TrustKeeper Scan Engine Update for August 16, 2021

Summary

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy!

New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

Cisco

• Cisco ASA cryptography module Denial of Service Vulnerability (cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC) (CVE-2021-1422)

• CentOS Linux 389-ds:1.4 security and bug fix update (CESA-2021:2595) (CVE-2021-3514)
• CentOS Linux edk2 security update (CESA-2021:2591) (CVE-2021-28211)
• CentOS Linux firefox security update (CESA-2021:2743) (CVE-2021-29970, CVE-2021-29976, CVE-2021-30547)
• CentOS Linux fwupd security update (CESA-2021:2566) (CVE-2020-14372, CVE-2020-25632, CVE-2020-25647, CVE-2020-27749, CVE-2020-27779, CVE-2021-20225, CVE-2021-20233)
• CentOS Linux java-1.8.0-openjdk security and bug fix update (CESA-2021:2845) (CVE-2021-2341, CVE-2021-2369, CVE-2021-2388)
• CentOS Linux java-11-openjdk security update (CESA-2021:2781) (CVE-2021-2341, CVE-2021-2369, CVE-2021-2388)
• CentOS Linux kernel security and bug fix update (CESA-2021:2570) (CVE-2020-26541, CVE-2021-33034)
• CentOS Linux kernel security and bug fix update (CESA-2021:2714) (CVE-2021-32399, CVE-2021-33909)
• CentOS Linux kpatch-patch security update (CESA-2021:2563) (CVE-2021-33034)
• CentOS Linux kpatch-patch security update (CESA-2021:2716) (CVE-2021-32399, CVE-2021-33909)
• CentOS Linux kpatch-patch security update (CESA-2021:2727) (CVE-2021-33034, CVE-2021-33909)
• CentOS Linux libxml2 security update (CESA-2021:2569) (CVE-2021-3516, CVE-2021-3517, CVE-2021-3518, CVE-2021-3537, CVE-2021-3541)
• CentOS Linux linuxptp security update (CESA-2021:2660) (CVE-2021-3570)
• CentOS Linux lz4 security update (CESA-2021:2575) (CVE-2021-3520)
• CentOS Linux python38:3.8 and python38-devel:3.8 security update (CESA-2021:2583) (CVE-2020-14343)
• CentOS Linux rpm security update (CESA-2021:2574) (CVE-2021-20271)
• CentOS Linux ruby:2.5 security, bug fix, and enhancement update (CESA-2021:2587) (CVE-2019-15845, CVE-2019-16201, CVE-2019-16254, CVE-2019-16255, CVE-2020-10663, CVE-2020-10933, CVE-2020-25613, CVE-2021-28965)
• CentOS Linux ruby:2.6 security, bug fix, and enhancement update (CESA-2021:2588) (CVE-2019-15845, CVE-2019-16201, CVE-2019-16254, CVE-2019-16255, CVE-2019-3881, CVE-2020-10663, CVE-2020-10933, CVE-2020-25613, CVE-2021-28965)
• CentOS Linux ruby:2.7 security, bug fix, and enhancement update (CESA-2021:2584) (CVE-2020-25613, CVE-2021-28965)
• CentOS Linux systemd security update (CESA-2021:2717) (CVE-2021-33910)
• CentOS Linux thunderbird security update (CESA-2021:2881) (CVE-2021-29969, CVE-2021-29970, CVE-2021-29976, CVE-2021-30547)
• CentOS Linux thunderbird security update (CESA-2021:2883) (CVE-2021-29969, CVE-2021-29970, CVE-2021-29976, CVE-2021-30547)
• Debian firefox-esr LTS Security Update (DLA-2709-1) (CVE-2021-29970, CVE-2021-29976, CVE-2021-30547)
• Debian firefox-esr Security Update (DSA-4939-1) (CVE-2021-29970, CVE-2021-29976, CVE-2021-30547)
• Debian krb5 Security Update (DSA-4944-1) (CVE-2021-36222)
• Debian lemonldap-ng Security Update (DSA-4943-1) (CVE-2021-35472)
• Debian libjdom1-java LTS Security Update (DLA-2712-1) (CVE-2021-33813)
• Debian linux LTS Security Update (DLA-2713-1) (CVE-2021-21781, CVE-2021-33909, CVE-2021-34693, CVE-2021-3609)
• Debian linux LTS Security Update (DLA-2713-2) (CVE-2021-21781, CVE-2021-33909, CVE-2021-34693, CVE-2021-3609)
• Debian linux Security Update (DSA-4941-1) (CVE-2020-36311, CVE-2021-33909, CVE-2021-34693, CVE-2021-3609)
• Debian linux-4.19 LTS Security Update (DLA-2714-1) (CVE-2020-36311, CVE-2021-33909, CVE-2021-34693, CVE-2021-3609)
• Debian linuxptp Security Update (DSA-4938-1) (CVE-2021-3570)
• Debian php7.0 LTS Security Update (DLA-2708-1) (CVE-2019-18218, CVE-2020-7071, CVE-2021-21702, CVE-2021-21704, CVE-2021-21705)
• Debian pillow LTS Security Update (DLA-2716-1) (CVE-2020-35653, CVE-2021-25290, CVE-2021-28676, CVE-2021-28677, CVE-2021-34552)
