TrustKeeper Scan Engine Update for November 23, 2021

Summary

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy!

New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

CentOS Linux

• CentOS Linux binutils security update (CESA-2021:4033) (CVE-2021-42574)
• CentOS Linux curl security update (CESA-2021:4059) (CVE-2021-22946, CVE-2021-22947)
• CentOS Linux firefox security update (CESA-2021:4116) (CVE-2021-38503, CVE-2021-38504, CVE-2021-38506, CVE-2021-38507, CVE-2021-38508, CVE-2021-38509)
• CentOS Linux firefox security update (CESA-2021:4123) (CVE-2021-38503, CVE-2021-38504, CVE-2021-38506, CVE-2021-38507, CVE-2021-38508, CVE-2021-38509)
• CentOS Linux flatpak security update (CESA-2021:4042) (CVE-2021-41133)
• CentOS Linux flatpak security update (CESA-2021:4044) (CVE-2021-41133)
• CentOS Linux java-1.8.0-ibm security update (CESA-2021:4089) (CVE-2021-2341, CVE-2021-2369)
• CentOS Linux kpatch-patch security update (CESA-2021:4122) (CVE-2020-36385, CVE-2021-0512)
• CentOS Linux libsolv security update (CESA-2021:4060) (CVE-2021-33928, CVE-2021-33929, CVE-2021-33930, CVE-2021-33938)
• CentOS Linux python3 security update (CESA-2021:4057) (CVE-2021-3733)
• CentOS Linux samba security update (CESA-2021:4058) (CVE-2021-20254)
• CentOS Linux thunderbird security update (CESA-2021:4130) (CVE-2021-38503, CVE-2021-38504, CVE-2021-38506, CVE-2021-38507, CVE-2021-38508, CVE-2021-38509)
• CentOS Linux thunderbird security update (CESA-2021:4134) (CVE-2021-38503, CVE-2021-38504, CVE-2021-38506, CVE-2021-38507, CVE-2021-38508, CVE-2021-38509)
• CentOS Linux webkit2gtk3 security and bug fix update (CESA-2021:4097) (CVE-2021-30858)

