CERT specific news

CERT announcements

    

Számos új fukcióval bővült a MISP

A MISP (Malware Information Sharing Platform) új korrelációs motorral, új munkafolyamatokkal bővült a mostani kiadásában. FORRÁS

  

Az új közlekedési lámpa protokol (2.0) megjelent

Augusztól alkalmazandó az új Traffic Light Protocol (TLP), melyben FIRST meghatározza/pontosítja a jelölések formai követelményeit és tartalmát. FORRÁS

  

ESB-2022.3163 – [Win][UNIX/Linux] Atlassian products: CVSS (Max): None

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3163 CVE-2022-26135 – Full-Read Server Side Request Forgery

  

Reducing data exfiltration by malicious insiders

Advice and recommendations for mitigating this type of insider behaviour.NCSC FeedRead More

  

ESB-2022.3160 – [Debian] firefox-esr: CVSS (Max): 7.5

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3160 firefox-esr security update 30 June 2022 ===========================================================================

  

ESB-2022.0132.2 – UPDATE [Cisco] Cisco Adaptive Security Device Manager: CVSS (Max): 5.5

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.0132.2 Cisco Adaptive Security Device Manager Information Disclosure

  

ESB-2022.3162 – [Ubuntu] cloud-init: CVSS (Max): None

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3162 USN-5496-1: cloud-init vulnerability 30 June 2022 ===========================================================================

  

ESB-2022.3157 – [Debian] maven-shared-utils: CVSS (Max): 9.8

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3157 maven-shared-utils security update 30 June 2022 ===========================================================================

  

ESB-2022.3161 – [SUSE] Linux Kernel: CVSS (Max): 7.4

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3161 Security update for the Linux Kernel (Live

  

ESB-2022.3158 – [Debian] firejail: CVSS (Max): 7.8

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3158 firejail security update 30 June 2022 ===========================================================================

  

ESB-2022.3159 – [Debian] ublock-origin: CVSS (Max): 7.5

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3159 ublock-origin security update 30 June 2022 ===========================================================================

  

ESB-2022.3075 – [SUSE] mariadb: CVSS (Max): 7.8

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3075 Security update for mariadb 24 June 2022

  

ESB-2022.3073 – [Appliance] Secheron SEPCOS Control and Protection Relay: CVSS (Max): 9.9

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3073 Advisory (icsa-22-174-03) Secheron SEPCOS Control and Protection

  

ESB-2022.3078 – [SUSE] salt: CVSS (Max): 7.5

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3078 Security update for salt 24 June 2022

  

ESB-2022.3076 – [SUSE] php74: CVSS (Max): 7.8

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3076 Security update for php74 24 June 2022

  

ESB-2022.3079 – [SUSE] xen: CVSS (Max): 8.1

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3079 Security update for xen 24 June 2022

  

ESB-2022.3077 – [SUSE] salt: CVSS (Max): 7.5

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3077 Security update for salt 24 June 2022

  

ESB-2022.3081 – [Appliance] OFFIS DCMTK: CVSS (Max): 7.5

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3081 Advisory (icsma-22-174-01) OFFIS DCMTK 24 June 2022

  

ESB-2022.3074 – [Appliance] Pyramid Solutions EtherNet/IP Adapter Development Kit: CVSS (Max): 9.8

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3074 Advisory (icsa-22-174-04) Pyramid Solutions EtherNet/IP Adapter Development

  

ESB-2022.3069 – [Win][UNIX/Linux] Jenkins (core) and Jenkins Plugins: CVSS (Max): 8.8

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3069 Jenkins Security Advisory 2022-06-22 24 June 2022

  

ESB-2022.3071 – [Appliance] Yokogawa STARDOM: CVSS (Max): 6.3

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3071 Advisory (icsa-22-174-01) Yokogawa STARDOM 24 June 2022

  

ESB-2022.3068 – [Appliance] BIG-IP (all modules): CVSS (Max): 6.7

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3068 K14454359: Intel BIOS vulnerability CVE-2021-0153 23 June

  

ESB-2022.3067 – [Appliance] BIG-IP (all modules): CVSS (Max): 6.7

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3067 K04303225: Intel BIOS vulnerability CVE-2021-0190 23 June

  

ESB-2022.3051 – [RedHat] Linux kernel: CVSS (Max): 7.0

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3051 kernel security and bug fix update 23

  

ESB-2022.3059 – [SUSE] fwupdate: CVSS (Max): None

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3059 Security update for fwupdate 23 June 2022

  

ESB-2022.3058 – [SUSE] fwupdate: CVSS (Max): None

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3058 Security update for fwupdate 23 June 2022

  

