Network Security

TrustKeeper Scan Engine Update for Feb 23, 2023

February 23, 2023

Summary

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy!

New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

Canonical Ubuntu (Credentialed Checks)

Canonical Ubuntu Vulnerabilities (USN-5791-1) (CVE-2022-20421, CVE-2022-2663, CVE-2022-3061, CVE-2022-3303, CVE-2022-3586, CVE-2022-3646, CVE-2022-39842, CVE-2022-40307, CVE-2022-4095, CVE-2022-43750)
Canonical Ubuntu Vulnerabilities (USN-5793-3) (CVE-2022-20421, CVE-2022-2663, CVE-2022-3303, CVE-2022-3541, CVE-2022-3543, CVE-2022-3544, CVE-2022-3586, CVE-2022-3623, CVE-2022-3646, CVE-2022-3649, CVE-2022-3910, CVE-2022-3977, CVE-2022-40307, CVE-2022-4095, CVE-2022-41849, CVE-2022-41850, CVE-2022-43750)
Canonical Ubuntu Vulnerabilities (USN-5811-1) (CVE-2022-33070, CVE-2023-22809)
Canonical Ubuntu Vulnerabilities (USN-5813-1) (CVE-2022-3643, CVE-2022-42896, CVE-2022-43945, CVE-2022-45934)
Canonical Ubuntu Vulnerabilities (USN-5814-1) (CVE-2022-3643, CVE-2022-42896, CVE-2022-4378, CVE-2022-45934)
Canonical Ubuntu Vulnerabilities (USN-5815-1) (CVE-2022-20421, CVE-2022-2663, CVE-2022-3061, CVE-2022-3303, CVE-2022-3586, CVE-2022-3646, CVE-2022-39842, CVE-2022-40307, CVE-2022-4095, CVE-2022-43750)
Canonical Ubuntu Vulnerabilities (USN-5816-1) (CVE-2023-23597, CVE-2023-23598, CVE-2023-23599, CVE-2023-23601, CVE-2023-23602, CVE-2023-23603, CVE-2023-23604, CVE-2023-23605, CVE-2023-23606)
Canonical Ubuntu Vulnerability (USN-5798-1) (CVE-2023-21538)
Canonical Ubuntu Vulnerability (USN-5806-1) (CVE-2021-33621)
Canonical Ubuntu Vulnerability (USN-5811-2) (CVE-2023-22809)
Canonical Ubuntu Vulnerability (USN-5812-1) (CVE-2021-33503)
Canonical Ubuntu Vulnerability (USN-5817-1) (CVE-2022-40897)
Canonical Ubuntu Vulnerability (USN-5818-1) (CVE-2022-31631)
Canonical Ubuntu Vulnerability (USN-5819-1) (CVE-2023-0056)

Debian (Credentialed Checks)

Debian firefox-esr LTS Security Update (DLA-3275-1) (CVE-2022-46871, CVE-2022-46877, CVE-2023-23598, CVE-2023-23601, CVE-2023-23602, CVE-2023-23603, CVE-2023-23605)
Debian lava LTS Security Update (DLA-3276-1) (CVE-2022-44641)
Debian libitext5-java LTS Security Update (DLA-3273-1) (CVE-2021-43113)
Debian powerline-gitstatus LTS Security Update (DLA-3277-1) (CVE-2022-42906)
Debian sudo LTS Security Update (DLA-3272-1) (CVE-2023-22809)
Debian tiff LTS Security Update (DLA-3278-1) (CVE-2022-1354, CVE-2022-1355, CVE-2022-2056, CVE-2022-2057, CVE-2022-2058, CVE-2022-2867, CVE-2022-2868, CVE-2022-2869, CVE-2022-34526, CVE-2022-3570, CVE-2022-3597, CVE-2022-3598, CVE-2022-3599, CVE-2022-3626, CVE-2022-3627, CVE-2022-3970)
Debian trafficserver LTS Security Update (DLA-3279-1) (CVE-2021-37150, CVE-2022-25763, CVE-2022-28129, CVE-2022-31780)
Debian webkit2gtk LTS Security Update (DLA-3274-1) (CVE-2022-42852, CVE-2022-42856, CVE-2022-42867, CVE-2022-46692, CVE-2022-46698, CVE-2022-46699, CVE-2022-46700)

