information about where your rules found matches for your keywords in events. But you do not get information or details about the matches. Sample Match requires a Digital Guardian Server 8.6 or later DGMC and Agent for Windows version 7.9 or later.
Ability to Assign MIP Labels to DG Tags—DG provides the ability for the Agent to apply MIP labels to files that have DG tags. Perhaps DG tagged a file due to its context and you want the file to have MIP labels. Where DG can perform context tagging, MIP is unable to do that so it cannot provide MIP labels based on file context. Being able to apply MIP labels based on DG tags can help you apply MIP labeling to your classified files.

Fixes

The DGMC now updates the Agent state in the database only when the Agent state changes from the state reported previously. Also, increased the timeout periods for Agents sending various data to ARC.
Resolved delays in the policy deployment procedure that could lead to users not being able to log in to the DGMC after policy deployment.
Resolved a problem where blocking occurred when executing the SQL job to create alert tables.
Resolved an issue that caused missing prompts after a policy was deployed.
Resolved an issue where the Add to Group and Remove from Group display inaccurate lists of dynamic groups.
Resolved an issue at a customer where they encountered delays while exporting data from the DGMC.
Resolved an issue where the usersettings element in settings.xml was incorrectly formatted, causing repeated core dumps on Apple macOS computers. The repeated core dumps were filling up disk space.
Resolved an issue where the Schedule Processor job was failing after a policy deployment. This failure blocked Scheduled Policy deployment.
Resolved an issue where setting the Export Data permission to Read Only in a role allowed users assigned to the role to have read/write/delete access to Export Data. Users with the role could edit and delete existing reports when they should not have had that ability.
Resolved an issue where, after a customer changed the regional format in the DGMC, the Cleanup Agents job failed with an error that a string was not recognized as a valid Date and Time string.
Resolved an issue where upgrading the Server to version 8.5 from version 7.5 caused DGComm and Bundle Processor error messages.
Resolved an issue where the Extract, Transform and Load (ETL) job failed because the column that contained the configuration value was too small to contain the value.
Resolved a customer issue where the DGMC stopped responding when trying to display the Enterprise forensic report for a time period of one month or more. The first page displayed but the DGMC stops responding. Eventually the DGMC starts responding again.

Document Management (RJS)

SignHere

Version: 1.7.0

July 10, 2023

Enhancements

Enhanced email feature to support newer mail clients and new settings for default CC, BCC, Subject, and Body.
Enhanced Exit Point to allow for auto-detection of document key in the file name and check in existing instead of new document.
Updated licensing model to simply format to a single product key for all functionality.
Updated IBMi communication module to the most recent version available.
Updated Topaz drivers to support the latest hardware and OSes.

Fixes

Fixed default tab loading from command line
Fixed missing start menu icons
Fixed missing checkmark annotation icons

FileCatalyst

FileCatalyst Direct

Version 3.8.8 - Build 55

July 13, 2023

Fixes

HotFolder - Fixed issue where auto zip archives were not properly deleting.

Version 3.8.8 - Build 52

July 10, 2023

Updates

All - Update Amazon Corretto to version 8.362.08.1.
All - Multiple security fixes.
All - Modernized look and feel.
Central - Added ability for non-admin users to change their passwords in Central.
HotFolder, Server - Added -WEBUI flag, provides option to start up application with web administration rather than Swing UI.
Hotfolder, Server, TransferAgent - Utilize proper database for reporting (rather than CSV). Ability to export to CSV retained.

