From 499732bfbc933aa0028388bbd3bc0805996166ca Mon Sep 17 00:00:00 2001 From: "A.Arnold" Date: Thu, 2 May 2024 12:24:07 +0100 Subject: [PATCH 01/19] WINDUP-4174: Release Notes for MTR 1.2.6 Signed-off-by: A.Arnold --- docs/topics/mtr-rn-known-issues-1-2-6.adoc | 14 ++++++++++ docs/topics/mtr-rn-new-features-1-2-6.adoc | 12 +++++++++ docs/topics/mtr-rn-resolved-issues-1-2-6.adoc | 26 +++++++++++++++++++ 3 files changed, 52 insertions(+) create mode 100644 docs/topics/mtr-rn-known-issues-1-2-6.adoc create mode 100644 docs/topics/mtr-rn-new-features-1-2-6.adoc create mode 100644 docs/topics/mtr-rn-resolved-issues-1-2-6.adoc diff --git a/docs/topics/mtr-rn-known-issues-1-2-6.adoc b/docs/topics/mtr-rn-known-issues-1-2-6.adoc new file mode 100644 index 0000000000..08f9cfba8f --- /dev/null +++ b/docs/topics/mtr-rn-known-issues-1-2-6.adoc @@ -0,0 +1,14 @@ +// Module included in the following assemblies: +// +// * docs/release-notes-mtr/master.adoc + +:_content-type: REFERENCE +[id="mtr-rn-known-issues-1-2-6_{context}"] + += Known issues + +There are no major known issues in this {ProductName} ({ProductShortName}) 1.2.6 release. + +For a complete list of all known issues, see the list of link:https://issues.redhat.com/issues/?filter=12435316[MTR 1.2.6 known issues] in Jira. + + diff --git a/docs/topics/mtr-rn-new-features-1-2-6.adoc b/docs/topics/mtr-rn-new-features-1-2-6.adoc new file mode 100644 index 0000000000..a545aa9064 --- /dev/null +++ b/docs/topics/mtr-rn-new-features-1-2-6.adoc @@ -0,0 +1,12 @@ +// Module included in the following assemblies: +// +// * docs/release_notes/master.adoc + +:_content-type: CONCEPT +[id="rn-new-features-1-2-6_{context}"] += New features + +// This section describes the new features of the {ProductName} ({ProductShortName}) 1.2.5: + +{ProductName} ({ProductShortName}) 1.2.6 has the following new features: + diff --git a/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc b/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc new file mode 100644 index 0000000000..fa5b776b3f --- /dev/null +++ b/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc @@ -0,0 +1,26 @@ +// Module included in the following assemblies: +// +// * docs/release-notes-mtr/mtr_release_notes-1.2/master.adoc + +:_content-type: REFERENCE +[id="mtr-rn-resolved-issues-1-2-6_{context}"] += Resolved issues + +{ProductName} ({ProductShortName}) 1.2.6 resolves the following issues: + +.CVE-2023-45857: Axios 1.5 exposes confidential data stored in cookies + +A flaw was discovered in Axios 1.5.1 that accidentally revealed the confidential `XSRF-TOKEN` stored in cookies by including it in the HTTP header `X-XSRF-TOKEN` for every request made to any host, thereby allowing attackers to view sensitive information. Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue. + +For more details, see link:https://access.redhat.com/security/cve/CVE-2023-45857[(CVE-2023-45857)]. + + +.CVE-2024-28849: `follow-redirects` package clears authorization headers + +A flaw was discovered in the `follow-redirects` package, which clears authorization headers, but it fails to clear the `proxy-authentication` headers. This flaw could lead to credential leakage, which could have a high impact on data confidentiality. +Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue. + +For more details, see link:https://access.redhat.com/security/cve/CVE-2024-28849[(CVE-2024-28849)] + + +For a complete list of all issues resolved in this release, see the list of link:https://issues.redhat.com/issues/?filter=12435317[MTR 1.2.6 resolved issues] in Jira. From 12837103bc93e534b6bd7241b1353a0d484bc3b3 Mon Sep 17 00:00:00 2001 From: "A.Arnold" Date: Thu, 2 May 2024 12:35:30 +0100 Subject: [PATCH 02/19] Updating Signed-off-by: A.Arnold --- docs/release-notes-mtr/master.adoc | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/release-notes-mtr/master.adoc b/docs/release-notes-mtr/master.adoc index c10b91a3e6..0719b48354 100644 --- a/docs/release-notes-mtr/master.adoc +++ b/docs/release-notes-mtr/master.adoc @@ -17,6 +17,11 @@ include::topics/making-open-source-more-inclusive.adoc[] These release notes cover all Z-stream releases of {ProductShortName} 1.2 with the most recent release listed first. +== {ProductShortName} 1.2.6 +include::topics/mtr-rn-new-features-1-2-6.adoc[leveloffset=+2] +include::topics/mtr-rn-known-issues-1-2-6.adoc[leveloffset=+2] +include::topics/mtr-rn-resolved-issues-1-2-6.adoc[leveloffset=+2] + == {ProductShortName} 1.2.5 include::topics/mtr-rn-new-features-1-2-5.adoc[leveloffset=+2] include::topics/mtr-rn-known-issues-1-2-5.adoc[leveloffset=+2] From 89538eafb7fe10cac98ca19d45b680eab2253e95 Mon Sep 17 00:00:00 2001 From: Andy Arnold Date: Fri, 3 May 2024 13:12:11 +0100 Subject: [PATCH 03/19] Update docs/topics/mtr-rn-resolved-issues-1-2-6.adoc --- docs/topics/mtr-rn-resolved-issues-1-2-6.