Web Application Security – ModSecurity Commercial Rules, Update for December 2022 | Trustwave

Summary

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy!

New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

CentOS (Credentialed Checks)

• CentOS Linux firefox security update (CESA-2022:4729) (CVE-2022-1529, CVE-2022-1802)
• CentOS Linux firefox security update (CESA-2022:4776) (CVE-2022-1529, CVE-2022-1802)
• CentOS Linux firefox security update (CESA-2022:4870) (CVE-2022-31736, CVE-2022-31737, CVE-2022-31738, CVE-2022-31740, CVE-2022-31741, CVE-2022-31742, CVE-2022-31747)
• CentOS Linux firefox security update (CESA-2022:4872) (CVE-2022-31736, CVE-2022-31737, CVE-2022-31738, CVE-2022-31740, CVE-2022-31741, CVE-2022-31742, CVE-2022-31747)
• CentOS Linux maven:3.5 security update (CESA-2022:4798) (CVE-2022-29599)
• CentOS Linux maven:3.6 security update (CESA-2022:4797) (CVE-2022-29599)
• CentOS Linux nodejs:16 security update (CESA-2022:4796) (CVE-2021-43616)
• CentOS Linux postgresql:10 security update (CESA-2022:4805) (CVE-2022-1552)
• CentOS Linux postgresql:12 security update (CESA-2022:4807) (CVE-2022-1552)
• CentOS Linux postgresql:13 security update (CESA-2022:4855) (CVE-2022-1552)
• CentOS Linux RHV Engine and Host Common Packages security update (CESA-2022:4712) (CVE-2022-24302)
• CentOS Linux rsyslog security update (CESA-2022:4799) (CVE-2022-24903)
• CentOS Linux rsyslog security update (CESA-2022:4803) (CVE-2022-24903)
• CentOS Linux Satellite Tools 6.10.5 Async Bug Fix Update (CESA-2022:4866) (CVE-2021-27023, CVE-2021-27025)
• CentOS Linux Satellite Tools 6.9.9 Async Bug Fix Update (CESA-2022:4867) (CVE-2021-27023, CVE-2021-27025)
• CentOS Linux thunderbird security update (CESA-2022:4730) (CVE-2022-1529, CVE-2022-1802)
• CentOS Linux thunderbird security update (CESA-2022:4769) (CVE-2022-1529, CVE-2022-1802)
• CentOS Linux thunderbird security update (CESA-2022:4887) (CVE-2022-1834, CVE-2022-31736, CVE-2022-31737, CVE-2022-31738, CVE-2022-31740, CVE-2022-31741, CVE-2022-31742, CVE-2022-31747)
• CentOS Linux thunderbird security update (CESA-2022:4891) (CVE-2022-1834, CVE-2022-31736, CVE-2022-31737, CVE-2022-31738, CVE-2022-31740, CVE-2022-31741, CVE-2022-31742, CVE-2022-31747)

Debian (Credentialed Checks)

