VARIoT IoT vulnerabilities database

nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. The issue only affects nginx if it is built with the ngx_http_mp4_module (the module is not built by default) and the .mp4. directive is used in the configuration file. Further, the attack is only possible if an attacker is able to trigger processing of a specially crafted mp4 file with the ngx_http_mp4_module. nginx Contains an information disclosure vulnerability.Information obtained and denial of service (DoS) May be in a state. nginx is a lightweight web server/reverse proxy server and email (IMAP/POP3) proxy server developed by Russian programmer Igor Sysoev. There is a memory leak vulnerability in the ngx_http_mp4_module component in Nginx 1.15.5 and earlier versions and 1.14.1. The vulnerability is caused by the program not processing MP4 files correctly. For the stable distribution (stretch), these problems have been fixed in version 1.10.3-1+deb9u2. We recommend that you upgrade your nginx packages. ========================================================================== Ubuntu Security Notice USN-3812-1 November 07, 2018 nginx vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in nginx. Software Description: - nginx: small, powerful, scalable web/proxy server Details: It was discovered that nginx incorrectly handled the HTTP/2 implementation. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-16843) Gal Goldshtein discovered that nginx incorrectly handled the HTTP/2 implementation. A remote attacker could possibly use this issue to cause excessive CPU usage, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-16844) It was discovered that nginx incorrectly handled the ngx_http_mp4_module module. (CVE-2018-16845) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10: nginx-common 1.15.5-0ubuntu2.1 nginx-core 1.15.5-0ubuntu2.1 nginx-extras 1.15.5-0ubuntu2.1 nginx-full 1.15.5-0ubuntu2.1 nginx-light 1.15.5-0ubuntu2.1 Ubuntu 18.04 LTS: nginx-common 1.14.0-0ubuntu1.2 nginx-core 1.14.0-0ubuntu1.2 nginx-extras 1.14.0-0ubuntu1.2 nginx-full 1.14.0-0ubuntu1.2 nginx-light 1.14.0-0ubuntu1.2 Ubuntu 16.04 LTS: nginx-common 1.10.3-0ubuntu0.16.04.3 nginx-core 1.10.3-0ubuntu0.16.04.3 nginx-extras 1.10.3-0ubuntu0.16.04.3 nginx-full 1.10.3-0ubuntu0.16.04.3 nginx-light 1.10.3-0ubuntu0.16.04.3 Ubuntu 14.04 LTS: nginx-common 1.4.6-1ubuntu3.9 nginx-core 1.4.6-1ubuntu3.9 nginx-extras 1.4.6-1ubuntu3.9 nginx-full 1.4.6-1ubuntu3.9 nginx-light 1.4.6-1ubuntu3.9 In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: rh-nginx18-nginx security update Advisory ID: RHSA-2018:3652-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2018:3652 Issue date: 2018-11-26 CVE Names: CVE-2018-16845 ===================================================================== 1. Summary: An update for rh-nginx18-nginx is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fix(es): * nginx: Denial of service and memory disclosure via mp4 module (CVE-2018-16845) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank the Nginx project for reporting this issue. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The rh-nginx18-nginx service must be restarted for this update to take effect. 5. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6): Source: rh-nginx18-nginx-1.8.1-1.el6.1.src.rpm x86_64: rh-nginx18-nginx-1.8.1-1.el6.1.x86_64.rpm rh-nginx18-nginx-debuginfo-1.8.1-1.el6.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6): Source: rh-nginx18-nginx-1.8.1-1.el6.1.src.rpm x86_64: rh-nginx18-nginx-1.8.1-1.el6.1.x86_64.rpm rh-nginx18-nginx-debuginfo-1.8.1-1.el6.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-nginx18-nginx-1.8.1-1.el7.1.src.rpm x86_64: rh-nginx18-nginx-1.8.1-1.el7.1.x86_64.rpm rh-nginx18-nginx-debuginfo-1.8.1-1.el7.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4): Source: rh-nginx18-nginx-1.8.1-1.el7.1.src.rpm x86_64: rh-nginx18-nginx-1.8.1-1.el7.1.x86_64.rpm rh-nginx18-nginx-debuginfo-1.8.1-1.el7.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5): Source: rh-nginx18-nginx-1.8.1-1.el7.1.src.rpm x86_64: rh-nginx18-nginx-1.8.1-1.el7.1.x86_64.rpm rh-nginx18-nginx-debuginfo-1.8.1-1.el7.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6): Source: rh-nginx18-nginx-1.8.1-1.el7.1.src.rpm x86_64: rh-nginx18-nginx-1.8.1-1.el7.1.x86_64.rpm rh-nginx18-nginx-debuginfo-1.8.1-1.el7.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-nginx18-nginx-1.8.1-1.el7.1.src.rpm x86_64: rh-nginx18-nginx-1.8.1-1.el7.1.x86_64.rpm rh-nginx18-nginx-debuginfo-1.8.1-1.el7.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-16845 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBW/viKdzjgjWX9erEAQjSFA/+IYlcY+VkhYOzot4cXoMumMPj0zcn6Iuk TwHfLvfooC8KsM5PK3acSmv2526KlfWn9xi8QJ8YMIoZVX8+LPPC7gOVxmwAyYOn 4uOumQy5rulkk03UB7r6y7u34Xy5mftCXTOouOipvhiW2Na6aZWiRen7ZWRBcMMW okYWY03xJU7/OQafttfP3UUVAYiw5adZ6gAflhZA8q8JzF0RhZXnliyt4kpZ1kLj 8fr6q+9WDVdiHe9u1j1wIXwQglkPnpab+kW1k4KZ3pdJMzFr9unZURHbyDsqbxlh T5rNTFtoLO9rgksSYtkuK0D6MvxVu7MzHMl/X0IsCnFwwAjH9xbqftqX5G26pQR6 L2UlnBNnes+NG357E81aHJus6ioRpjzSsfIrFoU9N0K9llnfbEslwEr239GzF6hH sMO5vap7/i2bmYQ7++jw9jfF67K2AtFvZCa/tYWlilkWOM12BkP2HvuYXCgmtb6F 99oHxB5TyDKPb44epIvzKV/YtvoeHT6beKRIefJ3xstrq8to0f87NZhTTbk5rYt0 HPf5vLjoZO6SYequmHzn++zoAZubU+oZ3fE05jcbrJSwQeMHWLPTtBoBkmQq+l5y rYTxun0/RvYql6bZD4uHAxKzTxyAvrKw0dW+/DGNanQiwkk+/RpPrYTdMhVw4a5a ZrQQucuvvOo= =LfBW -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . The following packages have been upgraded to a later upstream version: rh-nginx114-nginx (1.14.1). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-09-20-4 Xcode 13 Xcode 13 addresses the following issues. IDE Xcode Server Available for: macOS Big Sur 11.3 and later Impact: Multiple issues in nginx Description: Multiple issues were addressed by updating nginx to version 1.21.0. CVE-2016-0742 CVE-2016-0746 CVE-2016-0747 CVE-2017-7529 CVE-2018-16843 CVE-2018-16844 CVE-2018-16845 CVE-2019-20372 Installation note: Xcode 13 may be obtained from: https://developer.apple.com/xcode/downloads/ To check that the Xcode has been updated: * Select Xcode in the menu bar * Select About Xcode * The version after applying this update will be "Xcode 13"

