ALT-BU-2014-2952-1
Branch t7 update bulletin.
Package kde4-kopete updated to version 4.14.0-alt1.M70P.1 for branch t7 in task 128678.
Closed bugs
kopete - "кривое" окно для авторизации в сервисе mrim.jabber.ru
Package python-module-cffi updated to version 0.8.6-alt1.M70P.1 for branch t7 in task 128678.
Closed bugs
Версия 0.8.6
Closed bugs
Добавление пакета для libunrar
Closed vulnerabilities
BDU:2015-00192
Уязвимость браузера Google Chrome, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
BDU:2015-00194
Уязвимость браузера Google Chrome, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
BDU:2015-00195
Уязвимость браузера Google Chrome, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
BDU:2015-00202
Уязвимости браузера Google Chrome, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
BDU:2015-00236
Уязвимость браузера Google Chrome, позволяющая удаленному злоумышленнику нарушить конфиденциальность и целостность защищаемой информации
BDU:2015-00237
Уязвимость браузера Google Chrome, позволяющая удаленному злоумышленнику нарушить конфиденциальность и целостность защищаемой информации
BDU:2015-00238
Уязвимость браузера Google Chrome, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
BDU:2015-00239
Уязвимость браузера Google Chrome, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
BDU:2015-00240
Уязвимость браузера Google Chrome, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации
BDU:2015-00242
Уязвимость браузера Google Chrome, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации
Modified: 2024-11-21
CVE-2014-3168
Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 37.0.2062.94, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper caching associated with animation.
- http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
- http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
- openSUSE-SU-2014:1151
- openSUSE-SU-2014:1151
- 60268
- 60268
- 60424
- 60424
- 61482
- 61482
- GLSA-201408-16
- GLSA-201408-16
- DSA-3039
- DSA-3039
- 69398
- 69398
- 1030767
- 1030767
- https://crbug.com/369860
- https://crbug.com/369860
- google-chrome-cve20143168-code-exec(95468)
- google-chrome-cve20143168-code-exec(95468)
- https://src.chromium.org/viewvc/blink?revision=174338&view=revision
- https://src.chromium.org/viewvc/blink?revision=174338&view=revision
- https://src.chromium.org/viewvc/blink?revision=174923&view=revision
- https://src.chromium.org/viewvc/blink?revision=174923&view=revision
Modified: 2024-11-21
CVE-2014-3169
Use-after-free vulnerability in core/dom/ContainerNode.cpp in the DOM implementation in Blink, as used in Google Chrome before 37.0.2062.94, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging script execution that occurs before notification of node removal.
- http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
- http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
- openSUSE-SU-2014:1151
- openSUSE-SU-2014:1151
- 60268
- 60268
- 60424
- 60424
- 61482
- 61482
- GLSA-201408-16
- GLSA-201408-16
- DSA-3039
- DSA-3039
- 69405
- 69405
- 1030767
- 1030767
- https://crbug.com/387389
- https://crbug.com/387389
- google-chrome-cve20143169-code-exec(95469)
- google-chrome-cve20143169-code-exec(95469)
- https://src.chromium.org/viewvc/blink?revision=178976&view=revision
- https://src.chromium.org/viewvc/blink?revision=178976&view=revision
Modified: 2024-11-21
CVE-2014-3170
extensions/common/url_pattern.cc in Google Chrome before 37.0.2062.94 does not prevent use of a '\0' character in a host name, which allows remote attackers to spoof the extension permission dialog by relying on truncation after this character.