Debian

• Debian asterisk Security Update (DSA-4999-1) (CVE-2021-32558, CVE-2021-32686)
• Debian bind9 LTS Security Update (DLA-2807-1) (CVE-2018-5740, CVE-2021-25219)
• Debian bind9 Security Update (DSA-4994-1) (CVE-2021-25219)
• Debian containerd Security Update (DSA-5002-1) (CVE-2021-41103)
• Debian cron LTS Security Update (DLA-2801-1) (CVE-2017-9525, CVE-2019-9704, CVE-2019-9705, CVE-2019-9706)
• Debian cups LTS Security Update (DLA-2800-1) (CVE-2020-10001)
• Debian elfutils LTS Security Update (DLA-2802-1) (CVE-2018-16062, CVE-2018-16402, CVE-2018-18310, CVE-2018-18520, CVE-2018-18521, CVE-2019-7150, CVE-2019-7665)
• Debian ffmpeg Security Update (DSA-4998-1) (CVE-2020-20445, CVE-2020-20446, CVE-2020-20450, CVE-2020-20453, CVE-2020-21688, CVE-2020-21697, CVE-2020-22037, CVE-2020-22042, CVE-2021-38114, CVE-2021-38171, CVE-2021-38291)
• Debian glusterfs LTS Security Update (DLA-2806-1) (CVE-2018-10841, CVE-2018-1088, CVE-2018-10904, CVE-2018-10907, CVE-2018-10911, CVE-2018-10913, CVE-2018-10914, CVE-2018-10923, CVE-2018-10926, CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, CVE-2018-14652, CVE-2018-14653, CVE-2018-14654, CVE-2018-14659, CVE-2018-14660, CVE-2018-14661)
• Debian gpsd LTS Security Update (DLA-2795-1) (CVE-2018-17937)
• Debian jbig2dec LTS Security Update (DLA-2796-1) (CVE-2017-9216, CVE-2020-12268)
• Debian libmspack LTS Security Update (DLA-2805-1) (CVE-2019-1010305)
• Debian libsdl1.2 LTS Security Update (DLA-2804-1) (CVE-2019-13616, CVE-2019-7572, CVE-2019-7573, CVE-2019-7574, CVE-2019-7575, CVE-2019-7576, CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7636, CVE-2019-7637, CVE-2019-7638)
• Debian libsdl2 LTS Security Update (DLA-2803-1) (CVE-2017-2888, CVE-2019-7637)
• Debian mailman LTS Security Update (DLA-2791-1) (CVE-2021-42096, CVE-2021-42097)
• Debian mosquitto LTS Security Update (DLA-2793-1) (CVE-2017-7655)
• Debian opencv LTS Security Update (DLA-2799-1) (CVE-2016-1516, CVE-2017-1000450, CVE-2017-12597, CVE-2017-12598, CVE-2017-12599, CVE-2017-12601, CVE-2017-12603, CVE-2017-12604, CVE-2017-12605, CVE-2017-12606, CVE-2017-12862, CVE-2017-12863, CVE-2017-12864, CVE-2017-17760, CVE-2018-5268, CVE-2018-5269, CVE-2019-14493, CVE-2019-15939)
• Debian openjdk-11 Security Update (DSA-5000-1) (CVE-2021-35550, CVE-2021-35556, CVE-2021-35559, CVE-2021-35561, CVE-2021-35564, CVE-2021-35565, CVE-2021-35567, CVE-2021-35578, CVE-2021-35586, CVE-2021-35603)
• Debian php7.0 LTS Security Update (DLA-2794-1) (CVE-2021-21703)
• Debian php7.3 Security Update (DSA-4993-1) (CVE-2021-21703)
• Debian php7.4 Security Update (DSA-4992-1) (CVE-2021-21703)
• Debian python3.5 LTS Security Update (DLA-2808-1) (CVE-2021-3733, CVE-2021-3737)
• Debian redis LTS Security Update (DLA-2810-1) (CVE-2021-32626, CVE-2021-32672, CVE-2021-32675, CVE-2021-32687, CVE-2021-32762, CVE-2021-41099)
• Debian redis Security Update (DSA-5001-1) (CVE-2021-32626, CVE-2021-32627, CVE-2021-32628, CVE-2021-32672, CVE-2021-32675, CVE-2021-32687, CVE-2021-32761, CVE-2021-32762, CVE-2021-41099)
• Debian sqlalchemy LTS Security Update (DLA-2811-1) (CVE-2019-7164, CVE-2019-7548)
• Debian tiff Security Update (DSA-4997-1) (CVE-2020-19143)
• Debian udisks2 LTS Security Update (DLA-2809-1) (CVE-2021-3802)
• Debian webkit2gtk Security Update (DSA-4995-1) (CVE-2021-30846, CVE-2021-30851, CVE-2021-42762)
• Debian wpewebkit Security Update (DSA-4996-1) (CVE-2021-30846, CVE-2021-30851, CVE-2021-42762)

