Release 0.357.0 · cloudfoundry/cflinuxfs3

Notably, this release addresses:

USN-5964-1 USN-5964-1: curl vulnerabilities:

CVE-2023-27533: TELNET option IAC injection
CVE-2023-27534: SFTP path ~ resolving discrepancy
CVE-2023-27535: FTP too eager connection reuse
CVE-2023-27536: GSS delegation too eager connection re-use
CVE-2023-27538: SSH connection too eager reuse still
CVE-2023-27533: TELNET option IAC injection
CVE-2023-27534: SFTP path ~ resolving discrepancy
CVE-2023-27536: GSS delegation too eager connection re-use
CVE-2023-27535: FTP too eager connection reuse
CVE-2023-27538: SSH connection too eager reuse still

USN-5963-1 USN-5963-1: Vim vulnerabilities:

CVE-2022-47024: A null pointer dereference issue was discovered in function gui_x11_create_blank_mouse in gui_x11.c in vim 8.1.2269 thru 9.0.0339 allows attackers to cause denial of service or other unspecified impacts.
CVE-2023-0433: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225.
CVE-2023-0051: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1144.
CVE-2023-1175: Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378.
CVE-2023-1264: NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1392.
CVE-2023-0054: Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1145.
CVE-2023-1175: Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378.
CVE-2023-0049: Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143.
CVE-2023-1264: NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1392.
CVE-2023-0433: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225.
CVE-2022-47024: A null pointer dereference issue was discovered in function gui_x11_create_blank_mouse in gui_x11.c in vim 8.1.2269 thru 9.0.0339 allows attackers to cause denial of service or other unspecified impacts.
CVE-2023-0051: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1144.
CVE-2023-0288: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1189.
CVE-2023-1170: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376.

USN-5960-1 USN-5960-1: Python vulnerability:

CVE-2023-24329: An issue in the urllib.parse component of Python before v3.11 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.

USN-5952-1 USN-5952-1: OpenJPEG vulnerabilities:

CVE-2020-8112: opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851.
CVE-2020-27824: A flaw was found in OpenJPEG’s encoder in the opj_dwt_calc_explicit_stepsizes() function. This flaw allows an attacker who can supply crafted input to decomposition levels to cause a buffer overflow. The highest threat from this vulnerability is to system availability.
CVE-2020-27845: There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior to 2.4.0. If an attacker is able to provide untrusted input to openjpeg's conversion/encoding functionality, they could cause an out-of-bounds read. The highest impact of this flaw is to application availability.
CVE-2020-27843: A flaw was found in OpenJPEG in versions prior to 2.4.0. This flaw allows an attacker to provide specially crafted input to the conversion or encoding functionality, causing an out-of-bounds read. The highest threat from this vulnerability is system availability.
CVE-2020-27814: A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files. An attacker could use this flaw to cause an application crash or in some cases execute arbitrary code with the permission of the user running such an application.
CVE-2020-27845: There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior to 2.4.0. If an attacker is able to provide untrusted input to openjpeg's conversion/encoding functionality, they could cause an out-of-bounds read. The highest impact of this flaw is to application availability.
CVE-2020-8112: opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851.
CVE-2020-6851: OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation.
CVE-2020-15389: jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor. Triggering a double-free may also be possible. This is related to calling opj_image_destroy twice.
CVE-2020-27823: A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVE-2020-27842: There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be processed by openjpeg could cause a null pointer dereference. The highest impact of this flaw is to application availability.
CVE-2020-27843: A flaw was found in OpenJPEG in versions prior to 2.4.0. This flaw allows an attacker to provide specially crafted input to the conversion or encoding functionality, causing an out-of-bounds read. The highest threat from this vulnerability is system availability.
CVE-2020-27824: A flaw was found in OpenJPEG’s encoder in the opj_dwt_calc_explicit_stepsizes() function. This flaw allows an attacker who can supply crafted input to decomposition levels to cause a buffer overflow. The highest threat from this vulnerability is to system availability.
CVE-2020-27841: There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openjp2/pi.c. When an attacker is able to provide crafted input to be processed by the openjpeg encoder, this could cause an out-of-bounds read. The greatest impact from this flaw is to application availability.

USN-5928-1 USN-5928-1: systemd vulnerabilities:

CVE-2022-3821: An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.
CVE-2022-4415: A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.
CVE-2022-45873: systemd 250 and 251 allows local users to achieve a systemd-coredump deadlock by triggering a crash that has a long backtrace. This occurs in parse_elf_object in shared/elf-util.c. The exploitation methodology is to crash a binary calling the same function recursively, and put it in a deeply nested directory to make its backtrace large enough to cause the deadlock. This must be done 16 times when MaxConnections=16 is set for the systemd/units/systemd-coredump.socket file.
CVE-2022-3821: An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.
CVE-2022-45873: systemd 250 and 251 allows local users to achieve a systemd-coredump deadlock by triggering a crash that has a long backtrace. This occurs in parse_elf_object in shared/elf-util.c. The exploitation methodology is to crash a binary calling the same function recursively, and put it in a deeply nested directory to make its backtrace large enough to cause the deadlock. This must be done 16 times when MaxConnections=16 is set for the systemd/units/systemd-coredump.socket file.
CVE-2022-4415: A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.

