Branch sisyphus update bulletin.

Package libkeybinder updated to version 0.3.0-alt2.git20120617 for branch sisyphus in task 130167.

module is installed into wrong directory

Package lua5 updated to version 5.1.5-alt1 for branch sisyphus in task 130180.

Published: 2014-08-21

BDU:2015-04141

Уязвимость функционала для работ с аргументами переменной длины vararg интерпретатора скриптов Lua, позволяющая нарушителю вызвать отказ в обслуживании

Severity: MEDIUM (5.0)

References:

Published: 2014-08-21

BDU:2015-04142

Severity: MEDIUM (5.0)

References:

Published: 2014-09-04
Modified: 2024-11-21

CVE-2014-5461

Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service (crash) via a small number of arguments to a function with a large number of fixed arguments.

Severity: MEDIUM (5.0)

References:

Package phpMyAdmin updated to version 4.2.8.1-alt1 for branch sisyphus in task 130195.

Published: 2014-11-08
Modified: 2024-11-21

CVE-2014-6300

Cross-site scripting (XSS) vulnerability in the micro history implementation in phpMyAdmin 4.0.x before 4.0.10.3, 4.1.x before 4.1.14.4, and 4.2.x before 4.2.8.1 allows remote attackers to inject arbitrary web script or HTML, and consequently conduct a cross-site request forgery (CSRF) attack to create a root account, via a crafted URL, related to js/ajax.js.

Severity: MEDIUM (4.3)

References:

Version: 2.1.0

Branch sisyphus update on 2014-09-14

ALT-BU-2014-2982-1

ALT-PU-2014-2136-1

Closed bugs

Bug #27509

ALT-PU-2014-2137-1

Closed vulnerabilities

BDU:2015-04141

BDU:2015-04142

CVE-2014-5461

ALT-PU-2014-2138-1

Closed vulnerabilities

CVE-2014-6300