Fedora (Credentialed Checks)

Fedora awstats Security Update (FEDORA-2023-fda5480804) (CVE-2022-46391)
Fedora dotnet6.0 Security Update (FEDORA-2023-4d5f7e5cb0) (CVE-2023-21538)
Fedora git Security Update (FEDORA-2023-746c4aacce) (CVE-2022-23521, CVE-2022-41903)
Fedora kernel Security Update (FEDORA-2023-58eac2b872) (CVE-2023-0179)
Fedora pypy3.8 Security Update (FEDORA-2023-78b4ce2f23) (CVE-2022-37454, CVE-2022-45061)
Fedora pypy3.9 Security Update (FEDORA-2023-097dd40685) (CVE-2022-37454, CVE-2022-42919, CVE-2022-45061)
Fedora qemu Security Update (FEDORA-2023-c8a60f6f80) (CVE-2021-3638, CVE-2022-4144)
Fedora rust Security Update (FEDORA-2023-575fcaf4bf) (CVE-2022-46176)
Fedora upx Security Update (FEDORA-2023-8d91390935) (CVE-2023-23456, CVE-2023-23457)
Fedora yarnpkg Security Update (FEDORA-2023-18fd476362) (CVE-2020-7677, CVE-2021-43138, CVE-2022-3517)

FreeBSD (Credentialed Checks)

FreeBSD Apache httpd Security Update (00919005-96a3-11ed-86e9-d4c9ef517024) (CVE-2006-20001, CVE-2022-36760, CVE-2022-37436)
FreeBSD MySQL Security Update (dc49f6dc-99d2-11ed-86e9-d4c9ef517024) (CVE-2022-1941, CVE-2022-24407, CVE-2022-3171, CVE-2022-32221, CVE-2023-21836, CVE-2023-21840, CVE-2023-21860, CVE-2023-21863, CVE-2023-21864, CVE-2023-21865, CVE-2023-21866, CVE-2023-21867, CVE-2023-21868, CVE-2023-21869, CVE-2023-21870, CVE-2023-21871, CVE-2023-21872, CVE-2023-21873, CVE-2023-21874, CVE-2023-21875, CVE-2023-21876, CVE-2023-21877, CVE-2023-21878, CVE-2023-21879, CVE-2023-21880, CVE-2023-21881, CVE-2023-21882, CVE-2023-21883, CVE-2023-21887)
FreeBSD net/eternalterminal Security Update (b6f7ad7d-9b19-11ed-9a3f-b42e991fc52e) (CVE-2022-48257, CVE-2022-48258)
FreeBSD net/krill Security Update (7844789a-9b1f-11ed-9a3f-b42e991fc52e) (CVE-2023-0158)
FreeBSD powerdns-recursor Security Update (28b69630-9b10-11ed-97a6-6805ca2fa271) (CVE-2023-22617)
FreeBSD rack Security Update (95176ba5-9796-11ed-bfbf-080027f5fec9) (CVE-2022-44570, CVE-2022-44571, CVE-2022-44572)
FreeBSD redis Security Update (5fa68bd9-95d9-11ed-811a-080027f5fec9) (CVE-2022-35977, CVE-2023-22458)
FreeBSD shells/fish Security Update (a3b10c9b-99d9-11ed-aa55-d05099fed512) (CVE-2022-20001)
FreeBSD www/awstats Security Update (bba3f684-9b1d-11ed-9a3f-b42e991fc52e) (CVE-2020-35176)
FreeBSD xorg-server Security Update (9fa7b139-c1e9-409e-bed0-006aadcf5845) (CVE-2022-4283, CVE-2022-46340, CVE-2022-46341, CVE-2022-46342, CVE-2022-46343, CVE-2022-46344)

Google Chrome Browser (Credentialed Checks)