An issue was discovered in Roche Accu-Chek Inform II Instrument before 03.06.00 (Serial number below 14000) and 04.x before 04.03.00 (Serial Number above 14000), CoaguChek Pro II before 04.03.00, CoaguChek XS Plus before 03.01.06, CoaguChek XS Pro before 03.01.06, cobas h 232 before 03.01.03 (Serial Number below KQ0400000 or KS0400000) and cobas h 232 before 04.00.04 (Serial Number above KQ0400000 or KS0400000). Improper access control to a service command allows attackers in the adjacent network to execute arbitrary code on the system through a crafted Poct1-A message. plural Roche The product contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. RocheAccu-ChekInformIIInstrument and others are hand-held blood test medical devices from Roche, Switzerland. There are device permission and access control vulnerabilities in the software update mechanism of several Roche devices. The vulnerability stems from the failure of the program to perform proper access control. The attacker can use the special update package to write the file to any file. Multiple Roche Point of Care Handheld Medical Services are prone to the following security vulnerabilities: 1. An authentication bypass vulnerability 2. An OS command-injection vulnerability 3. An arbitrary file-upload vulnerability 4. A remote code-execution vulnerability 5. An access bypass vulnerability An attacker can exploit these issues to bypass authentication mechanism, execute arbitrary commands and codes, upload arbitrary files, or to bypass security restrictions

An issue was discovered in Roche Accu-Chek Inform II Instrument before 03.06.00 (Serial number below 14000) and 04.x before 04.03.00 (Serial Number above 14000), CoaguChek Pro II before 04.03.00, CoaguChek XS Plus before 03.01.06, CoaguChek XS Pro before 03.01.06, cobas h 232 before 03.01.03 (Serial number below KQ0400000 or KS0400000), and cobas h 232 before 04.00.04 (Serial number above KQ0400000 or KS0400000). A vulnerability in the software update mechanism allows authenticated attackers in the adjacent network to overwrite arbitrary files on the system through a crafted update package. plural Roche The product contains a vulnerability related to unlimited uploads of dangerous types of files.Information may be tampered with. RocheAccu-ChekInformIIInstrument and others are hand-held blood test medical devices from Roche, Switzerland. Permissions and access control vulnerabilities exist in several Roche devices that an attacker can use to change configurations. Multiple Roche Point of Care Handheld Medical Services are prone to the following security vulnerabilities: 1. An authentication bypass vulnerability 2. An OS command-injection vulnerability 3. An arbitrary file-upload vulnerability 4. A remote code-execution vulnerability 5. An access bypass vulnerability An attacker can exploit these issues to bypass authentication mechanism, execute arbitrary commands and codes, upload arbitrary files, or to bypass security restrictions

An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04 and CoaguChek / cobas h232 Handheld Base Unit before 03.01.04. Weak access credentials may enable attackers in the adjacent network to gain unauthorized service access via a service interface. plural Roche The product contains vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. RocheAccu-ChekInformIIBaseUnit/BaseUnitHub and CoaguChek/cobash232HandheldBaseUnit are hand-held blood test medical devices from Roche, Switzerland. An authorization issue vulnerability exists in versions prior to RocheAccu-ChekInformIIBaseUnit/BaseUnitHub03.01.04 and prior to CoaguChek/cobash232HandheldBaseUnit03.01.04. An attacker could exploit this vulnerability to execute arbitrary commands on the operating system. Multiple Roche Point of Care Handheld Medical Services are prone to the following security vulnerabilities: 1. An authentication bypass vulnerability 2. An OS command-injection vulnerability 3. An arbitrary file-upload vulnerability 4. A remote code-execution vulnerability 5

An issue was discovered in Roche Accu-Chek Inform II Instrument before 03.06.00 (Serial number below 14000) and 04.x before 04.03.00 (Serial Number above 14000), CoaguChek Pro II before 04.03.00, and cobas h 232 before 04.00.04 (Serial number above KQ0400000 or KS0400000). Improper access control allows attackers in the adjacent network to change the instrument configuration. RocheAccu-ChekInformIIInstrument, CoaguChekProII and cobash232 are all hand-held blood testing medical devices from Roche, Switzerland. Permissions and access control vulnerabilities exist in multiple Roche devices, which can be exploited by an attacker to create arbitrary code on the system through specially crafted messages. Multiple Roche Point of Care Handheld Medical Services are prone to the following security vulnerabilities: 1. An authentication bypass vulnerability 2. An OS command-injection vulnerability 3. An arbitrary file-upload vulnerability 4. A remote code-execution vulnerability 5. An access bypass vulnerability An attacker can exploit these issues to bypass authentication mechanism, execute arbitrary commands and codes, upload arbitrary files, or to bypass security restrictions

