Summary
The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy!
New Vulnerability Test Highlights
Some of the more interesting vulnerability tests we added recently are as follows:
Amazon Linux (Credentialed Checks)
- Amazon Linux 389-ds-base Security Update (ALAS-2022-1629) (CVE-2021-4091)
- Amazon Linux 389-ds-base Security Update (ALAS-2022-1879) (CVE-2022-2850)
- Amazon Linux ant Security Update (ALAS-2022-1880) (CVE-2021-36374)
- Amazon Linux bluez Security Update (ALAS-2022-1881) (CVE-2022-39176)
- Amazon Linux cacti Security Update (ALAS-2022-1634) (CVE-2022-0730)
- Amazon Linux curl Security Update (ALAS-2022-1882) (CVE-2022-32221, CVE-2022-35260, CVE-2022-42915, CVE-2022-42916)
- Amazon Linux curl Security Update (ALAS-2022-246) (CVE-2022-32221, CVE-2022-35260, CVE-2022-42915, CVE-2022-42916)
- Amazon Linux device-mapper-multipath Security Update (ALAS-2022-1883) (CVE-2022-41974)
- Amazon Linux dotnet6.0 Security Update (ALAS-2022-253) (CVE-2022-38013)
- Amazon Linux e2fsprogs Security Update (ALAS-2022-1884) (CVE-2022-1304)
- Amazon Linux expat Security Update (ALAS-2022-1885) (CVE-2022-43680)
- Amazon Linux git Security Update (ALAS-2022-1886) (CVE-2022-39253, CVE-2022-39260)
- Amazon Linux git Security Update (ALAS-2022-254) (CVE-2022-39253, CVE-2022-39260)
- Amazon Linux gnupg2 Security Update (ALAS-2022-1630) (CVE-2022-34903)
- Amazon Linux golang Security Update (ALAS-2022-1635) (CVE-2022-1705, CVE-2022-1962, CVE-2022-1996, CVE-2022-24675, CVE-2022-27191, CVE-2022-27664, CVE-2022-28131, CVE-2022-28327, CVE-2022-29526, CVE-2022-30629, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632, CVE-2022-30633, CVE-2022-30635, CVE-2022-32148)
- Amazon Linux java-1.7.0-openjdk Security Update (ALAS-2022-1633) (CVE-2022-21248, CVE-2022-21282, CVE-2022-21283, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21349, CVE-2022-21360, CVE-2022-21365, CVE-2022-21426, CVE-2022-21434, CVE-2022-21443, CVE-2022-21476, CVE-2022-21496, CVE-2022-21540, CVE-2022-21541, CVE-2022-34169)
- Amazon Linux java-1.8.0-openjdk Security Update (ALAS-2022-1631) (CVE-2022-21248, CVE-2022-21282, CVE-2022-21283, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21349, CVE-2022-21360, CVE-2022-21365, CVE-2022-21426, CVE-2022-21434, CVE-2022-21443, CVE-2022-21476, CVE-2022-21496, CVE-2022-21540, CVE-2022-21541, CVE-2022-34169)
- Amazon Linux kernel Security Update (ALAS-2019-1232) (CVE-2019-11599, CVE-2019-13272, CVE-2019-3900)
- Amazon Linux kernel Security Update (ALAS-2020-1446) (CVE-2020-0423, CVE-2020-12351, CVE-2020-12352, CVE-2020-14386, CVE-2020-24490, CVE-2020-25211)
- Amazon Linux kernel Security Update (ALAS-2021-1480) (CVE-2020-27825, CVE-2020-28374, CVE-2021-3178, CVE-2021-3347, CVE-2021-3348, CVE-2021-39648)
