[guacamole-website] branch asf-site updated: Deploy announcement of vulnerabilities fixed in 1.5.2.

Tue, 06 Jun 2023 10:23:23 -0700 

This is an automated email from the ASF dual-hosted git repository.

mjumper pushed a commit to branch asf-site
in repository https://gitbox.apache.org/repos/asf/guacamole-website.git


The following commit(s) were added to refs/heads/asf-site by this push:
     new 2a195f8c Deploy announcement of vulnerabilities fixed in 1.5.2.
2a195f8c is described below

commit 2a195f8c5b5d25812281fcb34623cec5d9e237d6
Author: Michael Jumper <[email protected]>
AuthorDate: Tue Jun 6 10:22:43 2023 -0700

    Deploy announcement of vulnerabilities fixed in 1.5.2.
---
 content/security/index.html | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)

diff --git a/content/security/index.html b/content/security/index.html
index 6100bfcd..ddd25562 100644
--- a/content/security/index.html
+++ b/content/security/index.html
@@ -426,6 +426,42 @@ discussing the issue in a public forum.</p>
 <p>No, CVE-2021-44228 does not affect Apache Guacamole. Guacamole uses
 <a href="http://logback.qos.ch/";>Logback</a> as its logging backend, not 
Log4j.</p>
 
+<h2 id="fixed-in-apache-guacamole-152">Fixed in Apache Guacamole 1.5.2</h2>
+<ul>
+    
+        <li>
+            <h3 id="CVE-2023-30575">
+                Incorrect calculation of Guacamole protocol element lengths
+                (<a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30575";>CVE-2023-30575</a>)
+            </h3>
+            <p>Apache Guacamole 1.5.1 and older may incorrectly calculate the 
lengths of
+instruction elements sent during the Guacamole protocol handshake, potentially
+allowing an attacker to inject Guacamole instructions during the handshake
+through specially-crafted data.</p>
+
+<p>Acknowledgements: We would like to thank Stefan Schiller (Sonar) for 
reporting
+this issue.</p>
+
+
+        </li>
+    
+        <li>
+            <h3 id="CVE-2023-30576">
+                Use-after-free in handling of RDP audio input buffer
+                (<a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30576";>CVE-2023-30576</a>)
+            </h3>
+            <p>Apache Guacamole 0.9.10 through 1.5.1 may continue to reference 
a freed RDP
+audio input buffer. Depending on timing, this may allow an attacker to execute
+arbitrary code with the privileges of the guacd process.</p>
+
+<p>Acknowledgements: We would like to thank Stefan Schiller (Sonar) for 
reporting
+this issue.</p>
+
+
+        </li>
+    
+</ul>
+
 <h2 id="fixed-in-apache-guacamole-140">Fixed in Apache Guacamole 1.4.0</h2>
 <ul>

Reply via email to