Google Chrome Browser Update Missing (02_08_22) (CVE-2022-2603, CVE-2022-2604, CVE-2022-2605, CVE-2022-2606, CVE-2022-2607, CVE-2022-2608, CVE-2022-2609, CVE-2022-2610, CVE-2022-2611, CVE-2022-2612, CVE-2022-2613, CVE-2022-2614, CVE-2022-2615, CVE-2022-2616, CVE-2022-2617, CVE-2022-2618, CVE-2022-2619, CVE-2022-2620, CVE-2022-2621, CVE-2022-2622, CVE-2022-2623, CVE-2022-2624, CVE-2022-2742, CVE-2022-2743)
Google Chrome Browser Update Missing (02_09_22) (CVE-2022-3075)
Google Chrome Browser Update Missing (02_12_22) (CVE-2022-4262)
Google Chrome Browser Update Missing (04_07_22) (CVE-2022-2294, CVE-2022-2295, CVE-2022-2296)
Google Chrome Browser Update Missing (08_11_22) (CVE-2022-3885, CVE-2022-3886, CVE-2022-3887, CVE-2022-3888, CVE-2022-3889, CVE-2022-3890)
Google Chrome Browser Update Missing (10_01_23) (CVE-2023-0128, CVE-2023-0129, CVE-2023-0130, CVE-2023-0131, CVE-2023-0132, CVE-2023-0133, CVE-2023-0134, CVE-2023-0135, CVE-2023-0136, CVE-2023-0137, CVE-2023-0138, CVE-2023-0139, CVE-2023-0140, CVE-2023-0141)
Google Chrome Browser Update Missing (11_10_22) (CVE-2022-3445, CVE-2022-3446, CVE-2022-3447, CVE-2022-3448, CVE-2022-3449, CVE-2022-3450)
Google Chrome Browser Update Missing (13_12_22) (CVE-2022-4436, CVE-2022-4437, CVE-2022-4438, CVE-2022-4439, CVE-2022-4440)
Google Chrome Browser Update Missing (14_09_22) (CVE-2022-3195, CVE-2022-3196, CVE-2022-3197, CVE-2022-3198, CVE-2022-3199, CVE-2022-3200, CVE-2022-3201, CVE-2022-3842)
Google Chrome Browser Update Missing (16_08_22) (CVE-2022-2852, CVE-2022-2853, CVE-2022-2854, CVE-2022-2855, CVE-2022-2856, CVE-2022-2857, CVE-2022-2858, CVE-2022-2859, CVE-2022-2860, CVE-2022-2861, CVE-2022-2998)
Google Chrome Browser Update Missing (19_07_22) (CVE-2022-2163, CVE-2022-2477, CVE-2022-2478, CVE-2022-2479, CVE-2022-2480, CVE-2022-2481)
Google Chrome Browser Update Missing (24_01_23) (CVE-2023-0471, CVE-2023-0472, CVE-2023-0473, CVE-2023-0474)
Google Chrome Browser Update Missing (24_11_22) (CVE-2022-4135)
Google Chrome Browser Update Missing (25_10_22) (CVE-2022-3652, CVE-2022-3653, CVE-2022-3654, CVE-2022-3655, CVE-2022-3656, CVE-2022-3657, CVE-2022-3658, CVE-2022-3659, CVE-2022-3660, CVE-2022-3661)
Google Chrome Browser Update Missing (27_09_22) (CVE-2022-3201, CVE-2022-3304, CVE-2022-3305, CVE-2022-3306, CVE-2022-3307, CVE-2022-3308, CVE-2022-3309, CVE-2022-3310, CVE-2022-3311, CVE-2022-3312, CVE-2022-3313, CVE-2022-3314, CVE-2022-3315, CVE-2022-3316, CVE-2022-3317, CVE-2022-3318, CVE-2022-3443, CVE-2022-3444)
Google Chrome Browser Update Missing (27_10_22) (CVE-2022-3723)
Google Chrome Browser Update Missing (29_11_22) (CVE-2022-4174, CVE-2022-4175, CVE-2022-4176, CVE-2022-4177, CVE-2022-4178, CVE-2022-4179, CVE-2022-4180, CVE-2022-4181, CVE-2022-4182, CVE-2022-4183, CVE-2022-4184, CVE-2022-4185, CVE-2022-4186, CVE-2022-4187, CVE-2022-4188, CVE-2022-4189, CVE-2022-4190, CVE-2022-4191, CVE-2022-4192, CVE-2022-4193, CVE-2022-4194, CVE-2022-4195)
Google Chrome Browser Update Missing (30_08_22) (CVE-2022-3038, CVE-2022-3039, CVE-2022-3040, CVE-2022-3041, CVE-2022-3042, CVE-2022-3043, CVE-2022-3044, CVE-2022-3045, CVE-2022-3046, CVE-2022-3047, CVE-2022-3048, CVE-2022-3049, CVE-2022-3050, CVE-2022-3051, CVE-2022-3052, CVE-2022-3053, CVE-2022-3054, CVE-2022-3055, CVE-2022-3056, CVE-2022-3057, CVE-2022-3058, CVE-2022-3071)
Google Chrome Browser Update Missing (30_09_22) (CVE-2022-3370, CVE-2022-3373)