- Amazon Linux kernel Security Update (ALAS-2022-1577) (CVE-2022-1015, CVE-2022-1016, CVE-2022-20368)
- Amazon Linux kernel Security Update (ALAS-2022-1636) (CVE-2021-33655, CVE-2021-4159, CVE-2022-1462, CVE-2022-1679, CVE-2022-2153, CVE-2022-2588, CVE-2022-2663, CVE-2022-3028, CVE-2022-36123, CVE-2022-36879, CVE-2022-36946, CVE-2022-40307)
- Amazon Linux kernel Security Update (ALASKERNEL-5.10-2022-023) (CVE-2021-3759, CVE-2022-3524, CVE-2022-3535, CVE-2022-3542, CVE-2022-3564, CVE-2022-3565, CVE-2022-3594, CVE-2022-41849, CVE-2022-41850)
- Amazon Linux kernel Security Update (ALASKERNEL-5.15-2022-011) (CVE-2022-3543, CVE-2022-3564, CVE-2022-3619, CVE-2022-3623)
- Amazon Linux kernel-livepatch-4.14.290-217.505 Security Update (ALASLIVEPATCH-2022-094) (CVE-2022-2588)
- Amazon Linux kernel-livepatch-5.10.135-122.509 Security Update (ALASLIVEPATCH-2022-093) (CVE-2022-2588)
- Amazon Linux libapreq2 Security Update (ALAS-2022-1637) (CVE-2022-22728)
- Amazon Linux libksba Security Update (ALAS-2022-249) (CVE-2022-3515)
- Amazon Linux libldb Security Update (ALAS-2022-247) (CVE-2022-32746)
- Amazon Linux libtiff Security Update (ALAS-2022-256) (CVE-2022-3970)
- Amazon Linux mariadb105 Security Update (ALAS-2022-245) (CVE-2022-32081, CVE-2022-32082, CVE-2022-32084, CVE-2022-32089)
- Amazon Linux php8.1 Security Update (ALAS-2022-243) (CVE-2022-31627, CVE-2022-31628, CVE-2022-31629, CVE-2022-31630, CVE-2022-37454)
- Amazon Linux protobuf-c Security Update (ALAS-2022-248) (CVE-2022-33070)
- Amazon Linux ruby20 Security Update (ALAS-2022-1638) (CVE-2022-28739)
- Amazon Linux sysstat Security Update (ALAS-2022-255) (CVE-2022-39377)
- Amazon Linux util-linux Security Update (ALAS-2022-1878) (CVE-2018-7738)
- Amazon Linux util-linux Security Update (ALAS-2022-1901) (CVE-2022-0563)
- Amazon Linux varnish Security Update (ALAS-2022-1632) (CVE-2022-23959)
- Amazon Linux vim Security Update (ALAS-2022-1639) (CVE-2022-2257, CVE-2022-2264, CVE-2022-2284, CVE-2022-2285, CVE-2022-2286, CVE-2022-2287, CVE-2022-2288, CVE-2022-2289, CVE-2022-2304, CVE-2022-2343, CVE-2022-2344, CVE-2022-2345, CVE-2022-2816, CVE-2022-2817, CVE-2022-2819, CVE-2022-3037)
- Amazon Linux vim Security Update (ALAS-2022-1902) (CVE-2022-3705)
- Amazon Linux vim Security Update (ALAS-2022-251) (CVE-2022-3705)
- Amazon Linux wireshark Security Update (ALAS-2022-244) (CVE-2022-3190)
- Amazon Linux xmlsec1 Security Update (ALAS-2022-257) (CVE-2022-40303, CVE-2022-40304)
- Amazon Linux xorg-x11-server Security Update (ALAS-2022-250) (CVE-2022-3550, CVE-2022-3551)
- Amazon Linux zlib Security Update (ALAS-2022-252) (CVE-2022-37434)
Debian (Credentialed Checks)
- Debian cacti Security Update (DSA-5298-1) (CVE-2022-0730, CVE-2022-46169)