Fixes

All - Various UI fixes
All - Rate Based Congestion Control was failing on very high latency lines.
Central - Central proxy WebUIs would incorrectly stop polling for status updates in slower networks.
Central - "Task Name" was missing in some Central tables.
HotFolder - Multi-client upload task with synchronization enabled was deleting server data, when HotFolder is inaccessible.
HotFolder - Hotfolder task would become unusable after restart.
HotFolder - Post-task email settings weren't being saved when using the web admin.
HotFolder - "Run Report" button would fail with an authentication failure message in the web admins.
HotFolder - Downloads would write temporary file names to reports when temp file names were enabled.
HotFolder - File Filter Test functionality, for Excludes, was not working.
HotFolder - Mystery task would appear in HotFolder Swing UI, on new deployments, breaking HTML scheduler.
Server - S3 transfers would not honor the encryption setting applied the bucket.
Server - Added "Upload" dialog to support uploading remote certificate.
Server - Temp file deletion thread was setting an incorrect start delay, after the configuration is applied.
TransferAgent - TransferAgent Express would break, when attempting to transfer files over networks that have large amounts of latency
Reverse Proxy - Diagnostics would fail to generate when evoked from the command line.
HotFolder, Server - Multi-client upload task with synchronization enabled was deleting server data, when hotfolder is inaccessible.

GoAnywhere

GoAnywhere Command

Version 2.1.0

Updated the Fortra license agreement.
Updated attributions file.
Updated the installer with new colors and logos for the Fortra rebrand.
Upgraded common-codec 1.10 to version 1.15.

Version 2.0.0

Upgraded from Java 8 to Java 11.

Powertech

BoKS Manager

Server

Version 8.1 (version update)

July 5, 2023

New Features

Sudo -l and -ll support

Support for "sudo -ll" has been added to BoKS Sudo. New boksconfig setting "sudo/sudo-l-extended-output" has been added to switch to a more verbose mode and show BoKS values that are not supported by native Sudo.
Added function for listing all the SSH Public Key owned by a user

The root user on Master can list all the SSH Public Keys owned by a user using sshpkadm -L -o <owner>.
Allow root on Master to change the owner of an SSH Public Key

The root user on Master can change the owner of an SSH Public key using sshpkadm -M -o <new_owner>.
Sudo targetpsw support

New modifier use_targetpsw has been added to SUDO, SUDOEDIT and SUDOLISTOTHERS to require the target user password instead of the calling user one.

Enhancements

Security:

Ldap SASL / GSSAPI support
C-ares library upgrade to 1.19.1
Curl library upgrade to 8.1.2

Fixes

Prevent deletion of a user who is owner of some SSH keys assigned to another user
By default, it's not possible to delete a user who owns some SSH keys assigned to other users. In such cases, an error message is displayed. A new --force-key-removal flag has been added in rmbks to allow the forced deletion of the user, including all SSH keys owned by them.

Client

Version 8.1 (version update)

July 5, 2023

New Features

Restricting host-identifier use can break communication in NAT environments

BoKS 8.1 introduced a restriction on the BoKS config parameter 'communication/host-identifier' that if it is set to an IP-address the address must exist on a local network interface. The purpose of this restriction is to detect misconfiguration which could lead to Server Agent hosts being incorrectly identified by the BoKS authentication functions.
Sudo -l -ll support

"sudo -l" output has been adjusted to mimic native Sudo. Support for "sudo -ll" has been added to BoKS Sudo. New boksconfig setting "sudo/sudo-l-extended-output" has been added to switch to a more verbose mode and show BoKS values that are not supported by native Sudo.
Added function for listing all the SSH Public Key owned by a user

The root user on Master can list all the SSH Public Keys owned by a user using sshpkadm -L -o <owner>.
Allow root on Master to change the owner of a SSH Public Key

The root user on Master can change the owner of an SSH Public key using sshpkadm -M -o <new_owner>.
Sudo targetpsw support

New modifier use_targetpsw has been added to SUDO, SUDOEDIT and SUDOLISTOTHERS to require the target user password instead of the calling user one.

