ALT-BU-2015-2793-1
Branch sisyphus update bulletin.
Closed vulnerabilities
BDU:2016-00608
Уязвимость утилиты архивирования Сpio, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2014-9112
Heap-based buffer overflow in the process_copy_in function in GNU Cpio 2.11 allows remote attackers to cause a denial of service via a large block value in a cpio archive.
- 20141123 on Linux, 'less' can probably get you owned
- 20141123 on Linux, 'less' can probably get you owned
- 60167
- 60167
- 62145
- 62145
- DSA-3111
- DSA-3111
- [oss-security] 20141123 so, can we do something about lesspipe? (+ a cpio bug to back up the argument)
- [oss-security] 20141123 so, can we do something about lesspipe? (+ a cpio bug to back up the argument)
- [oss-security] 20141125 CVE request: cpio heap-based buffer overflow [was Re: so, can we do something about lesspipe? (+ a cpio bug to back up the argument)]
- [oss-security] 20141125 CVE request: cpio heap-based buffer overflow [was Re: so, can we do something about lesspipe? (+ a cpio bug to back up the argument)]
- [oss-security] 20141126 CVE request: cpio heap-based buffer overflow [was Re: so, can we do something about lesspipe? (+ a cpio bug to back up the argument)]
- [oss-security] 20141126 CVE request: cpio heap-based buffer overflow [was Re: so, can we do something about lesspipe? (+ a cpio bug to back up the argument)]
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- 71248
- 71248
- USN-2456-1
- USN-2456-1
- linux-kernel-lesspipe-code-exec(98918)
- linux-kernel-lesspipe-code-exec(98918)
- https://savannah.gnu.org/bugs/?43709
- https://savannah.gnu.org/bugs/?43709
Modified: 2024-11-21
CVE-2015-1197
cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive.
- http://advisories.mageia.org/MGASA-2015-0080.html
- http://advisories.mageia.org/MGASA-2015-0080.html
- http://packetstormsecurity.com/files/169458/Zimbra-Collaboration-Suite-TAR-Path-Traversal.html
- http://packetstormsecurity.com/files/169458/Zimbra-Collaboration-Suite-TAR-Path-Traversal.html
- MDVSA-2015:066
- MDVSA-2015:066
- [oss-security] 20150108 Directory traversals in cpio and friends?
- [oss-security] 20150108 Directory traversals in cpio and friends?
- [oss-security] 20150118 Re: CVE Request: cpio -- directory traversal
- [oss-security] 20150118 Re: CVE Request: cpio -- directory traversal
- [oss-security] 20231221 Security vulnerability in Debian's cpio 2.13
- [oss-security] 20231221 Security vulnerability in Debian's cpio 2.13
- [oss-security] 20231227 xarchiver: Path traversal with crafted cpio archives
- [oss-security] 20231227 xarchiver: Path traversal with crafted cpio archives
- 71914
- 71914
- USN-2906-1
- USN-2906-1
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774669
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774669
- [Bug-cpio] 20150108 cpio: directory traversal vulnerability via symlinks
- [Bug-cpio] 20150108 cpio: directory traversal vulnerability via symlinks
Modified: 2024-11-21
CVE-2016-2037
The cpio_safer_name_suffix function in util.c in cpio 2.11 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted cpio file.
- DSA-3483
- DSA-3483
- [oss-security] 20160119 CVE request: out-of-bounds write with cpio 2.11
- [oss-security] 20160119 CVE request: out-of-bounds write with cpio 2.11
- [oss-security] 20160122 Re: CVE request: out-of-bounds write with cpio 2.11
- [oss-security] 20160122 Re: CVE request: out-of-bounds write with cpio 2.11
- 82293
- 82293
- 1035067
- 1035067
- USN-2906-1
- USN-2906-1
Closed vulnerabilities
Modified: 2024-11-21
CVE-2015-2059
The stringprep_utf8_to_ucs4 function in libin before 1.31, as used in jabberd2, allows context-dependent attackers to read system memory and possibly have other unspecified impact via invalid UTF-8 characters in a string, which triggers an out-of-bounds read.