- Debian chromium Security Update (DSA-5293-1) (CVE-2022-4174, CVE-2022-4175, CVE-2022-4176, CVE-2022-4177, CVE-2022-4178, CVE-2022-4179, CVE-2022-4180, CVE-2022-4181, CVE-2022-4182, CVE-2022-4183, CVE-2022-4184, CVE-2022-4185, CVE-2022-4186, CVE-2022-4187, CVE-2022-4188, CVE-2022-4189, CVE-2022-4190, CVE-2022-4191, CVE-2022-4192, CVE-2022-4193, CVE-2022-4194, CVE-2022-4195)
- Debian chromium Security Update (DSA-5295-1) (CVE-2022-4262)
- Debian jhead Security Update (DSA-5294-1) (CVE-2021-34055, CVE-2022-41751)
- Debian openexr Security Update (DSA-5299-1) (CVE-2021-23215, CVE-2021-26260, CVE-2021-3598, CVE-2021-3605, CVE-2021-3933, CVE-2021-3941, CVE-2021-45942)
- Debian snapd Security Update (DSA-5292-1) (CVE-2022-3328)
- Debian vlc Security Update (DSA-5297-1) (CVE-2022-41325)
- Debian xfce4-settings Security Update (DSA-5296-1) (CVE-2022-45062)
Canonical Ubuntu (Credentialed Checks)
- Canonical Ubuntu GCC Vulnerability (USN-5770-1) (CVE-2017-11671)
- Canonical Ubuntu GNU binutils Vulnerability (USN-5762-1) (CVE-2022-38533)
- Canonical Ubuntu GNU C Library Vulnerabilities (USN-5768-1) (CVE-2016-10228, CVE-2017-12132, CVE-2019-25013, CVE-2020-27618)
- Canonical Ubuntu LibBPF Vulnerabilities (USN-5759-1) (CVE-2021-45940, CVE-2021-45941, CVE-2022-3533, CVE-2022-3534, CVE-2022-3606)
- Canonical Ubuntu libsamplerate Vulnerability (USN-5749-1) (CVE-2017-7697)
- Canonical Ubuntu libxml2 Vulnerabilities (USN-5760-1) (CVE-2022-2309, CVE-2022-40303, CVE-2022-40304)
- Canonical Ubuntu libxml2 Vulnerabilities (USN-5760-2) (CVE-2022-40303, CVE-2022-40304)
- Canonical Ubuntu Linux kernel (Azure) Vulnerabilities (USN-5754-2) (CVE-2022-3524, CVE-2022-3564, CVE-2022-3565, CVE-2022-3566, CVE-2022-3567, CVE-2022-3594, CVE-2022-3621, CVE-2022-43945)
- Canonical Ubuntu Linux kernel (Azure) Vulnerabilities (USN-5756-3) (CVE-2022-3524, CVE-2022-3564, CVE-2022-3565, CVE-2022-3566, CVE-2022-3567, CVE-2022-3594, CVE-2022-3621, CVE-2022-42703)
- Canonical Ubuntu Linux kernel (GKE) Vulnerabilities (USN-5756-2) (CVE-2022-3524, CVE-2022-3564, CVE-2022-3565, CVE-2022-3566, CVE-2022-3567, CVE-2022-3594, CVE-2022-3621, CVE-2022-42703)
- Canonical Ubuntu Linux kernel (OEM) Vulnerabilities (USN-5773-1) (CVE-2022-26365, CVE-2022-33743, CVE-2022-3524, CVE-2022-3564, CVE-2022-3566, CVE-2022-3567, CVE-2022-3594, CVE-2022-3621, CVE-2022-42703, CVE-2022-43945)
- Canonical Ubuntu Linux kernel Vulnerabilities (USN-5755-2) (CVE-2022-3524, CVE-2022-3564, CVE-2022-3565, CVE-2022-3566, CVE-2022-3567, CVE-2022-3594, CVE-2022-3621, CVE-2022-42703, CVE-2022-43945)