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc b/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc index fa5b776b3f..775c728404 100644 --- a/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc +++ b/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc @@ -8,7 +8,7 @@ {ProductName} ({ProductShortName}) 1.2.6 resolves the following issues: -.CVE-2023-45857: Axios 1.5 exposes confidential data stored in cookies +.CVE-2023-45857: Axios 1.5 exposes confidential data stored in cookies A flaw was discovered in Axios 1.5.1 that accidentally revealed the confidential `XSRF-TOKEN` stored in cookies by including it in the HTTP header `X-XSRF-TOKEN` for every request made to any host, thereby allowing attackers to view sensitive information. Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue. From b58cfa6e3ed874778c182bccee6b1c69e0271e44 Mon Sep 17 00:00:00 2001 From: Andy Arnold Date: Fri, 3 May 2024 13:12:45 +0100 Subject: [PATCH 04/19] Update docs/topics/mtr-rn-new-features-1-2-6.adoc --- docs/topics/mtr-rn-new-features-1-2-6.adoc | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/topics/mtr-rn-new-features-1-2-6.adoc b/docs/topics/mtr-rn-new-features-1-2-6.adoc index a545aa9064..37888c86b6 100644 --- a/docs/topics/mtr-rn-new-features-1-2-6.adoc +++ b/docs/topics/mtr-rn-new-features-1-2-6.adoc @@ -6,7 +6,6 @@ [id="rn-new-features-1-2-6_{context}"] = New features -// This section describes the new features of the {ProductName} ({ProductShortName}) 1.2.5: {ProductName} ({ProductShortName}) 1.2.6 has the following new features: From b5dc0855a5b48189f82e035e6d16b08e8ac2cd1f Mon Sep 17 00:00:00 2001 From: Andy Arnold Date: Fri, 3 May 2024 13:13:14 +0100 Subject: [PATCH 05/19] Update docs/topics/mtr-rn-new-features-1-2-6.adoc --- docs/topics/mtr-rn-new-features-1-2-6.adoc | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/topics/mtr-rn-new-features-1-2-6.adoc b/docs/topics/mtr-rn-new-features-1-2-6.adoc index 37888c86b6..cd5752dc63 100644 --- a/docs/topics/mtr-rn-new-features-1-2-6.adoc +++ b/docs/topics/mtr-rn-new-features-1-2-6.adoc @@ -6,6 +6,5 @@ [id="rn-new-features-1-2-6_{context}"] = New features - {ProductName} ({ProductShortName}) 1.2.6 has the following new features: From 91a55b0a1d28afccf3d923de6db1c1fb510dd0c7 Mon Sep 17 00:00:00 2001 From: Andy Arnold Date: Thu, 9 May 2024 13:30:35 +0100 Subject: [PATCH 06/19] Update docs/release-notes-mtr/master.adoc --- docs/release-notes-mtr/master.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/release-notes-mtr/master.adoc b/docs/release-notes-mtr/master.adoc index 0719b48354..a16586c842 100644 --- a/docs/release-notes-mtr/master.adoc +++ b/docs/release-notes-mtr/master.adoc @@ -18,7 +18,7 @@ include::topics/making-open-source-more-inclusive.adoc[] These release notes cover all Z-stream releases of {ProductShortName} 1.2 with the most recent release listed first. == {ProductShortName} 1.2.6 -include::topics/mtr-rn-new-features-1-2-6.adoc[leveloffset=+2] +// include::topics/mtr-rn-new-features-1-2-6.adoc[leveloffset=+2] include::topics/mtr-rn-known-issues-1-2-6.adoc[leveloffset=+2] include::topics/mtr-rn-resolved-issues-1-2-6.adoc[leveloffset=+2] From c98e3b9b452676c1daf804e4a4753549fcd34262 Mon Sep 17 00:00:00 2001 From: "A.Arnold" Date: Thu, 9 May 2024 13:34:19 +0100 Subject: [PATCH 07/19] Update Signed-off-by: A.Arnold --- docs/release-notes-mtr/master.adoc | 2 +- docs/topics/mtr-rn-new-features-1-2-6.adoc | 10 ---------- 2 files changed, 1 insertion(+), 11 deletions(-) delete mode 100644 docs/topics/mtr-rn-new-features-1-2-6.adoc diff --git a/docs/release-notes-mtr/master.adoc