ESB-2022.3052 – [RedHat] postgresql: CVSS (Max): 8.8

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3052 postgresql security update 23 June 2022 ===========================================================================

  

ESB-2022.3060 – [SUSE] drbd: CVSS (Max): None

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3060 Security update for drbd 23 June 2022

  

ESB-2022.3065 – [Appliance] BIG-IP (all modules) and F5OS-C: CVSS (Max): 6.7

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3065 K87351324: Intel BIOS vulnerability CVE-2021-33124 23 June

  

ESB-2022.3047 – [RedHat] Red Hat OpenStack Platform 16.2 (openstack-barbican): CVSS (Max): 7.1

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3047 Red Hat OpenStack Platform 16.2 (openstack-barbican) security

  

ESB-2022.3066 – [Win][UNIX/Linux] Google Chrome: CVSS (Max): None

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3066 Stable Channel Update for Desktop 23 June

  

ESB-2022.3064 – [Appliance] BIG-IP (all modules) and F5OS-C: CVSS (Max): 6.7

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3064 K55051330: Intel BIOS vulnerability CVE-2021-33123 23 June

  

ESB-2022.3049 – [RedHat] Red Hat OpenStack Platform 16.2 (puppet-firewall): CVSS (Max): 9.8

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3049 Red Hat OpenStack Platform 16.2 (puppet-firewall) security

  

ESB-2022.3057 – [Ubuntu] Squid: CVSS (Max): None

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3057 USN-5491-1: Squid vulnerability 23 June 2022 ===========================================================================

  

ESB-2022.3062 – [Cisco] Adaptive Security Device Manager and Adaptive Security Appliance Software: CVSS (Max): 9.1

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3062 Cisco Adaptive Security Device Manager and Adaptive

  

ESB-2022.3050 – [RedHat] Red Hat OpenShift GitOps: CVSS (Max): 8.8

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3050 Red Hat OpenShift GitOps security update 23

  

ESB-2022.3063 – [Cisco] Cisco FirePOWER Software: CVSS (Max): 6.5

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3063 Cisco FirePOWER Software for ASA FirePOWER Module

  

ESB-2022.3034 – [Ubuntu] OpenSSL: CVSS (Max): 6.7

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3034 USN-5488-1: OpenSSL vulnerability 22 June 2022 ===========================================================================

  

ESB-2022.3042 – [Appliance] JTEKT TOYOPUC: CVSS (Max): 7.7

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3042 Advisory (icsa-22-172-02) JTEKT TOYOPUC 22 June 2022

  

ESB-2022.3039 – [Debian] tzdata: CVSS (Max): None

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3039 tzdata new timezone database 22 June 2022

  

ESB-2022.3035 – [Ubuntu] QEMU: CVSS (Max): 8.8

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3035 USN-5489-1: QEMU vulnerabilities 22 June 2022 ===========================================================================

  

ESB-2022.3023 – [SUSE] SUSE Manager 4.1.15: CVSS (Max): 6.3*

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3023 Recommended update for SUSE Manager 4.1.15 Release

  

ESB-2022.3040 – [Appliance] BIG-IP (all modules): CVSS (Max): 4.4

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3040 K53252134: Intel BIOS vulnerability CVE-2021-0155 22 June

  

ESB-2022.3033 – [Ubuntu] Apache HTTP Server: CVSS (Max): 9.8

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3033 USN-5487-1: Apache HTTP Server vulnerabilities 22 June

  

ESB-2022.3028 – [SUSE] golang-github-prometheus-alertmanager: CVSS (Max): 7.5

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3028 Security update for golang-github-prometheus-alertmanager 22 June 2022

  

ESB-2022.3036 – [Ubuntu] Protocol Buffers: CVSS (Max): 7.5

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3036 USN-5490-1: Protocol Buffers vulnerability 22 June 2022

  

ESB-2022.3037 – [Debian] ntfs-3g: CVSS (Max): 6.8

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3037 ntfs-3g security update 22 June 2022 ===========================================================================

  

ESB-2022.3032 – [SUSE] release-notes-susemanager and release-notes-susemanager-proxy: CVSS (Max): 5.6*

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3032 Security update for release-notes-susemanager, release-notes-susemanager-proxy 22 June

  

ESB-2022.3038 – [RedHat] OpenShift Container Platform: CVSS (Max): 6.8

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3038 OpenShift Container Platform 3.11.715 packages and security

  

ESB-2022.3029 – [SUSE] golang-github-prometheus-node_exporter: CVSS (Max): 7.5

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3029 Security update for golang-github-prometheus-node_exporter 22 June 2022

  

ESB-2022.3025 – [SUSE] SUSE Manager Server 4.1: CVSS (Max): 7.5*

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.3025 Security update for SUSE Manager Server 4.1