[Bug 1372129] New: CVE-2016-6348 RESTEasy: Use of JacksonJsonpInterceptor in RESTEasy can lead to Cross Site Script Inclusion attack
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1372129
Bug ID: 1372129
Summary: CVE-2016-6348 RESTEasy: Use of JacksonJsonpInterceptor
in RESTEasy can lead to Cross Site Script Inclusion
attack
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: low
Priority: low
Assignee: security-response-team(a)redhat.com
Reporter: jshepherd(a)redhat.com
CC: aileenc(a)redhat.com, alazarot(a)redhat.com,
alee(a)redhat.com, aszczucz(a)redhat.com,
bazulay(a)redhat.com, bbaranow(a)redhat.com,
bdawidow(a)redhat.com, bkearney(a)redhat.com,
bmaxwell(a)redhat.com, bmcclain(a)redhat.com,
cbillett(a)redhat.com, cdewolf(a)redhat.com,
chazlett(a)redhat.com, csutherl(a)redhat.com,
dandread(a)redhat.com, darran.lofthouse(a)redhat.com,
dblechte(a)redhat.com, dosoudil(a)redhat.com,
eedri(a)redhat.com, epp-bugs(a)redhat.com,
etirelli(a)redhat.com, felias(a)redhat.com,
fnasser(a)redhat.com, gklein(a)redhat.com,
gvarsami(a)redhat.com, hchiorea(a)redhat.com,
hfnukal(a)redhat.com, huwang(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jawilson(a)redhat.com, jboss-set(a)redhat.com,
jbpapp-maint(a)redhat.com, jcoleman(a)redhat.com,
jdg-bugs(a)redhat.com, jmatthew(a)redhat.com,
jolee(a)redhat.com, jpallich(a)redhat.com,
jshepherd(a)redhat.com, katello-bugs(a)redhat.com,
kconner(a)redhat.com, kseifried(a)redhat.com,
kverlaen(a)redhat.com, ldimaggi(a)redhat.com,
lgao(a)redhat.com, lpetrovi(a)redhat.com,
lsurette(a)redhat.com, mbaluch(a)redhat.com,
mgoldboi(a)redhat.com, mgoldman(a)redhat.com,
miburman(a)redhat.com, michal.skrivanek(a)redhat.com,
mmccune(a)redhat.com, mweiler(a)redhat.com,
mwinkler(a)redhat.com, myarboro(a)redhat.com,
nwallace(a)redhat.com, ohadlevy(a)redhat.com,
oourfali(a)redhat.com, pavelp(a)redhat.com,
pgier(a)redhat.com, pkliczew(a)redhat.com,
psakar(a)redhat.com, pslavice(a)redhat.com,
puntogil(a)libero.it, rcernich(a)redhat.com,
Rhev-m-bugs(a)redhat.com, rnetuka(a)redhat.com,
rrajasek(a)redhat.com, rsvoboda(a)redhat.com,
rwagner(a)redhat.com, rzhang(a)redhat.com,
satellite6-bugs(a)redhat.com, sherold(a)redhat.com,
soa-p-jira(a)post-office.corp.redhat.com,
spinder(a)redhat.com, tcunning(a)redhat.com,
theute(a)redhat.com, tjay(a)redhat.com, tkirby(a)redhat.com,
tlestach(a)redhat.com, tomckay(a)redhat.com,
tsanders(a)redhat.com, ttarrant(a)redhat.com,
twalsh(a)redhat.com, vhalbert(a)redhat.com,
vtunka(a)redhat.com, weli(a)redhat.com, ydary(a)redhat.com,
ykaul(a)redhat.com
It was found that in some configurations the JacksonJsonpInterceptor is
activated by default in RESTEasy. An attacker could use this flaw to launch a
Cross Site Scripting Inclusion attack.
--
You are receiving this mail because:
You are on the CC list for the bug.