An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04 and CoaguChek / cobas h232 Handheld Base Unit before 03.01.04. Insecure permissions in a service interface may allow authenticated attackers in the adjacent network to execute arbitrary commands on the operating system. plural Roche The product contains authentication vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. RocheAccu-ChekInformIIBaseUnit/BaseUnitHub and CoaguChek/cobash232HandheldBaseUnit are hand-held blood test medical devices from Roche, Switzerland. A security vulnerability exists in versions prior to RocheAccu-ChekInformIIBaseUnit/BaseUnitHub03.01.04 and in versions prior to CoaguChek/cobash232HandheldBaseUnit03.01.04. The vulnerability stems from the failure of the program to assign security. Multiple Roche Point of Care Handheld Medical Services are prone to the following security vulnerabilities: 1. An authentication bypass vulnerability 2. An OS command-injection vulnerability 3. An arbitrary file-upload vulnerability 4. A remote code-execution vulnerability 5

A URL Redirection to Untrusted Site vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 where a user clicking on a specially crafted link can be redirected to a URL of the attacker's choosing. plural Schneider Electric The product contains an open redirect vulnerability.Information may be obtained and information may be altered

The radio module of some Huawei smartphones Emily-AL00A The versions before 8.1.0.171(C00) have a lock-screen bypass vulnerability. An unauthenticated attacker could start third-part input method APP through certain operations to bypass lock-screen by exploit this vulnerability. Huawei smartphone Emily-AL00A Contains an authorization vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Emily-AL00A is a smartphone launched by Huawei. Huawei Emily-AL00A is a smartphone device from the Chinese company Huawei

There are multiple vulnerabilities in implementations of ATA Security or TCG Opal Standards in Self-Encrypting Disks (SEDs), which can allow an attacker to decrypt contents of an encrypted drive. Marvell SSD Controller Contains vulnerabilities related to security features.Information may be tampered with. Marvell SSD Controller 88SS1074 is a solid-state hard drive controller from Marvell. This vulnerability is due to the lack of security measures such as authentication, access control, and rights management in network systems or products

An issue was discovered on Samsung 840 EVO devices. Vendor-specific commands may allow access to the disk-encryption key. ATA Security mode and TCG OPAL There are multiple vulnerabilities in the self-encrypting drive product that implements the standard, which could allow the attacker to decrypt the contents of the encrypted drive. CVE-2018-12037 There is no cryptographic association between the password set by the user and the encryption key used for data encryption. This makes it possible to decrypt data without knowing the user-set password. CVE-2018-12038 Information about the data encryption key is recorded in a storage area with a wear leveling function. On devices with wear leveling, when data is updated, the data is written to a physically different location, so the original data may not be completely deleted. As a result, even after updating the data encryption key with a new password, there is a possibility of accessing the previous data encryption key that is not protected or protected with an old password.An attacker with physical access to a product affected by this vulnerability could decrypt the encrypted data. Self-Encrypting Drives are prone to a local security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Samsung 840 EVO is a hard disk drive made by South Korea's Samsung (Samsung). , which may result in writing to different physical areas. An attacker in physical proximity could exploit this vulnerability to obtain passwords

An issue was discovered on Samsung 840 EVO and 850 EVO devices (only in "ATA high" mode, not vulnerable in "TCG" or "ATA max" mode), Samsung T3 and T5 portable drives, and Crucial MX100, MX200 and MX300 devices. Absence of a cryptographic link between the password and the Disk Encryption Key allows attackers with privileged access to SSD firmware full access to encrypted data. ATA Security mode and TCG OPAL There are multiple vulnerabilities in the self-encrypting drive product that implements the standard, which could allow the attacker to decrypt the contents of the encrypted drive. This makes it possible to decrypt data without knowing the user-set password. CVE-2018-12038 Information about the data encryption key is recorded in a storage area with a wear leveling function. On devices with wear leveling, when data is updated, the data is written to a physically different location, so the original data may not be completely deleted. Self-Encrypting Drives are prone to a local security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. The Micron Crucial MX100, MX200, and MX300 are all silver disk drives from Micron. Samsung T3 and so on are all hard disk drives of South Korea's Samsung (Samsung) company

nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option of the 'listen' directive is used in a configuration file. nginx Contains a resource exhaustion vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. nginx is prone to multiple denial-of-service vulnerabilities. Attackers can exploit these issues to cause denial-of-service conditions. Versions prior to nginx 1.15.6 and 1.14.1 are vulnerable. nginx is a lightweight web server/reverse proxy server and email (IMAP/POP3) proxy server developed by Russian programmer Igor Sysoev. For the stable distribution (stretch), these problems have been fixed in version 1.10.3-1+deb9u2. We recommend that you upgrade your nginx packages. ========================================================================== Ubuntu Security Notice USN-3812-1 November 07, 2018 nginx vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in nginx. Software Description: - nginx: small, powerful, scalable web/proxy server Details: It was discovered that nginx incorrectly handled the HTTP/2 implementation. A remote attacker could possibly use this issue to cause excessive memory consumption, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-16843) Gal Goldshtein discovered that nginx incorrectly handled the HTTP/2 implementation. A remote attacker could possibly use this issue to cause excessive CPU usage, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-16844) It was discovered that nginx incorrectly handled the ngx_http_mp4_module module. A remote attacker could possibly use this issue with a specially crafted mp4 file to cause nginx to crash, stop responding, or access arbitrary memory. (CVE-2018-16845) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10: nginx-common 1.15.5-0ubuntu2.1 nginx-core 1.15.5-0ubuntu2.1 nginx-extras 1.15.5-0ubuntu2.1 nginx-full 1.15.5-0ubuntu2.1 nginx-light 1.15.5-0ubuntu2.1 Ubuntu 18.04 LTS: nginx-common 1.14.0-0ubuntu1.2 nginx-core 1.14.0-0ubuntu1.2 nginx-extras 1.14.0-0ubuntu1.2 nginx-full 1.14.0-0ubuntu1.2 nginx-light 1.14.0-0ubuntu1.2 Ubuntu 16.04 LTS: nginx-common 1.10.3-0ubuntu0.16.04.3 nginx-core 1.10.3-0ubuntu0.16.04.3 nginx-extras 1.10.3-0ubuntu0.16.04.3 nginx-full 1.10.3-0ubuntu0.16.04.3 nginx-light 1.10.3-0ubuntu0.16.04.3 Ubuntu 14.04 LTS: nginx-common 1.4.6-1ubuntu3.9 nginx-core 1.4.6-1ubuntu3.9 nginx-extras 1.4.6-1ubuntu3.9 nginx-full 1.4.6-1ubuntu3.9 nginx-light 1.4.6-1ubuntu3.9 In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: rh-nginx114-nginx security update Advisory ID: RHSA-2018:3681-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2018:3681 Issue date: 2018-11-27 CVE Names: CVE-2018-16843 CVE-2018-16844 CVE-2018-16845 ==================================================================== 1. Summary: An update for rh-nginx114-nginx is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. The following packages have been upgraded to a later upstream version: rh-nginx114-nginx (1.14.1). Red Hat would like to thank the Nginx project for reporting these issues. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The rh-nginx114-nginx service must be restarted for this update to take effect. 5. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-nginx114-nginx-1.14.1-1.el7.src.rpm aarch64: rh-nginx114-nginx-1.14.1-1.el7.aarch64.rpm rh-nginx114-nginx-debuginfo-1.14.1-1.el7.aarch64.rpm rh-nginx114-nginx-mod-http-image-filter-1.14.1-1.el7.aarch64.rpm rh-nginx114-nginx-mod-http-perl-1.14.1-1.el7.aarch64.rpm rh-nginx114-nginx-mod-http-xslt-filter-1.14.1-1.el7.aarch64.rpm rh-nginx114-nginx-mod-mail-1.14.1-1.el7.aarch64.rpm rh-nginx114-nginx-mod-stream-1.14.1-1.el7.aarch64.rpm ppc64le: rh-nginx114-nginx-1.14.1-1.el7.ppc64le.rpm rh-nginx114-nginx-debuginfo-1.14.1-1.el7.ppc64le.rpm rh-nginx114-nginx-mod-http-image-filter-1.14.1-1.el7.ppc64le.rpm rh-nginx114-nginx-mod-http-perl-1.14.1-1.el7.ppc64le.rpm rh-nginx114-nginx-mod-http-xslt-filter-1.14.1-1.el7.ppc64le.rpm rh-nginx114-nginx-mod-mail-1.14.1-1.el7.ppc64le.rpm rh-nginx114-nginx-mod-stream-1.14.1-1.el7.ppc64le.rpm s390x: rh-nginx114-nginx-1.14.1-1.el7.s390x.rpm rh-nginx114-nginx-debuginfo-1.14.1-1.el7.s390x.rpm rh-nginx114-nginx-mod-http-image-filter-1.14.1-1.el7.s390x.rpm rh-nginx114-nginx-mod-http-perl-1.14.1-1.el7.s390x.rpm rh-nginx114-nginx-mod-http-xslt-filter-1.14.1-1.el7.s390x.rpm rh-nginx114-nginx-mod-mail-1.14.1-1.el7.s390x.rpm rh-nginx114-nginx-mod-stream-1.14.1-1.el7.s390x.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-nginx114-nginx-1.14.1-1.el7.src.rpm aarch64: rh-nginx114-nginx-1.14.1-1.el7.aarch64.rpm rh-nginx114-nginx-debuginfo-1.14.1-1.el7.aarch64.rpm rh-nginx114-nginx-mod-http-image-filter-1.14.1-1.el7.aarch64.rpm rh-nginx114-nginx-mod-http-perl-1.14.1-1.el7.aarch64.rpm rh-nginx114-nginx-mod-http-xslt-filter-1.14.1-1.el7.aarch64.rpm rh-nginx114-nginx-mod-mail-1.14.1-1.el7.aarch64.rpm rh-nginx114-nginx-mod-stream-1.14.1-1.el7.aarch64.rpm ppc64le: rh-nginx114-nginx-1.14.1-1.el7.ppc64le.rpm rh-nginx114-nginx-debuginfo-1.14.1-1.el7.ppc64le.rpm rh-nginx114-nginx-mod-http-image-filter-1.14.1-1.el7.ppc64le.rpm rh-nginx114-nginx-mod-http-perl-1.14.1-1.el7.ppc64le.rpm rh-nginx114-nginx-mod-http-xslt-filter-1.14.1-1.el7.ppc64le.rpm rh-nginx114-nginx-mod-mail-1.14.1-1.el7.ppc64le.rpm rh-nginx114-nginx-mod-stream-1.14.1-1.el7.ppc64le.rpm s390x: rh-nginx114-nginx-1.14.1-1.el7.s390x.rpm rh-nginx114-nginx-debuginfo-1.14.1-1.el7.s390x.rpm rh-nginx114-nginx-mod-http-image-filter-1.14.1-1.el7.s390x.rpm rh-nginx114-nginx-mod-http-perl-1.14.1-1.el7.s390x.rpm rh-nginx114-nginx-mod-http-xslt-filter-1.14.1-1.el7.s390x.rpm rh-nginx114-nginx-mod-mail-1.14.1-1.el7.s390x.rpm rh-nginx114-nginx-mod-stream-1.14.1-1.el7.s390x.rpm x86_64: rh-nginx114-nginx-1.14.1-1.el7.x86_64.rpm rh-nginx114-nginx-debuginfo-1.14.1-1.el7.x86_64.rpm rh-nginx114-nginx-mod-http-image-filter-1.14.1-1.el7.x86_64.rpm rh-nginx114-nginx-mod-http-perl-1.14.1-1.el7.x86_64.rpm rh-nginx114-nginx-mod-http-xslt-filter-1.14.1-1.el7.x86_64.rpm