ALT-BU-2016-2770-1
Branch sisyphus update bulletin.
Package kernel-image-std-def updated to version 4.4.10-alt1 for branch sisyphus in task 164624.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2017-7273
The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 3.2 and 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified other impact via a crafted HID report.
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1ebb71143758f45dc0fa76e2f48429e13b16d110
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1ebb71143758f45dc0fa76e2f48429e13b16d110
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4faec4a2ef5dd481682cc155cb9ea14ba2534b76
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4faec4a2ef5dd481682cc155cb9ea14ba2534b76
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.4
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.4
- 97190
- 97190
- https://github.com/torvalds/linux/commit/1ebb71143758f45dc0fa76e2f48429e13b16d110
- https://github.com/torvalds/linux/commit/1ebb71143758f45dc0fa76e2f48429e13b16d110
Package adobe-flash-player updated to version 11-alt62 for branch sisyphus in task 164672.
Closed vulnerabilities
BDU:2016-01276
Уязвимость программной платформы Flash Player, позволяющая нарушителю получить контроль над системой и вызвать аварийное завершение работы приложения
BDU:2016-01277
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01278
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01279
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01280
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01281
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01282
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01283
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01284
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01285
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01295
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01296
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01297
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01298
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01299
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01300
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01301
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01302
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01303
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01304
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01305
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01306
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01307
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01308
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
BDU:2016-01309
Уязвимость программной платформы Flash Player, позволяющая нарушителю повлиять на целостность, доступность и конфиденциальность информации
Modified: 2024-11-21
CVE-2016-1096
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
- SUSE-SU-2016:1305
- SUSE-SU-2016:1305
- http://packetstormsecurity.com/files/137051/Adobe-Flash-MP4-File-Stack-Corruption.html
- http://packetstormsecurity.com/files/137051/Adobe-Flash-MP4-File-Stack-Corruption.html
- RHSA-2016:1079
- RHSA-2016:1079
- 90618
- 90618
- 1035827
- 1035827
- MS16-064
- MS16-064
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- 39828
- 39828
Modified: 2024-11-21
CVE-2016-1097
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2024-11-21
CVE-2016-1098
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2024-11-21
CVE-2016-1099
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2024-11-21
CVE-2016-1100
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2024-11-21
CVE-2016-1101
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
- SUSE-SU-2016:1305
- SUSE-SU-2016:1305
- http://packetstormsecurity.com/files/137052/Adobe-Flash-ATF-Processing-Heap-Overflow.html
- http://packetstormsecurity.com/files/137052/Adobe-Flash-ATF-Processing-Heap-Overflow.html
- RHSA-2016:1079
- RHSA-2016:1079
- 1035827
- 1035827
- MS16-064
- MS16-064
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- 39827
- 39827
Modified: 2024-11-21
CVE-2016-1102
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
- SUSE-SU-2016:1305
- SUSE-SU-2016:1305
- http://packetstormsecurity.com/files/137053/Adobe-Flash-JXR-Processing-Out-Of-Bounds-Read.html
- http://packetstormsecurity.com/files/137053/Adobe-Flash-JXR-Processing-Out-Of-Bounds-Read.html
- RHSA-2016:1079
- RHSA-2016:1079
- 90618
- 90618
- 1035827
- 1035827
- MS16-064
- MS16-064
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- 39824
- 39824
Modified: 2024-11-21
