Newsletters: Linux Advisory Watch: September 24, 2021

Advisories

Linux Advisory Watch: September 24, 2021

Happy Friday fellow Linux geeks! This week, important updates have been issued for ghostscript, php7-pear and HAProxy. Read on to learn about these vulnerabilities and how to secure your system against them. 

Now you can personalize your LinuxSecurity.com User Profile to include the latest advisories for the distros you select, making it easier than ever to keep your system up-to-date and secure.

Have a question about or comment on one of the vulnerabilities highlighted in today's newsletter? Let's discuss!

Yours in Open Source,

Brittany Day Signature

Today’s newsletter sponsor, AlmaLinux, shows how you can get enterprise Linux for free. 


ghostscript

The Discovery 

A trivial sandbox (enabled with the -dSAFER option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command (CVE-2021-3781).ghostscript

The Impact

This vulnerability enables a remote attacker to execute arbitrary commands through crafted documents, bypassing the interpreter's sandbox.

The Fix

Upgrade to ghostscript 9.54.0-3 immediately to protect against arbitrary command execution.

# pacman -Syu "ghostscript>=9.54.0-3"

Your Related Advisories:

Register to Customize Your Advisories

php7-pear

The Discovery 

firefox

An important Archive_Tar vulnerability due to inadequate checking of symbolic links (CVE-2020-36193) has been discovered in php7-pear.

The Impact

This flaw could result in directory traversal attacks leading to the compromise of sensitive information.

The Fix

Updates have been released mitigating this flaw. Users impacted by this bug should implement the updates released by their distro(s) immediately to safeguard sensitive information and prevent attacks.

Your Related Advisories:

Register to Customize Your Advisories

HAProxy

The Discovery

libsndfile

A critical security vulnerability (CVE-2021-40346) has been found in HAProxy, a popular open-source load balancer and proxy server. The Integer Overflow flaw, which involves HAProxy incorrectly handling HTTP header name length encoding, has a severity rating of 8.6 on the CVSS scoring system.

The Impact

A remote attacker could exploit this bug to inject a duplicate content-length header and perform request smuggling or response splitting attacks, resulting in unauthorized access to sensitive data and execution of arbitrary commands.

The Fix

HAProxy has released an upgrade mitigating this flaw by adding size checks for name and value lengths. We strongly encourage you to upgrade your HAProxy packages as soon as possible to protect sensitive information and prevent attacks.

Users who cannot upgrade HAProxy to version 2.0.25, 2.2.17, 2.3.14 or 2.4.4.are recommended to add the following snippet to the proxy's configuration:

http-request deny if { req.hdr_cnt(content-length) gt 1 }

http-response deny if { res.hdr_cnt(content-length) gt 1 }

Your Related Advisories:

Register to Customize Your Advisories

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.