rh-nginx114-nginx-mod-mail-1.14.1-1.el7.x86_64.rpm rh-nginx114-nginx-mod-stream-1.14.1-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4): Source: rh-nginx114-nginx-1.14.1-1.el7.src.rpm ppc64le: rh-nginx114-nginx-1.14.1-1.el7.ppc64le.rpm rh-nginx114-nginx-debuginfo-1.14.1-1.el7.ppc64le.rpm rh-nginx114-nginx-mod-http-image-filter-1.14.1-1.el7.ppc64le.rpm rh-nginx114-nginx-mod-http-perl-1.14.1-1.el7.ppc64le.rpm rh-nginx114-nginx-mod-http-xslt-filter-1.14.1-1.el7.ppc64le.rpm rh-nginx114-nginx-mod-mail-1.14.1-1.el7.ppc64le.rpm rh-nginx114-nginx-mod-stream-1.14.1-1.el7.ppc64le.rpm s390x: rh-nginx114-nginx-1.14.1-1.el7.s390x.rpm rh-nginx114-nginx-debuginfo-1.14.1-1.el7.s390x.rpm rh-nginx114-nginx-mod-http-image-filter-1.14.1-1.el7.s390x.rpm rh-nginx114-nginx-mod-http-perl-1.14.1-1.el7.s390x.rpm rh-nginx114-nginx-mod-http-xslt-filter-1.14.1-1.el7.s390x.rpm rh-nginx114-nginx-mod-mail-1.14.1-1.el7.s390x.rpm rh-nginx114-nginx-mod-stream-1.14.1-1.el7.s390x.rpm x86_64: rh-nginx114-nginx-1.14.1-1.el7.x86_64.rpm rh-nginx114-nginx-debuginfo-1.14.1-1.el7.x86_64.rpm rh-nginx114-nginx-mod-http-image-filter-1.14.1-1.el7.x86_64.rpm rh-nginx114-nginx-mod-http-perl-1.14.1-1.el7.x86_64.rpm rh-nginx114-nginx-mod-http-xslt-filter-1.14.1-1.el7.x86_64.rpm rh-nginx114-nginx-mod-mail-1.14.1-1.el7.x86_64.rpm rh-nginx114-nginx-mod-stream-1.14.1-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5): Source: rh-nginx114-nginx-1.14.1-1.el7.src.rpm ppc64le: rh-nginx114-nginx-1.14.1-1.el7.ppc64le.rpm rh-nginx114-nginx-debuginfo-1.14.1-1.el7.ppc64le.rpm rh-nginx114-nginx-mod-http-image-filter-1.14.1-1.el7.ppc64le.rpm rh-nginx114-nginx-mod-http-perl-1.14.1-1.el7.ppc64le.rpm rh-nginx114-nginx-mod-http-xslt-filter-1.14.1-1.el7.ppc64le.rpm rh-nginx114-nginx-mod-mail-1.14.1-1.el7.ppc64le.rpm rh-nginx114-nginx-mod-stream-1.14.1-1.el7.ppc64le.rpm s390x: rh-nginx114-nginx-1.14.1-1.el7.s390x.rpm rh-nginx114-nginx-debuginfo-1.14.1-1.el7.s390x.rpm rh-nginx114-nginx-mod-http-image-filter-1.14.1-1.el7.s390x.rpm rh-nginx114-nginx-mod-http-perl-1.14.1-1.el7.s390x.rpm rh-nginx114-nginx-mod-http-xslt-filter-1.14.1-1.el7.s390x.rpm rh-nginx114-nginx-mod-mail-1.14.1-1.el7.s390x.rpm rh-nginx114-nginx-mod-stream-1.14.1-1.el7.s390x.rpm x86_64: rh-nginx114-nginx-1.14.1-1.el7.x86_64.rpm rh-nginx114-nginx-debuginfo-1.14.1-1.el7.x86_64.rpm rh-nginx114-nginx-mod-http-image-filter-1.14.1-1.el7.x86_64.rpm rh-nginx114-nginx-mod-http-perl-1.14.1-1.el7.x86_64.rpm rh-nginx114-nginx-mod-http-xslt-filter-1.14.1-1.el7.x86_64.rpm rh-nginx114-nginx-mod-mail-1.14.1-1.el7.x86_64.rpm rh-nginx114-nginx-mod-stream-1.14.1-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6): Source: rh-nginx114-nginx-1.14.1-1.el7.src.rpm ppc64le: rh-nginx114-nginx-1.14.1-1.el7.ppc64le.rpm rh-nginx114-nginx-debuginfo-1.14.1-1.el7.ppc64le.rpm rh-nginx114-nginx-mod-http-image-filter-1.14.1-1.el7.ppc64le.rpm rh-nginx114-nginx-mod-http-perl-1.14.1-1.el7.ppc64le.rpm rh-nginx114-nginx-mod-http-xslt-filter-1.14.1-1.el7.ppc64le.rpm rh-nginx114-nginx-mod-mail-1.14.1-1.el7.ppc64le.rpm rh-nginx114-nginx-mod-stream-1.14.1-1.el7.ppc64le.rpm s390x: rh-nginx114-nginx-1.14.1-1.el7.s390x.rpm rh-nginx114-nginx-debuginfo-1.14.1-1.el7.s390x.rpm rh-nginx114-nginx-mod-http-image-filter-1.14.1-1.el7.s390x.rpm rh-nginx114-nginx-mod-http-perl-1.14.1-1.el7.s390x.rpm rh-nginx114-nginx-mod-http-xslt-filter-1.14.1-1.el7.s390x.rpm rh-nginx114-nginx-mod-mail-1.14.1-1.el7.s390x.rpm rh-nginx114-nginx-mod-stream-1.14.1-1.el7.s390x.rpm x86_64: rh-nginx114-nginx-1.14.1-1.el7.x86_64.rpm rh-nginx114-nginx-debuginfo-1.14.1-1.el7.x86_64.rpm rh-nginx114-nginx-mod-http-image-filter-1.14.1-1.el7.x86_64.rpm rh-nginx114-nginx-mod-http-perl-1.14.1-1.el7.x86_64.rpm rh-nginx114-nginx-mod-http-xslt-filter-1.14.1-1.el7.x86_64.rpm rh-nginx114-nginx-mod-mail-1.14.1-1.el7.x86_64.rpm rh-nginx114-nginx-mod-stream-1.14.1-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-nginx114-nginx-1.14.1-1.el7.src.rpm x86_64: rh-nginx114-nginx-1.14.1-1.el7.x86_64.rpm rh-nginx114-nginx-debuginfo-1.14.1-1.el7.x86_64.rpm rh-nginx114-nginx-mod-http-image-filter-1.14.1-1.el7.x86_64.rpm rh-nginx114-nginx-mod-http-perl-1.14.1-1.el7.x86_64.rpm rh-nginx114-nginx-mod-http-xslt-filter-1.14.1-1.el7.x86_64.rpm rh-nginx114-nginx-mod-mail-1.14.1-1.el7.x86_64.rpm rh-nginx114-nginx-mod-stream-1.14.1-1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-16843 https://access.redhat.com/security/cve/CVE-2018-16844 https://access.redhat.com/security/cve/CVE-2018-16845 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBW/0L0tzjgjWX9erEAQi/dA//TeRNgNBL26V6hp7bf1NojNPyPdOdgyEb VvJJMTCvsafmFT15/SzElx34Dy6OLqqreBkNj39zMH9fK64CS3XhjEAyazyp+kMO SEXRR8+0f1ZLcHRkR0ODWKqXI9yFYAWLjrq8pXw2877P8DrR2qm8O+e6HqFXU11w nIWJB/AvnoX2bAlXXkXfN4nX712bPXp435vI5YRizho+/Ihb/mRlWMx+Bn8ma/xW J793HiOmdZrugXTvn/34A8vPY04wRcn6tPhMzob6FT/CBLhsTXUmBbQxQUnNboaJ oaaf/RD+IIpgqpxEk41p+Jtq5SiOfQ9KB9gbyzXpaarjZwYLm3BwrpnIES6Cd3BM ScqMrIthu/9ZOQLpPET6ypuBYU53xwPHlhBBNnA+MGjz4mrvzc7WTgoFsV1VFAfY 3TXlFkfv6cRV5IEoHa4GBaR+1g2lzvi8iirep09bqtv5VFJsD+RwspY1OZOVB4st fXXSzVsWuzFGFYkFBTyuKzJkhBrl3BHjK8VRuBlNTBMvLa5Q+YmOmzAQAmmKoZYn JeBulCz6hSJ8lHN8GiQxkqeOMZz3XUe0L4mAdkk+UqBxUrB16nDRxBUVpqMbulJl IyAqBeA4ekIvf376D6Jh0VDEkLfpesjoFACdVwdjKzLJI9e7ljut81rwmCtmWT7i vpRowVLRFpwoP7 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-09-20-4 Xcode 13 Xcode 13 addresses the following issues. IDE Xcode Server Available for: macOS Big Sur 11.3 and later Impact: Multiple issues in nginx Description: Multiple issues were addressed by updating nginx to version 1.21.0. CVE-2016-0742 CVE-2016-0746 CVE-2016-0747 CVE-2017-7529 CVE-2018-16843 CVE-2018-16844 CVE-2018-16845 CVE-2019-20372 Installation note: Xcode 13 may be obtained from: https://developer.apple.com/xcode/downloads/ To check that the Xcode has been updated: * Select Xcode in the menu bar * Select About Xcode * The version after applying this update will be "Xcode 13"

nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option of the 'listen' directive is used in a configuration file. nginx Contains a resource exhaustion vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. nginx is prone to multiple denial-of-service vulnerabilities. Attackers can exploit these issues to cause denial-of-service conditions. Versions prior to nginx 1.15.6 and 1.14.1 are vulnerable. nginx is a lightweight web server/reverse proxy server and email (IMAP/POP3) proxy server developed by Russian programmer Igor Sysoev. An attacker can exploit this vulnerability to consume a large amount of memory space. For the stable distribution (stretch), these problems have been fixed in version 1.10.3-1+deb9u2. We recommend that you upgrade your nginx packages. ========================================================================== Ubuntu Security Notice USN-3812-1 November 07, 2018 nginx vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in nginx. Software Description: - nginx: small, powerful, scalable web/proxy server Details: It was discovered that nginx incorrectly handled the HTTP/2 implementation. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-16843) Gal Goldshtein discovered that nginx incorrectly handled the HTTP/2 implementation. A remote attacker could possibly use this issue to cause excessive CPU usage, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-16844) It was discovered that nginx incorrectly handled the ngx_http_mp4_module module. A remote attacker could possibly use this issue with a specially crafted mp4 file to cause nginx to crash, stop responding, or access arbitrary memory. (CVE-2018-16845) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10: nginx-common 1.15.5-0ubuntu2.1 nginx-core 1.15.5-0ubuntu2.1 nginx-extras 1.15.5-0ubuntu2.1 nginx-full 1.15.5-0ubuntu2.1 nginx-light 1.15.5-0ubuntu2.1 Ubuntu 18.04 LTS: nginx-common 1.14.0-0ubuntu1.2 nginx-core 1.14.0-0ubuntu1.2 nginx-extras 1.14.0-0ubuntu1.2 nginx-full 1.14.0-0ubuntu1.2 nginx-light 1.14.0-0ubuntu1.2 Ubuntu 16.04 LTS: nginx-common 1.10.3-0ubuntu0.16.04.3 nginx-core 1.10.3-0ubuntu0.16.04.3 nginx-extras 1.10.3-0ubuntu0.16.04.3 nginx-full 1.10.3-0ubuntu0.16.04.3 nginx-light 1.10.3-0ubuntu0.16.04.3 Ubuntu 14.04 LTS: nginx-common 1.4.6-1ubuntu3.9 nginx-core 1.4.6-1ubuntu3.9 nginx-extras 1.4.6-1ubuntu3.9 nginx-full 1.4.6-1ubuntu3.9 nginx-light 1.4.6-1ubuntu3.9 In general, a standard system update will make all the necessary changes. The following packages have been upgraded to a later upstream version: rh-nginx114-nginx (1.14.1). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: rh-nginx110-nginx security update Advisory ID: RHSA-2018:3653-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2018:3653 Issue date: 2018-11-26 CVE Names: CVE-2018-16843 CVE-2018-16845 ===================================================================== 1. Summary: An update for rh-nginx110-nginx is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Red Hat would like to thank the Nginx project for reporting these issues. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The rh-nginx110-nginx service must be restarted for this update to take effect. 5. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6): Source: rh-nginx110-nginx-1.10.2-8.el6.1.src.rpm x86_64: rh-nginx110-nginx-1.10.2-8.el6.1.x86_64.rpm rh-nginx110-nginx-debuginfo-1.10.2-8.el6.1.x86_64.rpm rh-nginx110-nginx-mod-http-image-filter-1.10.2-8.el6.1.x86_64.rpm rh-nginx110-nginx-mod-http-perl-1.10.2-8.el6.1.x86_64.rpm rh-nginx110-nginx-mod-http-xslt-filter-1.10.2-8.el6.1.x86_64.rpm rh-nginx110-nginx-mod-mail-1.10.2-8.el6.1.x86_64.rpm rh-nginx110-nginx-mod-stream-1.10.2-8.el6.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6): Source: rh-nginx110-nginx-1.10.2-8.el6.1.src.rpm x86_64: rh-nginx110-nginx-1.10.2-8.el6.1.x86_64.rpm rh-nginx110-nginx-debuginfo-1.10.2-8.el6.1.x86_64.rpm rh-nginx110-nginx-mod-http-image-filter-1.10.2-8.el6.1.x86_64.rpm rh-nginx110-nginx-mod-http-perl-1.10.2-8.el6.1.x86_64.rpm rh-nginx110-nginx-mod-http-xslt-filter-1.10.2-8.el6.1.x86_64.rpm rh-nginx110-nginx-mod-mail-1.10.2-8.el6.1.x86_64.rpm rh-nginx110-nginx-mod-stream-1.10.2-8.el6.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-nginx110-nginx-1.10.2-8.el7.1.src.rpm x86_64: rh-nginx110-nginx-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-debuginfo-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-http-image-filter-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-http-perl-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-http-xslt-filter-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-mail-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-stream-1.10.2-8.el7.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4): Source: rh-nginx110-nginx-1.10.2-8.el7.1.src.rpm x86_64: rh-nginx110-nginx-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-debuginfo-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-http-image-filter-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-http-perl-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-http-xslt-filter-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-mail-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-stream-1.10.2-8.el7.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5): Source: rh-nginx110-nginx-1.10.2-8.el7.1.src.rpm x86_64: rh-nginx110-nginx-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-debuginfo-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-http-image-filter-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-http-perl-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-http-xslt-filter-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-mail-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-stream-1.10.2-8.el7.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6): Source: rh-nginx110-nginx-1.10.2-8.el7.1.src.rpm x86_64: rh-nginx110-nginx-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-debuginfo-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-http-image-filter-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-http-perl-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-http-xslt-filter-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-mail-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-stream-1.10.2-8.el7.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-nginx110-nginx-1.10.2-8.el7.1.src.rpm x86_64: rh-nginx110-nginx-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-debuginfo-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-http-image-filter-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-http-perl-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-http-xslt-filter-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-mail-1.10.2-8.el7.1.x86_64.rpm rh-nginx110-nginx-mod-stream-1.10.2-8.el7.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-16843 https://access.redhat.com/security/cve/CVE-2018-16845 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBW/vmotzjgjWX9erEAQgLFQ//c0AzsoAslgezACNt/7IQuf7IJy0o3ZJS RivGOSPey3gjDQDioSB5LYv5W89fmX5lQ8NsSmx/K+soAPpsz2OmwkFrJ3Mu9D/U DvE5WxP0TQcJOizA9k6huKhwtLYLmkMrnRmZUIJ/E6BiLVZbAP8/1CnoryK+JBum Ml1oFeOZUgwz2x0pvBPVPqGsRBFK3cE1SRxnSHgvwchMxYKSTwrHMARYFUavOrmZ VVRbL8xIiCPCEl7/OPKO3QD4M2vXhMHRwaquZJS/A6+Vls53qGAjJ9q3iLE+sEl5 Lb3B3AkbOtURmmoKOb8wdWlo9YRHckG+4mLXonNCIUteSZDWukns8gKti+AcSyOs gZ4e+IXDahfnP1+Lg9StFthKexpGGwp/ASBi0OZ8ZmyA6IVQzGyXW7nADlrdolKj 9q2zXQMPVFEtYu7tvDb/eJZq+ch/fkjIywps6+lQKRTkRSkT7SzUuopRj4z0eWt7 hy7/WXdf9+55sR6VM2XTQi5Oj4xjJkzmrFuYc2tG9oLSc2M+11ouuY/DgaMGnilE HVFQ5L9OjV7fV3yPbxFIA2avu4BuCR2xwggQ0fNihAtcqmCiYSESfIsCvHcM+V4P AQIcEgyuW0KOPH7ygRcBFbniri+sYRAk96jRpZtccmCjw45DUZcFdeHWJheWcZNc chCvd465nBo= =EyM5 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-09-20-4 Xcode 13 Xcode 13 addresses the following issues. IDE Xcode Server Available for: macOS Big Sur 11.3 and later Impact: Multiple issues in nginx Description: Multiple issues were addressed by updating nginx to version 1.21.0. CVE-2016-0742 CVE-2016-0746 CVE-2016-0747 CVE-2017-7529 CVE-2018-16843 CVE-2018-16844 CVE-2018-16845 CVE-2019-20372 Installation note: Xcode 13 may be obtained from: https://developer.apple.com/xcode/downloads/ To check that the Xcode has been updated: * Select Xcode in the menu bar * Select About Xcode * The version after applying this update will be "Xcode 13"

