ALT Linux Team

Branch sisyphus update on 2015-01-24

2015-01-24

ALT-BU-2015-2256-2

Branch sisyphus update bulletin.

ALT-PU-2015-1074-2

Package monetdb updated to version 11.19.7-alt1 for branch sisyphus in task 139122.

Closed vulnerabilities

Published: 2023-06-21

BDU:2023-04410

Уязвимость компонента cs_bind_ubat системы управления базами данных (СУБД) MonetDB Server, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2022-08-03
Modified: 2024-11-21

CVE-2022-34967

The assertion `stmt->Dbc->FirstStmt' failed in MonetDB Database Server v11.43.13.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2023-06-22
Modified: 2024-12-02

CVE-2023-36362

An issue in the rel_sequences component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2023-06-22
Modified: 2024-12-02

CVE-2023-36363

An issue in the __nss_database_lookup component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2023-06-22
Modified: 2024-12-02

CVE-2023-36364

An issue in the rel_deps component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2023-06-22
Modified: 2024-12-02

CVE-2023-36365

An issue in the sql_trans_copy_key component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2023-06-22
Modified: 2024-12-02

CVE-2023-36366

An issue in the log_create_delta component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause Denial of Service (DoS) via crafted SQL statements.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2023-06-22
Modified: 2024-12-02

CVE-2023-36367

An issue in the BLOBcmp component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2023-06-22
Modified: 2024-12-02

CVE-2023-36368

An issue in the cs_bind_ubat component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2023-06-22
Modified: 2024-12-06

CVE-2023-36369

An issue in the list_append component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2023-06-22
Modified: 2024-12-06

CVE-2023-36370

An issue in the gc_col component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2023-06-22
Modified: 2024-12-06

CVE-2023-36371

An issue in the GDKfree component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:

Closed bugs

Bug #30660

Прошу обновить.

ALT-PU-2015-1076-1

Package adobe-flash-player updated to version 11-alt39 for branch sisyphus in task 139142.

Closed vulnerabilities

Published: 2015-01-23

BDU:2015-09810

Уязвимость программной платформы Flash Player, позволяющая удаленному злоумышленнику выполнить произвольный код или вызвать отказ в обслуживании

Severity: CRITICAL (10.0)
References:
Published: 2015-01-23

BDU:2015-09811

Уязвимость программной платформы Flash Player, позволяющая удаленному злоумышленнику выполнить произвольный код или вызвать отказ в обслуживании

Severity: CRITICAL (10.0)
References:
Published: 2015-01-23

BDU:2015-10058

Уязвимость программной платформы Flash Player, позволяющая нарушителю обойти правила разграничения доступа

Severity: CRITICAL (10.0)
References:
Published: 2015-01-23

BDU:2015-10059

Уязвимость программной платформы Flash Player, позволяющая нарушителю обойти правила разграничения доступа

Severity: CRITICAL (10.0)
References:
Published: 2015-01-23

BDU:2015-10322

Уязвимость программной платформы Flash Player, позволяющая нарушителю вызвать отказ в обслуживании или получить контроль над системой

Severity: CRITICAL (10.0)
References:
Published: 2015-01-24
Modified: 2025-02-13

CVE-2015-0310

Adobe Flash Player before 13.0.0.262 and 14.x through 16.x before 16.0.0.287 on Windows and OS X and before 11.2.202.438 on Linux does not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism on Windows, and have an unspecified impact on other platforms, via unknown vectors, as exploited in the wild in January 2015.

Severity: CRITICAL (10.0)
References:
Published: 2015-01-24
Modified: 2025-02-14

CVE-2015-0311

Unspecified vulnerability in Adobe Flash Player through 13.0.0.262 and 14.x, 15.x, and 16.x through 16.0.0.287 on Windows and OS X and through 11.2.202.438 on Linux allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in January 2015.

Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top