2023-10-23
ALT-BU-2023-6587-1
Branch sisyphus_mipsel update bulletin.
Package sssd updated to version 2.9.2-alt1 for branch sisyphus_mipsel.
Closed vulnerabilities
Published: 2023-02-07
BDU:2023-00665
Уязвимость функции GENERAL_NAME_cmp библиотеки OpenSSL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.4)
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
References:
Published: 2023-02-08
Modified: 2025-03-21
Modified: 2025-03-21
CVE-2023-0286
There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.
Severity: HIGH (7.4)
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
References:
- https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt
- https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt
- https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig
- https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig
- 1.1.1t git commit
- 1.1.1t git commit
- 3.0.8 git commit
- 3.0.8 git commit
- 1.0.2zg patch (premium)
- 1.0.2zg patch (premium)
- https://security.gentoo.org/glsa/202402-08
- https://security.gentoo.org/glsa/202402-08
- OpenSSL Advisory
- OpenSSL Advisory
Package desktop-file-utils updated to version 0.26-alt6 for branch sisyphus_mipsel.
Closed bugs
Вывод строки /usr/share:/var/cache
Package gpupdate updated to version 0.9.13.1-alt1 for branch sisyphus_mipsel.
Closed bugs
Вместо ярлыка /usr/bin/chromium создается директория /home/SAMBA.TESTDOMAIN/testuser/Рабочий стол/usr/bin с содержимым chromium.desktop
Не добавляется комментарий при создании ярлыка
Некорректное применение ГП: после перезагрузки клиента изменения не применяются
Опечатки в выводе команды gpoa
Картинка фона рабочего стола: задаёт фоновую картинку по неверному пути
Тема курсора: задаёт курсор по неверному пути
Цвета: задаёт курсор по неверному пути
Package admx-basealt updated to version 0.1.13.1-alt1 for branch sisyphus_mipsel.
Closed bugs
Опечатки в описании политик KDE
Неверно указан список допустимых значений для политики «Тема курсора»
Опечатка: backgroung to background в названии политики
Опечатка: граффические -> графические
Опечатка: отрисови -> отрисовки
Настройка подключаемых устройств: бесполезный чекбокс Блокировать
Группа политик Управление электропитанием: неверно формирует ini-файл
Package alterator-auth updated to version 0.44.6-alt1 for branch sisyphus_mipsel.
Closed bugs
System-auth AD OU
Package libxfconf updated to version 4.18.2-alt2 for branch sisyphus_mipsel.
Closed bugs
xfwm4 сегфолтится у нового пользователя
Package caddy updated to version 2.7.5-alt1 for branch sisyphus_mipsel.
Closed vulnerabilities
Published: 2023-10-10
BDU:2023-06559
Уязвимость реализации протокола HTTP/2, связанная с возможностью формирования потока запросов в рамках уже установленного сетевого соединения, без открытия новых сетевых соединений и без подтверждения получения пакетов, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5)
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2023-10-10
Modified: 2025-04-03
Modified: 2025-04-03
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Severity: HIGH (7.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- [oss-security] 20231010 CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations
- [oss-security] 20231010 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations
- [oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations
- [oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations
- [oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations
- [oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations
- [oss-security] 20231018 Vulnerability in Jenkins
- [oss-security] 20231018 Vulnerability in Jenkins
- [oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations
- [oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations
- [oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST
- [oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST
- [oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations
- [oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations
- https://access.redhat.com/security/cve/cve-2023-44487
- https://access.redhat.com/security/cve/cve-2023-44487
- https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/
- https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/
- https://aws.amazon.com/security/security-bulletins/AWS-2023-011/
- https://aws.amazon.com/security/security-bulletins/AWS-2023-011/
- https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
- https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
- https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/
- https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/
- https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/
- https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/
- https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack
- https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack
- https://blog.vespa.ai/cve-2023-44487/
- https://blog.vespa.ai/cve-2023-44487/
- https://bugzilla.proxmox.com/show_bug.cgi?id=4988
- https://bugzilla.proxmox.com/show_bug.cgi?id=4988
- https://bugzilla.redhat.com/show_bug.cgi?id=2242803
- https://bugzilla.redhat.com/show_bug.cgi?id=2242803
- https://bugzilla.suse.com/show_bug.cgi?id=1216123
- https://bugzilla.suse.com/show_bug.cgi?id=1216123
- https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9
- https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9
- https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/
- https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/
- https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack
- https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack
- https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125
- https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125
