ALT-BU-2023-2468-2
Branch p10 update bulletin.
Closed vulnerabilities
BDU:2023-00495
Уязвимость модуля mod_proxy_ajp веб-сервера Apache HTTP Server, позволяющая нарушителю отправить скрытый HTTP-запрос (атака типа HTTP Request Smuggling)
BDU:2023-00496
Уязвимость модуля mod_proxy веб-сервера Apache HTTP Server, позволяющая нарушителю выполнять атаки с разделением ответов HTTP
BDU:2023-01105
Уязвимость модуля mod_dav веб-сервера Apache HTTP Server, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-02-13
CVE-2006-20001
A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier.
Modified: 2024-11-21
CVE-2022-36760
Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions.
Modified: 2024-11-21
CVE-2022-37436
Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client.
Closed bugs
Отключённый a2dismod модуль отключается даже после a2enmod
Closed vulnerabilities
Modified: 2024-11-21
CVE-2023-23589
The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002.
- https://gitlab.torproject.org/tpo/core/tor/-/commit/a282145b3634547ab84ccd959d0537c021ff7ffc
- https://gitlab.torproject.org/tpo/core/tor/-/commit/a282145b3634547ab84ccd959d0537c021ff7ffc
- https://gitlab.torproject.org/tpo/core/tor/-/issues/40730
- https://gitlab.torproject.org/tpo/core/tor/-/issues/40730
- https://gitlab.torproject.org/tpo/core/tor/-/raw/release-0.4.7/ReleaseNotes
- https://gitlab.torproject.org/tpo/core/tor/-/raw/release-0.4.7/ReleaseNotes
- [debian-lts-announce] 20230128 [SECURITY] [DLA 3286-1] tor security update
- [debian-lts-announce] 20230128 [SECURITY] [DLA 3286-1] tor security update
- FEDORA-2023-1254a1fc28
- FEDORA-2023-1254a1fc28
- FEDORA-2023-c290171664
- FEDORA-2023-c290171664
- GLSA-202305-11
- GLSA-202305-11
- DSA-5320
- DSA-5320
Closed vulnerabilities
BDU:2023-00388
Уязвимость библиотеки для работы с файлами изображений X Pixmap (XPM) libXpm, связанная с недоверенными путями поиска, позволяющая нарушителю выполнять произвольный код с повышенными привилегиями
BDU:2023-00389
Уязвимость функции ParsePixels () библиотеки для работы с файлами изображений X Pixmap (XPM) libXpm, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2023-00390
Уязвимость функции ParseComment() библиотеки для работы с файлами изображений X Pixmap (XPM) libXpm, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2016-10164
Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions on a 64-bit platform, allow remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via (1) the number of extensions or (2) their concatenated length in a crafted XPM file, which triggers a heap-based buffer overflow.
- DSA-3772
- DSA-3772
- [oss-security] 20170122 CVE Request: libXpm < 3.5.12 heap overflow
- [oss-security] 20170122 CVE Request: libXpm < 3.5.12 heap overflow
- [oss-security] 20170125 Re: CVE Request: libXpm < 3.5.12 heap overflow
- [oss-security] 20170125 Re: CVE Request: libXpm < 3.5.12 heap overflow
- 95785
- 95785
- RHSA-2017:1865
- RHSA-2017:1865
- https://cgit.freedesktop.org/xorg/lib/libXpm/commit/?id=d1167418f0fd02a27f617ec5afd6db053afbe185
- https://cgit.freedesktop.org/xorg/lib/libXpm/commit/?id=d1167418f0fd02a27f617ec5afd6db053afbe185
- [xorg] 20161215 [ANNOUNCE] libXpm 3.5.12
- [xorg] 20161215 [ANNOUNCE] libXpm 3.5.12
- GLSA-201701-72
- GLSA-201701-72
Modified: 2025-03-25
CVE-2022-44617
A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library.
- https://bugzilla.redhat.com/show_bug.cgi?id=2160193
- https://bugzilla.redhat.com/show_bug.cgi?id=2160193
- https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/f80fa6ae47ad4a5beacb28
- https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/f80fa6ae47ad4a5beacb28
- https://gitlab.freedesktop.org/xorg/lib/libxpm/-/merge_requests/9
- https://gitlab.freedesktop.org/xorg/lib/libxpm/-/merge_requests/9
- [debian-lts-announce] 20230620 [SECURITY] [DLA 3459-1] libxpm security update
- [debian-lts-announce] 20230620 [SECURITY] [DLA 3459-1] libxpm security update
- https://lists.x.org/archives/xorg-announce/2023-January/003312.html
- https://lists.x.org/archives/xorg-announce/2023-January/003312.html
Modified: 2025-03-25
CVE-2022-46285
A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end-of-file condition will not be detected, leading to an infinite loop and resulting in a Denial of Service in the application linked to the library.
- [oss-security] 20231003 Fwd: X.Org Security Advisory: Issues in libX11 prior to 1.8.7 & libXpm prior to 3.5.17
- [oss-security] 20231003 Fwd: X.Org Security Advisory: Issues in libX11 prior to 1.8.7 & libXpm prior to 3.5.17
- [oss-security] 20231003 Re: Fwd: X.Org Security Advisory: Issues in libX11 prior to 1.8.7 & libXpm prior to 3.5.17
- [oss-security] 20231003 Re: Fwd: X.Org Security Advisory: Issues in libX11 prior to 1.8.7 & libXpm prior to 3.5.17
- https://bugzilla.redhat.com/show_bug.cgi?id=2160092
- https://bugzilla.redhat.com/show_bug.cgi?id=2160092
- https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/a3a7c6dcc3b629d7650148
- https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/a3a7c6dcc3b629d7650148
- https://gitlab.freedesktop.org/xorg/lib/libxpm/-/merge_requests/9
- https://gitlab.freedesktop.org/xorg/lib/libxpm/-/merge_requests/9
- [debian-lts-announce] 20230620 [SECURITY] [DLA 3459-1] libxpm security update
- [debian-lts-announce] 20230620 [SECURITY] [DLA 3459-1] libxpm security update
- https://lists.x.org/archives/xorg-announce/2023-January/003312.html
- https://lists.x.org/archives/xorg-announce/2023-January/003312.html
Modified: 2025-03-20
CVE-2022-4883
A flaw was found in libXpm. When processing files with .Z or .gz extensions, the library calls external programs to compress and uncompress files, relying on the PATH environment variable to find these programs, which could allow a malicious user to execute other programs by manipulating the PATH environment variable.
- https://bugzilla.redhat.com/show_bug.cgi?id=2160213
- https://bugzilla.redhat.com/show_bug.cgi?id=2160213
- https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/515294bb8023a45ff91669
- https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/515294bb8023a45ff91669
- https://gitlab.freedesktop.org/xorg/lib/libxpm/-/merge_requests/9
- https://gitlab.freedesktop.org/xorg/lib/libxpm/-/merge_requests/9
- [debian-lts-announce] 20230620 [SECURITY] [DLA 3459-1] libxpm security update
- [debian-lts-announce] 20230620 [SECURITY] [DLA 3459-1] libxpm security update
- https://lists.x.org/archives/xorg-announce/2023-January/003312.html
- https://lists.x.org/archives/xorg-announce/2023-January/003312.html