b/docs/release-notes-mtr/master.adoc index a16586c842..ab42e0d304 100644 --- a/docs/release-notes-mtr/master.adoc +++ b/docs/release-notes-mtr/master.adoc @@ -18,7 +18,7 @@ include::topics/making-open-source-more-inclusive.adoc[] These release notes cover all Z-stream releases of {ProductShortName} 1.2 with the most recent release listed first. == {ProductShortName} 1.2.6 -// include::topics/mtr-rn-new-features-1-2-6.adoc[leveloffset=+2] + include::topics/mtr-rn-known-issues-1-2-6.adoc[leveloffset=+2] include::topics/mtr-rn-resolved-issues-1-2-6.adoc[leveloffset=+2] diff --git a/docs/topics/mtr-rn-new-features-1-2-6.adoc b/docs/topics/mtr-rn-new-features-1-2-6.adoc deleted file mode 100644 index cd5752dc63..0000000000 --- a/docs/topics/mtr-rn-new-features-1-2-6.adoc +++ /dev/null @@ -1,10 +0,0 @@ -// Module included in the following assemblies: -// -// * docs/release_notes/master.adoc - -:_content-type: CONCEPT -[id="rn-new-features-1-2-6_{context}"] -= New features - -{ProductName} ({ProductShortName}) 1.2.6 has the following new features: - From c98add49af008adc67bcca5610bc67c01003ae26 Mon Sep 17 00:00:00 2001 From: "A.Arnold" Date: Thu, 23 May 2024 11:14:44 +0100 Subject: [PATCH 08/19] Updating CVEs from errata Signed-off-by: A.Arnold --- docs/topics/mtr-rn-resolved-issues-1-2-6.adoc | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc b/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc index 775c728404..456c71edb7 100644 --- a/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc +++ b/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc @@ -22,5 +22,22 @@ Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves thi For more details, see link:https://access.redhat.com/security/cve/CVE-2024-28849[(CVE-2024-28849)] +.CVE-2024-29131: + +A vulnerability was found in Apache Commons-Configuration2, where a Stack Overflow Error can occur when adding a property in AbstractListDelimiterHandler.flattenIterator(). This issue could allow an attacker to corrupt memory or execute a denial of service attack by crafting malicious property that triggers an out-of-bounds write issue when processed by the vulnerable method. Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue. + +For more details, see link:https://access.redhat.com/security/cve/CVE-2024-29131[(CVE-2024-29131)] + +.CVE-2024-29133 + +A vulnerability was found in Apache Commons-Configuration2, where a Stack Overflow Error occurs when calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree. This issue could allow an attacker to trigger an out-of-bounds write that could lead to memory corruption or cause a denial of service condition. Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue. + +For more details, see link:https://access.redhat.com/security/cve/CVE-2024-29133[(CVE-2024-29133)] + +.CVE-2024-29180: `webpack-dev-middleware` lack of URL validation may lead to file leak + +A flaw was found in the webpack-dev-middleware package, where it failed to validate the supplied URL address sufficiently before returning local files. This flaw allows an attacker to craft URLs to return arbitrary local files from the developer's machine. The lack of normalization before calling the middleware also allows the attacker to perform path traversal attacks on the target environment. Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue. + +For more details, see link:https://access.redhat.com/security/cve/CVE-2024-29180[(CVE-2024-29180)] For a complete list of all issues resolved in this release, see the list of link:https://issues.redhat.com/issues/?filter=12435317[MTR 1.2.6 resolved issues] in Jira. From b22050d12e3811d4087b18a3fb9b19cc61c4c28f Mon Sep 17 00:00:00 2001 From: Andy Arnold Date: Thu, 23 May 2024 18:13:18 +0100 Subject: [PATCH 09/19] Update docs/topics/mtr-rn-known-issues-1-2-6.adoc --- docs/topics/mtr-rn-known-issues-1-2-6.