ALT-BU-2014-3166-1
Branch sisyphus update bulletin.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2014-9274
UnRTF allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code as demonstrated by a file containing the string "{\cb-999999999".
- http://advisories.mageia.org/MGASA-2014-0533.html
- http://advisories.mageia.org/MGASA-2014-0533.html
- FEDORA-2014-17281
- FEDORA-2014-17281
- 62811
- 62811
- DSA-3158
- DSA-3158
- MDVSA-2015:007
- MDVSA-2015:007
- [oss-security] 20141204 Re: CVE request: out-of-bounds memory access flaw in unrtf
- [oss-security] 20141204 Re: CVE request: out-of-bounds memory access flaw in unrtf
- 71430
- 71430
- https://bugzilla.redhat.com/show_bug.cgi?id=1170233
- https://bugzilla.redhat.com/show_bug.cgi?id=1170233
- [bug-unrtf] 20141124 out-of-bounds memory access in unrtf
- [bug-unrtf] 20141124 out-of-bounds memory access in unrtf
- GLSA-201507-06
- GLSA-201507-06
Modified: 2024-11-21
CVE-2014-9275
UnRTF allows remote attackers to cause a denial of service (out-of-bounds memory access and crash) and possibly execute arbitrary code via a crafted RTF file.
- http://advisories.mageia.org/MGASA-2014-0533.html
- http://advisories.mageia.org/MGASA-2014-0533.html
- FEDORA-2014-17281
- FEDORA-2014-17281
- 62811
- 62811
- DSA-3158
- DSA-3158
- MDVSA-2015:007
- MDVSA-2015:007
- [oss-security] 20141203 CVE request: out-of-bounds memory access flaw in unrtf
- [oss-security] 20141203 CVE request: out-of-bounds memory access flaw in unrtf
- [oss-security] 20141204 Re: CVE request: out-of-bounds memory access flaw in unrtf
- [oss-security] 20141204 Re: CVE request: out-of-bounds memory access flaw in unrtf
- 71506
- 71506
- https://bugzilla.redhat.com/show_bug.cgi?id=1170233
- https://bugzilla.redhat.com/show_bug.cgi?id=1170233
- GLSA-201507-06
- GLSA-201507-06
Closed bugs
отсутствует драйвер gnuplot_qt
Package perl-DBD-mysql updated to version 4.029-alt1 for branch sisyphus in task 136655.
Closed vulnerabilities
BDU:2016-02084
Уязвимость драйвера DBD::mysq, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Modified: 2024-11-21
CVE-2014-9906
Use-after-free vulnerability in DBD::mysql before 4.029 allows attackers to cause a denial of service (program crash) or possibly execute arbitrary code via vectors related to a lost server connection.
- http://cpansearch.perl.org/src/CAPTTOFU/DBD-mysql-4.029/ChangeLog
- http://cpansearch.perl.org/src/CAPTTOFU/DBD-mysql-4.029/ChangeLog
- DSA-3635
- DSA-3635
- [oss-security] 20160727 CVE Request: DBD-mysql: use-after-free in mysql_dr_error
- [oss-security] 20160727 CVE Request: DBD-mysql: use-after-free in mysql_dr_error
- [oss-security] 20160727 Re: CVE Request: DBD-mysql: use-after-free in mysql_dr_error
- [oss-security] 20160727 Re: CVE Request: DBD-mysql: use-after-free in mysql_dr_error
- 92149
- 92149
- https://github.com/perl5-dbi/DBD-mysql/commit/a56ae87a4c1c1fead7d09c3653905841ccccf1cc
- https://github.com/perl5-dbi/DBD-mysql/commit/a56ae87a4c1c1fead7d09c3653905841ccccf1cc
- https://rt.cpan.org/Public/Bug/Display.html?id=97625
- https://rt.cpan.org/Public/Bug/Display.html?id=97625