Oracle

Critical Patch Update - January 2023 (CVE-2022-32221, CVE-2023-21836, CVE-2023-21840, CVE-2023-21863, CVE-2023-21864, CVE-2023-21865, CVE-2023-21866, CVE-2023-21867, CVE-2023-21868, CVE-2023-21869, CVE-2023-21870, CVE-2023-21871, CVE-2023-21872, CVE-2023-21873, CVE-2023-21874, CVE-2023-21875, CVE-2023-21876, CVE-2023-21877, CVE-2023-21878, CVE-2023-21879, CVE-2023-21880, CVE-2023-21881, CVE-2023-21882, CVE-2023-21883, CVE-2023-21887)
Oracle Critical Patch Update/Patch Set Update - January 2023 (CVE-2018-25032, CVE-2023-21827, CVE-2023-21829)
Oracle Enterprise Manager January 2023 CPU Advisory (CVE-2022-25647, CVE-2022-42889)
Oracle Solaris OS January 2023 CPU (CVE-2023-21900)
Oracle WebLogic Server January 2023 CPU (CVE-2018-7489, CVE-2022-25647, CVE-2022-40150, CVE-2022-40153, CVE-2022-42920, CVE-2023-21837, CVE-2023-21838, CVE-2023-21839, CVE-2023-21841, CVE-2023-21842)

Red Hat (Credentialed Checks)

