Branch sisyphus update bulletin.

Package gpgme updated to version 1.4.4-alt1 for branch sisyphus in task 127157.

Published: 2014-10-20
Modified: 2024-11-21

CVE-2014-3564

Multiple heap-based buffer overflows in the status_handler function in (1) engine-gpgsm.c and (2) engine-uiserver.c in GPGME before 1.5.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to "different line lengths in a specific order."

Severity: MEDIUM (6.8)

References:

Package libgcrypt updated to version 1.5.4-alt1 for branch sisyphus in task 127162.

Published: 2014-08-29

BDU:2015-09792

Уязвимость операционной системы Gentoo Linux, позволяющая злоумышленнику нарушить конфиденциальность защищаемой информации

Severity: LOW (2.1)

References:

Published: 2016-08-17

BDU:2019-01635

Уязвимость генератора псевдослучайных чисел библиотеки криптографии Libgcrypt, связанная с раскрытием информации, позволяющая нарушителю прогнозировать выходные данные

Severity: MEDIUM (5.3) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

References:

CVE-2016-6313

Published: 2014-10-10
Modified: 2024-11-21

CVE-2014-5270

Libgcrypt before 1.5.4, as used in GnuPG and other products, does not properly perform ciphertext normalization and ciphertext randomization, which makes it easier for physically proximate attackers to conduct key-extraction attacks by leveraging the ability to collect voltage data from exposed metal, a different vector than CVE-2013-4576.

Severity: LOW (2.1)

References:

Published: 2016-12-13
Modified: 2024-11-21

CVE-2016-6313

The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by leveraging knowledge of the previous 4640 bits.

Severity: MEDIUM (5.3) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

References:

Package samba updated to version 4.1.11-alt1 for branch sisyphus in task 125989.

Published: 2014-08-01

BDU:2015-00383

Уязвимость программного обеспечения Samba, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-06035

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Severity: HIGH (8.3)

References:

Published: 2014-08-05

BDU:2015-06036

Severity: HIGH (8.3)

References:

Published: 2014-08-05

BDU:2015-06037

Severity: HIGH (8.3)

References:

Published: 2014-08-05

BDU:2015-06038

Severity: HIGH (8.3)

References:

Published: 2014-08-05

BDU:2015-06039

Severity: HIGH (8.3)

References:

Published: 2014-08-05

BDU:2015-06040

Severity: HIGH (8.3)

References:

Published: 2014-08-05

BDU:2015-06041

Severity: HIGH (8.3)

References:

Published: 2014-08-05

BDU:2015-06042

Severity: HIGH (8.3)

References:

Published: 2014-08-05

BDU:2015-06043

Severity: HIGH (8.3)

References:

Published: 2014-08-05

BDU:2015-06044

Severity: HIGH (8.3) Vector: AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

References:

Published: 2014-08-05

BDU:2015-06045

Severity: HIGH (8.3)

References:

Published: 2014-08-05

BDU:2015-06046

Severity: HIGH (8.3)

References:

Published: 2014-08-05

BDU:2015-06047

Severity: HIGH (8.3)

References:

Published: 2014-08-05

BDU:2015-06048

Severity: HIGH (8.3)

References:

Published: 2014-08-05

BDU:2015-06050

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-06806

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-06807

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-06829

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-06830

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-06866

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-06867

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-06868

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-06869

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-06870

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-06871

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-06872

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-06873

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-06874

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-06875

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-06876

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-06877

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-06878

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-06879

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-06880

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-06881

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-09096

Уязвимости операционной системы CentOS, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Severity: HIGH (8.3)

References:

Published: 2014-08-05

BDU:2015-09097

Severity: HIGH (8.3)

References:

Published: 2014-08-05

BDU:2015-09098

Severity: HIGH (8.3)

References:

Published: 2014-08-05

BDU:2015-09099

Severity: HIGH (8.3)

References:

Published: 2014-08-05

BDU:2015-09100

Severity: HIGH (8.3)

References:

Published: 2014-08-05

BDU:2015-09101

Severity: HIGH (8.3)

References:

Published: 2014-08-05

BDU:2015-09102

Severity: HIGH (8.3)

References:

Published: 2014-08-05

BDU:2015-09103

Severity: LOW (3.4) Vector: AV:A/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:L

References:

Published: 2014-08-05

BDU:2015-09104

Severity: HIGH (8.3)

References:

Published: 2014-08-05

BDU:2015-09105

Severity: HIGH (8.3)

References:

Published: 2014-08-05

BDU:2015-09106

Severity: HIGH (8.3)

References:

Published: 2014-08-05

BDU:2015-09107

Severity: HIGH (8.3)

References:

Published: 2014-08-05

BDU:2015-09108

Severity: HIGH (8.3)

References:

Published: 2014-08-05

BDU:2015-09109

Severity: HIGH (8.3)

References:

Published: 2014-08-05

BDU:2015-09110

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-09122

Уязвимость операционной системы CentOS, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-09123

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-09124

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-09125

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-09126

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-09127

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-09128

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-09129

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-09130

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-09131

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-09132

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-09133

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-09134

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-09135

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-09136

Severity: HIGH (7.9)

References:

Published: 2014-08-05

BDU:2015-09137

Severity: HIGH (7.9)

References:

Published: 2014-08-06
Modified: 2024-11-21

CVE-2014-3560

NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in string_wrappers.h.

Severity: HIGH (7.9)

References:

Package sssd updated to version 1.12.0-alt1 for branch sisyphus in task 125989.

Published: 2014-06-11
Modified: 2024-11-21

CVE-2014-0249

The System Security Services Daemon (SSSD) 1.11.6 does not properly identify group membership when a non-POSIX group is in a group membership chain, which allows local users to bypass access restrictions via unspecified vectors.

Severity: LOW (3.3)

References:

Version: 2.1.0

ALT-BU-2014-2924-1

Closed vulnerabilities

Closed vulnerabilities

Closed vulnerabilities

Closed vulnerabilities