Fedora

• Fedora ansible Security Update (FEDORA-2021-0e7910e389) (CVE-2021-3620)
• Fedora ansible Security Update (FEDORA-2021-71ff867094) (CVE-2021-3620)
• Fedora chromium Security Update (FEDORA-2021-5093f11905) (CVE-2021-37974, CVE-2021-37975, CVE-2021-37976, CVE-2021-37977, CVE-2021-37978, CVE-2021-37979, CVE-2021-37980)
• Fedora CuraEngine Security Update (FEDORA-2021-8ea648186c) (CVE-2021-28021)
• Fedora flatpak Security Update (FEDORA-2021-c5a9c85737) (CVE-2021-41133)
• Fedora java-1.8.0-openjdk Security Update (FEDORA-2021-1cc8ffd122) (CVE-2021-35550, CVE-2021-35556, CVE-2021-35559, CVE-2021-35561, CVE-2021-35564, CVE-2021-35565, CVE-2021-35567, CVE-2021-35578, CVE-2021-35586, CVE-2021-35588, CVE-2021-35603)
• Fedora java-1.8.0-openjdk Security Update (FEDORA-2021-7701833090) (CVE-2021-35550, CVE-2021-35556, CVE-2021-35559, CVE-2021-35561, CVE-2021-35564, CVE-2021-35565, CVE-2021-35567, CVE-2021-35578, CVE-2021-35586, CVE-2021-35588, CVE-2021-35603)
• Fedora java-11-openjdk Security Update (FEDORA-2021-35145352b0) (CVE-2021-35550, CVE-2021-35556, CVE-2021-35559, CVE-2021-35561, CVE-2021-35564, CVE-2021-35565, CVE-2021-35567, CVE-2021-35578, CVE-2021-35586, CVE-2021-35603)
• Fedora java-11-openjdk Security Update (FEDORA-2021-9a51a6f8b1) (CVE-2021-35550, CVE-2021-35556, CVE-2021-35559, CVE-2021-35561, CVE-2021-35564, CVE-2021-35565, CVE-2021-35567, CVE-2021-35578, CVE-2021-35586, CVE-2021-35603)
• Fedora java-latest-openjdk Security Update (FEDORA-2021-27ba6780e5) (CVE-2021-35556, CVE-2021-35559, CVE-2021-35561, CVE-2021-35564, CVE-2021-35567, CVE-2021-35578, CVE-2021-35586, CVE-2021-35603)
• Fedora java-latest-openjdk Security Update (FEDORA-2021-b277e63494) (CVE-2021-35556, CVE-2021-35559, CVE-2021-35561, CVE-2021-35564, CVE-2021-35567, CVE-2021-35578, CVE-2021-35586, CVE-2021-35603)
• Fedora kernel Security Update (FEDORA-2021-4320606094) (CVE-2021-3760, CVE-2021-43056)
• Fedora kernel Security Update (FEDORA-2021-4fed2b55c4) (CVE-2021-3760, CVE-2021-43056)
• Fedora kernel Security Update (FEDORA-2021-bdd146e463) (CVE-2021-43267)
• Fedora Multiple Packages Security Update (FEDORA-2021-e1d8a99caa) (CVE-2021-37220)
• Fedora php Security Update (FEDORA-2021-4140b54de2) (CVE-2021-21703)
• Fedora php Security Update (FEDORA-2021-9f68f5f752) (CVE-2021-21703)
• Fedora python-django-filter Security Update (FEDORA-2021-f213fea441) (CVE-2020-15225)
• Fedora python-reportlab Security Update (FEDORA-2021-13cdc0ab0e) (CVE-2020-28463)
• Fedora qt Security Update (FEDORA-2021-93bb56ad9b) (CVE-2020-24741)
• Fedora rust Security Update (FEDORA-2021-0578e23912) (CVE-2021-42574)
• Fedora sdrpp Security Update (FEDORA-2021-3fc69d203c) (CVE-2021-28021, CVE-2021-42715, CVE-2021-42716)
• Fedora stb Security Update (FEDORA-2021-0511a38484) (CVE-2021-42715, CVE-2021-42716)
• Fedora stb Security Update (FEDORA-2021-082bea5b34) (CVE-2021-42715, CVE-2021-42716)
• Fedora strongswan Security Update (FEDORA-2021-0b37146973) (CVE-2021-41990, CVE-2021-41991)
• Fedora strongswan Security Update (FEDORA-2021-b3df83339e) (CVE-2021-41990, CVE-2021-41991)
• Fedora webkit2gtk3 Security Update (FEDORA-2021-131360fa9a) (CVE-2021-30846, CVE-2021-30851, CVE-2021-42762)
• Fedora webkit2gtk3 Security Update (FEDORA-2021-483d896d1d) (CVE-2021-30846, CVE-2021-30851, CVE-2021-42762)
• Palo Alto Networks PAN-OS Security Update (CVE-2021-3056) (CVE-2021-3056)
• Palo Alto Networks PAN-OS Security Update (CVE-2021-3058) (CVE-2021-3058)
• Palo Alto Networks PAN-OS Security Update (CVE-2021-3059) (CVE-2021-3059)
• Palo Alto Networks PAN-OS Security Update (CVE-2021-3060) (CVE-2021-3060)
• Palo Alto Networks PAN-OS Security Update (CVE-2021-3061) (CVE-2021-3061)
• Palo Alto Networks PAN-OS Security Update (CVE-2021-3062) (CVE-2021-3062)
• Palo Alto Networks PAN-OS Security Update (CVE-2021-3063) (CVE-2021-3063)
• Palo Alto Networks PAN-OS Security Update (CVE-2021-3064) (CVE-2021-3064)