6 years, 2 months
[Bug 1372117] New: CVE-2016-6345 RESTEasy: Insufficient use of random values in RESTEasy async jobs could lead to loss of data confidentiality
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1372117
Bug ID: 1372117
Summary: CVE-2016-6345 RESTEasy: Insufficient use of random
values in RESTEasy async jobs could lead to loss of
data confidentiality
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: low
Priority: low
Assignee: security-response-team(a)redhat.com
Reporter: jshepherd(a)redhat.com
CC: aileenc(a)redhat.com, alazarot(a)redhat.com,
alee(a)redhat.com, aszczucz(a)redhat.com,
bazulay(a)redhat.com, bbaranow(a)redhat.com,
bdawidow(a)redhat.com, bkearney(a)redhat.com,
bmaxwell(a)redhat.com, bmcclain(a)redhat.com,
cbillett(a)redhat.com, cdewolf(a)redhat.com,
chazlett(a)redhat.com, csutherl(a)redhat.com,
dandread(a)redhat.com, darran.lofthouse(a)redhat.com,
dblechte(a)redhat.com, dosoudil(a)redhat.com,
eedri(a)redhat.com, epp-bugs(a)redhat.com,
etirelli(a)redhat.com, felias(a)redhat.com,
fnasser(a)redhat.com, gklein(a)redhat.com,
gvarsami(a)redhat.com, hchiorea(a)redhat.com,
hfnukal(a)redhat.com, huwang(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jawilson(a)redhat.com, jboss-set(a)redhat.com,
jbpapp-maint(a)redhat.com, jcoleman(a)redhat.com,
jdg-bugs(a)redhat.com, jmatthew(a)redhat.com,
jolee(a)redhat.com, jpallich(a)redhat.com,
jshepherd(a)redhat.com, katello-bugs(a)redhat.com,
kconner(a)redhat.com, kseifried(a)redhat.com,
kverlaen(a)redhat.com, ldimaggi(a)redhat.com,
lgao(a)redhat.com, lpetrovi(a)redhat.com,
lsurette(a)redhat.com, mbaluch(a)redhat.com,
mgoldboi(a)redhat.com, mgoldman(a)redhat.com,
miburman(a)redhat.com, michal.skrivanek(a)redhat.com,
mmccune(a)redhat.com, mweiler(a)redhat.com,
mwinkler(a)redhat.com, myarboro(a)redhat.com,
nwallace(a)redhat.com, ohadlevy(a)redhat.com,
oourfali(a)redhat.com, pavelp(a)redhat.com,
pgier(a)redhat.com, pkliczew(a)redhat.com,
psakar(a)redhat.com, pslavice(a)redhat.com,
puntogil(a)libero.it, rcernich(a)redhat.com,
Rhev-m-bugs(a)redhat.com, rnetuka(a)redhat.com,
rrajasek(a)redhat.com, rsvoboda(a)redhat.com,
rwagner(a)redhat.com, rzhang(a)redhat.com,
satellite6-bugs(a)redhat.com, sherold(a)redhat.com,
soa-p-jira(a)post-office.corp.redhat.com,
spinder(a)redhat.com, tcunning(a)redhat.com,
theute(a)redhat.com, tjay(a)redhat.com, tkirby(a)redhat.com,
tlestach(a)redhat.com, tomckay(a)redhat.com,
tsanders(a)redhat.com, ttarrant(a)redhat.com,
twalsh(a)redhat.com, vhalbert(a)redhat.com,
vtunka(a)redhat.com, weli(a)redhat.com, ydary(a)redhat.com,
ykaul(a)redhat.com
It was found that there was insufficient use of randam values in RESTEasy async
jobs. An attacker could use this flaw to steal user data.
--
You are receiving this mail because:
You are on the CC list for the bug.
6 years, 2 months
[Bug 1443635] New: CVE-2017-5645 log4j: Socket receiver deserialization vulnerability
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1443635
Bug ID: 1443635
Summary: CVE-2017-5645 log4j: Socket receiver deserialization
vulnerability
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: high
Priority: high
Assignee: security-response-team(a)redhat.com
Reporter: anemec(a)redhat.com
CC: aileenc(a)redhat.com, alazarot(a)redhat.com,
aortega(a)redhat.com, apevec(a)redhat.com,
avibelli(a)redhat.com, ayoung(a)redhat.com,
bkearney(a)redhat.com, bmcclain(a)redhat.com,
cbillett(a)redhat.com, chazlett(a)redhat.com,
chrisw(a)redhat.com, coneill(a)redhat.com,
csutherl(a)redhat.com, cvsbot-xmlrpc(a)redhat.com,
dandread(a)redhat.com, dblechte(a)redhat.com,
devrim(a)gunduz.org, dwalluck(a)redhat.com,
eedri(a)redhat.com, etirelli(a)redhat.com,
gklein(a)redhat.com, gsterlin(a)redhat.com,
gvarsami(a)redhat.com, gzaronik(a)redhat.com,
hhorak(a)redhat.com, huwang(a)redhat.com,
java-maint(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jbalunas(a)redhat.com, jclere(a)redhat.com,
jcoleman(a)redhat.com, jjoyce(a)redhat.com,
jorton(a)redhat.com, jschluet(a)redhat.com,
jshepherd(a)redhat.com, kbasil(a)redhat.com,
kconner(a)redhat.com, kseifried(a)redhat.com,
kverlaen(a)redhat.com, ldimaggi(a)redhat.com,
lgao(a)redhat.com, lhh(a)redhat.com, lpeer(a)redhat.com,
lpetrovi(a)redhat.com, lsurette(a)redhat.com,
markmc(a)redhat.com, mbabacek(a)redhat.com,
mbaluch(a)redhat.com, meissner(a)suse.de,
mgoldboi(a)redhat.com, michal.skrivanek(a)redhat.com,
mizdebsk(a)redhat.com, msimacek(a)redhat.com,
mwinkler(a)redhat.com, myarboro(a)redhat.com,
nwallace(a)redhat.com, pavelp(a)redhat.com,
rbalakri(a)redhat.com, rbryant(a)redhat.com,
Rhev-m-bugs(a)redhat.com, rrajasek(a)redhat.com,
rwagner(a)redhat.com, rzhang(a)redhat.com,
sclewis(a)redhat.com, sherold(a)redhat.com,
spinder(a)redhat.com, srevivo(a)redhat.com,
taw(a)redhat.com, tcunning(a)redhat.com,
tdecacqu(a)redhat.com, theute(a)redhat.com,
thomas(a)suse.de, tjay(a)redhat.com, tkirby(a)redhat.com,
tlestach(a)redhat.com, tomckay(a)redhat.com,
twalsh(a)redhat.com, weli(a)redhat.com, ydary(a)redhat.com,
ykaul(a)redhat.com
When using the TCP socket server or UDP socket server to receive serialized log
events from another application, a specially crafted binary payload can be sent
that, when deserialized, can execute arbitrary code.
