July 2024 - openSUSE Bugs - openSUSE Mailing Lists

[Bug 1225969] New: kdig in knot does not support DoH(+https) query
by bugzilla_noreply＠suse.com 03 Sep '24

03 Sep '24

https://bugzilla.suse.com/show_bug.cgi?id=1225969 Bug ID: 1225969 Summary: kdig in knot does not support DoH(+https) query Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: x86-64 OS: openSUSE Tumbleweed Status: NEW Severity: Normal Priority: P5 - None Component: Network Assignee: screening-team-bugs(a)suse.de Reporter: smbd.jp(a)gmail.com QA Contact: qa-bugs(a)suse.de Target Milestone: --- Found By: --- Blocker: --- An upstream kdig supports DoH(DNS over HTTPS) query and its option is "+https". But, SuSE's does not. Please enable it. --- upstream$ kdig +https @8.8.8.8 www.google.com ;; TLS session (TLS1.3)-(ECDHE-X25519)-(RSA-PSS-RSAE-SHA256)-(AES-256-GCM) ;; HTTP session (HTTP/2-POST)-(8.8.8.8/dns-query)-(status: 200) ;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 0 ;; Flags: qr rd ra; QUERY: 1; ANSWER: 1; AUTHORITY: 0; ADDITIONAL: 1 ;; EDNS PSEUDOSECTION: ;; Version: 0; flags: ; UDP size: 512 B; ext-rcode: NOERROR ;; PADDING: 405 B ;; QUESTION SECTION: ;; www.google.com. IN A ;; ANSWER SECTION: www.google.com. 300 IN A 142.250.207.4 ;; Received 468 B ;; Time 2024-06-05 11:17:21 JST ;; From 8.8.8.8@443(HTTPS) in 56.9 ms upstream$ kdig --help | grep https +[no]https[=URL] Use HTTPS protocol. It's also possible to specify +[no]https-get Use HTTPS protocol with GET method instead of POST. upstream$ $ ldd /usr/bin/kdig|grep http libnghttp2.so.14 => /usr/lib64/libnghttp2.so.14 (0x00007f1912178000) --- suse$ kdig +https @8.8.8.8 www.google.com Usage: kdig [-4] [-6] [-d] [-b address] [-c class] [-p port] [-q name] [-t type] [-x address] [-k keyfile] [-y [algo:]keyname:key] [-E tapfile] [-G tapfile] name [type] [class] [@server] +[no]multiline Wrap long records to more lines. +[no]short Show record data only. (snip) suse$ kdig --help | grep https (not match) suse$ ldd /usr/bin/kdig|grep http (not match) -- You are receiving this mail because: You are on the CC list for the bug.

1 3

[Bug 1224239] New: VUL-0: CVE-2024-31460: cacti: SQL injection vulnerability when using tree rules through Automation API
by bugzilla_noreply＠suse.com 02 Sep '24

02 Sep '24

https://bugzilla.suse.com/show_bug.cgi?id=1224239 Bug ID: 1224239 Summary: VUL-0: CVE-2024-31460: cacti: SQL injection vulnerability when using tree rules through Automation API Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/405132/ OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: Andreas.Stieger(a)gmx.de Reporter: smash_bz(a)suse.de QA Contact: security-team(a)suse.de CC: camila.matos(a)suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `automation_tree_rules.php` is not thoroughly checked and is used to concatenate the SQL statement in `create_all_header_nodes()` function from `lib/api_automation.php` , finally resulting in SQL injection. Using SQL based secondary injection technology, attackers can modify the contents of the Cacti database, and based on the modified content, it may be possible to achieve further impact, such as arbitrary file reading, and even remote code execution through arbitrary file writing. Version 1.2.27 contains a patch for the issue. References: https://github.com/Cacti/cacti/security/advisories/GHSA-cx8g-hvq8-p2rv https://github.com/Cacti/cacti/security/advisories/GHSA-gj3f-p326-gh8r http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-31460 https://www.cve.org/CVERecord?id=CVE-2024-31460 -- You are receiving this mail because: You are on the CC list for the bug.

1 3

[Bug 1224238] New: VUL-0: CVE-2024-31459: cacti: file inclusion issue in the `lib/plugin.php` file
by bugzilla_noreply＠suse.com 02 Sep '24

02 Sep '24

https://bugzilla.suse.com/show_bug.cgi?id=1224238 Bug ID: 1224238 Summary: VUL-0: CVE-2024-31459: cacti: file inclusion issue in the `lib/plugin.php` file Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/405131/ OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: Andreas.Stieger(a)gmx.de Reporter: smash_bz(a)suse.de QA Contact: security-team(a)suse.de CC: camila.matos(a)suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, there is a file inclusion issue in the `lib/plugin.php` file. Combined with SQL injection vulnerabilities, remote code execution can be implemented. There is a file inclusion issue with the `api_plugin_hook()` function in the `lib/plugin.php` file, which reads the plugin_hooks and plugin_config tables in database. The read data is directly used to concatenate the file path which is used for file inclusion. Version 1.2.27 contains a patch for the issue. References: https://github.com/Cacti/cacti/security/advisories/GHSA-pfh9-gwm6-86vp http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-31459 https://www.cve.org/CVERecord?id=CVE-2024-31459 https://github.com/Cacti/cacti/security/advisories/GHSA-cx8g-hvq8-p2rv https://github.com/Cacti/cacti/security/advisories/GHSA-gj3f-p326-gh8r -- You are receiving this mail because: You are on the CC list for the bug.

