ALT Linux Team

Branch sisyphus update on 2014-12-17

2014-12-17

ALT-BU-2014-3166-1

Branch sisyphus update bulletin.

ALT-PU-2014-2455-1

Package unrtf updated to version 0.21.7-alt1 for branch sisyphus in task 136584.

Closed vulnerabilities

Published: 2014-12-09
Modified: 2025-04-12

CVE-2014-9274

UnRTF allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code as demonstrated by a file containing the string "{\cb-999999999".

Severity: HIGH (7.5) Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
References:
Published: 2014-12-09
Modified: 2025-04-12

CVE-2014-9275

UnRTF allows remote attackers to cause a denial of service (out-of-bounds memory access and crash) and possibly execute arbitrary code via a crafted RTF file.

Severity: HIGH (7.5) Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
References:

ALT-PU-2014-2457-1

Package gnuplot updated to version 4.6.6-alt1 for branch sisyphus in task 136633.

Closed bugs

Bug #30519

отсутствует драйвер gnuplot_qt

ALT-PU-2014-2463-1

Package perl-DBD-mysql updated to version 4.029-alt1 for branch sisyphus in task 136655.

Closed vulnerabilities

Published: 2016-08-20

BDU:2016-02084

Уязвимость драйвера DBD::mysq, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код

Severity: CRITICAL (10.0) Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
References:
Published: 2016-08-19
Modified: 2025-04-12

CVE-2014-9906

Use-after-free vulnerability in DBD::mysql before 4.029 allows attackers to cause a denial of service (program crash) or possibly execute arbitrary code via vectors related to a lost server connection.

Severity: CRITICAL (10.0) Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.2
Back to top