Branch p8 update bulletin.

Package brltty updated to version 5.3.1-alt3 for branch p8 in task 163684.

удалите поддержку /lib/udev/devices

Package roundcube updated to version 1.1.5-alt1 for branch p8 in task 163721.

Published: 2017-04-13
Modified: 2024-11-21

CVE-2015-8864

Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2016-4068.

Severity: MEDIUM (6.1) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References:

Published: 2017-04-13
Modified: 2024-11-21

CVE-2016-4068

Severity: MEDIUM (6.1) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References:

Published: 2016-08-25
Modified: 2024-11-21

CVE-2016-4069

Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail before 1.1.5 allows remote attackers to hijack the authentication of users for requests that download attachments and cause a denial of service (disk consumption) via unspecified vectors.

Severity: HIGH (8.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References:

Package clementine updated to version 1.3.1-alt1 for branch p8 in task 163772.

clementine не запускается в Сизифе

Package update-kernel updated to version 0.9.9-alt1 for branch p8 in task 163779.

remove-old-kernels удаляет файлы другого флавора

Package qt5-phonon updated to version 4.8.3-alt4 for branch p8 in task 163782.

libphonon4qt5-debuginfo конфликтует с libphonon-debuginfo

Version: 2.1.1

Branch p8 update on 2016-04-26

ALT-BU-2016-2717-1

ALT-PU-2016-1380-1

Closed bugs

Bug #29446

ALT-PU-2016-1381-1

Closed vulnerabilities

CVE-2015-8864

CVE-2016-4068

CVE-2016-4069

ALT-PU-2016-1382-1

Closed bugs

Bug #31978

ALT-PU-2016-1383-1

Closed bugs

Bug #30717

ALT-PU-2016-1384-1

Closed bugs

Bug #31977