- Canonical Ubuntu MariaDB Vulnerabilities (USN-5739-1) (CVE-2018-25032, CVE-2021-46669, CVE-2022-21427, CVE-2022-27376, CVE-2022-27377, CVE-2022-27378, CVE-2022-27379, CVE-2022-27380, CVE-2022-27381, CVE-2022-27382, CVE-2022-27383, CVE-2022-27384, CVE-2022-27386, CVE-2022-27387, CVE-2022-27444, CVE-2022-27445, CVE-2022-27446, CVE-2022-27447, CVE-2022-27448, CVE-2022-27449, CVE-2022-27451, CVE-2022-27452, CVE-2022-27455, CVE-2022-27456, CVE-2022-27457, CVE-2022-27458, CVE-2022-32081, CVE-2022-32082, CVE-2022-32083, CVE-2022-32084, CVE-2022-32085, CVE-2022-32086, CVE-2022-32087, CVE-2022-32088, CVE-2022-32089, CVE-2022-32091)
- Canonical Ubuntu protobuf Vulnerabilities (USN-5769-1) (CVE-2015-5237, CVE-2022-1941)
- Canonical Ubuntu Python Vulnerabilities (USN-5767-1) (CVE-2022-37454, CVE-2022-45061)
- Canonical Ubuntu Python Vulnerability (USN-5767-2) (CVE-2022-45061)
- Canonical Ubuntu QEMU Vulnerabilities (USN-5772-1) (CVE-2021-3682, CVE-2021-3750, CVE-2021-3930, CVE-2022-0216, CVE-2022-2962, CVE-2022-3165)
- Canonical Ubuntu Sysstat Vulnerability (USN-5735-1) (CVE-2022-39377)
- Canonical Ubuntu Sysstat Vulnerability (USN-5748-1) (CVE-2022-39377)
- Canonical Ubuntu WebKitGTK Vulnerabilities (USN-5730-1) (CVE-2022-32888, CVE-2022-32923, CVE-2022-42799, CVE-2022-42823, CVE-2022-42824)
SUSE Enterprise Linux (Credentialed Checks)
- SUSE Enterprise Linux Security update for Bcel (SUSE-SU-2022:4331-1) (CVE-2022-42920)
- SUSE Enterprise Linux Security update for Binutils (SUSE-SU-2022:4277-1) (CVE-2019-1010204, CVE-2021-3530, CVE-2021-3648, CVE-2021-3826, CVE-2021-45078, CVE-2021-46195, CVE-2022-27943, CVE-2022-38126, CVE-2022-38127, CVE-2022-38533)
- SUSE Enterprise Linux Security update for Busybox (SUSE-SU-2022:4253-1) (CVE-2011-5325, CVE-2014-9645, CVE-2015-9261, CVE-2016-2147, CVE-2016-2148, CVE-2016-6301, CVE-2017-15873, CVE-2017-15874, CVE-2017-16544, CVE-2018-1000500, CVE-2018-1000517, CVE-2018-20679, CVE-2019-5747, CVE-2021-28831, CVE-2021-42373, CVE-2021-42374, CVE-2021-42375, CVE-2021-42376, CVE-2021-42377, CVE-2021-42378, CVE-2021-42379, CVE-2021-42380, CVE-2021-42381, CVE-2021-42382, CVE-2021-42383, CVE-2021-42384, CVE-2021-42385, CVE-2021-42386)
- SUSE Enterprise Linux Security update for Busybox (SUSE-SU-2022:4260-1) (CVE-2014-9645, CVE-2018-1000517)
- SUSE Enterprise Linux Security update for Busybox (SUSE-SU-2022:4372-1) (CVE-2022-30065)
- SUSE Enterprise Linux Security update for dbus-1 (SUSE-SU-2022:4295-1) (CVE-2022-42010, CVE-2022-42011, CVE-2022-42012)
- SUSE Enterprise Linux Security update for Emacs (SUSE-SU-2022:4305-1) (CVE-2022-45939)
- SUSE Enterprise Linux Security update for Emacs (SUSE-SU-2022:4310-1) (CVE-2022-45939)
- SUSE Enterprise Linux Security update for Exiv2 (SUSE-SU-2022:4276-1) (CVE-2017-11591, CVE-2018-11531, CVE-2018-17581, CVE-2018-20097, CVE-2018-20098, CVE-2018-20099, CVE-2019-13109, CVE-2019-13110, CVE-2019-17402, CVE-2021-29473, CVE-2021-32815)
- SUSE Enterprise Linux Security update for Git (SUSE-SU-2022:4271-1) (CVE-2022-39253, CVE-2022-39260)