• Debian atftp LTS Security Update (DLA-3028-1) (CVE-2021-46671)
• Debian chromium Security Update (DSA-5148-1) (CVE-2022-1853, CVE-2022-1854, CVE-2022-1855, CVE-2022-1856, CVE-2022-1857, CVE-2022-1858, CVE-2022-1859, CVE-2022-1860, CVE-2022-1861, CVE-2022-1862, CVE-2022-1863, CVE-2022-1864, CVE-2022-1865, CVE-2022-1866, CVE-2022-1867, CVE-2022-1868, CVE-2022-1869, CVE-2022-1870, CVE-2022-1871, CVE-2022-1872, CVE-2022-1873, CVE-2022-1874, CVE-2022-1875, CVE-2022-1876)
• Debian cifs-utils Security Update (DSA-5157-1) (CVE-2022-27239, CVE-2022-29869)
• Debian clamav LTS Security Update (DLA-3042-1) (CVE-2022-20770, CVE-2022-20771, CVE-2022-20785, CVE-2022-20792, CVE-2022-20796)
• Debian cups LTS Security Update (DLA-3029-1) (CVE-2022-26691)
• Debian cups Security Update (DSA-5149-1) (CVE-2022-26691)
• Debian dpkg LTS Security Update (DLA-3022-1) (CVE-2022-1664)
• Debian dpkg Security Update (DSA-5147-1) (CVE-2022-1664)
• Debian filezilla LTS Security Update (DLA-3026-1) (CVE-2019-5429)
• Debian firefox-esr LTS Security Update (DLA-3040-1) (CVE-2022-31736, CVE-2022-31737, CVE-2022-31738, CVE-2022-31740, CVE-2022-31741, CVE-2022-31742, CVE-2022-31747)
• Debian haproxy LTS Security Update (DLA-3034-1) (CVE-2018-20102, CVE-2018-20103, CVE-2019-18277)
• Debian irssi LTS Security Update (DLA-3025-1) (CVE-2019-13045)
• Debian libdbi-perl LTS Security Update (DLA-3035-1) (CVE-2014-10402)
• Debian libjpeg-turbo LTS Security Update (DLA-3037-1) (CVE-2019-2201)
• Debian lrzip Security Update (DSA-5145-1) (CVE-2018-5786, CVE-2022-26291, CVE-2022-28044)
• Debian modsecurity-apache LTS Security Update (DLA-3031-1) (CVE-2021-42717)
• Debian neutron LTS Security Update (DLA-3027-1) (CVE-2021-40085)
• Debian pjproject LTS Security Update (DLA-3036-1) (CVE-2022-24763, CVE-2022-24792, CVE-2022-24793)
• Debian pngcheck LTS Security Update (DLA-3032-1) (CVE-2020-27818)
• Debian puma LTS Security Update (DLA-3023-1) (CVE-2019-16770, CVE-2020-5247, CVE-2022-23634)
• Debian puma Security Update (DSA-5146-1) (CVE-2021-41136, CVE-2022-23634, CVE-2022-24790)
• Debian pypdf2 LTS Security Update (DLA-3039-1) (CVE-2022-24859)
• Debian python-django LTS Security Update (DLA-3024-1) (CVE-2020-9402)
• Debian rsyslog Security Update (DSA-5150-1) (CVE-2022-24903)
• Debian smarty3 LTS Security Update (DLA-3033-1) (CVE-2022-29221)
• Debian smarty3 Security Update (DSA-5151-1) (CVE-2021-21408, CVE-2021-26119, CVE-2021-26120, CVE-2021-29454, CVE-2022-29221)
• Debian thunderbird LTS Security Update (DLA-3041-1) (CVE-2022-1529, CVE-2022-1802, CVE-2022-1834, CVE-2022-31736, CVE-2022-31737, CVE-2022-31738, CVE-2022-31740, CVE-2022-31741, CVE-2022-31742, CVE-2022-31747)
• Debian trafficserver Security Update (DSA-5153-1) (CVE-2021-37147, CVE-2021-37148, CVE-2021-37149, CVE-2021-38161, CVE-2021-44040, CVE-2021-44759)
• Debian webkit2gtk Security Update (DSA-5154-1) (CVE-2022-26700, CVE-2022-26709, CVE-2022-26716, CVE-2022-26717, CVE-2022-26719, CVE-2022-30293, CVE-2022-30294)
• Debian wpewebkit Security Update (DSA-5155-1) (CVE-2022-26700, CVE-2022-26709, CVE-2022-26716, CVE-2022-26717, CVE-2022-26719, CVE-2022-30293, CVE-2022-30294)
• Debian zipios++ LTS Security Update (DLA-3030-1) (CVE-2019-13453)

ISC BIND

• ISC BIND TLS Connection Reachable Assertion Vulnerability (CVE-2022-1183)

MongoDB

• Vulnerability in MongoDB Server - CVE-2022-24272 (CVE-2022-24272)

Fedora (Credentialed Checks)