References:
http://seclists.org/oss-sec/2017/q2/78
Upstream bug:
https://issues.apache.org/jira/browse/LOG4J2-1863
--
You are receiving this mail because:
You are on the CC list for the bug.
6 years, 2 months
[Bug 1434338] New: CVE-2017-2651 jenkins-mailer-plugin: Emails were sent to addresses not associated with actual users of Jenkins by Mailer Plugin
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1434338
Bug ID: 1434338
Summary: CVE-2017-2651 jenkins-mailer-plugin: Emails were sent
to addresses not associated with actual users of
Jenkins by Mailer Plugin
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: amaris(a)redhat.com
CC: bleanhar(a)redhat.com, ccoleman(a)redhat.com,
dedgar(a)redhat.com, dmcphers(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jgoulding(a)redhat.com, jkeck(a)redhat.com,
joelsmith(a)redhat.com, kseifried(a)redhat.com,
mizdebsk(a)redhat.com, msimacek(a)redhat.com,
msrb(a)redhat.com, tdawson(a)redhat.com
The Mailer and Email Extension Plugins are able to send emails to a dynamically
created list of users based on the changelogs, like authors of SCM changes
since the last successful build.
This could in some cases result in emails being sent to people who have no user
account in Jenkins, and in rare cases even people who were not involved in
whatever project was being built, due to some mapping based on the local-part
of email addresses.
Affected versions: up to and including version 1.19
External Reference:
https://jenkins.io/security/advisory/2017-03-20/
--
You are receiving this mail because:
You are on the CC list for the bug.
6 years, 2 months
[Bug 1446114] New: CVE-2017-1000353 jenkins: Unauthenticated remote code execution (SECURITY-429)
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1446114
Bug ID: 1446114
Summary: CVE-2017-1000353 jenkins: Unauthenticated remote code
execution (SECURITY-429)
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: high
Priority: high
Assignee: security-response-team(a)redhat.com
Reporter: amaris(a)redhat.com
CC: abhgupta(a)redhat.com, bleanhar(a)redhat.com,
ccoleman(a)redhat.com, dedgar(a)redhat.com,
dmcphers(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jgoulding(a)redhat.com, jkeck(a)redhat.com,
joelsmith(a)redhat.com, kseifried(a)redhat.com,
mizdebsk(a)redhat.com, msrb(a)redhat.com,
tdawson(a)redhat.com, tiwillia(a)redhat.com
An unauthenticated remote code execution vulnerability allowed attackers to
transfer a serialized Java SignedObject object to the remoting-based Jenkins
CLI, that would be deserialized using a new ObjectInputStream, bypassing the
existing blacklist-based protection mechanism.
SignedObject has been added to the remoting blacklist.
In Jenkins 2.54, the remoting-based CLI protocol was deprecated and a new, HTTP
based protocol introduced as the new default, in addition to the existing
SSH-based CLI. This feature has been backported to Jenkins 2.46.2. It is
strongly recommended that users upgrading Jenkins disable the remoting-based
CLI, and use the one of the other modes (HTTP or SSH) instead.
Affected versions:
All Jenkins main line releases up to and including 2.56
All Jenkins LTS releases up to and including 2.46.1
Fixed in:
Jenkins main line users should update to 2.57
Jenkins LTS users should update to 2.46.2
External Reference:
https://jenkins.io/security/advisory/2017-04-26/
--
You are receiving this mail because:
You are on the CC list for the bug.