1 4

[Bug 1224237] New: VUL-0: CVE-2024-31445: cacti: SQL injection vulnerability when retrieving graphs using Automation API
by bugzilla_noreply＠suse.com 02 Sep '24

02 Sep '24

https://bugzilla.suse.com/show_bug.cgi?id=1224237 Bug ID: 1224237 Summary: VUL-0: CVE-2024-31445: cacti: SQL injection vulnerability when retrieving graphs using Automation API Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/405129/ OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: Andreas.Stieger(a)gmx.de Reporter: smash_bz(a)suse.de QA Contact: security-team(a)suse.de CC: camila.matos(a)suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, a SQL injection vulnerability in `automation_get_new_graphs_sql` function of `api_automation.php` allows authenticated users to exploit these SQL injection vulnerabilities to perform privilege escalation and remote code execution. In `api_automation.php` line 856, the `get_request_var('filter')` is being concatenated into the SQL statement without any sanitization. In `api_automation.php` line 717, The filter of `'filter'` is `FILTER_DEFAULT`, which means there is no filter for it. Version 1.2.27 contains a patch for the issue. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-31445 https://www.cve.org/CVERecord?id=CVE-2024-31445 https://github.com/Cacti/cacti/blob/501712998589763d411a68d35e3cda98fd9cfd1… https://github.com/Cacti/cacti/blob/501712998589763d411a68d35e3cda98fd9cfd1… https://github.com/Cacti/cacti/commit/fd93c6e47651958b77c3bbe6a01fff695f81e… https://github.com/Cacti/cacti/security/advisories/GHSA-vjph-r677-6pcc -- You are receiving this mail because: You are on the CC list for the bug.

1 3

[Bug 1224236] New: VUL-0: CVE-2024-31444: cacti: cross-site scripting vulnerability when reading tree rules with Automation API
by bugzilla_noreply＠suse.com 02 Sep '24

02 Sep '24

https://bugzilla.suse.com/show_bug.cgi?id=1224236 Bug ID: 1224236 Summary: VUL-0: CVE-2024-31444: cacti: cross-site scripting vulnerability when reading tree rules with Automation API Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/405128/ OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: Andreas.Stieger(a)gmx.de Reporter: smash_bz(a)suse.de QA Contact: security-team(a)suse.de CC: camila.matos(a)suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `automation_tree_rules_form_save()` function in `automation_tree_rules.php` is not thoroughly checked and is used to concatenate the HTML statement in `form_confirm()` function from `lib/html.php` , finally resulting in cross-site scripting. Version 1.2.27 contains a patch for the issue. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-31444 https://www.cve.org/CVERecord?id=CVE-2024-31444 https://github.com/Cacti/cacti/security/advisories/GHSA-p4ch-7hjw-6m87 -- You are receiving this mail because: You are on the CC list for the bug.

1 3

[Bug 1224235] New: VUL-0: CVE-2024-31443: cacti: cross-site scripting vulnerability when managing data queries
by bugzilla_noreply＠suse.com 02 Sep '24

02 Sep '24

https://bugzilla.suse.com/show_bug.cgi?id=1224235 Bug ID: 1224235 Summary: VUL-0: CVE-2024-31443: cacti: cross-site scripting vulnerability when managing data queries Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/405127/ OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: Andreas.Stieger(a)gmx.de Reporter: smash_bz(a)suse.de QA Contact: security-team(a)suse.de CC: camila.matos(a)suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- Cacti provides an operational monitoring and fault management framework. Prior to 1.2.27, some of the data stored in `form_save()` function in `data_queries.php` is not thoroughly checked and is used to concatenate the HTML statement in `grow_right_pane_tree()` function from `lib/html.php` , finally resulting in cross-site scripting. Version 1.2.27 contains a patch for the issue. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-31443 https://www.cve.org/CVERecord?id=CVE-2024-31443 https://github.com/Cacti/cacti/commit/f946fa537d19678f938ddbd784a10e3290d27… https://github.com/Cacti/cacti/security/advisories/GHSA-rqc8-78cm-85j3 -- You are receiving this mail because: You are on the CC list for the bug.