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/topics/mtr-rn-known-issues-1-2-6.adoc b/docs/topics/mtr-rn-known-issues-1-2-6.adoc index 08f9cfba8f..ee094144e9 100644 --- a/docs/topics/mtr-rn-known-issues-1-2-6.adoc +++ b/docs/topics/mtr-rn-known-issues-1-2-6.adoc @@ -7,7 +7,7 @@ = Known issues -There are no major known issues in this {ProductName} ({ProductShortName}) 1.2.6 release. +There are no major known issues in the {ProductShortName} 1.2.6 release. For a complete list of all known issues, see the list of link:https://issues.redhat.com/issues/?filter=12435316[MTR 1.2.6 known issues] in Jira. From ecd802570164c883646fe08f2c0b1bc8a399572e Mon Sep 17 00:00:00 2001 From: Andy Arnold Date: Thu, 23 May 2024 18:14:40 +0100 Subject: [PATCH 10/19] Update docs/topics/mtr-rn-resolved-issues-1-2-6.adoc --- docs/topics/mtr-rn-resolved-issues-1-2-6.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc b/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc index 456c71edb7..2daee2d103 100644 --- a/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc +++ b/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc @@ -6,7 +6,7 @@ [id="mtr-rn-resolved-issues-1-2-6_{context}"] = Resolved issues -{ProductName} ({ProductShortName}) 1.2.6 resolves the following issues: +{ProductShortName} 1.2.6 has the following resolved issues: .CVE-2023-45857: Axios 1.5 exposes confidential data stored in cookies From 1d76556b0f851dfb74e32001c1b1d2ca170d2756 Mon Sep 17 00:00:00 2001 From: Andy Arnold Date: Thu, 23 May 2024 18:20:22 +0100 Subject: [PATCH 11/19] Update docs/topics/mtr-rn-known-issues-1-2-6.adoc --- docs/topics/mtr-rn-known-issues-1-2-6.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/topics/mtr-rn-known-issues-1-2-6.adoc b/docs/topics/mtr-rn-known-issues-1-2-6.adoc index ee094144e9..7060c762a7 100644 --- a/docs/topics/mtr-rn-known-issues-1-2-6.adoc +++ b/docs/topics/mtr-rn-known-issues-1-2-6.adoc @@ -9,6 +9,6 @@ There are no major known issues in the {ProductShortName} 1.2.6 release. -For a complete list of all known issues, see the list of link:https://issues.redhat.com/issues/?filter=12435316[MTR 1.2.6 known issues] in Jira. +For a complete list of all known issues, see the list of link:https://issues.redhat.com/issues/?filter=12436484[MTR 1.2.6 known issues] in Jira. From 50124cf2369294630d0076472bff5dd7f56fda8d Mon Sep 17 00:00:00 2001 From: "A.Arnold" Date: Tue, 28 May 2024 11:49:00 +0100 Subject: [PATCH 12/19] Update Signed-off-by: A.Arnold --- docs/topics/mtr-rn-known-issues-1-2-6.adoc | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/docs/topics/mtr-rn-known-issues-1-2-6.adoc b/docs/topics/mtr-rn-known-issues-1-2-6.adoc index 7060c762a7..65c01b66e9 100644 --- a/docs/topics/mtr-rn-known-issues-1-2-6.adoc +++ b/docs/topics/mtr-rn-known-issues-1-2-6.adoc @@ -7,7 +7,12 @@ = Known issues -There are no major known issues in the {ProductShortName} 1.2.6 release. +The following known issues are in the {ProductShortName} 1.2.6 release: + +.Unable to migrate application to {ProductShortName} due to a `SEVERE [org.jboss.windup.web.services.messaging.PackageDiscoveryMDB]` error + +When uploading files for analyze, the server log would print a `SEREVE` message, and the webpage could freeze at the discovering and fetching packages stage, returning an `SEVERE [org.jboss.windup.web.services.messaging.PackageDiscoveryMDB]` error. This error is caused by a `null: java.lang.NullPointerException`. link:https://issues.redhat.com/browse/WINDUP-4189[(WINDUP-4189)] + For a complete list of all known issues, see the list of link:https://issues.redhat.com/issues/?filter=12436484[MTR 1.2.6 known issues] in Jira. From 6ac3f2bf7db87dbfe8fde2d8d88223dfb0267127 Mon Sep 17 00:00:00 2001 From: Andy Arnold Date: Tue, 28 May 2024 13:53:33 +0100 Subject: [PATCH 13/19] Update docs/topics/mtr-rn-known-issues-1-2-6.adoc --- docs/topics/mtr-rn-known-issues-1-2-6.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/topics/mtr-rn-known-issues-1-2-6.adoc b/docs/topics/mtr-rn-known-issues-1-2-6.adoc index 65c01b66e9..587408b5e1 100644 --- a/docs/topics/mtr-rn-known-issues-1-2-6.adoc +++ b/docs/topics/mtr-rn-known-issues-1-2-6.adoc @@ -11,7 +11,7 @@ The following known issues are in the {ProductShortName} 1.2.6 release: .Unable to migrate application to {ProductShortName} due to a `SEVERE [org.jboss.windup.web.services.messaging.PackageDiscoveryMDB]` error -When uploading files for analyze, the server log would print a `SEREVE` message, and the webpage could freeze at the discovering and fetching packages stage, returning