2013-11-23
ALT-BU-2013-1384-1
Branch sisyphus update bulletin.
Package kernel-image-un-def updated to version 3.11.9-alt1 for branch sisyphus in task 108920.
Closed vulnerabilities
Published: 2013-11-04
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2013-4348
The skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service (infinite loop) via a small value in the IHL field of a packet with IPIP encapsulation.
Severity: HIGH (7.1)
References:
- openSUSE-SU-2014:0204
- openSUSE-SU-2014:0204
- RHSA-2013:1490
- RHSA-2013:1490
- USN-2070-1
- USN-2070-1
- USN-2075-1
- USN-2075-1
- https://bugzilla.redhat.com/show_bug.cgi?id=1007939
- https://bugzilla.redhat.com/show_bug.cgi?id=1007939
- https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=6f092343855a71e03b8d209815d8c45bf3a27fcd
- https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=6f092343855a71e03b8d209815d8c45bf3a27fcd
Closed vulnerabilities
Published: 2013-11-23
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2013-4547
nginx 0.8.41 through 1.4.3 and 1.5.x before 1.5.7 allows remote attackers to bypass intended restrictions via an unescaped space character in a URI.
Severity: HIGH (7.5)
References:
- SUSE-SU-2013:1895
- SUSE-SU-2013:1895
- openSUSE-SU-2013:1745
- openSUSE-SU-2013:1745
- openSUSE-SU-2013:1791
- openSUSE-SU-2013:1791
- openSUSE-SU-2013:1792
- openSUSE-SU-2013:1792
- [nginx-announce] 20131119 nginx security advisory (CVE-2013-4547)
- [nginx-announce] 20131119 nginx security advisory (CVE-2013-4547)
- 55757
- 55757
- 55822
- 55822
- 55825
- 55825
- DSA-2802
- DSA-2802
Closed bugs
CVE-2013-4547 в nginx