• Fedora clash Security Update (FEDORA-2022-a49babed75) (CVE-2022-24675, CVE-2022-28327)
• Fedora cups Security Update (FEDORA-2022-09a89bc265) (CVE-2022-26691)
• Fedora curl Security Update (FEDORA-2022-8277bef335) (CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27782)
• Fedora fapolicyd Security Update (FEDORA-2022-47a86f6258) (CVE-2022-1117)
• Fedora fapolicyd Security Update (FEDORA-2022-bba9ca95b5) (CVE-2022-1117)
• Fedora golang-github-opencontainers-runc Security Update (FEDORA-2022-91b747a0d7) (CVE-2022-29162)
• Fedora golang-github-opencontainers-runc Security Update (FEDORA-2022-d1f55f8fd0) (CVE-2022-29162)
• Fedora golang-github-opencontainers-runc Security Update (FEDORA-2022-e980dc71b1) (CVE-2022-29162)
• Fedora gron Security Update (FEDORA-2022-53f0c619c5) (CVE-2022-28327)
• Fedora ignition Security Update (FEDORA-2022-393948cc9e) (CVE-2022-1706)
• Fedora ignition Security Update (FEDORA-2022-5df5dc8ec5) (CVE-2022-1706)
• Fedora ignition Security Update (FEDORA-2022-7846cac830) (CVE-2022-1706)
• Fedora kernel Security Update (FEDORA-2022-014c3a24d9) (CVE-2022-1729)
• Fedora kernel Security Update (FEDORA-2022-3b86247c11) (CVE-2022-1789)
• Fedora kernel Security Update (FEDORA-2022-8095b23575) (CVE-2022-1729)
• Fedora kernel Security Update (FEDORA-2022-b2cde267d9) (CVE-2022-1729)
• Fedora kernel Security Update (FEDORA-2022-be819b07a3) (CVE-2022-1789)
• Fedora kernel Security Update (FEDORA-2022-ef8c8a5925) (CVE-2022-1789)
• Fedora libarchive Security Update (FEDORA-2022-bbb5ec21b2) (CVE-2022-26280)
• Fedora logrotate Security Update (FEDORA-2022-87c0f05204) (CVE-2022-1348)
• Fedora mariadb Security Update (FEDORA-2022-25dcba7104) (CVE-2021-46669)
• Fedora mariadb Security Update (FEDORA-2022-e6dc7ed871) (CVE-2021-46669)
• Fedora mingw-pcre2 Security Update (FEDORA-2022-19f4c34184) (CVE-2022-1586, CVE-2022-1587)
• Fedora mingw-pcre2 Security Update (FEDORA-2022-9c9691d058) (CVE-2022-1586, CVE-2022-1587)
• Fedora pcre2 Security Update (FEDORA-2022-a3edad0ab6) (CVE-2022-1586, CVE-2022-1587)
• Fedora plantuml Security Update (FEDORA-2022-e6c09a89eb) (CVE-2022-1379)
• Fedora plantuml Security Update (FEDORA-2022-fda9f1f7bd) (CVE-2022-1379)
• Fedora plib Security Update (FEDORA-2022-08022e9452) (CVE-2021-38714)
• Fedora plib Security Update (FEDORA-2022-1cf3c9578f) (CVE-2021-38714)
• Fedora plib Security Update (FEDORA-2022-bcc0df5180) (CVE-2021-38714)
• Fedora python-jwt Security Update (FEDORA-2022-3cf456dc20) (CVE-2022-29217)
• Fedora python-jwt Security Update (FEDORA-2022-4ae9110f51) (CVE-2022-29217)
• Fedora qt5-qtbase Security Update (FEDORA-2022-54760f7fa4) (CVE-2021-38593)
• Fedora rubygem-git Security Update (FEDORA-2022-1aa40056fc) (CVE-2022-25648)
• Fedora rubygem-git Security Update (FEDORA-2022-353e1cf8b6) (CVE-2022-25648)
• Fedora rubygem-git Security Update (FEDORA-2022-f09e0d8b0e) (CVE-2022-25648)
• Fedora vim Security Update (FEDORA-2022-5ce148636b) (CVE-2022-1851, CVE-2022-1897, CVE-2022-1898, CVE-2022-1927)
• Fedora vim Security Update (FEDORA-2022-d044e7e0b4) (CVE-2022-1674, CVE-2022-1733, CVE-2022-1769)
• Fedora vim Security Update (FEDORA-2022-d94440bf0e) (CVE-2022-1851, CVE-2022-1897, CVE-2022-1898, CVE-2022-1927)
• Fedora webkit2gtk3 Security Update (FEDORA-2022-e883576e1c) (CVE-2022-26700, CVE-2022-26709, CVE-2022-26716, CVE-2022-26717)
• Fedora moodle Security Update (FEDORA-2022-530fdc5202) (CVE-2022-30596, CVE-2022-30597, CVE-2022-30598, CVE-2022-30599, CVE-2022-30600)
• Fedora moodle Security Update (FEDORA-2022-89bfefbe48) (CVE-2022-30596, CVE-2022-30597, CVE-2022-30598, CVE-2022-30599, CVE-2022-30600)
• Fedora moodle Security Update (FEDORA-2022-bd4457bcc4) (CVE-2022-30596, CVE-2022-30597, CVE-2022-30598, CVE-2022-30599, CVE-2022-30600)