Incorrect access control for the diagnostic files of the iSmartAlarm Cube One through 2.2.4.10 allows an attacker to retrieve them via a specifically crafted TCP request to port 12345 and 22306, and access sensitive information from the device. iSmartAlarm Cube One Contains an information disclosure vulnerability.Information may be obtained. iSmartAlarm Cube One is a smart home control device from iSmartAlarm. The vulnerability stems from the program failing to perform proper access control. Sensitive information. Multiple vulnerabilities have been identified in the QBee Camera (CVE-2018-16223) and iSmartAlarm devices (CVE-2018-16222 & CVE-2018-16224) and/or companion applications. https://blog.francescoservida.ch/2018/10/31/cve-2018-16222-to-16225-multiple-vulnerabilities-in-qbee-and-ismartalarm-products/ # CVE-2018-16222 ############### CVSS: 6.4 - AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Cleartext Storage of credentials in the iSmartAlermData.xml configuration file in the iSmartAlarm application through 2.0.8 for Android allows an attacker to retrieve the username and password. [VulnerabilityType Other] Cleartext Storage in a File or on Disk [Vendor of Product] iSmartAlarm [Affected Product Code Base] iSmartAlarm - <= 2.0.8 [Affected Component] iSmartAlermData.xml [Attack Type] Physical [Impact Information Disclosure] true [Attack Vectors] Extraction of iSmartAlermData.xml by any mean [Has vendor confirmed or acknowledged the vulnerability?] True # CVE-2018-16223 ############### CVSS: 6.4 - AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Insecure Cryptographic Storage of credentials in com.vestiacom.qbeecamera_preferences.xml in the QBee Cam application through 1.0.5 for Android allows an attacker to retrieve the username and password. [Vulnerability Type] Incorrect Access Control [Vendor of Product] iSmartAlarm [Affected Product Code Base] iSmartAlarm Cube One - <= 2.2.4.10 (Fixed version number not yet available) [Affected Component] Network Traffic, Diagnostic Informations [Attack Type] Remote [Impact Information Disclosure] true [Attack Vectors] A carefully crafted TCP request to port 12345 et 22306 [Has vendor confirmed or acknowledged the vulnerability?] true

