ALT-BU-2014-2549-1
Branch sisyphus update bulletin.
Package python-module-psycopg2 updated to version 2.5.1-alt2 for branch sisyphus in task 112964.
Closed bugs
Неверный URL: в пакете
Отсутствует зависимость на python-modules-json
Closed bugs
l{update,release} location is incorrect in CMake config file
Closed vulnerabilities
Modified: 2025-04-11
CVE-2013-6649
Use-after-free vulnerability in the RenderSVGImage::paint function in core/rendering/svg/RenderSVGImage.cpp in Blink, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a zero-size SVG image.
- http://crbug.com/330420
- http://googlechromereleases.blogspot.com/2014/01/stable-channel-update_27.html
- http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00008.html
- http://www.debian.org/security/2014/dsa-2862
- https://src.chromium.org/viewvc/blink?revision=164536&view=revision
- http://crbug.com/330420
- http://googlechromereleases.blogspot.com/2014/01/stable-channel-update_27.html
- http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00008.html
- http://www.debian.org/security/2014/dsa-2862
- https://src.chromium.org/viewvc/blink?revision=164536&view=revision
Modified: 2025-04-11
CVE-2013-6650
The StoreBuffer::ExemptPopularPages function in store-buffer.cc in Google V8 before 3.22.24.16, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors that trigger incorrect handling of "popular pages."
- http://crbug.com/331444
- http://googlechromereleases.blogspot.com/2014/01/stable-channel-update_27.html
- http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00008.html
- http://www.debian.org/security/2014/dsa-2862
- https://code.google.com/p/v8/source/detail?r=18483
- http://crbug.com/331444
- http://googlechromereleases.blogspot.com/2014/01/stable-channel-update_27.html
- http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00008.html
- http://www.debian.org/security/2014/dsa-2862
- https://code.google.com/p/v8/source/detail?r=18483
Modified: 2025-04-11
CVE-2014-1681
Multiple unspecified vulnerabilities in Google Chrome before 32.0.1700.102 have unknown impact and attack vectors, related to 12 "security fixes [that were not] either contributed by external researchers or particularly interesting."
- http://googlechromereleases.blogspot.com/2014/01/stable-channel-update_27.html
- http://osvdb.org/102633
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90975
- http://googlechromereleases.blogspot.com/2014/01/stable-channel-update_27.html
- http://osvdb.org/102633
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90975
Closed vulnerabilities
Modified: 2016-11-28
BDU:2015-06304
Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
Modified: 2016-11-28
BDU:2015-06305
Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
Modified: 2016-11-28
BDU:2015-09087
Уязвимости операционной системы CentOS, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
Modified: 2016-11-28
BDU:2015-09088
Уязвимости операционной системы CentOS, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
Modified: 2025-04-11
CVE-2014-0015
cURL and libcurl 7.10.6 through 7.34.0, when more than one authentication method is enabled, re-uses NTLM connections, which might allow context-dependent attackers to authenticate as other users via a request.
- http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html
- http://curl.haxx.se/docs/adv_20140129.html
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743
- http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127627.html
- http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128408.html
- http://lists.opensuse.org/opensuse-updates/2014-02/msg00066.html
- http://seclists.org/fulldisclosure/2014/Dec/23
- http://secunia.com/advisories/56728
- http://secunia.com/advisories/56731
- http://secunia.com/advisories/56734
- http://secunia.com/advisories/56912
- http://secunia.com/advisories/59458
- http://secunia.com/advisories/59475
- http://support.apple.com/kb/HT6296
- http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095862
- http://www.debian.org/security/2014/dsa-2849
- http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
- http://www.securityfocus.com/archive/1/534161/100/0/threaded
- http://www.securityfocus.com/bid/65270
- http://www.securitytracker.com/id/1029710
- http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.502652
- http://www.ubuntu.com/usn/USN-2097-1
- http://www.vmware.com/security/advisories/VMSA-2014-0012.html
- http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html
- http://curl.haxx.se/docs/adv_20140129.html
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743
- http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127627.html
- http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128408.html
- http://lists.opensuse.org/opensuse-updates/2014-02/msg00066.html
- http://seclists.org/fulldisclosure/2014/Dec/23
- http://secunia.com/advisories/56728
- http://secunia.com/advisories/56731
- http://secunia.com/advisories/56734
- http://secunia.com/advisories/56912
- http://secunia.com/advisories/59458
- http://secunia.com/advisories/59475
- http://support.apple.com/kb/HT6296
- http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095862
- http://www.debian.org/security/2014/dsa-2849
- http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
- http://www.securityfocus.com/archive/1/534161/100/0/threaded
- http://www.securityfocus.com/bid/65270
- http://www.securitytracker.com/id/1029710
- http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.502652
- http://www.ubuntu.com/usn/USN-2097-1
- http://www.vmware.com/security/advisories/VMSA-2014-0012.html
Closed bugs
Неверно упакован, всё в одной куче в /usr/lib
Closed bugs
Обновить версию
Closed vulnerabilities
BDU:2019-03979
Уязвимость функции ASF_ReadObject_file_properties (modules/demux/asf/libasf.c) программы-медиапроигрывателя VideoLAN VLC, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-04-12
CVE-2014-1684
The ASF_ReadObject_file_properties function in modules/demux/asf/libasf.c in the ASF Demuxer in VideoLAN VLC Media Player before 2.1.3 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a zero minimum and maximum data packet size in an ASF file.
- http://git.videolan.org/gitweb.cgi/vlc.git/?p=vlc.git%3Ba=commitdiff%3Bh=98787d0843612271e99d62bee0dfd8197f0cf404
- http://www.elsherei.com/?p=269
- https://security.gentoo.org/glsa/201603-08
- https://trac.videolan.org/vlc/ticket/10482
- http://git.videolan.org/gitweb.cgi/vlc.git/?p=vlc.git%3Ba=commitdiff%3Bh=98787d0843612271e99d62bee0dfd8197f0cf404
- http://www.elsherei.com/?p=269
- https://security.gentoo.org/glsa/201603-08
- https://trac.videolan.org/vlc/ticket/10482
Package xorg-server updated to version 1.14.5-alt3 for branch sisyphus in task 113057.
Closed bugs
Добавить патч(и) для цензирования скриншота в SeLinux
Спамит в лог