Fortinet FortiOS

• Fortinet FortiOS Security Update (FG-IR-16-050) (CVE-2016-7542)
• Fortinet FortiOS Security Update (FG-IR-16-088) (CVE-2016-7541)
• Fortinet FortiOS Security Update (FG-IR-17-017) (CVE-2017-3127)
• Fortinet FortiOS Security Update (FG-IR-17-053) (CVE-2017-17544)
• Fortinet FortiOS Security Update (FG-IR-17-057) (CVE-2017-3128)
• Fortinet FortiOS Security Update (FG-IR-17-073) (CVE-2017-3130)
• Fortinet FortiOS Security Update (FG-IR-17-118) (CVE-2016-10229)
• Fortinet FortiOS Security Update (FG-IR-17-168) (CVE-2017-7739)
• Fortinet FortiOS Security Update (FG-IR-17-172) (CVE-2017-7738)
• Fortinet FortiOS Security Update (FG-IR-17-173) (CVE-2016-2183)
• Fortinet FortiOS Security Update (FG-IR-17-231) (CVE-2017-14185)
• Fortinet FortiOS Security Update (FG-IR-17-242) (CVE-2017-14186)
• Fortinet FortiOS Security Update (FG-IR-17-245) (CVE-2017-14187)
• Fortinet FortiOS Security Update (FG-IR-17-262) (CVE-2017-14190)
• Fortinet FortiOS Security Update (FG-IR-18-018) (CVE-2018-1352)
• Fortinet FortiOS Security Update (FG-IR-18-027) (CVE-2018-9185)
• Fortinet FortiOS Security Update (FG-IR-18-085) (CVE-2018-13365)
• Fortinet FortiOS Security Update (FG-IR-18-100) (CVE-2018-9195)
• Fortinet FortiOS Security Update (FG-IR-18-101) (CVE-2018-13366)
• Fortinet FortiOS Security Update (FG-IR-18-157) (CVE-2018-13374)
• Fortinet FortiOS Security Update (FG-IR-18-173) (CVE-2018-13367)
• Fortinet FortiOS Security Update (FG-IR-18-230) (CVE-2018-13371)
• Fortinet FortiOS Security Update (FG-IR-18-325) (CVE-2018-13376)
• Fortinet FortiOS Security Update (FG-IR-18-383) (CVE-2018-13380)
• Fortinet FortiOS Security Update (FG-IR-18-387) (CVE-2018-13381)
• Fortinet FortiOS Security Update (FG-IR-19-002) (CVE-2018-13384)
• Fortinet FortiOS Security Update (FG-IR-19-007) (CVE-2019-6693, CVE-2020-9289)
• Fortinet FortiOS Security Update (FG-IR-19-013) (CVE-2007-6750, CVE-2019-17657)
• Fortinet FortiOS Security Update (FG-IR-19-037) (CVE-2019-5591)
• Fortinet FortiOS Security Update (FG-IR-19-134) (CVE-2019-5593)
• Fortinet FortiOS Security Update (FG-IR-19-179) (CVE-2019-6696)