Enhancements

Customized sysreplace.conf file overwritten by native package update
Security:

Ldap SASL / GSSAPI support
C-ares library upgrade to 1.19.1
Curl library upgrade to 8.1.2

Fixes

Upgrading from pre-7.1 BoKS can add malformed messages to local batch queue
Fixed an issue that the $BOKS_etc/ssh/sshd_config was not linked correctly

Powertech Antivirus

Version 6.12 (6.2.0 Powertech Antivirus Unix/Linux Endpoints)

July 19, 2023

Enhancements

Library updates including:
- Java 11.0.18
- Tomcat 9.0.73
- PostgreSQL 11.19
- Kafka 2.8.2 + reload4j fixes

Exit Point Manager

Version 8.01

July 11, 2023

Enhancements

All references to HelpSystems in the user interface have been replaced with Fortra.
The Work with User Groups panel has been enhanced to simplify viewing the members in a user group.
New audits have been added to Central Administration to manage and protect Configuration options added in version 8.0.
SQL language element 'FINAL TABLE' is now supported in Object rules.

Fixes

General error message LNS0705 now includes the job data referred to in the message text.
Fixed an issue with Modern Reports, where generics and wildcard selection options did not work correctly.
An object rule authority setting of *SWITCH now switches to the specified user as expected.
When specifying Authority *SWITCH on the System Values panel, validation of the user profile to switch to would fail. This has been fixed.
A fix has been applied to object rules database update when *ALLOW is specified.
A fix has been applied to validation of rules, in the rare circumstance where the user profile was not authorized to itself.
A user, without authority rights to itself, caused an error in application of rules, which could result in the access/request being incorrectly allowed. This has been fixed.
Central Administration Audits for the Exit Point Manager product have been renamed from "IP Address Group" and "IP Address Groupings" to "Location Group" and "Location Groupings", respectively, to reflect the change in terminology implemented in version 8.0.
The text of error messages VLDA01-VLAD04 have been corrected to specify 'not allowed' instead of 'allowed'.
A fix has been applied to the behavior of the F18=Bottom function key on the Active Analytics-Analyze Detail panel.
The Saved View Detail panel has been revised to show both the Title and Description for the selected filter field(s).
The issue where Object Rules created on the Managing system for an Endpoint fail to be received and updated has been fixed.
The Work with Activation screen has been improved to clearly indicate when each particular server is active or not.
The issue where the user profile specified for *SWITCH authority on a User or Location rule does not appear on displays has been fixed.
A fix has been applied to allow an ASP Group to be prompted more than once (on applicable screens).

Robot

Robot Schedule

Version 13.15

July 11, 2023

Enhancements

Updated product installer.
Enhanced AUTOWORK program to accept a new, optional, one character second parameter. Users may now call AUTOWORK with a "Y" for this second parameter to instruct the process to inspect all existing completion history when determining if a job has been missed for the specified date.
Multiple Reserved Command Variables can now be exported and imported in the GUI.
TLSv1.3 is now supported.
Enhanced RBTGRTAUT "Grant Robot Authority" command to provide the ability to remove user profiles from Schedule's secured objects if the IBM i user profile does not exist on the system.
The Robot Schedule clean up feature RBTCLNUP can now be disabled.

Fixes

Fixed issue with Replay object completion history not retained.
Fixed issue with errors being received when creating file event monitors.
Improved job log output for Monitor job RBTFSEM in the event it encounters issues when attempting to start up.
Fixed issue with connections.xml periodically getting deleted.
Changed RBT279 "ROBOT Job Finder" panel to address an issue causing "Program Exception" to appear when attempting to display certain DAYNO jobs.
Schedule-module.jar is now updated in the Robot Network directory based on the Robot Network version.

TeamQuest

Automated Analytics

Version 11.3.34

July 14, 2023

Enhancements

Upgraded Apache Tomcat to version 9.0.76

VCM

Version 2.17

July 14, 2023

Enhancements

Upgraded Nodejs to version 20.3 on RHEL 8

Titus

Illuminate

Version 2023.0 HF1

July 14, 2023

Enhancements

If you are scanning a very large number of files and folders, the database may time out as data is being written, thus, all your files and folders may not be scanned. You can increase the timeout period.

Policy Manager

Version 2023.07

July 21, 2023

New Features

Schema Mapping enables policy administrators to map Schema Fields and Values from an external configuration (namespace) to Titus's existing Schema Fields and Values.