• Debian rabbitmq-server LTS Security Update (DLA-2710-1) (CVE-2017-4965, CVE-2017-4966, CVE-2017-4967, CVE-2019-11281, CVE-2019-11287, CVE-2021-22116)
• Debian rabbitmq-server LTS Security Update (DLA-2710-2) (CVE-2017-4965, CVE-2017-4966, CVE-2017-4967, CVE-2019-11281, CVE-2019-11287, CVE-2021-22116)
• Debian redis LTS Security Update (DLA-2717-1) (CVE-2021-32761)
• Debian ruby-actionpack-page-caching LTS Security Update (DLA-2719-1) (CVE-2020-8159)
• Debian sogo LTS Security Update (DLA-2707-1) (CVE-2021-33054)
• Debian systemd LTS Security Update (DLA-2715-1) (CVE-2021-33910)
• Debian systemd Security Update (DSA-4942-1) (CVE-2021-33910)
• Debian thunderbird LTS Security Update (DLA-2711-1) (CVE-2021-29969, CVE-2021-29970, CVE-2021-29976, CVE-2021-30547)
• Debian thunderbird Security Update (DSA-4940-1) (CVE-2021-29969, CVE-2021-29970, CVE-2021-29976, CVE-2021-30547)
• Drupal Core Archive_Tar Symbolic Link Directory Traversal (SA-CORE-2021-004) (CVE-2021-32610)
• Fedora chromium Security Update (FEDORA-2021-9f62d36f09) (CVE-2021-30541, CVE-2021-30559, CVE-2021-30560, CVE-2021-30561, CVE-2021-30562, CVE-2021-30563, CVE-2021-30564)
• Fedora chromium Security Update (FEDORA-2021-ca58c57bdf) (CVE-2021-30506, CVE-2021-30507, CVE-2021-30508, CVE-2021-30509, CVE-2021-30510, CVE-2021-30511, CVE-2021-30512, CVE-2021-30513, CVE-2021-30514, CVE-2021-30516, CVE-2021-30517, CVE-2021-30518, CVE-2021-30519, CVE-2021-30520, CVE-2021-30521, CVE-2021-30522, CVE-2021-30523, CVE-2021-30524, CVE-2021-30525, CVE-2021-30526, CVE-2021-30527, CVE-2021-30528, CVE-2021-30529, CVE-2021-30530, CVE-2021-30531, CVE-2021-30532, CVE-2021-30533, CVE-2021-30534, CVE-2021-30535, CVE-2021-30536, CVE-2021-30537, CVE-2021-30538, CVE-2021-30539, CVE-2021-30540, CVE-2021-30544, CVE-2021-30545, CVE-2021-30546, CVE-2021-30547, CVE-2021-30548, CVE-2021-30549, CVE-2021-30550, CVE-2021-30551, CVE-2021-30552, CVE-2021-30553, CVE-2021-30554, CVE-2021-30555, CVE-2021-30556, CVE-2021-30557)
• Fedora curl Security Update (FEDORA-2021-83fdddca0f) (CVE-2021-22898, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-22925)
• Fedora glibc Security Update (FEDORA-2021-3f4132bb56) (CVE-2021-35942)
• Fedora glibc Security Update (FEDORA-2021-e14e86e40e) (CVE-2021-35942)
• Fedora kernel Security Update (FEDORA-2021-a95108d156) (CVE-2021-3612)
• Fedora krb5 Security Update (FEDORA-2021-2bae525fd3) (CVE-2021-36222)
• Fedora krb5 Security Update (FEDORA-2021-8b25e4642f) (CVE-2021-36222)
• Fedora libvirt Security Update (FEDORA-2021-bc6ad65da0) (CVE-2021-3631)
• Fedora linuxptp Security Update (FEDORA-2021-1b42c2f458) (CVE-2021-3570, CVE-2021-3571)
• Fedora linuxptp Security Update (FEDORA-2021-a5b584004c) (CVE-2021-3570, CVE-2021-3571)
• Fedora mingw-djvulibre Security Update (FEDORA-2021-6422a16aed) (CVE-2021-3630)
• Fedora mingw-djvulibre Security Update (FEDORA-2021-d19172badb) (CVE-2021-3630)
• Fedora Multiple Packages Security Update (FEDORA-2021-07dc0b3eb1) (CVE-2021-33909)
• Fedora Multiple Packages Security Update (FEDORA-2021-0c53d8738d) (CVE-2021-3602)
• Fedora Multiple Packages Security Update (FEDORA-2021-cf7585f0ca) (CVE-2021-36740)
• Fedora nextcloud Security Update (FEDORA-2021-6f327296fe) (CVE-2021-32678, CVE-2021-32679, CVE-2021-32680, CVE-2021-32688, CVE-2021-32703, CVE-2021-32705)
• Fedora nextcloud Security Update (FEDORA-2021-9b421b78af) (CVE-2021-32678, CVE-2021-32679, CVE-2021-32680, CVE-2021-32688, CVE-2021-32703, CVE-2021-32705)
• Fedora opendmarc Security Update (FEDORA-2021-0c98725795) (CVE-2021-34555)
• Fedora opendmarc Security Update (FEDORA-2021-889af802f2) (CVE-2021-34555)
• Fedora podman Security Update (FEDORA-2021-723a480816) (CVE-2021-3602)
• Fedora systemd Security Update (FEDORA-2021-166e461c8d) (CVE-2020-13529, CVE-2021-33910)
• Fedora systemd Security Update (FEDORA-2021-2a6ba64260) (CVE-2021-33910)
• Fedora varnish Security Update (FEDORA-2021-36e10d3f9f) (CVE-2021-36740)
• OpenVPN verify-x509-name Authentication Bypass Vulnerability (CVE-2021-3547)
• pfSense Multiple Cross-Site Scripting Vulnerability (CVE-2020-19201, CVE-2020-19203)

