2015-05-30
ALT-BU-2015-2466-1
Branch p7 update bulletin.
Closed vulnerabilities
Published: 2015-06-02
Modified: 2025-04-12
Modified: 2025-04-12
CVE-2015-4155
GNU Parallel before 20150422, when using (1) --pipe, (2) --tmux, (3) --cat, (4) --fifo, or (5) --compress, allows local users to write to arbitrary files via a symlink attack on a temporary file.
Severity: LOW (3.6)
Vector: AV:L/AC:L/Au:N/C:N/I:P/A:P
References:
- http://lists.gnu.org/archive/html/parallel/2015-04/msg00045.html
- http://lists.gnu.org/archive/html/parallel/2015-05/msg00024.html
- http://www.securityfocus.com/bid/74962
- http://lists.gnu.org/archive/html/parallel/2015-04/msg00045.html
- http://lists.gnu.org/archive/html/parallel/2015-05/msg00024.html
- http://www.securityfocus.com/bid/74962
Published: 2015-06-02
Modified: 2025-04-12
Modified: 2025-04-12
CVE-2015-4156
GNU Parallel before 20150522 (Nepal), when using (1) --cat or (2) --fifo with --sshlogin, allows local users to write to arbitrary files via a symlink attack on a temporary file.
Severity: LOW (3.6)
Vector: AV:L/AC:L/Au:N/C:N/I:P/A:P
References:
- http://lists.gnu.org/archive/html/parallel/2015-04/msg00045.html
- http://lists.gnu.org/archive/html/parallel/2015-05/msg00024.html
- http://lists.opensuse.org/opensuse-updates/2015-05/msg00090.html
- http://www.securityfocus.com/bid/74961
- http://lists.gnu.org/archive/html/parallel/2015-04/msg00045.html
- http://lists.gnu.org/archive/html/parallel/2015-05/msg00024.html
- http://lists.opensuse.org/opensuse-updates/2015-05/msg00090.html
- http://www.securityfocus.com/bid/74961
Closed bugs
Wine собран без liblcms2
Wine собран без liblcms2
winegstreamer broken with >=glib-2.32.0
Package wine-vanilla updated to version 1.7.43-alt1.M70P.1 for branch p7 in task 144538.
Closed bugs
Wine собран без liblcms2
winegstreamer broken with >=glib-2.32.0
Предложение по улучшению wine
Предложение по улучшению wine