- http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=2e97c279
- http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=2e97c279
- FEDORA-2015-11621
- FEDORA-2015-11621
- FEDORA-2015-11562
- FEDORA-2015-11562
- openSUSE-SU-2015:1261
- openSUSE-SU-2015:1261
- openSUSE-SU-2016:2135
- openSUSE-SU-2016:2135
- DSA-3578
- DSA-3578
- [oss-security] 20150223 Re: CVE Request: jabberd remote information disclosure
- [oss-security] 20150223 Re: CVE Request: jabberd remote information disclosure
- 72736
- 72736
- USN-3068-1
- USN-3068-1
- https://github.com/jabberd2/jabberd2/issues/85
- https://github.com/jabberd2/jabberd2/issues/85
Closed bugs
policy: rpm-build-fpc should be required by fpc pkg
Closed vulnerabilities
BDU:2022-02522
Уязвимость функции _zip_cdir_new (zip_dirent.c) интерпретатора языка программирования PHP, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Modified: 2024-11-21
CVE-2015-2331
Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a ZIP archive that contains many entries, leading to a heap-based buffer overflow.
- http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=ef8fc4b53d92fbfcd8ef1abbd6f2f5fe2c4a11e5
- http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=ef8fc4b53d92fbfcd8ef1abbd6f2f5fe2c4a11e5
- http://hg.nih.at/libzip/rev/9f11d54f692e
- http://hg.nih.at/libzip/rev/9f11d54f692e
- APPLE-SA-2015-09-30-3
- APPLE-SA-2015-09-30-3
- FEDORA-2015-4565
- FEDORA-2015-4565
- FEDORA-2015-4669
- FEDORA-2015-4669
- FEDORA-2015-4553
- FEDORA-2015-4553
- FEDORA-2015-4556
- FEDORA-2015-4556
- FEDORA-2015-4699
- FEDORA-2015-4699
- FEDORA-2015-4559
- FEDORA-2015-4559
- openSUSE-SU-2015:0615
- openSUSE-SU-2015:0615
- openSUSE-SU-2015:0644
- openSUSE-SU-2015:0644
- HPSBUX03337
- HPSBUX03337
- SSRT102066
- SSRT102066
- HPSBMU03380
- HPSBMU03380
- HPSBMU03409
- HPSBMU03409
- http://php.net/ChangeLog-5.php
- http://php.net/ChangeLog-5.php
- DSA-3198
- DSA-3198
- MDVSA-2015:079
- MDVSA-2015:079
- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
- 1031985
- 1031985
- https://bugs.php.net/bug.php?id=69253
- https://bugs.php.net/bug.php?id=69253
- https://support.apple.com/HT205267
- https://support.apple.com/HT205267
Closed bugs
2015-05-04: Released libzip 1.0.1
Closed vulnerabilities
BDU:2022-02522
Уязвимость функции _zip_cdir_new (zip_dirent.c) интерпретатора языка программирования PHP, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Modified: 2024-11-21
CVE-2015-2331
Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a ZIP archive that contains many entries, leading to a heap-based buffer overflow.
- http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=ef8fc4b53d92fbfcd8ef1abbd6f2f5fe2c4a11e5
- http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=ef8fc4b53d92fbfcd8ef1abbd6f2f5fe2c4a11e5
- http://hg.nih.at/libzip/rev/9f11d54f692e
- http://hg.nih.at/libzip/rev/9f11d54f692e
- APPLE-SA-2015-09-30-3
- APPLE-SA-2015-09-30-3
- FEDORA-2015-4565
- FEDORA-2015-4565
- FEDORA-2015-4669
- FEDORA-2015-4669
- FEDORA-2015-4553
- FEDORA-2015-4553
- FEDORA-2015-4556
- FEDORA-2015-4556
- FEDORA-2015-4699
- FEDORA-2015-4699
- FEDORA-2015-4559
- FEDORA-2015-4559
- openSUSE-SU-2015:0615
- openSUSE-SU-2015:0615
- openSUSE-SU-2015:0644
- openSUSE-SU-2015:0644
- HPSBUX03337
- HPSBUX03337
- SSRT102066
- SSRT102066
- HPSBMU03380
- HPSBMU03380
- HPSBMU03409
- HPSBMU03409
- http://php.net/ChangeLog-5.php
- http://php.net/ChangeLog-5.php
- DSA-3198
- DSA-3198
- MDVSA-2015:079
- MDVSA-2015:079
- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
- 1031985
- 1031985
- https://bugs.php.net/bug.php?id=69253
- https://bugs.php.net/bug.php?id=69253
- https://support.apple.com/HT205267
- https://support.apple.com/HT205267