- http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
- http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
- openSUSE-SU-2014:1151
- openSUSE-SU-2014:1151
- 60268
- 60268
- 61482
- 61482
- GLSA-201408-16
- GLSA-201408-16
- DSA-3039
- DSA-3039
- 69400
- 69400
- 1030767
- 1030767
- https://crbug.com/390624
- https://crbug.com/390624
- google-chrome-cve20143170-spoofing(95470)
- google-chrome-cve20143170-spoofing(95470)
- https://src.chromium.org/viewvc/chrome?revision=285492&view=revision
- https://src.chromium.org/viewvc/chrome?revision=285492&view=revision
Modified: 2024-11-21
CVE-2014-3171
Use-after-free vulnerability in the V8 bindings in Blink, as used in Google Chrome before 37.0.2062.94, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper use of HashMap add operations instead of HashMap set operations, related to bindings/core/v8/DOMWrapperMap.h and bindings/core/v8/SerializedScriptValue.cpp.
- http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
- http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
- openSUSE-SU-2014:1151
- openSUSE-SU-2014:1151
- 60268
- 60268
- 60424
- 60424
- 61482
- 61482
- GLSA-201408-16
- GLSA-201408-16
- DSA-3039
- DSA-3039
- 69406
- 69406
- 1030767
- 1030767
- https://crbug.com/390928
- https://crbug.com/390928
- google-chrome-cve20143171-code-exec(95471)
- google-chrome-cve20143171-code-exec(95471)
- https://src.chromium.org/viewvc/blink?revision=178823&view=revision
- https://src.chromium.org/viewvc/blink?revision=178823&view=revision
Modified: 2024-11-21
CVE-2014-3172
The Debugger extension API in browser/extensions/api/debugger/debugger_api.cc in Google Chrome before 37.0.2062.94 does not validate a tab's URL before an attach operation, which allows remote attackers to bypass intended access limitations via an extension that uses a restricted URL, as demonstrated by a chrome:// URL.
- http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
- http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
- openSUSE-SU-2014:1151
- openSUSE-SU-2014:1151
- 60268
- 60268
- 61482
- 61482
- GLSA-201408-16
- GLSA-201408-16
- DSA-3039
- DSA-3039
- 69401
- 69401
- 1030767
- 1030767
- https://crbug.com/367567
- https://crbug.com/367567
- google-chrome-cve20143172-unspec(95472)
- google-chrome-cve20143172-unspec(95472)
- https://src.chromium.org/viewvc/chrome?revision=280354&view=revision
- https://src.chromium.org/viewvc/chrome?revision=280354&view=revision
Modified: 2024-11-21
CVE-2014-3173
The WebGL implementation in Google Chrome before 37.0.2062.94 does not ensure that clear calls interact properly with the state of a draw buffer, which allows remote attackers to cause a denial of service (read of uninitialized memory) via a crafted CANVAS element, related to gpu/command_buffer/service/framebuffer_manager.cc and gpu/command_buffer/service/gles2_cmd_decoder.cc.
- http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
- http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
- openSUSE-SU-2014:1151
- openSUSE-SU-2014:1151
- 60268
- 60268
- 60424
- 60424
- 61482
- 61482
- GLSA-201408-16
- GLSA-201408-16
- DSA-3039
- DSA-3039
- 69403
- 69403
- 1030767
- 1030767
- https://crbug.com/376951
- https://crbug.com/376951
- google-chrome-cve20143173-info-disc(95473)
- google-chrome-cve20143173-info-disc(95473)
- https://src.chromium.org/viewvc/chrome?revision=275338&view=revision
- https://src.chromium.org/viewvc/chrome?revision=275338&view=revision
Modified: 2024-11-21
CVE-2014-3174
modules/webaudio/BiquadDSPKernel.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 37.0.2062.94, does not properly consider concurrent threads during attempts to update biquad filter coefficients, which allows remote attackers to cause a denial of service (read of uninitialized memory) via crafted API calls.