- SUSE Enterprise Linux Security update for Grub2 (SUSE-SU-2022:4302-1) (CVE-2022-2601, CVE-2022-3775)
- SUSE Enterprise Linux Security update for java-1_8_0-Ibm (SUSE-SU-2022:4290-1) (CVE-2022-21618, CVE-2022-21619, CVE-2022-21624, CVE-2022-21626, CVE-2022-21628, CVE-2022-39399)
- SUSE Enterprise Linux Security update for java-1_8_0-Openjdk (SUSE-SU-2022:4373-1) (CVE-2022-21619, CVE-2022-21624, CVE-2022-21626, CVE-2022-21628)
- SUSE Enterprise Linux Security update for Krb5 (SUSE-SU-2022:4335-1) (CVE-2022-42898)
- SUSE Enterprise Linux Security update for Libarchive (SUSE-SU-2022:4296-1) (CVE-2022-36227)
- SUSE Enterprise Linux Security update for libdb-4_8 (SUSE-SU-2022:4289-1) (CVE-2019-2708)
- SUSE Enterprise Linux Security update for Libmspack (SUSE-SU-2022:4287-1) (CVE-2018-18586)
- SUSE Enterprise Linux Security update for Libvncserver (SUSE-SU-2022:4330-1) (CVE-2020-29260)
- SUSE Enterprise Linux Security update for Nautilus (SUSE-SU-2022:4394-1) (CVE-2022-37290)
- SUSE Enterprise Linux Security update for Nginx (SUSE-SU-2022:4265-1) (CVE-2021-3618)
- SUSE Enterprise Linux Security update for Nginx (SUSE-SU-2022:4266-1) (CVE-2021-3618)
- SUSE Enterprise Linux Security update for Nodejs10 (SUSE-SU-2022:4301-1) (CVE-2022-43548)
- SUSE Enterprise Linux Security update for Nodejs12 (SUSE-SU-2022:4254-1) (CVE-2022-43548)
- SUSE Enterprise Linux Security update for Nodejs14 (SUSE-SU-2022:4255-1) (CVE-2022-43548)
- SUSE Enterprise Linux Security update for Opencc (SUSE-SU-2022:4288-1) (CVE-2018-16982)
- SUSE Enterprise Linux Security update for Python (SUSE-SU-2022:4275-1) (CVE-2022-45061)
- SUSE Enterprise Linux Security update for Python3 (SUSE-SU-2022:4258-1) (CVE-2022-45061)
- SUSE Enterprise Linux Security update for Python3 (SUSE-SU-2022:4274-1) (CVE-2020-10735, CVE-2022-37454)
- SUSE Enterprise Linux Security update for Sudo (SUSE-SU-2022:4280-1) (CVE-2022-43995)
- SUSE Enterprise Linux Security update for Systemd (SUSE-SU-2022:4279-1) (CVE-2022-3821)
- SUSE Enterprise Linux Security update for the Linux Kernel (SUSE-SU-2022:4272-1) (CVE-2021-4037, CVE-2022-2153, CVE-2022-2964, CVE-2022-3169, CVE-2022-3424, CVE-2022-3521, CVE-2022-3524, CVE-2022-3542, CVE-2022-3545, CVE-2022-3565, CVE-2022-3586, CVE-2022-3594, CVE-2022-3621, CVE-2022-3629, CVE-2022-3646, CVE-2022-3649, CVE-2022-40307, CVE-2022-40768, CVE-2022-42703, CVE-2022-43750)
- SUSE Enterprise Linux Security update for the Linux Kernel (SUSE-SU-2022:4273-1) (CVE-2021-4037, CVE-2022-2153, CVE-2022-28748, CVE-2022-2964, CVE-2022-3169, CVE-2022-3424, CVE-2022-3521, CVE-2022-3524, CVE-2022-3542, CVE-2022-3545, CVE-2022-3565, CVE-2022-3586, CVE-2022-3594, CVE-2022-3621, CVE-2022-3629, CVE-2022-3646, CVE-2022-3649, CVE-2022-40307, CVE-2022-40768, CVE-2022-42703, CVE-2022-43750)
