ALT-BU-2014-2559-1
Branch t7 update bulletin.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2013-6649
Use-after-free vulnerability in the RenderSVGImage::paint function in core/rendering/svg/RenderSVGImage.cpp in Blink, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a zero-size SVG image.
- http://crbug.com/330420
- http://crbug.com/330420
- http://googlechromereleases.blogspot.com/2014/01/stable-channel-update_27.html
- http://googlechromereleases.blogspot.com/2014/01/stable-channel-update_27.html
- openSUSE-SU-2014:0243
- openSUSE-SU-2014:0243
- DSA-2862
- DSA-2862
- https://src.chromium.org/viewvc/blink?revision=164536&view=revision
- https://src.chromium.org/viewvc/blink?revision=164536&view=revision
Modified: 2024-11-21
CVE-2013-6650
The StoreBuffer::ExemptPopularPages function in store-buffer.cc in Google V8 before 3.22.24.16, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors that trigger incorrect handling of "popular pages."
- http://crbug.com/331444
- http://crbug.com/331444
- http://googlechromereleases.blogspot.com/2014/01/stable-channel-update_27.html
- http://googlechromereleases.blogspot.com/2014/01/stable-channel-update_27.html
- openSUSE-SU-2014:0243
- openSUSE-SU-2014:0243
- DSA-2862
- DSA-2862
- https://code.google.com/p/v8/source/detail?r=18483
- https://code.google.com/p/v8/source/detail?r=18483
Modified: 2024-11-21
CVE-2014-1681
Multiple unspecified vulnerabilities in Google Chrome before 32.0.1700.102 have unknown impact and attack vectors, related to 12 "security fixes [that were not] either contributed by external researchers or particularly interesting."
Closed bugs
Неверно упакован, всё в одной куче в /usr/lib
Package kernel-image-led-ws updated to version 3.4.78-alt1.M70P.1 for branch t7 in task 113271.
Closed vulnerabilities
BDU:2014-00065
Уязвимость операционной системы Linux, позволяющая злоумышленнику повысить свои привилегии
Modified: 2024-11-21
CVE-2014-0038
The compat_sys_recvmmsg function in net/compat.c in the Linux kernel before 3.13.2, when CONFIG_X86_X32 is enabled, allows local users to gain privileges via a recvmmsg system call with a crafted timeout pointer parameter.
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2def2ef2ae5f3990aabdbe8a755911902707d268
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2def2ef2ae5f3990aabdbe8a755911902707d268
- openSUSE-SU-2014:0204
- openSUSE-SU-2014:0204
- openSUSE-SU-2014:0205
- openSUSE-SU-2014:0205
- http://pastebin.com/raw.php?i=DH3Lbg54
- http://pastebin.com/raw.php?i=DH3Lbg54
- 56669
- 56669
- 31346
- 31346
- 31347
- 31347
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.2
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.2
- MDVSA-2014:038
- MDVSA-2014:038
- [oss-security] 20140131 Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038)
- [oss-security] 20140131 Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038)
- 65255
- 65255
- USN-2094-1
- USN-2094-1
- USN-2095-1
- USN-2095-1
- USN-2096-1
- USN-2096-1
- https://bugzilla.redhat.com/show_bug.cgi?id=1060023
- https://bugzilla.redhat.com/show_bug.cgi?id=1060023
- https://code.google.com/p/chromium/issues/detail?id=338594
- https://code.google.com/p/chromium/issues/detail?id=338594
- https://github.com/saelo/cve-2014-0038
- https://github.com/saelo/cve-2014-0038
- https://github.com/torvalds/linux/commit/2def2ef2ae5f3990aabdbe8a755911902707d268
- https://github.com/torvalds/linux/commit/2def2ef2ae5f3990aabdbe8a755911902707d268
- 40503
- 40503
Package python-module-PyQt4 updated to version 4.10.3-alt1 for branch t7 in task 113271.
Closed bugs
too old
Package python-module-psycopg2 updated to version 2.5.1-alt2 for branch t7 in task 113271.
Closed bugs
Неверный URL: в пакете
Отсутствует зависимость на python-modules-json
Package python-module-sip updated to version 4.15.3-alt1 for branch t7 in task 113271.
Closed bugs
too old
Closed bugs
Обновить версию
Closed bugs
l{update,release} location is incorrect in CMake config file
Closed vulnerabilities
Modified: 2024-11-21
CVE-2013-6650
The StoreBuffer::ExemptPopularPages function in store-buffer.cc in Google V8 before 3.22.24.16, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors that trigger incorrect handling of "popular pages."
- http://crbug.com/331444
- http://crbug.com/331444
- http://googlechromereleases.blogspot.com/2014/01/stable-channel-update_27.html
- http://googlechromereleases.blogspot.com/2014/01/stable-channel-update_27.html
- openSUSE-SU-2014:0243
- openSUSE-SU-2014:0243
- DSA-2862
- DSA-2862
- https://code.google.com/p/v8/source/detail?r=18483
- https://code.google.com/p/v8/source/detail?r=18483
Closed bugs
Package xorg-server updated to version 1.14.5-alt3 for branch t7 in task 113271.
Closed bugs
Добавить патч(и) для цензирования скриншота в SeLinux
Спамит в лог