• Fortinet FortiOS Security Update (FG-IR-19-184) (CVE-2019-6697)
• Fortinet FortiOS Security Update (FG-IR-19-186) (CVE-2019-15703)
• Fortinet FortiOS Security Update (FG-IR-19-217) (CVE-2019-17655)
• Fortinet FortiOS Security Update (FG-IR-19-236) (CVE-2019-15705)
• Fortinet FortiOS Security Update (FG-IR-19-248) (CVE-2019-17656)
• Fortinet FortiOS Security Update (FG-IR-19-283) (CVE-2020-12812)
• Fortinet FortiOS Security Update (FG-IR-19-301) (CVE-2019-16151)
• Fortinet FortiOS Security Update (FG-IR-20-009) (CVE-2020-6648)
• Fortinet FortiOS Security Update (FG-IR-20-068) (CVE-2020-15937)
• Fortinet FortiOS Security Update (FG-IR-20-082) (CVE-2020-12819)
• Fortinet FortiOS Security Update (FG-IR-20-083) (CVE-2020-12820)
• Fortinet FortiOS Security Update (FG-IR-20-103) (CVE-2020-29010)
• Fortinet FortiOS Security Update (FG-IR-20-131) (CVE-2021-26110)
• Fortinet FortiOS Security Update (FG-IR-20-158) (CVE-2021-26103)
• Fortinet FortiOS Security Update (FG-IR-20-172) (CVE-2020-15938)
• Fortinet FortiOS Security Update (FG-IR-20-199) (CVE-2021-26092)
• Fortinet FortiOS Security Update (FG-IR-20-243) (CVE-2021-32600)
• Fortinet FortiOS Security Update (FG-IR-21-018) (CVE-2021-24012)
• Fortinet FortiOS Security Update (FG-IR-21-046) (CVE-2021-24018)
• Fortinet FortiOS Security Update (FG-IR-21-049) (CVE-2021-26109)
• Fortinet FortiOS Security Update (FG-IR-21-051) (CVE-2021-26108)
• Fortinet FortiOS Security Update (FG-IR-21-074) (CVE-2021-41019)
• Fortinet FortiOS Security Update (FG-IR-21-091) (CVE-2021-36169)
• Fortinet FortiOS Security Update (FG-IR-21-115) (CVE-2021-36173)
• Fortinet FortiOS Security Update (FG-IR-21-147) (CVE-2021-41032)
• Fortinet FortiOS Security Update (FG-IR-21-173) (CVE-2021-42757)
• Fortinet FortiOS Security Update (FG-IR-21-181) (CVE-2021-41024)
• Fortinet FortiOS Security Update (FG-IR-21-201) (CVE-2021-44168)
• Fortinet FortiOS Security Update (FG-IR-21-230) (CVE-2021-43081)
• Fortinet FortiOS Security Update (FG-IR-21-231) (CVE-2021-43206)
• Fortinet FortiOS Security Update (FG-IR-21-239) (CVE-2022-22306)
• Fortinet FortiOS Security Update (FG-IR-22-059) (CVE-2022-0778)