- http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
- http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
- openSUSE-SU-2014:1151
- openSUSE-SU-2014:1151
- 60268
- 60268
- 60424
- 60424
- 61482
- 61482
- GLSA-201408-16
- GLSA-201408-16
- DSA-3039
- DSA-3039
- 69407
- 69407
- 1030767
- 1030767
- https://crbug.com/389219
- https://crbug.com/389219
- google-chrome-cve20143174-info-disc(95474)
- google-chrome-cve20143174-info-disc(95474)
- https://src.chromium.org/viewvc/blink?revision=177250&view=revision
- https://src.chromium.org/viewvc/blink?revision=177250&view=revision
Modified: 2024-11-21
CVE-2014-3175
Multiple unspecified vulnerabilities in Google Chrome before 37.0.2062.94 allow attackers to cause a denial of service or possibly have other impact via unknown vectors, related to the load_truetype_glyph function in truetype/ttgload.c in FreeType and other functions in other components.
- http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
- http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
- openSUSE-SU-2014:1151
- openSUSE-SU-2014:1151
- 60268
- 60268
- 60424
- 60424
- GLSA-201408-16
- GLSA-201408-16
- DSA-3039
- DSA-3039
- 69402
- 69402
- 1030767
- 1030767
- https://code.google.com/p/chromium/issues/detail?id=149871
- https://code.google.com/p/chromium/issues/detail?id=149871
- https://code.google.com/p/chromium/issues/detail?id=337572
- https://code.google.com/p/chromium/issues/detail?id=337572
- https://code.google.com/p/chromium/issues/detail?id=350782
- https://code.google.com/p/chromium/issues/detail?id=350782
- https://code.google.com/p/chromium/issues/detail?id=357452
- https://code.google.com/p/chromium/issues/detail?id=357452
- https://code.google.com/p/chromium/issues/detail?id=364062
- https://code.google.com/p/chromium/issues/detail?id=364062
- https://code.google.com/p/chromium/issues/detail?id=366687
- https://code.google.com/p/chromium/issues/detail?id=366687
- https://code.google.com/p/chromium/issues/detail?id=367991
- https://code.google.com/p/chromium/issues/detail?id=367991
- https://code.google.com/p/chromium/issues/detail?id=368978
- https://code.google.com/p/chromium/issues/detail?id=368978
- https://code.google.com/p/chromium/issues/detail?id=372410
- https://code.google.com/p/chromium/issues/detail?id=372410
- https://code.google.com/p/chromium/issues/detail?id=372413
- https://code.google.com/p/chromium/issues/detail?id=372413
- https://code.google.com/p/chromium/issues/detail?id=379656
- https://code.google.com/p/chromium/issues/detail?id=379656
- https://code.google.com/p/chromium/issues/detail?id=381031
- https://code.google.com/p/chromium/issues/detail?id=381031
- https://code.google.com/p/chromium/issues/detail?id=381244
- https://code.google.com/p/chromium/issues/detail?id=381244
- https://code.google.com/p/chromium/issues/detail?id=381521
- https://code.google.com/p/chromium/issues/detail?id=381521
- https://code.google.com/p/chromium/issues/detail?id=382240
- https://code.google.com/p/chromium/issues/detail?id=382240
- https://code.google.com/p/chromium/issues/detail?id=382241
- https://code.google.com/p/chromium/issues/detail?id=382241
- https://code.google.com/p/chromium/issues/detail?id=382242
- https://code.google.com/p/chromium/issues/detail?id=382242
- https://code.google.com/p/chromium/issues/detail?id=382243
- https://code.google.com/p/chromium/issues/detail?id=382243
- https://code.google.com/p/chromium/issues/detail?id=382601
- https://code.google.com/p/chromium/issues/detail?id=382601
- https://code.google.com/p/chromium/issues/detail?id=382606
- https://code.google.com/p/chromium/issues/detail?id=382606
- https://code.google.com/p/chromium/issues/detail?id=382639
- https://code.google.com/p/chromium/issues/detail?id=382639
- https://code.google.com/p/chromium/issues/detail?id=382656