- https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715
- https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715
- https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve
- https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve
- https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764
- https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764
- https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088
- https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088
- https://github.com/advisories/GHSA-qppj-fm5r-hxr3
- https://github.com/advisories/GHSA-qppj-fm5r-hxr3
- https://github.com/advisories/GHSA-vx74-f528-fxqg
- https://github.com/advisories/GHSA-vx74-f528-fxqg
- https://github.com/advisories/GHSA-xpw8-rcwv-8f8p
- https://github.com/advisories/GHSA-xpw8-rcwv-8f8p
- https://github.com/akka/akka-http/issues/4323
- https://github.com/akka/akka-http/issues/4323
- https://github.com/alibaba/tengine/issues/1872
- https://github.com/alibaba/tengine/issues/1872
- https://github.com/apache/apisix/issues/10320
- https://github.com/apache/apisix/issues/10320
- https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113
- https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113
- https://github.com/apache/httpd-site/pull/10
- https://github.com/apache/httpd-site/pull/10
- https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2
- https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2
- https://github.com/apache/trafficserver/pull/10564
- https://github.com/apache/trafficserver/pull/10564
- https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487
- https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487
- https://github.com/Azure/AKS/issues/3947
- https://github.com/Azure/AKS/issues/3947
- https://github.com/bcdannyboy/CVE-2023-44487
- https://github.com/bcdannyboy/CVE-2023-44487
- https://github.com/caddyserver/caddy/issues/5877
- https://github.com/caddyserver/caddy/issues/5877
- https://github.com/caddyserver/caddy/releases/tag/v2.7.5
- https://github.com/caddyserver/caddy/releases/tag/v2.7.5
- https://github.com/dotnet/announcements/issues/277
- https://github.com/dotnet/announcements/issues/277
- https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73
- https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73
- https://github.com/eclipse/jetty.project/issues/10679
- https://github.com/eclipse/jetty.project/issues/10679
- https://github.com/envoyproxy/envoy/pull/30055
- https://github.com/envoyproxy/envoy/pull/30055
- https://github.com/etcd-io/etcd/issues/16740
- https://github.com/etcd-io/etcd/issues/16740
- https://github.com/facebook/proxygen/pull/466
- https://github.com/facebook/proxygen/pull/466
- https://github.com/golang/go/issues/63417
- https://github.com/golang/go/issues/63417
- https://github.com/grpc/grpc/releases/tag/v1.59.2
- https://github.com/grpc/grpc-go/pull/6703
- https://github.com/grpc/grpc-go/pull/6703
- https://github.com/h2o/h2o/pull/3291
- https://github.com/h2o/h2o/pull/3291
- https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf
- https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf
- https://github.com/haproxy/haproxy/issues/2312
- https://github.com/haproxy/haproxy/issues/2312
- https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244
- https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244
- https://github.com/junkurihara/rust-rpxy/issues/97
- https://github.com/junkurihara/rust-rpxy/issues/97
- https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1
- https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1
- https://github.com/kazu-yamamoto/http2/issues/93
- https://github.com/kazu-yamamoto/http2/issues/93
- https://github.com/Kong/kong/discussions/11741
- https://github.com/Kong/kong/discussions/11741
- https://github.com/kubernetes/kubernetes/pull/121120
- https://github.com/kubernetes/kubernetes/pull/121120
- https://github.com/line/armeria/pull/5232
- https://github.com/line/armeria/pull/5232
- https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632
- https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632
- https://github.com/micrictor/http2-rst-stream
- https://github.com/micrictor/http2-rst-stream
- https://github.com/microsoft/CBL-Mariner/pull/6381
- https://github.com/microsoft/CBL-Mariner/pull/6381
- https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61
- https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61
- https://github.com/nghttp2/nghttp2/pull/1961
- https://github.com/nghttp2/nghttp2/pull/1961
- https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0
- https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0
- https://github.com/ninenines/cowboy/issues/1615
- https://github.com/ninenines/cowboy/issues/1615
- https://github.com/nodejs/node/pull/50121
- https://github.com/nodejs/node/pull/50121
- https://github.com/openresty/openresty/issues/930
- https://github.com/openresty/openresty/issues/930
- https://github.com/opensearch-project/data-prepper/issues/3474
- https://github.com/opensearch-project/data-prepper/issues/3474
- https://github.com/oqtane/oqtane.framework/discussions/3367
- https://github.com/oqtane/oqtane.framework/discussions/3367
- https://github.com/projectcontour/contour/pull/5826
- https://github.com/projectcontour/contour/pull/5826
- https://github.com/tempesta-tech/tempesta/issues/1986
- https://github.com/tempesta-tech/tempesta/issues/1986
- https://github.com/varnishcache/varnish-cache/issues/3996
- https://github.com/varnishcache/varnish-cache/issues/3996
- https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo
- https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo
- https://istio.io/latest/news/security/istio-security-2023-004/
- https://istio.io/latest/news/security/istio-security-2023-004/
