2014-04-04
ALT-BU-2014-2686-2
Branch sisyphus update bulletin.
Closed bugs
without lcms2
Closed bugs
without lcms2
Closed bugs
without lcms2
Closed vulnerabilities
Published: 2015-01-16
Modified: 2025-04-12
Modified: 2025-04-12
CVE-2014-1949
GTK+ 3.10.9 and earlier, as used in cinnamon-screensaver, gnome-screensaver, and other applications, allows physically proximate attackers to bypass the lock screen by pressing the menu button.
Severity: HIGH (7.2)Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
References:
- http://advisories.mageia.org/MGASA-2014-0374.html
- http://seclists.org/oss-sec/2014/q1/327
- http://seclists.org/oss-sec/2014/q1/331
- http://www.mandriva.com/security/advisories?name=MDVSA-2015:162
- http://www.ubuntu.com/usn/USN-2475-1
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759145
- https://bugzilla.redhat.com/show_bug.cgi?id=1064695
- https://github.com/linuxmint/cinnamon-screensaver/issues/44
- http://advisories.mageia.org/MGASA-2014-0374.html
- http://seclists.org/oss-sec/2014/q1/327
- http://seclists.org/oss-sec/2014/q1/331
- http://www.mandriva.com/security/advisories?name=MDVSA-2015:162
- http://www.ubuntu.com/usn/USN-2475-1
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759145
- https://bugzilla.redhat.com/show_bug.cgi?id=1064695
- https://github.com/linuxmint/cinnamon-screensaver/issues/44
Package cross-binutils updated to version 2.24-alt1_2 for branch sisyphus in task 117613.
Closed vulnerabilities
Published: 2012-09-05
Modified: 2026-04-29
Modified: 2026-04-29
CVE-2012-3509
Multiple integer overflows in the (1) _objalloc_alloc function in objalloc.c and (2) objalloc_alloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to cause a denial of service (crash) via vectors related to the "addition of CHUNK_HEADER_SIZE to the length," which triggers a heap-based buffer overflow.
Severity: MEDIUM (5.0)Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
References:
- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=54411
- http://gcc.gnu.org/ml/gcc-patches/2012-08/msg01986.html
- http://security-tracker.debian.org/tracker/CVE-2012-3509
- http://www.mandriva.com/security/advisories?name=MDVSA-2015:029
- http://www.openwall.com/lists/oss-security/2012/08/29/3
- http://www.securityfocus.com/bid/55281
- http://www.ubuntu.com/usn/USN-2496-1
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78135
- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=54411
- http://gcc.gnu.org/ml/gcc-patches/2012-08/msg01986.html
- http://security-tracker.debian.org/tracker/CVE-2012-3509
- http://www.mandriva.com/security/advisories?name=MDVSA-2015:029
- http://www.openwall.com/lists/oss-security/2012/08/29/3
- http://www.securityfocus.com/bid/55281
- http://www.ubuntu.com/usn/USN-2496-1
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78135