Red Hat Enterprise Linux Bash Security Update (RHSA-2023:0340) (CVE-2022-3715)
Red Hat Enterprise Linux Bind Security Update (RHSA-2023:0402) (CVE-2021-25220, CVE-2022-2795)
Red Hat Enterprise Linux Curl Security Update (RHSA-2023:0333) (CVE-2022-32221)
Red Hat Enterprise Linux Dbus Security Update (RHSA-2023:0335) (CVE-2022-42010, CVE-2022-42011, CVE-2022-42012)
Red Hat Enterprise Linux Expat Security Update (RHSA-2023:0337) (CVE-2022-43680)
Red Hat Enterprise Linux Firefox Security Update (RHSA-2023:0285) (CVE-2022-46871, CVE-2022-46877, CVE-2023-23598, CVE-2023-23599, CVE-2023-23601, CVE-2023-23602, CVE-2023-23603, CVE-2023-23605)
Red Hat Enterprise Linux Firefox Security Update (RHSA-2023:0288) (CVE-2022-46871, CVE-2022-46877, CVE-2023-23598, CVE-2023-23599, CVE-2023-23601, CVE-2023-23602, CVE-2023-23603, CVE-2023-23605)
Red Hat Enterprise Linux Firefox Security Update (RHSA-2023:0296) (CVE-2022-46871, CVE-2022-46877, CVE-2023-23598, CVE-2023-23599, CVE-2023-23601, CVE-2023-23602, CVE-2023-23603, CVE-2023-23605)
Red Hat Enterprise Linux Go-toolset And Golang Security And Bug Fix Update (RHSA-2023:0328) (CVE-2022-2879, CVE-2022-2880, CVE-2022-41715)
Red Hat Enterprise Linux Java-1.8.0-openjdk Security And Bug Fix Update (RHSA-2023:0203) (CVE-2023-21830, CVE-2023-21843)
Red Hat Enterprise Linux Java-11-openjdk Security And Bug Fix Update (RHSA-2023:0195) (CVE-2023-21835, CVE-2023-21843)
Red Hat Enterprise Linux Java-11-openjdk Security And Bug Fix Update (RHSA-2023:0200) (CVE-2023-21835, CVE-2023-21843)
Red Hat Enterprise Linux Java-11-openjdk Security And Bug Fix Update (RHSA-2023:0202) (CVE-2023-21835, CVE-2023-21843)
Red Hat Enterprise Linux Java-17-openjdk Security And Bug Fix Update (RHSA-2023:0192) (CVE-2023-21835, CVE-2023-21843)
Red Hat Enterprise Linux Java-17-openjdk Security And Bug Fix Update (RHSA-2023:0194) (CVE-2023-21835, CVE-2023-21843)
Red Hat Enterprise Linux Kernel Security And Bug Fix Update (RHSA-2023:0101) (CVE-2022-2964, CVE-2022-4139)
Red Hat Enterprise Linux Kernel Security And Bug Fix Update (RHSA-2023:0334) (CVE-2022-2959, CVE-2022-2964, CVE-2022-30594, CVE-2022-3077, CVE-2022-4139, CVE-2022-43945)
Red Hat Enterprise Linux Kernel Security And Bug Fix Update (RHSA-2023:0399) (CVE-2021-26401, CVE-2022-2964)
Red Hat Enterprise Linux Kernel-rt Security And Bug Fix Update (RHSA-2023:0300) (CVE-2022-2959, CVE-2022-2964, CVE-2022-30594, CVE-2022-3077, CVE-2022-4139, CVE-2022-43945)
Red Hat Enterprise Linux Kernel-rt Security And Bug Fix Update (RHSA-2023:0400) (CVE-2021-26401, CVE-2022-2964)
Red Hat Enterprise Linux Kpatch-patch Security Update (RHSA-2023:0348) (CVE-2022-2959, CVE-2022-2964, CVE-2022-4139, CVE-2022-43945)
Red Hat Enterprise Linux Kpatch-patch Security Update (RHSA-2023:0404) (CVE-2022-2964)
Red Hat Enterprise Linux Libreoffice Security Update (RHSA-2023:0304) (CVE-2022-26305, CVE-2022-26306, CVE-2022-26307, CVE-2022-3140)
Red Hat Enterprise Linux Libtasn1 Security Update (RHSA-2023:0343) (CVE-2021-46848)
Red Hat Enterprise Linux Libtiff Security Update (RHSA-2023:0095) (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058, CVE-2022-2519, CVE-2022-2520, CVE-2022-2521, CVE-2022-2867, CVE-2022-2868, CVE-2022-2869, CVE-2022-2953)
Red Hat Enterprise Linux Libtiff Security Update (RHSA-2023:0302) (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058, CVE-2022-2519, CVE-2022-2520, CVE-2022-2521, CVE-2022-2953)
Red Hat Enterprise Linux Libxml2 Security Update (RHSA-2023:0338) (CVE-2022-40303, CVE-2022-40304)
Red Hat Enterprise Linux Libxpm Security Update (RHSA-2023:0377) (CVE-2022-4883)
Red Hat Enterprise Linux Libxpm Security Update (RHSA-2023:0379) (CVE-2022-44617, CVE-2022-46285, CVE-2022-4883)
Red Hat Enterprise Linux Libxpm Security Update (RHSA-2023:0383) (CVE-2022-44617, CVE-2022-46285, CVE-2022-4883)
Red Hat Enterprise Linux Nodejs And Nodejs-nodemon Security, Bug Fix, And Enhancement Update (RHSA-2023:0321) (CVE-2021-44906, CVE-2022-3517, CVE-2022-35256, CVE-2022-43548)
Red Hat Enterprise Linux Postgresql-jdbc Security Update (RHSA-2023:0318) (CVE-2022-31197)
Red Hat Enterprise Linux Rhel Security And Bug Fix Update (RHSA-2023:0099) (CVE-2022-4144)
Red Hat Enterprise Linux Satellite 6.12.1 Async Security Update (RHSA-2023:0261) (CVE-2022-32224, CVE-2022-42889)
Red Hat Enterprise Linux Sqlite Security Update (RHSA-2023:0339) (CVE-2022-35737)
Red Hat Enterprise Linux Sssd Security And Bug Fix Update (RHSA-2023:0403) (CVE-2022-4254)
Red Hat Enterprise Linux Sudo Security Update (RHSA-2023:0282) (CVE-2023-22809)
Red Hat Enterprise Linux Sudo Security Update (RHSA-2023:0284) (CVE-2023-22809)
Red Hat Enterprise Linux Sudo Security Update (RHSA-2023:0291) (CVE-2023-22809)
Red Hat Enterprise Linux Systemd Security Update (RHSA-2023:0336) (CVE-2022-3821)
Red Hat Enterprise Linux Usbguard Security Update (RHSA-2023:0303) (CVE-2019-25058)