FreeBSD

• FreeBSD chromium Security Update (40e2c35e-db99-11ec-b0cf-3065ec8fd3ec) (CVE-2022-1853, CVE-2022-1854, CVE-2022-1855, CVE-2022-1856, CVE-2022-1857, CVE-2022-1858, CVE-2022-1859, CVE-2022-1860, CVE-2022-1861, CVE-2022-1862, CVE-2022-1863, CVE-2022-1864, CVE-2022-1865, CVE-2022-1866, CVE-2022-1867, CVE-2022-1868, CVE-2022-1869, CVE-2022-1870, CVE-2022-1871, CVE-2022-1872, CVE-2022-1873, CVE-2022-1874, CVE-2022-1875, CVE-2022-1876)
• FreeBSD e2fsprogs Security Update (a58f3fde-e4e0-11ec-8340-2d623369b8b5) (CVE-2022-1304)
• FreeBSD Gitlab Security Update (f414d69f-e43d-11ec-9ea4-001b217b3468) (CVE-2022-1680, CVE-2022-1783, CVE-2022-1821, CVE-2022-1935, CVE-2022-1936, CVE-2022-1940, CVE-2022-1944, CVE-2022-1948)
• FreeBSD MariaDB Security Update (04fecc47-dad2-11ec-8fbd-d4c9ef517024) (CVE-2021-46669, CVE-2022-27376, CVE-2022-27377, CVE-2022-27378, CVE-2022-27379, CVE-2022-27380, CVE-2022-27381, CVE-2022-27382, CVE-2022-27383, CVE-2022-27384, CVE-2022-27386, CVE-2022-27387, CVE-2022-27444, CVE-2022-27445, CVE-2022-27446, CVE-2022-27447, CVE-2022-27448, CVE-2022-27449, CVE-2022-27451, CVE-2022-27452, CVE-2022-27455, CVE-2022-27456, CVE-2022-27457, CVE-2022-27458)

Red Hat (Credentialed Checks)

• Red Hat Enterprise Linux firefox security update (RHSA-2022:4729) (CVE-2022-1529, CVE-2022-1802)
• Red Hat Enterprise Linux firefox security update (RHSA-2022:4776) (CVE-2022-1529, CVE-2022-1802)
• Red Hat Enterprise Linux firefox security update (RHSA-2022:4870) (CVE-2022-31736, CVE-2022-31737, CVE-2022-31738, CVE-2022-31740, CVE-2022-31741, CVE-2022-31742, CVE-2022-31747)
• Red Hat Enterprise Linux firefox security update (RHSA-2022:4872) (CVE-2022-31736, CVE-2022-31737, CVE-2022-31738, CVE-2022-31740, CVE-2022-31741, CVE-2022-31742, CVE-2022-31747)
• Red Hat Enterprise Linux maven:3.5 security update (RHSA-2022:4798) (CVE-2022-29599)
• Red Hat Enterprise Linux maven:3.6 security update (RHSA-2022:4797) (CVE-2022-29599)
• Red Hat Enterprise Linux nodejs:16 security update (RHSA-2022:4796) (CVE-2021-43616)
• Red Hat Enterprise Linux postgresql:10 security update (RHSA-2022:4805) (CVE-2022-1552)
• Red Hat Enterprise Linux postgresql:12 security update (RHSA-2022:4807) (CVE-2022-1552)
• Red Hat Enterprise Linux postgresql:13 security update (RHSA-2022:4855) (CVE-2022-1552)
• Red Hat Enterprise Linux RHV Engine and Host Common Packages security update (RHSA-2022:4712) (CVE-2022-24302)
• Red Hat Enterprise Linux rsyslog security update (RHSA-2022:4799) (CVE-2022-24903)
• Red Hat Enterprise Linux rsyslog security update (RHSA-2022:4803) (CVE-2022-24903)
• Red Hat Enterprise Linux Satellite Tools 6.10.5 Async Bug Fix Update (RHSA-2022:4866) (CVE-2021-27023, CVE-2021-27025)
• Red Hat Enterprise Linux Satellite Tools 6.9.9 Async Bug Fix Update (RHSA-2022:4867) (CVE-2021-27023, CVE-2021-27025)
• Red Hat Enterprise Linux thunderbird security update (RHSA-2022:4730) (CVE-2022-1529, CVE-2022-1802)
• Red Hat Enterprise Linux thunderbird security update (RHSA-2022:4769) (CVE-2022-1529, CVE-2022-1802)
• Red Hat Enterprise Linux thunderbird security update (RHSA-2022:4887) (CVE-2022-1834, CVE-2022-31736, CVE-2022-31737, CVE-2022-31738, CVE-2022-31740, CVE-2022-31741, CVE-2022-31742, CVE-2022-31747)
• Red Hat Enterprise Linux thunderbird security update (RHSA-2022:4891) (CVE-2022-1834, CVE-2022-31736, CVE-2022-31737, CVE-2022-31738, CVE-2022-31740, CVE-2022-31741, CVE-2022-31742, CVE-2022-31747)