MySQL

• MySQL Critical Patch Update - July 2021 (CVE-2019-17543, CVE-2021-22901, CVE-2021-2339, CVE-2021-2340, CVE-2021-2342, CVE-2021-2352, CVE-2021-2354, CVE-2021-2356, CVE-2021-2357, CVE-2021-2367, CVE-2021-2370, CVE-2021-2372, CVE-2021-2374, CVE-2021-2383, CVE-2021-2384, CVE-2021-2385, CVE-2021-2387, CVE-2021-2389, CVE-2021-2390, CVE-2021-2399, CVE-2021-2402, CVE-2021-2410, CVE-2021-2412, CVE-2021-2417, CVE-2021-2418, CVE-2021-2422, CVE-2021-2424, CVE-2021-2425, CVE-2021-2426, CVE-2021-2427, CVE-2021-2429, CVE-2021-2437, CVE-2021-2440, CVE-2021-2441, CVE-2021-2444)

Oracle

• Oracle Critical Patch Update/Patch Set Update - July 2021 (CVE-2019-17545, CVE-2020-7760, CVE-2021-2326, CVE-2021-2328, CVE-2021-2329, CVE-2021-2330, CVE-2021-2333, CVE-2021-2334, CVE-2021-2335, CVE-2021-2336, CVE-2021-2337, CVE-2021-2351, CVE-2021-2438)
• Oracle Enterprise Manager July 2021 CPU Advisory (CVE-2017-14735, CVE-2019-2897, CVE-2019-5063, CVE-2019-5064, CVE-2020-10683, CVE-2020-1967, CVE-2020-1971)
• Oracle Solaris OS July 2021 CPU (CVE-2021-2381)
• Oracle WebLogic Server July 2021 CPU (CVE-2015-0254, CVE-2021-2376, CVE-2021-2378, CVE-2021-2382, CVE-2021-2394, CVE-2021-2397, CVE-2021-2403)

Red Hat (Credentialed Checks)