1 3

[Bug 1224231] New: VUL-0: CVE-2024-29894: cacti: residual cross-site scripting vulnerability caused by incomplete fix
by bugzilla_noreply＠suse.com 02 Sep '24

02 Sep '24

https://bugzilla.suse.com/show_bug.cgi?id=1224231 Bug ID: 1224231 Summary: VUL-0: CVE-2024-29894: cacti: residual cross-site scripting vulnerability caused by incomplete fix Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/405104/ OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: Andreas.Stieger(a)gmx.de Reporter: smash_bz(a)suse.de QA Contact: security-team(a)suse.de CC: camila.matos(a)suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- Cacti provides an operational monitoring and fault management framework. Versions of Cacti prior to 1.2.27 contain a residual cross-site scripting vulnerability caused by an incomplete fix for CVE-2023-50250. `raise_message_javascript` from `lib/functions.php` now uses purify.js to fix CVE-2023-50250 (among others). However, it still generates the code out of unescaped PHP variables `$title` and `$header`. If those variables contain single quotes, they can be used to inject JavaScript code. An attacker exploiting this vulnerability could execute actions on behalf of other users. This ability to impersonate users could lead to unauthorized changes to settings. Version 1.2.27 fixes this issue. References: https://github.com/Cacti/cacti/security/advisories/GHSA-xwqc-7jc4-xm73 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-29894 https://www.cve.org/CVERecord?id=CVE-2024-29894 https://github.com/Cacti/cacti/security/advisories/GHSA-grj5-8fcj-34gh -- You are receiving this mail because: You are on the CC list for the bug.

1 4

[Bug 1224230] New: VUL-0: CVE-2024-27082: cacti: stored cross-site scripting vulnerability when managing trees
by bugzilla_noreply＠suse.com 02 Sep '24

02 Sep '24

https://bugzilla.suse.com/show_bug.cgi?id=1224230 Bug ID: 1224230 Summary: VUL-0: CVE-2024-27082: cacti: stored cross-site scripting vulnerability when managing trees Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/405061/ OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: Andreas.Stieger(a)gmx.de Reporter: smash_bz(a)suse.de QA Contact: security-team(a)suse.de CC: camila.matos(a)suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- Cacti provides an operational monitoring and fault management framework. Versions of Cacti prior to 1.2.27 are vulnerable to stored cross-site scripting, a type of cross-site scripting where malicious scripts are permanently stored on a target server and served to users who access a particular page. Version 1.2.27 contains a patch for the issue. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-27082 https://www.cve.org/CVERecord?id=CVE-2024-27082 https://github.com/Cacti/cacti/security/advisories/GHSA-j868-7vjp-rp9h -- You are receiving this mail because: You are on the CC list for the bug.

1 4

[Bug 1224229] New: VUL-0: CVE-2024-25641: cacti: arbitrary file write vulnerability in the "Package Import" feature
by bugzilla_noreply＠suse.com 02 Sep '24

02 Sep '24

https://bugzilla.suse.com/show_bug.cgi?id=1224229 Bug ID: 1224229 Summary: VUL-0: CVE-2024-25641: cacti: arbitrary file write vulnerability in the "Package Import" feature Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/405057/ OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: Andreas.Stieger(a)gmx.de Reporter: smash_bz(a)suse.de QA Contact: security-team(a)suse.de CC: camila.matos(a)suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, an arbitrary file write vulnerability, exploitable through the "Package Import" feature, allows authenticated users having the "Import Templates" permission to execute arbitrary PHP code on the web server. The vulnerability is located within the `import_package()` function defined into the `/lib/import.php` script. The function blindly trusts the filename and file content provided within the XML data, and writes such files into the Cacti base path (or even outside, since path traversal sequences are not filtered). This can be exploited to write or overwrite arbitrary files on the web server, leading to execution of arbitrary PHP code or other security impacts. Version 1.2.27 contains a patch for this issue. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-25641 https://www.cve.org/CVERecord?id=CVE-2024-25641 https://github.com/Cacti/cacti/commit/eff35b0ff26cc27c82d7880469ed6d5e3bef6… https://github.com/Cacti/cacti/security/advisories/GHSA-7cmj-g5qc-pj88 -- You are receiving this mail because: You are on the CC list for the bug.

1 4

[Bug 1226615] New: python3-pyside2 stuck with ancient llvm build requirement
by bugzilla_noreply＠suse.com 02 Sep '24

02 Sep '24

https://bugzilla.suse.com/show_bug.cgi?id=1226615 Bug ID: 1226615 Summary: python3-pyside2 stuck with ancient llvm build requirement Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: KDE Applications Assignee: opensuse-kde-bugs(a)opensuse.org Reporter: rguenther(a)suse.com QA Contact: qa-bugs(a)suse.de Target Milestone: --- Found By: --- Blocker: --- python3-pyside2 requires llvm15 (or llvm14 on SLE) as one of the very few packages still hanging onto this old and unsupported version of LLVM. There is a new upstream version (5.15.14), but I don't know whether this changes the situation. -- You are receiving this mail because: You are on the CC list for the bug.

1 4