SUSE Linux (Credentialed Checks)

• SUSE bind Security Update (SUSE-SU-2022:1616-1) (CVE-2021-25220)
• SUSE cups Security Update (SUSE-SU-2022:1861-1) (CVE-2022-26691)
• SUSE curl Security Update (SUSE-SU-2022:1805-1) (CVE-2022-27781, CVE-2022-27782)
• SUSE curl Security Update (SUSE-SU-2022:1870-1) (CVE-2022-27781, CVE-2022-27782)
• SUSE fribidi Security Update (SUSE-SU-2022:1845-1) (CVE-2022-25308, CVE-2022-25309, CVE-2022-25310)
• SUSE ImageMagick Security Update (SUSE-SU-2022:1885-1) (CVE-2022-1270, CVE-2022-28463)
• SUSE kernel-firmware Security Update (SUSE-SU-2022:1846-1) (CVE-2021-26312, CVE-2021-26339, CVE-2021-26342, CVE-2021-26347, CVE-2021-26348, CVE-2021-26349, CVE-2021-26350, CVE-2021-26364, CVE-2021-26372, CVE-2021-26373, CVE-2021-26375, CVE-2021-26376, CVE-2021-26378, CVE-2021-26388, CVE-2021-46744)
• SUSE kernel-firmware Security Update (SUSE-SU-2022:1847-1) (CVE-2021-26312, CVE-2021-26339, CVE-2021-26342, CVE-2021-26347, CVE-2021-26348, CVE-2021-26349, CVE-2021-26350, CVE-2021-26364, CVE-2021-26372, CVE-2021-26373, CVE-2021-26375, CVE-2021-26376, CVE-2021-26378, CVE-2021-26388, CVE-2021-46744)
• SUSE librelp Security Update (SUSE-SU-2022:1891-1) (CVE-2018-1000140)
• SUSE libxml2 Security Update (SUSE-SU-2022:1833-1) (CVE-2017-16932, CVE-2022-29824)
• SUSE mailman Security Update (SUSE-SU-2022:1886-1) (CVE-2021-42096, CVE-2021-43331, CVE-2021-43332, CVE-2021-44227)
• SUSE MozillaFirefox Security Update (SUSE-SU-2022:1808-1) (CVE-2022-1529, CVE-2022-1802)
• SUSE MozillaFirefox Security Update (SUSE-SU-2022:1818-1) (CVE-2022-1529, CVE-2022-1802)
• SUSE MozillaFirefox Security Update (SUSE-SU-2022:1830-1) (CVE-2022-1529, CVE-2022-1802)
• SUSE MozillaFirefox Security Update (SUSE-SU-2022:1920-1) (CVE-2022-31736, CVE-2022-31737, CVE-2022-31738, CVE-2022-31739, CVE-2022-31740, CVE-2022-31741, CVE-2022-31742, CVE-2022-31747)
• SUSE MozillaFirefox Security Update (SUSE-SU-2022:1921-1) (CVE-2022-31736, CVE-2022-31737, CVE-2022-31738, CVE-2022-31739, CVE-2022-31740, CVE-2022-31741, CVE-2022-31742, CVE-2022-31747)
• SUSE MozillaFirefox Security Update (SUSE-SU-2022:1927-1) (CVE-2022-31736, CVE-2022-31737, CVE-2022-31738, CVE-2022-31739, CVE-2022-31740, CVE-2022-31741, CVE-2022-31742, CVE-2022-31747)
• SUSE openldap2 Security Update (SUSE-SU-2022:1832-1) (CVE-2022-29155)
• SUSE patch Security Update (SUSE-SU-2022:1932-1) (CVE-2018-6952, CVE-2019-13636)
• SUSE pcre2 Security Update (SUSE-SU-2022:1836-1) (CVE-2022-1586)
• SUSE pcre2 Security Update (SUSE-SU-2022:1883-1) (CVE-2022-1586)
• SUSE postgresql10 Security Update (SUSE-SU-2022:1804-1) (CVE-2022-1552)
• SUSE postgresql10 Security Update (SUSE-SU-2022:1890-1) (CVE-2022-1552)
• SUSE postgresql12 Security Update (SUSE-SU-2022:1869-1) (CVE-2022-1552)
• SUSE postgresql12 Security Update (SUSE-SU-2022:1894-1) (CVE-2022-1552)
• SUSE postgresql13 Security Update (SUSE-SU-2022:1835-1) (CVE-2022-1552)
• SUSE postgresql13 Security Update (SUSE-SU-2022:1895-1) (CVE-2022-1552)
• SUSE postgresql14 Security Update (SUSE-SU-2022:1874-1) (CVE-2022-1552)
• SUSE postgresql14 Security Update (SUSE-SU-2022:1908-1) (CVE-2022-1552)
• SUSE python-requests Security Update (SUSE-SU-2022:1819-1) (CVE-2018-18074)
• SUSE rsyslog Security Update (SUSE-SU-2022:1817-1) (CVE-2022-24903)
• SUSE tiff Security Update (SUSE-SU-2022:1882-1) (CVE-2022-0561, CVE-2022-0562, CVE-2022-0865, CVE-2022-0891, CVE-2022-0908, CVE-2022-0909, CVE-2022-0924, CVE-2022-1056)
• SUSE wpa_supplicant Security Update (SUSE-SU-2022:1853-1) (CVE-2015-8041, CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088, CVE-2018-14526, CVE-2019-11555, CVE-2019-13377, CVE-2019-9494, CVE-2019-9495, CVE-2019-9497, CVE-2019-9498, CVE-2019-9499, CVE-2022-23303, CVE-2022-23304)