- https://code.google.com/p/chromium/issues/detail?id=382656
- https://code.google.com/p/chromium/issues/detail?id=382820
- https://code.google.com/p/chromium/issues/detail?id=382820
- https://code.google.com/p/chromium/issues/detail?id=383703
- https://code.google.com/p/chromium/issues/detail?id=383703
- https://code.google.com/p/chromium/issues/detail?id=384662
- https://code.google.com/p/chromium/issues/detail?id=384662
- https://code.google.com/p/chromium/issues/detail?id=387016
- https://code.google.com/p/chromium/issues/detail?id=387016
- https://code.google.com/p/chromium/issues/detail?id=387315
- https://code.google.com/p/chromium/issues/detail?id=387315
- https://code.google.com/p/chromium/issues/detail?id=387371
- https://code.google.com/p/chromium/issues/detail?id=387371
- https://code.google.com/p/chromium/issues/detail?id=388771
- https://code.google.com/p/chromium/issues/detail?id=388771
- https://code.google.com/p/chromium/issues/detail?id=389216
- https://code.google.com/p/chromium/issues/detail?id=389216
- https://code.google.com/p/chromium/issues/detail?id=389280
- https://code.google.com/p/chromium/issues/detail?id=389280
- https://code.google.com/p/chromium/issues/detail?id=389285
- https://code.google.com/p/chromium/issues/detail?id=389285
- https://code.google.com/p/chromium/issues/detail?id=389316
- https://code.google.com/p/chromium/issues/detail?id=389316
- https://code.google.com/p/chromium/issues/detail?id=389570
- https://code.google.com/p/chromium/issues/detail?id=389570
- https://code.google.com/p/chromium/issues/detail?id=390176
- https://code.google.com/p/chromium/issues/detail?id=390176
- https://code.google.com/p/chromium/issues/detail?id=390304
- https://code.google.com/p/chromium/issues/detail?id=390304
- https://code.google.com/p/chromium/issues/detail?id=393938
- https://code.google.com/p/chromium/issues/detail?id=393938
- https://code.google.com/p/chromium/issues/detail?id=394026
- https://code.google.com/p/chromium/issues/detail?id=394026
- https://code.google.com/p/chromium/issues/detail?id=395972
- https://code.google.com/p/chromium/issues/detail?id=395972
- https://code.google.com/p/chromium/issues/detail?id=396255
- https://code.google.com/p/chromium/issues/detail?id=396255
- https://code.google.com/p/chromium/issues/detail?id=397258
- https://code.google.com/p/chromium/issues/detail?id=397258
- https://crbug.com/406143
- https://crbug.com/406143
- google-chrome-cve20143175-unspec(95475)
- google-chrome-cve20143175-unspec(95475)
Modified: 2024-11-21
CVE-2014-3176
Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3177.
- http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
- http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
- openSUSE-SU-2014:1151
- openSUSE-SU-2014:1151
- 60268
- 60268
- 61482
- 61482
- GLSA-201408-16
- GLSA-201408-16
- DSA-3039
- DSA-3039
- 69404
- 69404
- 1030767
- 1030767
- https://crbug.com/386988
- https://crbug.com/386988
- google-chrome-cve20143176-code-exec(95476)
- google-chrome-cve20143176-code-exec(95476)
Modified: 2024-11-21
CVE-2014-3177
Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3176.
- http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
- http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
- openSUSE-SU-2014:1151
- openSUSE-SU-2014:1151
- 60268
- 60268
- 61482
- 61482
- GLSA-201408-16
- GLSA-201408-16
- DSA-3039
- DSA-3039
- 69404
- 69404
- 1030767
- 1030767
- https://crbug.com/386988
- https://crbug.com/386988
- google-chrome-cve20143177-code-exec(95477)
- google-chrome-cve20143177-code-exec(95477)
Package chromium-pepperflash updated to version 1.5-alt2 for branch t7 in task 128738.
Closed bugs
libpepflashplayer.so не принадлежит ни одному из пакетов
Package shapercontrol updated to version 1.5.1-alt5 for branch t7 in task 128738.
Closed bugs
service sc status всегда возвращает 0