- https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/
- https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/
- https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q
- https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q
- [debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update
- [debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update
- [debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update
- [debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update
- [debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update
- [debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update
- [debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update
- [debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update
- [debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update
- [debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update
- [debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update
- [debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update
- [debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update
- [debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update
- FEDORA-2023-c0c6a91330
- FEDORA-2023-7b52921cae
- FEDORA-2023-0259c3f26f
- FEDORA-2023-4bf641255e
- FEDORA-2023-d5030c983c
- FEDORA-2023-4d2fd884ea
- FEDORA-2023-dbe64661af
- FEDORA-2023-5ff7bf1dd8
- FEDORA-2023-ed2642fd58
- FEDORA-2023-fe53e13b5b
- FEDORA-2023-f66fc0f62a
- FEDORA-2023-b2c50535cb
- FEDORA-2023-1caffb88af
- FEDORA-2023-3f70b8d406
- FEDORA-2023-492b7be466
- FEDORA-2023-17efd3f2cd
- FEDORA-2023-e9c04d81c1
- FEDORA-2023-822aab0a5a
- FEDORA-2023-7934802344
- FEDORA-2023-54fadada12
- FEDORA-2023-2a9214af5f
- FEDORA-2023-c0c6a91330
- FEDORA-2023-7b52921cae
- FEDORA-2023-0259c3f26f
- FEDORA-2023-4bf641255e
- FEDORA-2023-d5030c983c
- FEDORA-2023-4d2fd884ea
- FEDORA-2023-dbe64661af
- FEDORA-2023-5ff7bf1dd8
- FEDORA-2023-ed2642fd58
- FEDORA-2023-fe53e13b5b
- FEDORA-2023-f66fc0f62a
- FEDORA-2023-b2c50535cb
- FEDORA-2023-1caffb88af
- FEDORA-2023-3f70b8d406
- FEDORA-2023-492b7be466
- FEDORA-2023-17efd3f2cd
- FEDORA-2023-e9c04d81c1
- FEDORA-2023-822aab0a5a
- FEDORA-2023-7934802344
- FEDORA-2023-54fadada12
- FEDORA-2023-2a9214af5f
- https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html
- https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html
- https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html
- https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html
- https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html
- https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html
- https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/
- https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487
- https://my.f5.com/manage/s/article/K000137106
- https://my.f5.com/manage/s/article/K000137106
- https://netty.io/news/2023/10/10/4-1-100-Final.html
- https://netty.io/news/2023/10/10/4-1-100-Final.html
- https://news.ycombinator.com/item?id=37830987
- https://news.ycombinator.com/item?id=37830987
- https://news.ycombinator.com/item?id=37830998
- https://news.ycombinator.com/item?id=37830998
- https://news.ycombinator.com/item?id=37831062
- https://news.ycombinator.com/item?id=37831062
- https://news.ycombinator.com/item?id=37837043
- https://news.ycombinator.com/item?id=37837043
- https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/
- https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/
- https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected
- https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected
- GLSA-202311-09
- GLSA-202311-09
- https://security.netapp.com/advisory/ntap-20231016-0001/
- https://security.netapp.com/advisory/ntap-20231016-0001/
- https://security.netapp.com/advisory/ntap-20240426-0007/
- https://security.netapp.com/advisory/ntap-20240426-0007/
- https://security.netapp.com/advisory/ntap-20240621-0006/
- https://security.netapp.com/advisory/ntap-20240621-0006/
- https://security.netapp.com/advisory/ntap-20240621-0007/
- https://security.netapp.com/advisory/ntap-20240621-0007/
- https://security.paloaltonetworks.com/CVE-2023-44487
- https://security.paloaltonetworks.com/CVE-2023-44487
- https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14
- https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14
- https://ubuntu.com/security/CVE-2023-44487
- https://ubuntu.com/security/CVE-2023-44487
- https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/
- https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/
- https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487
- https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487
- https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event
- https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event
- DSA-5521
- DSA-5521
- DSA-5522
- DSA-5522
- DSA-5540
- DSA-5540
- DSA-5549
- DSA-5549
- DSA-5558
- DSA-5558
- DSA-5570
- DSA-5570
- https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487
- https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487
- https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/
- https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/
- https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/
- https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/
- https://www.openwall.com/lists/oss-security/2023/10/10/6
- https://www.openwall.com/lists/oss-security/2023/10/10/6
- https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack
- https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack
- https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
- https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
- https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause
Package libfastjson updated to version 1.2304.0-alt1 for branch sisyphus_mipsel.