Ubuntu (Credentialed Checks)

• Ubuntu Bind vulnerability (USN-5429-1) (CVE-2022-1183)
• Ubuntu cifs-utils vulnerabilities (USN-5459-1) (CVE-2020-14342, CVE-2021-20208, CVE-2022-27239, CVE-2022-29869)
• Ubuntu CUPS vulnerabilities (USN-5454-1) (CVE-2019-8842, CVE-2020-10001, CVE-2022-26691)
• Ubuntu Firefox vulnerabilities (USN-5434-1) (CVE-2022-1529, CVE-2022-1802)
• Ubuntu GNOME Settings vulnerability (USN-5430-1) (CVE-2022-1736)
• Ubuntu HTMLDOC vulnerability (USN-5438-1) (CVE-2021-23165)
• Ubuntu ImageMagick vulnerability (USN-5456-1) (CVE-2022-28463)
• Ubuntu InfluxDB vulnerability (USN-5451-1) (CVE-2019-20933)
• Ubuntu Linux kernel vulnerabilities (USN-5442-2) (CVE-2022-1116, CVE-2022-29581, CVE-2022-30594)
• Ubuntu Linux kernel vulnerabilities (USN-5443-2) (CVE-2022-29581, CVE-2022-30594)
• Ubuntu Thunderbird vulnerabilities (USN-5435-1) (CVE-2022-1520, CVE-2022-1529, CVE-2022-1802, CVE-2022-19916, CVE-2022-29909, CVE-2022-29911, CVE-2022-29912, CVE-2022-29913, CVE-2022-29914, CVE-2022-29917)
• Ubuntu WebKitGTK vulnerabilities (USN-5457-1) (CVE-2022-26700, CVE-2022-26709, CVE-2022-26716, CVE-2022-26717, CVE-2022-26719)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.