FreeBSD

• FreeBSD chromium Security Update (976d7bf9-38ea-11ec-b3b0-3065ec8fd3ec) (CVE-2021-37997, CVE-2021-37998, CVE-2021-37999, CVE-2021-38000, CVE-2021-38001, CVE-2021-38002, CVE-2021-38003)
• FreeBSD fail2ban Security Update (c848059a-318b-11ec-aa15-0800270512f4) (CVE-2021-32749)
• FreeBSD Gitlab Security Update (33557582-3958-11ec-90ba-001b217b3468) (CVE-2021-39895, CVE-2021-39897, CVE-2021-39898, CVE-2021-39901, CVE-2021-39902, CVE-2021-39903, CVE-2021-39904, CVE-2021-39905, CVE-2021-39906, CVE-2021-39907, CVE-2021-39909, CVE-2021-39911, CVE-2021-39912, CVE-2021-39913, CVE-2021-39914)
• FreeBSD go Security Update (930def19-3e05-11ec-9ba8-002324b2fba8) (CVE-2021-41771, CVE-2021-41772)
• FreeBSD Grafana Security Update (757ee63b-269a-11ec-a616-6c3be5272acd) (CVE-2021-39226)
• FreeBSD jenkins Security Update (2bf56269-90f8-4a82-b82f-c0e289f2a0dc) (CVE-2021-21685, CVE-2021-21686, CVE-2021-21687, CVE-2021-21688, CVE-2021-21689, CVE-2021-21690, CVE-2021-21691, CVE-2021-21692, CVE-2021-21693, CVE-2021-21694, CVE-2021-21695, CVE-2021-21696, CVE-2021-21697, CVE-2021-21698)
• FreeBSD pyrad Security Update (17702e54-3da0-11ec-b7e0-3085a9a95629) (CVE-2013-0294, CVE-2013-0342)

Microsoft

• Microsoft Exchange Server Multiple Vulnerabilities (2021-Nov) (CVE-2021-41349, CVE-2021-42305, CVE-2021-42321)
• Microsoft Exchange Server Multiple Vulnerabilities (2021-Nov) (CVE-2021-41349, CVE-2021-42305, CVE-2021-42321)
• Microsoft Office November 2021 Security Updates Missing (CVE-2021-40442, CVE-2021-41368, CVE-2021-42292)
• Microsoft Office October 2021 Security Updates Missing (CVE-2021-40454, CVE-2021-40472, CVE-2021-40474, CVE-2021-40482, CVE-2021-40483, CVE-2021-40484, CVE-2021-40485, CVE-2021-40486, CVE-2021-40487, CVE-2021-41344)
• Microsoft Windows November 2021 Security Updates Missing (CVE-2021-26443, CVE-2021-36957, CVE-2021-38631, CVE-2021-38665, CVE-2021-38666, CVE-2021-41356, CVE-2021-41366, CVE-2021-41367, CVE-2021-41370, CVE-2021-41371, CVE-2021-41377, CVE-2021-41378, CVE-2021-41379, CVE-2021-42274, CVE-2021-42275, CVE-2021-42276, CVE-2021-42277, CVE-2021-42278, CVE-2021-42279, CVE-2021-42280, CVE-2021-42282, CVE-2021-42283, CVE-2021-42284, CVE-2021-42285, CVE-2021-42287, CVE-2021-42288, CVE-2021-42291)