an `SEVERE [org.jboss.windup.web.services.messaging.PackageDiscoveryMDB]` error. This error is caused by a `null: java.lang.NullPointerException`. link:https://issues.redhat.com/browse/WINDUP-4189[(WINDUP-4189)] +When uploading files for analyze, the server log would return a `SEVERE [org.jboss.windup.web.services.messaging.PackageDiscoveryMDB]` error. This error is caused by a `null: java.lang.NullPointerException`. link:https://issues.redhat.com/browse/WINDUP-4189[(WINDUP-4189)] For a complete list of all known issues, see the list of link:https://issues.redhat.com/issues/?filter=12436484[MTR 1.2.6 known issues] in Jira. From 3de412e52b62fb25dc2bc4b49e42686fc50ab3e7 Mon Sep 17 00:00:00 2001 From: Andy Arnold Date: Tue, 28 May 2024 14:00:52 +0100 Subject: [PATCH 14/19] Update mtr-rn-resolved-issues-1-2-6.adoc --- docs/topics/mtr-rn-resolved-issues-1-2-6.adoc | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc b/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc index 2daee2d103..948da4d4cb 100644 --- a/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc +++ b/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc @@ -8,6 +8,12 @@ {ProductShortName} 1.2.6 has the following resolved issues: +.CVE-2024-1132: `org.keycloak-keycloak-parent`: keycloak path transversal in redirection validation + +A flaw was discovered in Keycloak, where it does not properly validate URLs included in a redirect. This flaw could allow an attacker to construct a malicious request to bypass validation and access other URLs and sensitive information within the domain or conduct further attacks. Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue. + +For more details, see link:https://access.redhat.com/security/cve/CVE-2024-1132[(CVE-2024-1132)]. + .CVE-2023-45857: Axios 1.5 exposes confidential data stored in cookies A flaw was discovered in Axios 1.5.1 that accidentally revealed the confidential `XSRF-TOKEN` stored in cookies by including it in the HTTP header `X-XSRF-TOKEN` for every request made to any host, thereby allowing attackers to view sensitive information. Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue. @@ -22,13 +28,13 @@ Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves thi For more details, see link:https://access.redhat.com/security/cve/CVE-2024-28849[(CVE-2024-28849)] -.CVE-2024-29131: +.CVE-2024-29131: Out-of-bounds Write vulnerability in Apache Commons Configuration A vulnerability was found in Apache Commons-Configuration2, where a Stack Overflow Error can occur when adding a property in AbstractListDelimiterHandler.flattenIterator(). This issue could allow an attacker to corrupt memory or execute a denial of service attack by crafting malicious property that triggers an out-of-bounds write issue when processed by the vulnerable method. Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue. For more details, see link:https://access.redhat.com/security/cve/CVE-2024-29131[(CVE-2024-29131)] -.CVE-2024-29133 +.CVE-2024-29133: Out-of-bounds Write vulnerability in Apache Commons Configuration A vulnerability was found in Apache Commons-Configuration2, where a Stack Overflow Error occurs when calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree. This issue could allow an attacker to trigger an out-of-bounds write that could lead to memory corruption or cause a denial of service condition. Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue. From 85cd7b8252b96bdcfec3b7a133dc2a7261f6e9c2 Mon Sep 17 00:00:00 2001 From: Andy Arnold Date: Tue, 28 May 2024 14:02:27 +0100 Subject: [PATCH 15/19] Update docs/topics/mtr-rn-resolved-issues-1-2-6.adoc --- docs/topics/mtr-rn-resolved-issues-1-2-6.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc b/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc index 948da4d4cb..8d98c5a03d 100644 --- a/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc +++ b/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc @@ -16,7 +16,7 @@ For more details, see link:https://access.redhat.com/security/cve/CVE-2024-1132[ .CVE-2023-45857: Axios 1.5 exposes confidential data stored in cookies -A flaw was discovered in Axios 1.5.1 that accidentally revealed the confidential `XSRF-TOKEN` stored in cookies by including it in the HTTP header `X-XSRF-TOKEN` for every request made to any host, thereby allowing attackers to view sensitive information. Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue. +A flaw was discovered in Axios 1.5.1 that accidentally revealed the confidential `XSRF-TOKEN`, stored in cookies, by including it in the HTTP header `X-XSRF-TOKEN` for every request made to any host, thereby allowing attackers to view sensitive information. Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue. For more details, see link:https://access.redhat.com/security/cve/CVE-2023-45857[(CVE-2023-45857)]. From eb91c15e6ea32b4e77a0281fd6a9d5360e8ea746 Mon Sep 17 00:00:00 2001 From: Andy Arnold Date: Tue, 28 May 2024 14:04:45 +0100 Subject: [PATCH 16/19] Update docs/topics/mtr-rn-resolved-issues-1-2-6.adoc --- docs/topics/mtr-rn-resolved-issues-1-2-6.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc b/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc index 8d98c5a03d..73cb001e04 100644 --- a/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc +++ b/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc @@ -30,7 +30,7 @@ For more details, see link:https://access.redhat.com/security/cve/CVE-2024-28849 .CVE-2024-29131: Out-of-bounds Write vulnerability in Apache Commons Configuration -A vulnerability was found in Apache Commons-Configuration2, where a Stack Overflow Error can occur when adding a property in AbstractListDelimiterHandler.flattenIterator(). This issue could allow an attacker to corrupt memory or execute a denial of service attack by crafting malicious property that triggers an out-of-bounds write issue when processed by the vulnerable method. Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue. +A vulnerability was found in Apache Commons-Configuration2, where a Stack Overflow Error can occur when adding a property in the `AbstractListDelimiterHandler.flattenIterator()` method. This issue could allow an attacker to corrupt memory or execute a denial of service (DoS) attack by crafting a malicious property that triggers an out-of-bounds write issue when processed by the vulnerable method. Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue. For more details, see link:https://access.redhat.com/security/cve/CVE-2024-29131[(CVE-2024-29131)] From 88c2fec632d4cb5822a80f6237fd1538b625289a Mon Sep 17 00:00:00 2001 From: Andy Arnold Date: Tue, 28 May 2024 14:08:04 +0100 Subject: [PATCH 17/19] Update docs/topics/mtr-rn-resolved-issues-1-2-6.adoc --- docs/topics/mtr-rn-resolved-issues-1-2-6.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc b/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc index 73cb001e04..fc73a553d0 100644 --- a/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc +++ b/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc @@ -36,7 +36,7 @@ For more details, see link:https://access.redhat.com/security/cve/CVE-2024-29131 .CVE-2024-29133: Out-of-bounds Write vulnerability in Apache Commons Configuration -A vulnerability was found in Apache Commons-Configuration2, where a Stack Overflow Error occurs when calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree. This issue could allow an attacker to trigger an out-of-bounds write that could lead to memory corruption or cause a denial of service condition. Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue. +A vulnerability was found in Apache Commons-Configuration2, where a Stack Overflow Error occurs when calling the `ListDelimiterHandler.flatten(Object, int)` method with a cyclical object tree. This issue could allow an attacker to trigger an out-of-bounds write that could lead to memory corruption or cause a denial of service (DoS) attach. Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue. For more details, see link:https://access.redhat.com/security/cve/CVE-2024-29133[(CVE-2024-29133)] From dcd51b3fb98a9f554125e1206ec0232015d21742 Mon Sep 17 00:00:00 2001 From: Andy Arnold Date: Tue, 28 May 2024 14:10:09 +0100 Subject: [PATCH 18/19] Update docs/topics/mtr-rn-resolved-issues-1-2-6.adoc --- docs/topics/mtr-rn-resolved-issues-1-2-6.