• Red Hat Enterprise Linux firefox security update (RHSA-2021:2741) (CVE-2021-29970, CVE-2021-29976, CVE-2021-30547)
• Red Hat Enterprise Linux firefox security update (RHSA-2021:2743) (CVE-2021-29970, CVE-2021-29976, CVE-2021-30547)
• Red Hat Enterprise Linux java-1.8.0-openjdk security and bug fix update (RHSA-2021:2845) (CVE-2021-2341, CVE-2021-2369, CVE-2021-2388)
• Red Hat Enterprise Linux java-1.8.0-openjdk security update (RHSA-2021:2776) (CVE-2021-2341, CVE-2021-2369, CVE-2021-2388)
• Red Hat Enterprise Linux java-11-openjdk security update (RHSA-2021:2781) (CVE-2021-2341, CVE-2021-2369, CVE-2021-2388)
• Red Hat Enterprise Linux java-11-openjdk security update (RHSA-2021:2784) (CVE-2021-2341, CVE-2021-2369, CVE-2021-2388)
• Red Hat Enterprise Linux kernel security and bug fix update (RHSA-2021:2714) (CVE-2021-32399, CVE-2021-33909)
• Red Hat Enterprise Linux kernel security and bug fix update (RHSA-2021:2725) (CVE-2019-20934, CVE-2020-11668, CVE-2021-33033, CVE-2021-33034, CVE-2021-33909)
• Red Hat Enterprise Linux kpatch-patch security update (RHSA-2021:2716) (CVE-2021-32399, CVE-2021-33909)
• Red Hat Enterprise Linux kpatch-patch security update (RHSA-2021:2727) (CVE-2021-33034, CVE-2021-33909)
• Red Hat Enterprise Linux RHV Engine and Host Common Packages security update [ovirt-4.4.7] (RHSA-2021:2866) (CVE-2021-3447)
• Red Hat Enterprise Linux systemd security update (RHSA-2021:2717) (CVE-2021-33910)
• Red Hat Enterprise Linux thunderbird security update (RHSA-2021:2881) (CVE-2021-29969, CVE-2021-29970, CVE-2021-29976, CVE-2021-30547)
• Red Hat Enterprise Linux thunderbird security update (RHSA-2021:2883) (CVE-2021-29969, CVE-2021-29970, CVE-2021-29976, CVE-2021-30547)

Ubuntu (Credentialed Checks)

• Ubuntu containerd vulnerabilities (USN-5012-1) (CVE-2021-32760)
• Ubuntu curl vulnerabilities (USN-5021-1) (CVE-2021-22898, CVE-2021-22924, CVE-2021-22925)
• Ubuntu Firefox vulnerabilities (USN-5011-1) (CVE-2021-29970, CVE-2021-29972, CVE-2021-29974, CVE-2021-29975, CVE-2021-29976, CVE-2021-29977, CVE-2021-30547)
• Ubuntu libslirp vulnerabilities (USN-5009-1) (CVE-2020-29129, CVE-2020-29130, CVE-2021-3592, CVE-2021-3593, CVE-2021-3594, CVE-2021-3595)
• Ubuntu Linux kernel (OEM) vulnerabilities (USN-5015-1) (CVE-2021-28691, CVE-2021-33909, CVE-2021-3564, CVE-2021-3573, CVE-2021-3587)
• Ubuntu Linux kernel vulnerabilities (USN-5016-1) (CVE-2021-23134, CVE-2021-32399, CVE-2021-33034, CVE-2021-33909, CVE-2021-3506)
• Ubuntu Linux kernel vulnerabilities (USN-5017-1) (CVE-2020-26558, CVE-2021-0129, CVE-2021-33909)
• Ubuntu Linux kernel vulnerabilities (USN-5018-1) (CVE-2020-24586, CVE-2020-24587, CVE-2020-26139, CVE-2020-26147, CVE-2020-26558, CVE-2021-0129, CVE-2021-23134, CVE-2021-31829, CVE-2021-32399, CVE-2021-33034, CVE-2021-33200, CVE-2021-33909)
• Ubuntu Linux kernel vulnerability (USN-5014-1) (CVE-2021-33909)
• Ubuntu NVIDIA graphics drivers vulnerabilities (USN-5019-1) (CVE-2021-1093, CVE-2021-1094, CVE-2021-1095)
• Ubuntu QEMU vulnerabilities (USN-5010-1) (CVE-2020-15469, CVE-2020-29443, CVE-2020-35504, CVE-2020-35505, CVE-2020-35517, CVE-2021-20221, CVE-2021-20257, CVE-2021-3392, CVE-2021-3409, CVE-2021-3416, CVE-2021-3527, CVE-2021-3544, CVE-2021-3545, CVE-2021-3546, CVE-2021-3582, CVE-2021-3592, CVE-2021-3593, CVE-2021-3594, CVE-2021-3595, CVE-2021-3607, CVE-2021-3608)
• Ubuntu Ruby vulnerabilities (USN-5020-1) (CVE-2021-31799, CVE-2021-31810, CVE-2021-32066)
• Ubuntu systemd vulnerabilities (USN-5013-1) (CVE-2020-13529, CVE-2021-33910)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.