-ii  curl                       7.58.0-2ubuntu3.23            amd64 command line tool for transferring data with URL syntax
+ii  curl                       7.58.0-2ubuntu3.24            amd64 command line tool for transferring data with URL syntax
-ii  krb5-multidev:amd64        1.16-2ubuntu0.3               amd64 development files for MIT Kerberos without Heimdal conflict
-ii  krb5-user                  1.16-2ubuntu0.3               amd64 basic programs to authenticate using MIT Kerberos
+ii  krb5-multidev:amd64        1.16-2ubuntu0.4               amd64 development files for MIT Kerberos without Heimdal conflict
+ii  krb5-user                  1.16-2ubuntu0.4               amd64 basic programs to authenticate using MIT Kerberos
-ii  libcurl3-gnutls:amd64      7.58.0-2ubuntu3.23            amd64 easy-to-use client-side URL transfer library (GnuTLS flavour)
-ii  libcurl4:amd64             7.58.0-2ubuntu3.23            amd64 easy-to-use client-side URL transfer library (OpenSSL flavour)
-ii  libcurl4-openssl-dev:amd64 7.58.0-2ubuntu3.23            amd64 development files and documentation for libcurl (OpenSSL flavour)
+ii  libcurl3-gnutls:amd64      7.58.0-2ubuntu3.24            amd64 easy-to-use client-side URL transfer library (GnuTLS flavour)
+ii  libcurl4:amd64             7.58.0-2ubuntu3.24            amd64 easy-to-use client-side URL transfer library (OpenSSL flavour)
+ii  libcurl4-openssl-dev:amd64 7.58.0-2ubuntu3.24            amd64 development files and documentation for libcurl (OpenSSL flavour)
-ii  libgssapi-krb5-2:amd64     1.16-2ubuntu0.3               amd64 MIT Kerberos runtime libraries - krb5 GSS-API Mechanism
+ii  libgssapi-krb5-2:amd64     1.16-2ubuntu0.4               amd64 MIT Kerberos runtime libraries - krb5 GSS-API Mechanism
-ii  libgssrpc4:amd64           1.16-2ubuntu0.3               amd64 MIT Kerberos runtime libraries - GSS enabled ONCRPC
+ii  libgssrpc4:amd64           1.16-2ubuntu0.4               amd64 MIT Kerberos runtime libraries - GSS enabled ONCRPC
-ii  libk5crypto3:amd64         1.16-2ubuntu0.3               amd64 MIT Kerberos runtime libraries - Crypto Library
-ii  libkadm5clnt-mit11:amd64   1.16-2ubuntu0.3               amd64 MIT Kerberos runtime libraries - Administration Clients
-ii  libkadm5srv-mit11:amd64    1.16-2ubuntu0.3               amd64 MIT Kerberos runtime libraries - KDC and Admin Server
-ii  libkdb5-9:amd64            1.16-2ubuntu0.3               amd64 MIT Kerberos runtime libraries - Kerberos database
+ii  libk5crypto3:amd64         1.16-2ubuntu0.4               amd64 MIT Kerberos runtime libraries - Crypto Library
+ii  libkadm5clnt-mit11:amd64   1.16-2ubuntu0.4               amd64 MIT Kerberos runtime libraries - Administration Clients
+ii  libkadm5srv-mit11:amd64    1.16-2ubuntu0.4               amd64 MIT Kerberos runtime libraries - KDC and Admin Server
+ii  libkdb5-9:amd64            1.16-2ubuntu0.4               amd64 MIT Kerberos runtime libraries - Kerberos database
-ii  libkrb5-3:amd64            1.16-2ubuntu0.3               amd64 MIT Kerberos runtime libraries
-ii  libkrb5-dev:amd64          1.16-2ubuntu0.3               amd64 headers and development libraries for MIT Kerberos
-ii  libkrb5support0:amd64      1.16-2ubuntu0.3               amd64 MIT Kerberos runtime libraries - Support library
+ii  libkrb5-3:amd64            1.16-2ubuntu0.4               amd64 MIT Kerberos runtime libraries
+ii  libkrb5-dev:amd64          1.16-2ubuntu0.4               amd64 headers and development libraries for MIT Kerberos
+ii  libkrb5support0:amd64      1.16-2ubuntu0.4               amd64 MIT Kerberos runtime libraries - Support library
-ii  libopenjp2-7:amd64         2.3.0-2build0.18.04.1         amd64 JPEG 2000 image compression/decompression library
+ii  libopenjp2-7:amd64         2.3.0-2+deb10u2build0.18.04.1 amd64 JPEG 2000 image compression/decompression library
