ALT-BU-2014-2745-2
Branch sisyphus update bulletin.
Closed bugs
Обновить версию
Closed vulnerabilities
BDU:2014-00170
Уязвимость браузера Google Chrome, позволяющая злоумышленнику вызвать отказ в обслуживании
BDU:2015-00101
Уязвимость браузера Google Chrome, позволяющая злоумышленнику вызвать отказ в обслуживании
Modified: 2025-04-12
CVE-2014-1736
Integer overflow in api.cc in Google V8, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large length value.
- http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html
- http://secunia.com/advisories/58301
- http://www.debian.org/security/2014/dsa-2920
- https://code.google.com/p/chromium/issues/detail?id=359802
- https://code.google.com/p/v8/source/detail?r=20519
- https://code.google.com/p/v8/source/detail?r=20525
- http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html
- http://secunia.com/advisories/58301
- http://www.debian.org/security/2014/dsa-2920
- https://code.google.com/p/chromium/issues/detail?id=359802
- https://code.google.com/p/v8/source/detail?r=20519
- https://code.google.com/p/v8/source/detail?r=20525
Closed vulnerabilities
Modified: 2025-04-11
CVE-2011-4099
The capsh program in libcap before 2.22 does not change the current working directory when the --chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified vectors.
- http://rhn.redhat.com/errata/RHSA-2011-1694.html
- https://bugzilla.redhat.com/show_bug.cgi?id=722694
- https://sites.google.com/site/fullycapable/release-notes-for-libcap/releasenotesfor222
- http://rhn.redhat.com/errata/RHSA-2011-1694.html
- https://bugzilla.redhat.com/show_bug.cgi?id=722694
- https://sites.google.com/site/fullycapable/release-notes-for-libcap/releasenotesfor222
Modified: 2024-11-21
CVE-2023-2602
A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory.
- https://bugzilla.redhat.com/show_bug.cgi?id=2209114
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ57ICDLMVYEREXQGZWL4GWI7FRJCRQT/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPEGCFMCN5KGCFX5Y2VTKR732TTD4ADW/
- https://www.x41-dsec.de/static/reports/X41-libcap-Code-Review-2023-OSTIF-Final-Report.pdf
- https://bugzilla.redhat.com/show_bug.cgi?id=2209114
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ57ICDLMVYEREXQGZWL4GWI7FRJCRQT/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPEGCFMCN5KGCFX5Y2VTKR732TTD4ADW/
- https://www.x41-dsec.de/static/reports/X41-libcap-Code-Review-2023-OSTIF-Final-Report.pdf
Closed bugs
Обновить бы до актуальной версии (2.24 сейчас)