ALT-BU-2014-2567-1
Branch p7 update bulletin.
Package adobe-flash-player updated to version 11-alt25 for branch p7 in task 113547.
Closed vulnerabilities
Modified: 2024-12-20
CVE-2014-0497
Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors.
- http://googlechromereleases.blogspot.com/2014/02/stable-channel-update.html
- http://googlechromereleases.blogspot.com/2014/02/stable-channel-update.html
- http://helpx.adobe.com/security/products/flash-player/apsb14-04.html
- http://helpx.adobe.com/security/products/flash-player/apsb14-04.html
- openSUSE-SU-2014:0197
- openSUSE-SU-2014:0197
- openSUSE-SU-2014:0203
- openSUSE-SU-2014:0203
- SUSE-SU-2014:0221
- SUSE-SU-2014:0221
- RHSA-2014:0137
- RHSA-2014:0137
- 56437
- 56437
- 56737
- 56737
- 56780
- 56780
- 56799
- 56799
- 56839
- 56839
- 33212
- 33212
- 102849
- 102849
- 65327
- 65327
- 1029715
- 1029715
- adobe-flash-cve20140497-code-exec(90884)
- adobe-flash-cve20140497-code-exec(90884)
Package alterator-preinstall updated to version 0.7.2-alt1 for branch p7 in task 113626.
Closed bugs
При автоустановке происходит ошибка подмены alteratord
Closed vulnerabilities
BDU:2015-04120
Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
Modified: 2024-11-21
CVE-2013-6393
The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a YAML document, which triggers a heap-based buffer overflow.
- http://advisories.mageia.org/MGASA-2014-0040.html
- http://advisories.mageia.org/MGASA-2014-0040.html
- APPLE-SA-2014-04-22-1
- APPLE-SA-2014-04-22-1
- APPLE-SA-2014-10-16-3
- APPLE-SA-2014-10-16-3
- openSUSE-SU-2014:0272
- openSUSE-SU-2014:0272
- openSUSE-SU-2014:0273
- openSUSE-SU-2014:0273
- openSUSE-SU-2015:0319
- openSUSE-SU-2015:0319
- openSUSE-SU-2016:1067
- openSUSE-SU-2016:1067
- 102716
- 102716
- RHSA-2014:0353
- RHSA-2014:0353
- RHSA-2014:0354
- RHSA-2014:0354
- RHSA-2014:0355
- RHSA-2014:0355
- DSA-2850
- DSA-2850
- DSA-2870
- DSA-2870
- MDVSA-2015:060
- MDVSA-2015:060
- 65258
- 65258
- USN-2098-1
- USN-2098-1
- https://bitbucket.org/xi/libyaml/commits/tag/0.1.5
- https://bitbucket.org/xi/libyaml/commits/tag/0.1.5
- https://bugzilla.redhat.com/attachment.cgi?id=847926&action=diff
- https://bugzilla.redhat.com/attachment.cgi?id=847926&action=diff
- https://bugzilla.redhat.com/show_bug.cgi?id=1033990
- https://bugzilla.redhat.com/show_bug.cgi?id=1033990
- https://puppet.com/security/cve/cve-2013-6393
- https://puppet.com/security/cve/cve-2013-6393
- https://support.apple.com/kb/HT6536
- https://support.apple.com/kb/HT6536
Closed bugs
CVE-2013-6393 -- libyaml: heap-based buffer overflow when parsing YAML tags