-ii  libpython2.7-minimal:amd64 2.7.17-1~18.04ubuntu1.10      amd64 Minimal subset of the Python language (version 2.7)
-ii  libpython2.7-stdlib:amd64  2.7.17-1~18.04ubuntu1.10      amd64 Interactive high-level object-oriented language (standard library, version 2.7)
+ii  libpython2.7-minimal:amd64 2.7.17-1~18.04ubuntu1.11      amd64 Minimal subset of the Python language (version 2.7)
+ii  libpython2.7-stdlib:amd64  2.7.17-1~18.04ubuntu1.11      amd64 Interactive high-level object-oriented language (standard library, version 2.7)
-ii  libpython3.6:amd64         3.6.9-1~18.04ubuntu1.10       amd64 Shared Python runtime library (version 3.6)
-ii  libpython3.6-minimal:amd64 3.6.9-1~18.04ubuntu1.10       amd64 Minimal subset of the Python language (version 3.6)
-ii  libpython3.6-stdlib:amd64  3.6.9-1~18.04ubuntu1.10       amd64 Interactive high-level object-oriented language (standard library, version 3.6)
+ii  libpython3.6:amd64         3.6.9-1~18.04ubuntu1.12       amd64 Shared Python runtime library (version 3.6)
+ii  libpython3.6-minimal:amd64 3.6.9-1~18.04ubuntu1.12       amd64 Minimal subset of the Python language (version 3.6)
+ii  libpython3.6-stdlib:amd64  3.6.9-1~18.04ubuntu1.12       amd64 Interactive high-level object-oriented language (standard library, version 3.6)
-ii  libsystemd0:amd64          237-3ubuntu10.56              amd64 systemd utility library
+ii  libsystemd0:amd64          237-3ubuntu10.57              amd64 systemd utility library
-ii  libudev1:amd64             237-3ubuntu10.56              amd64 libudev shared library
+ii  libudev1:amd64             237-3ubuntu10.57              amd64 libudev shared library
-ii  python2.7                  2.7.17-1~18.04ubuntu1.10      amd64 Interactive high-level object-oriented language (version 2.7)
-ii  python2.7-minimal          2.7.17-1~18.04ubuntu1.10      amd64 Minimal subset of the Python language (version 2.7)
+ii  python2.7                  2.7.17-1~18.04ubuntu1.11      amd64 Interactive high-level object-oriented language (version 2.7)
+ii  python2.7-minimal          2.7.17-1~18.04ubuntu1.11      amd64 Minimal subset of the Python language (version 2.7)
-ii  python3.6                  3.6.9-1~18.04ubuntu1.10       amd64 Interactive high-level object-oriented language (version 3.6)
-ii  python3.6-minimal          3.6.9-1~18.04ubuntu1.10       amd64 Minimal subset of the Python language (version 3.6)
+ii  python3.6                  3.6.9-1~18.04ubuntu1.12       amd64 Interactive high-level object-oriented language (version 3.6)
+ii  python3.6-minimal          3.6.9-1~18.04ubuntu1.12       amd64 Minimal subset of the Python language (version 3.6)
-ii  systemd                    237-3ubuntu10.56              amd64 system and service manager
-ii  systemd-sysv               237-3ubuntu10.56              amd64 system and service manager - SysV links
+ii  systemd                    237-3ubuntu10.57              amd64 system and service manager
+ii  systemd-sysv               237-3ubuntu10.57              amd64 system and service manager - SysV links
-ii  udev                       237-3ubuntu10.56              amd64 /dev/ and hotplug management daemon
+ii  udev                       237-3ubuntu10.57              amd64 /dev/ and hotplug management daemon
-ii  vim-common                 2:8.0.1453-1ubuntu1.10        all   Vi IMproved - Common files
-ii  vim-tiny                   2:8.0.1453-1ubuntu1.10        amd64 Vi IMproved - enhanced vi editor - compact version
+ii  vim-common                 2:8.0.1453-1ubuntu1.11        all   Vi IMproved - Common files
+ii  vim-tiny                   2:8.0.1453-1ubuntu1.11        amd64 Vi IMproved - enhanced vi editor - compact version
-ii  xxd                        2:8.0.1453-1ubuntu1.10        amd64 tool to make (or reverse) a hex dump
+ii  xxd                        2:8.0.1453-1ubuntu1.11        amd64 tool to make (or reverse) a hex dump

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

0.357.0