Red Hat (Credentialed Checks)

• Red Hat Enterprise Linux binutils security update (RHSA-2021:4033) (CVE-2021-42574)
• Red Hat Enterprise Linux curl security update (RHSA-2021:4059) (CVE-2021-22946, CVE-2021-22947)
• Red Hat Enterprise Linux firefox security update (RHSA-2021:4116) (CVE-2021-38503, CVE-2021-38504, CVE-2021-38506, CVE-2021-38507, CVE-2021-38508, CVE-2021-38509)
• Red Hat Enterprise Linux firefox security update (RHSA-2021:4123) (CVE-2021-38503, CVE-2021-38504, CVE-2021-38506, CVE-2021-38507, CVE-2021-38508, CVE-2021-38509)
• Red Hat Enterprise Linux flatpak security update (RHSA-2021:4042) (CVE-2021-41133)
• Red Hat Enterprise Linux flatpak security update (RHSA-2021:4044) (CVE-2021-41133)
• Red Hat Enterprise Linux java-1.8.0-ibm security update (RHSA-2021:4089) (CVE-2021-2341, CVE-2021-2369)
• Red Hat Enterprise Linux kernel security, bug fix, and enhancement update (RHSA-2021:4056) (CVE-2020-36385, CVE-2021-0512, CVE-2021-3656)
• Red Hat Enterprise Linux kpatch-patch security update (RHSA-2021:4122) (CVE-2020-36385, CVE-2021-0512)
• Red Hat Enterprise Linux libsolv security update (RHSA-2021:4060) (CVE-2021-33928, CVE-2021-33929, CVE-2021-33930, CVE-2021-33938)
• Red Hat Enterprise Linux python3 security update (RHSA-2021:4057) (CVE-2021-3733)
• Red Hat Enterprise Linux samba security update (RHSA-2021:4058) (CVE-2021-20254)
• Red Hat Enterprise Linux thunderbird security update (RHSA-2021:4130) (CVE-2021-38503, CVE-2021-38504, CVE-2021-38506, CVE-2021-38507, CVE-2021-38508, CVE-2021-38509)
• Red Hat Enterprise Linux thunderbird security update (RHSA-2021:4134) (CVE-2021-38503, CVE-2021-38504, CVE-2021-38506, CVE-2021-38507, CVE-2021-38508, CVE-2021-38509)
• Red Hat Enterprise Linux webkit2gtk3 security and bug fix update (RHSA-2021:4097) (CVE-2021-30858)

Ubuntu (Credentialed Checks)

• Ubuntu Bind vulnerability (USN-5126-1) (CVE-2021-25219)
• Ubuntu Ceph vulnerabilities (USN-5128-1) (CVE-2020-27781, CVE-2021-20288, CVE-2021-3509, CVE-2021-3524, CVE-2021-3531)
• Ubuntu Firefox vulnerabilities (USN-5131-1) (CVE-2021-38503, CVE-2021-38504, CVE-2021-38506, CVE-2021-38507, CVE-2021-38508, CVE-2021-38509)
• Ubuntu ICU vulnerability (USN-5133-1) (CVE-2020-21913)
• Ubuntu libslirp vulnerabilities (USN-5009-2) (CVE-2021-3592, CVE-2021-3593, CVE-2021-3594, CVE-2021-3595)
• Ubuntu Mailman vulnerabilities (USN-5121-2) (CVE-2020-12108, CVE-2020-12137, CVE-2020-15011, CVE-2021-42096, CVE-2021-42097)
• Ubuntu PHP vulnerability (USN-5125-1) (CVE-2021-21703)
• Ubuntu Thunderbird vulnerabilities (USN-5132-1) (CVE-2021-32810, CVE-2021-38496, CVE-2021-38497, CVE-2021-38498, CVE-2021-38500, CVE-2021-38501)
• Ubuntu WebKitGTK vulnerabilities (USN-5127-1) (CVE-2021-30846, CVE-2021-30851, CVE-2021-42762)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.