6 years, 3 months
[Bug 1321205] New: tomcat-8.5.0 is available
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1321205
Bug ID: 1321205
Summary: tomcat-8.5.0 is available
Product: Fedora
Version: rawhide
Component: tomcat
Keywords: FutureFeature, Triaged
Assignee: ivan.afonichev(a)gmail.com
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: alee(a)redhat.com, csutherl(a)redhat.com,
ivan.afonichev(a)gmail.com,
java-sig-commits(a)lists.fedoraproject.org,
krzysztof.daniel(a)gmail.com, me(a)coolsvap.net
Latest upstream release: 8.5.0
Current version/release in rawhide: 8.0.32-4.fc25
URL: http://tomcat.apache.org/
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from anitya:
https://release-monitoring.org/project/4987/
--
You are receiving this mail because:
You are on the CC list for the bug.
6 years, 3 months
[Bug 1455566] New: CVE-2014-9970 jasypt: Vulnerable to timing attack against the password hash comparison
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1455566
Bug ID: 1455566
Summary: CVE-2014-9970 jasypt: Vulnerable to timing attack
against the password hash comparison
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: anemec(a)redhat.com
CC: abhgupta(a)redhat.com, aileenc(a)redhat.com,
alazarot(a)redhat.com, bbaranow(a)redhat.com,
bmaxwell(a)redhat.com, bmcclain(a)redhat.com,
cdewolf(a)redhat.com, chazlett(a)redhat.com,
csutherl(a)redhat.com, dandread(a)redhat.com,
darran.lofthouse(a)redhat.com, dblechte(a)redhat.com,
dosoudil(a)redhat.com, eedri(a)redhat.com,
etirelli(a)redhat.com, gvarsami(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jawilson(a)redhat.com, jcoleman(a)redhat.com,
jshepherd(a)redhat.com, kconner(a)redhat.com,
kseifried(a)redhat.com, kverlaen(a)redhat.com,
ldimaggi(a)redhat.com, lgao(a)redhat.com,
lpetrovi(a)redhat.com, mbaluch(a)redhat.com,
mgoldboi(a)redhat.com, michal.skrivanek(a)redhat.com,
mwinkler(a)redhat.com, myarboro(a)redhat.com,
nwallace(a)redhat.com, pavelp(a)redhat.com,
pgier(a)redhat.com, psakar(a)redhat.com,
pslavice(a)redhat.com, psotirop(a)redhat.com,
puntogil(a)libero.it, rnetuka(a)redhat.com,
rrajasek(a)redhat.com, rsvoboda(a)redhat.com,
rwagner(a)redhat.com, rzhang(a)redhat.com,
sherold(a)redhat.com, tcunning(a)redhat.com,
tiwillia(a)redhat.com, tkirby(a)redhat.com,
twalsh(a)redhat.com, vtunka(a)redhat.com,
ydary(a)redhat.com, ykaul(a)redhat.com
It was found that jasypt before allows a timing attack against the password
hash comparison.
Upstream patch:
https://sourceforge.net/p/jasypt/code/668/
--
You are receiving this mail because:
You are on the CC list for the bug.
6 years, 4 months
[Bug 1454808] New: CVE-2017-5637 zookeeper: Incorrect input validation with wchp/wchc four letter words
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1454808
Bug ID: 1454808
Summary: CVE-2017-5637 zookeeper: Incorrect input validation
with wchp/wchc four letter words
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: anemec(a)redhat.com
CC: abhgupta(a)redhat.com, aileenc(a)redhat.com,
alazarot(a)redhat.com, chazlett(a)redhat.com,
ctubbsii(a)fedoraproject.org, ethan(a)ethantuttle.com,
etirelli(a)redhat.com, felias(a)redhat.com,
hchiorea(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jcoleman(a)redhat.com, jolee(a)redhat.com,
kseifried(a)redhat.com, kverlaen(a)redhat.com,
lpetrovi(a)redhat.com, mbaluch(a)redhat.com,
mluscon(a)gmail.com, mwinkler(a)redhat.com,
nwallace(a)redhat.com, pavelp(a)redhat.com,
rrajasek(a)redhat.com, rzhang(a)redhat.com, s(a)shk.io,
tiwillia(a)redhat.com, tkirby(a)redhat.com,
tstclair(a)heptio.com, vhalbert(a)redhat.com
Two four letter word commands “wchp/wchc” are CPU intensive and could cause
spike of CPU utilization on ZooKeeper server if abused, which leads to the
server unable to serve legitimate client requests.
Upstream issue:
https://issues.apache.org/jira/browse/ZOOKEEPER-2693
References:
https://vulners.com/exploitdb/EDB-ID:41277
--
You are receiving this mail because:
You are on the CC list for the bug.
6 years, 4 months