This week we look at security updates for Dovecot, Ghostscript, a livepatch update for the Linux kernel, Ceph and Apache, plus Alex and Joe discuss recent Wordpress plugin vulnerabilities and the Hostinger breach, and more.
22 unique CVEs addressed
7 CVEs addressed in Xenial, Bionic, Disco
HTTP/2 DoS issue (Internal Data Buffering) - Episode 43 for nginx
Open redirect in mod_rewrite if have self-referential redirects
Stack buffer overflow + NULL pointer dereference in mod_remoteip
Possible XSS in mod_proxy where the link shown on error pages could be controlled by an attacker - but only possible where configured with proxying enable but misconfigured so that Proxy Error page is shown.
UAF (read) during HTTP/2 connection shutdown
HTTP/2 push - allows server to send resources to a client before it requests them - could overwrite memory of the server’s request pool - this is preconfigured and not under control of client but could cause a crash etc.
HTTP/2 upgrade - can configure to automatically upgrade HTTP/1.1 requests to HTTP/2 - but if this was not the first request on the connection could lead to crash