Missing validation check on CRL issuer name in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU, SD 410/12, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A. Snapdragon Automobile and Snapdragon Mobile Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-78244877, A-79420111, A-109677962, A-68326808, A-78240714, A-78240675, A-78241957, A-72950294, A-74235967, A-77484722, A-77484786, A-79420492, A-79420096, and A-109678529. Qualcomm MSM8996AU, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) for different platforms. An input validation vulnerability exists in Broadcast Services in several Qualcomm Snapdragon products

SMMU secure camera logic allows secure camera controllers to access HLOS memory during session in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130. Snapdragon Automobile , Snapdragon Mobile , Snapdragon Wear Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-78244877, A-79420111, A-109677962, A-68326808, A-78240714, A-78240675, A-78241957, A-72950294, A-74235967, A-77484722, A-77484786, A-79420492, A-79420096, and A-109678529. Qualcomm MDM9206 and others are products of Qualcomm (Qualcomm). The Qualcomm MDM9206 is a central processing unit (CPU). SDX24 is a modem. An access control error vulnerability exists in the core of several Qualcomm Snapdragon products

When a malformed command is sent to the device programmer, an out-of-bounds access can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 600, SD 820, SD 820A, SD 835, SDA660, SDX20, SDX24. Snapdragon Automobile , Snapdragon Mobile , Snapdragon Wear Contains a vulnerability related to array index validation.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-78244877, A-79420111, A-109677962, A-68326808, A-78240714, A-78240675, A-78241957, A-72950294, A-74235967, A-77484722, A-77484786, A-79420492, A-79420096, and A-109678529. Qualcomm MDM9206 and others are products of Qualcomm (Qualcomm). The Qualcomm MDM9206 is a central processing unit (CPU). SDX24 is a modem. Security flaws exist in several Qualcomm Snapdragon products

In the device programmer target-side code for firehose, a string may not be properly NULL terminated can lead to a incorrect buffer size in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 600, SD 820, SD 820A, SD 835, SDA660, SDX20. Snapdragon Automobile , Snapdragon Mobile , Snapdragon Wear Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-78244877, A-79420111, A-109677962, A-68326808, A-78240714, A-78240675, A-78241957, A-72950294, A-74235967, A-77484722, A-77484786, A-79420492, A-79420096, and A-109678529. Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. A security vulnerability exists in the device programmer target code for the firehose protocol in several Qualcomm Snapdragon products. The following products (for automotive, mobile and wearables) are affected: Qualcomm MDM9206; MDM9607; MDM9640; MDM9650; MDM9655; MSM8909W; MSM8996AU; SD 210; SD 212; 835; SDA660; SDX20

Possible buffer overflow in OEM crypto function due to improper input validation in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130. Snapdragon Automobile and Snapdragon Mobile Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-78244877, A-79420111, A-109677962, A-68326808, A-78240714, A-78240675, A-78241957, A-72950294, A-74235967, A-77484722, A-77484786, A-79420492, A-79420096, and A-109678529

While loading a service image, an untrusted pointer dereference can occur in Snapdragon Mobile in versions SD 835, SDA660, SDX24. Snapdragon Mobile Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-78244877, A-79420111, A-109677962, A-68326808, A-78240714, A-78240675, A-78241957, A-72950294, A-74235967, A-77484722, A-77484786, A-79420492, A-79420096, and A-109678529. Qualcomm Snapdragon Mobile SD 835, SDA660 and SDX24 are all products of Qualcomm (Qualcomm). The Qualcomm Snapdragon Mobile SD 835 and SDA660 are both central processing units (CPUs) used in mobile devices. product. SDX24 is a modem. TrustZone in Qualcomm Snapdragon Mobile SD 835, SDA660, and SDX24 has a security vulnerability