- SUSE Enterprise Linux Security update for Tiff (SUSE-SU-2022:4259-1) (CVE-2022-3597, CVE-2022-3599, CVE-2022-3626, CVE-2022-3627, CVE-2022-3970)
- SUSE Enterprise Linux Security update for Tomcat (SUSE-SU-2022:4257-1) (CVE-2021-43980, CVE-2022-42252)
- SUSE Enterprise Linux Security update for Tomcat (SUSE-SU-2022:4303-1) (CVE-2022-42252)
- SUSE Enterprise Linux Security update for Vim (SUSE-SU-2022:4282-1) (CVE-2021-3928, CVE-2022-2980, CVE-2022-2982, CVE-2022-3037, CVE-2022-3099, CVE-2022-3134, CVE-2022-3153, CVE-2022-3234, CVE-2022-3235, CVE-2022-3278, CVE-2022-3296, CVE-2022-3297, CVE-2022-3324, CVE-2022-3352, CVE-2022-3705)
- SUSE Enterprise Linux Security update for Webkit2gtk3 (SUSE-SU-2022:4283-1) (CVE-2022-32888, CVE-2022-32923, CVE-2022-42799, CVE-2022-42823, CVE-2022-42824)
- SUSE Enterprise Linux Security update for Webkit2gtk3 (SUSE-SU-2022:4284-1) (CVE-2022-32888, CVE-2022-32923, CVE-2022-42799, CVE-2022-42823, CVE-2022-42824)
- SUSE Enterprise Linux Security update for Webkit2gtk3 (SUSE-SU-2022:4285-1) (CVE-2022-32888, CVE-2022-32923, CVE-2022-42799, CVE-2022-42823, CVE-2022-42824)
- SUSE Enterprise Linux Security update for Xen (SUSE-SU-2022:4332-1) (CVE-2022-42309, CVE-2022-42310, CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314, CVE-2022-42315, CVE-2022-42316, CVE-2022-42317, CVE-2022-42318, CVE-2022-42319, CVE-2022-42320, CVE-2022-42321, CVE-2022-42322, CVE-2022-42323, CVE-2022-42325, CVE-2022-42326)
Fedora (Credentialed Checks)
Microsoft
- Microsoft Windows December 2022 Security Updates Missing (CVE-2022-41074, CVE-2022-41076, CVE-2022-41077, CVE-2022-41094, CVE-2022-41121, CVE-2022-44666, CVE-2022-44667, CVE-2022-44668, CVE-2022-44669, CVE-2022-44670, CVE-2022-44671, CVE-2022-44673, CVE-2022-44674, CVE-2022-44675, CVE-2022-44676, CVE-2022-44677, CVE-2022-44678, CVE-2022-44679, CVE-2022-44680, CVE-2022-44681, CVE-2022-44682, CVE-2022-44683, CVE-2022-44689, CVE-2022-44697, CVE-2022-44698, CVE-2022-44707)
Red Hat (Credentialed Checks)
- Red Hat Enterprise Linux 18 Security, Bug Fix, And Enhancement Update (RHSA-2022:8832) (CVE-2022-3517, CVE-2022-43548)
- Red Hat Enterprise Linux 18 Security, Bug Fix, And Enhancement Update (RHSA-2022:8833) (CVE-2022-3517, CVE-2022-43548)
- Red Hat Enterprise Linux Grub2 Security Update (RHSA-2022:8900) (CVE-2022-28733)
- Red Hat Enterprise Linux Java-1.8.0-ibm Security Update (RHSA-2022:8880) (CVE-2022-21619, CVE-2022-21624, CVE-2022-21626, CVE-2022-21628)
- Red Hat Enterprise Linux Pki-core Security Update (RHSA-2022:8799) (CVE-2022-2414)
- Red Hat Enterprise Linux Red Hat Openstack Platform 16.2.4 (python-ujson) Security Update (RHSA-2022:8850) (CVE-2022-31116, CVE-2022-31117)
How to Update?
All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.