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc b/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc index fc73a553d0..6567e8f4e2 100644 --- a/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc +++ b/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc @@ -42,7 +42,7 @@ For more details, see link:https://access.redhat.com/security/cve/CVE-2024-29133 .CVE-2024-29180: `webpack-dev-middleware` lack of URL validation may lead to file leak -A flaw was found in the webpack-dev-middleware package, where it failed to validate the supplied URL address sufficiently before returning local files. This flaw allows an attacker to craft URLs to return arbitrary local files from the developer's machine. The lack of normalization before calling the middleware also allows the attacker to perform path traversal attacks on the target environment. Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue. +A flaw was found in the `webpack-dev-middleware` package, where it failed to validate the supplied URL address sufficiently before returning local files. This flaw allows an attacker to craft URLs to return arbitrary local files from the developer's machine. The lack of normalization before calling the middleware also allows the attacker to perform path traversal attacks on the target environment. Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue. For more details, see link:https://access.redhat.com/security/cve/CVE-2024-29180[(CVE-2024-29180)] From 06dfb2a4bd6fd98eee0e66bce4c32936efcbb9f9 Mon Sep 17 00:00:00 2001 From: Andy Arnold Date: Thu, 6 Jun 2024 15:50:01 +0100 Subject: [PATCH 19/19] Update docs/topics/mtr-rn-resolved-issues-1-2-6.adoc --- docs/topics/mtr-rn-resolved-issues-1-2-6.adoc | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc b/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc index 6567e8f4e2..48397fd023 100644 --- a/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc +++ b/docs/topics/mtr-rn-resolved-issues-1-2-6.adoc @@ -46,4 +46,28 @@ A flaw was found in the `webpack-dev-middleware` package, where it failed to val For more details, see link:https://access.redhat.com/security/cve/CVE-2024-29180[(CVE-2024-29180)] +.CVE-2023-4639: `org.keycloak-keycloak-parent` undertow Cookie Smuggling and Spoofing + +A flaw was found in Undertow, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. This vulnerability has the potential to enable an attacker to construct a cookie value to intercept `HttpOnly` cookie values or spoof arbitrary additional cookie values, resulting in unauthorized data access or modification. Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue. + +For more details, see link:https://access.redhat.com/security/cve/CVE-2023-4639[(CVE-2023-4639)]. + +.CVE-2023-36479: `com.google.guava-guava-parent` improper addition of quotation marks to user inputs in Jetty CGI Servlet + +A flaw was found in Jetty's `org.eclipse.jetty.servlets.CGI` Servlet, which permits incorrect command execution in specific circumstances, such as requests with certain characters in requested filenames. This issue could allow an attacker to run permitted commands besides the ones requested. Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue. + +For more details, see link:https://access.redhat.com/security/cve/CVE-2023-36479[(CVE-2023-36479)]. + +.CVE-2023-26364: `css-tools` improper input validation causes denial of service + +A flaw was found in `@adobe/css-tools`, which could potentially lead to a minor denial of service (DoS) when parsing CSS. User interaction and privileges are not required to jeopardize an environment. Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue. + +For more details, see link:https://access.redhat.com/security/cve/CVE-2023-26364[(CVE-2023-26364)]. + +.CVE-2023-48631: `css-tools`: regular expression denial of service + +A flaw was found in `@adobe/css-tools`, which could lead to a regular expression denial of service (ReDoS) when attempting to parse CSS. Users are recommended to upgrade to {ProductShortName} 1.2.6, which resolves this issue. + +For more details, see link:https://access.redhat.com/security/cve/CVE-2023-48631[(CVE-2023-48631)]. + For a complete list of all issues resolved in this release, see the list of link:https://issues.redhat.com/issues/?filter=12435317[MTR 1.2.6 resolved issues] in Jira.