Closed vulnerabilities
Published: 2020-05-11
BDU:2021-03538
Уязвимость множества компонентов библиотеки для обработки JSON файлов на языке С JSON-C, связанная с записью за границами буфера, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Severity: HIGH (8.8)
Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2020-05-09
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2020-12762
json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.
Severity: HIGH (7.8)
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
- https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf
- https://github.com/json-c/json-c/pull/592
- https://github.com/rsyslog/libfastjson/issues/161
- [debian-lts-announce] 20200531 [SECURITY] [DLA 2228-1] json-c security update
- [debian-lts-announce] 20200531 [SECURITY] [DLA 2228-2] json-c regression update
- [debian-lts-announce] 20200730 [SECURITY] [DLA 2301-1] json-c security update
- [debian-lts-announce] 20230620 [SECURITY] [DLA 3461-1] libfastjson security update
- FEDORA-2020-847ad856ab
- FEDORA-2020-63c6f4ab1d
- FEDORA-2020-7eb7eac270
- GLSA-202006-13
- https://security.netapp.com/advisory/ntap-20210521-0001/
- USN-4360-1
- USN-4360-4
- DSA-4741
- https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf
- DSA-4741
- USN-4360-4
- USN-4360-1
- https://security.netapp.com/advisory/ntap-20210521-0001/
- GLSA-202006-13
- FEDORA-2020-7eb7eac270
- FEDORA-2020-63c6f4ab1d
- FEDORA-2020-847ad856ab
- [debian-lts-announce] 20230620 [SECURITY] [DLA 3461-1] libfastjson security update
- [debian-lts-announce] 20200730 [SECURITY] [DLA 2301-1] json-c security update
- [debian-lts-announce] 20200531 [SECURITY] [DLA 2228-2] json-c regression update
- [debian-lts-announce] 20200531 [SECURITY] [DLA 2228-1] json-c security update
- https://github.com/rsyslog/libfastjson/issues/161
- https://github.com/json-c/json-c/pull/592
Package json-c updated to version 0.17-alt1 for branch sisyphus_mipsel.
Closed vulnerabilities
Published: 2023-08-22
BDU:2023-05198
Уязвимость функции parseit библиотеки для обработки JSON файлов JSON-C, позволяющая нарушителю выполнить произвольный код
Severity: CRITICAL (9.8)
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2023-08-22
Modified: 2025-04-02
Modified: 2025-04-02
CVE-2021-32292
An issue was discovered in json-c from 20200420 (post 0.14 unreleased code) through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary sample program json_parse which is located in the function parseit.
Severity: CRITICAL (9.8)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
Package apache2-mod_http2 updated to version 2.0.25-alt1 for branch sisyphus_mipsel.
Closed vulnerabilities
Published: 2023-10-12
BDU:2023-07003
Уязвимость компонента обработчика HTTP2 веб-сервера Apache HTTP Server, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5)
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2023-10-23
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2023-45802
When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that. This was found by the reporter during testing of CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During "normal" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out. Users are recommended to upgrade to version 2.4.58, which fixes the issue.
Severity: MEDIUM (5.9)
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- https://httpd.apache.org/security/vulnerabilities_24.html
- https://httpd.apache.org/security/vulnerabilities_24.html
- https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/
- https://security.netapp.com/advisory/ntap-20231027-0011/