SUSE Enterprise Linux (Credentialed Checks)

SUSE Enterprise Linux Security update for freeradius-Server (SUSE-SU-2023:0124-1) (CVE-2022-41859, CVE-2022-41860, CVE-2022-41861)
SUSE Enterprise Linux Security update for Git (SUSE-SU-2023:0108-1) (CVE-2022-23521, CVE-2022-41903)
SUSE Enterprise Linux Security update for Git (SUSE-SU-2023:0109-1) (CVE-2022-23521, CVE-2022-41903)
SUSE Enterprise Linux Security update for Git (SUSE-SU-2023:0110-1) (CVE-2022-23521, CVE-2022-41903)
SUSE Enterprise Linux Security update for mozilla-Nss (SUSE-SU-2023:0118-1) (CVE-2022-23491, CVE-2022-3479)
SUSE Enterprise Linux Security update for Mozillafirefox (SUSE-SU-2023:0111-1) (CVE-2022-46871, CVE-2022-46877, CVE-2023-23598, CVE-2023-23601, CVE-2023-23602, CVE-2023-23603, CVE-2023-23605)
SUSE Enterprise Linux Security update for Mozillafirefox (SUSE-SU-2023:0112-1) (CVE-2022-46871, CVE-2022-46877, CVE-2023-23598, CVE-2023-23601, CVE-2023-23602, CVE-2023-23603, CVE-2023-23605)
SUSE Enterprise Linux Security update for Mozillafirefox (SUSE-SU-2023:0113-1) (CVE-2022-46871, CVE-2022-46877, CVE-2023-23598, CVE-2023-23601, CVE-2023-23602, CVE-2023-23603, CVE-2023-23605)
SUSE Enterprise Linux Security update for postgresql-Jdbc (SUSE-SU-2023:0104-1) (CVE-2022-41946)
SUSE Enterprise Linux Security update for python-Setuptools (SUSE-SU-2023:0093-1) (CVE-2022-40897)
SUSE Enterprise Linux Security update for python36-Setuptools (SUSE-SU-2023:0094-1) (CVE-2022-40897)
SUSE Enterprise Linux Security update for Sudo (SUSE-SU-2023:0101-1) (CVE-2023-22809)
SUSE Enterprise Linux Security update for Sudo (SUSE-SU-2023:0115-1) (CVE-2023-22809)
SUSE Enterprise Linux Security update for Sudo (SUSE-SU-2023:0116-1) (CVE-2023-22809)
SUSE Enterprise Linux Security update for Sudo (SUSE-SU-2023:0117-1) (CVE-2023-22809)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.

Latest Software Updates

DbProtect 6.6.12 and AppDetectivePRO 10.10 Now Available

Announcing DbProtect Suite Release 6.6.12 For any additional information, navigate to the Database Security folder in the File Cabinet of the Support section in the Trustwave Fusion platform.

DbProtect Suite release 6.6.11 Now Available

Announcing DbProtect Suite Release 6.6.11 We're excited to announce that with this release, we have implemented several security updates and additional checks to enhance the overall protection of...

Fare Thee Well ModSecurity: End-of-Life and Last Commercial Rules Update for June 2024

A Fourteen Year Journey Comes to an End.

Experiencing a security breach?