NOTE: TCS for Windows will not fully support this Policy Manager update until a future release. Refer to the TCS for Windows release notes to confirm when this new feature is supported.
Added new Schema features for Cloud-licensed users in the Policy Manager. This includes Field tabs, Text entry Schema Fields, and the ability for users to add additional entries and filter values in the Schema Fields.

Enhancements

Updated the list of available TCS for Windows App Settings in About Settings, Desktop Add-in Settings, and User Settings.

NOTE: TCS for Windows will not fully support this Policy Manager update until a future release. Refer to the TCS for Windows release notes to confirm when this new feature is supported.
Specified that you are limited to nine nesting levels for each Schema View.
HTML Editor improvements and fixes:
- Added text alignment buttons.
- Users can now enter Titus metadata in the raw HTML view. Previously, users could only enter Titus metadata in the rich text view.
  
  NOTE: If you add style changes to the raw HTML view, don’t make any updates in the rich text view. If you make updates in the rich text view, you will lose the style changes you made in the raw HTML view.
- Fixed issue where edits in the raw HTML view were not being saved when users clicked outside the view.

Fixes

Fixed issue where Custom Conditions were not properly applied in Subrules.

TCS for M365

Version 2023.07

July 21, 2023

New Features

Added new Schema features for Cloud-licensed users in the Policy Manager. This includes Field tabs, Text entry Schema Fields, and the ability for users to add additional entries and filter values in the Schema Fields.
Updated product name from Titus Office Add-in to TCS for M365.

TCS for Windows

Version 2023.0

July 19, 2023

New Features

As HelpSystems is now called Fortra, the TCS UI and Documentation have been rebranded.
You can now use a Tab control in the Select dialog to help with more complex Schemas. Only available if TCPG file is configured using Policy Manager.
Added a filter control so a user can filter when selecting from a long list of Schema Field values. This will help find the value quickly. Only available if TCPG file is configured using Policy Manager.
TCS can now extract plain text from emails and documents faster and includes hidden text, field codes, headers, or footers and within images.
TCS requires installation of .NET 4.8. See the Titus Classification Suite for Windows Deployment for more information.
You can add background color to Classifications in headers and footers in Microsoft Office. Only available if TCPG file is configured using Policy Manager.

Enhancements

You can add borders to headers and footers in Microsoft PowerPoint slides.
Made the TCD dialog consistent with other dialogs in TCS. This applies to multi-file results dialog only.
Adding/updating visual markings in TCO is now faster.
Made updates to TCS to find and fix any vulnerabilities for better security.

Fixes

When selecting a Classification after performing an Undo operation in Microsoft Word, an extra line is added to the document marking
Update Microsoft Information Protection to Initialize to use Microsoft Office Identity rather than current user SMTP address
Selecting a Classification after performing an Undo operation causes an extra line in document marking
Slowness while switching between Excel sheets
TMC Body tag does not update
ECA Rule property is not being evaluated as expected
Excel .xlam files not saving when Titus add-in is enabled and Excel is open
TCO - Document Marking action causes Word to crash when document is saved in Web Layout
Crashing on Open with Office 2021 systems in a closed Environment
String detection in Metadata handlers are case-sensitive, which is causing issues with First Line of Text (FLOT)

Titus Classification for OWA

Version 2022.2 HF2

July 14, 2023

Fixes

An updated Titus Services 2022.0 Hotfix 2 release is included in this release package with Titus Classification for OWA. See the Titus Services release notes for more information.

Titus Services

Version 2022.0 HF2

July 14, 2023

Fixes

Updated installer to fix the multi-server installer script when the local database option is used and there is no database instance in the database server name.

Vera

Version 3.22.3

July 2023

Fixes

(Linux with Vera SDK) Fixed an issue where an error was seen while granting access to the Vera document.
Fixed an issue where the user was shown an error message saying "command failed with an exception" via SDK or Vera command line.

Copyright © Fortra, LLC and its group of companies.
All trademarks and registered trademarks are the property of their respective owners.
Last Published: 202405020729