CVE-2016-1103
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
- SUSE-SU-2016:1305
- SUSE-SU-2016:1305
- http://packetstormsecurity.com/files/137054/Adobe-Flash-Raw-565-Texture-Processing-Overflow.html
- http://packetstormsecurity.com/files/137054/Adobe-Flash-Raw-565-Texture-Processing-Overflow.html
- RHSA-2016:1079
- RHSA-2016:1079
- 1035827
- 1035827
- MS16-064
- MS16-064
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- 39826
- 39826
Modified: 2024-11-21
CVE-2016-1104
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
- SUSE-SU-2016:1305
- SUSE-SU-2016:1305
- http://packetstormsecurity.com/files/137055/Adobe-Flash-Object-Placing-Out-Of-Bounds-Read.html
- http://packetstormsecurity.com/files/137055/Adobe-Flash-Object-Placing-Out-Of-Bounds-Read.html
- RHSA-2016:1079
- RHSA-2016:1079
- 90618
- 90618
- 1035827
- 1035827
- MS16-064
- MS16-064
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- 39825
- 39825
Modified: 2024-11-21
CVE-2016-1105
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
- SUSE-SU-2016:1305
- SUSE-SU-2016:1305
- http://packetstormsecurity.com/files/137056/Adobe-Flash-FileReference-Type-Confusion.html
- http://packetstormsecurity.com/files/137056/Adobe-Flash-FileReference-Type-Confusion.html
- RHSA-2016:1079
- RHSA-2016:1079
- 1035827
- 1035827
- MS16-064
- MS16-064
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- 39829
- 39829
Modified: 2024-11-21
CVE-2016-1106
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
- SUSE-SU-2016:1305
- SUSE-SU-2016:1305
- http://packetstormsecurity.com/files/137057/Adobe-Flash-SetNative-Use-After-Free.html
- http://packetstormsecurity.com/files/137057/Adobe-Flash-SetNative-Use-After-Free.html
- RHSA-2016:1079
- RHSA-2016:1079
- 1035827
- 1035827
- MS16-064
- MS16-064
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- 39831
- 39831
Modified: 2024-11-21
CVE-2016-1107
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2024-11-21
CVE-2016-1108
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2024-11-21
CVE-2016-1109
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2024-11-21
CVE-2016-1110
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2024-11-21
CVE-2016-4108
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
- SUSE-SU-2016:1305
- SUSE-SU-2016:1305
- http://packetstormsecurity.com/files/137058/Adobe-Flash-addProperty-Use-After-Free.html
- http://packetstormsecurity.com/files/137058/Adobe-Flash-addProperty-Use-After-Free.html
- RHSA-2016:1079
- RHSA-2016:1079
- 1035827
- 1035827
- MS16-064
- MS16-064
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- 39830
- 39830
Modified: 2024-11-21
CVE-2016-4109
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2024-11-21
CVE-2016-4110
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2024-11-21
CVE-2016-4111
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2024-11-21
CVE-2016-4112
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2024-11-21
CVE-2016-4113
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2024-11-21
CVE-2016-4114
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2024-11-21
CVE-2016-4115
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2024-11-21
CVE-2016-4116
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
Modified: 2025-02-14
CVE-2016-4117
Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in May 2016.
- SUSE-SU-2016:1305
- openSUSE-SU-2016:1306
- openSUSE-SU-2016:1308
- openSUSE-SU-2016:1309
- RHSA-2016:1079
- 90505
- 1035826
- https://helpx.adobe.com/security/products/flash-player/apsa16-02.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- GLSA-201606-08
- 46339
- SUSE-SU-2016:1305
- 46339
- GLSA-201606-08
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- https://helpx.adobe.com/security/products/flash-player/apsa16-02.html
- 1035826
- 90505
- RHSA-2016:1079
- openSUSE-SU-2016:1309
- openSUSE-SU-2016:1308
- openSUSE-SU-2016:1306
Closed bugs
Файловый конфликт с libwpd9
Closed vulnerabilities
Modified: 2024-11-21
CVE-2016-3096
The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /opt/.lxc-attach-script, (2) the archived container in the archive_path directory, or the (3) lxc-attach-script.log or (4) lxc-attach-script.err files in the temporary directory.
- FEDORA-2016-28ff51a3f5
- FEDORA-2016-28ff51a3f5
- FEDORA-2016-65519440f5
- FEDORA-2016-65519440f5
- FEDORA-2016-ab154c56dd
- FEDORA-2016-ab154c56dd
- FEDORA-2016-cd3cf8e7d0
- FEDORA-2016-cd3cf8e7d0
- FEDORA-2016-679c4ddd3c
- FEDORA-2016-679c4ddd3c
- https://bugzilla.redhat.com/show_bug.cgi?id=1322925
- https://bugzilla.redhat.com/show_bug.cgi?id=1322925
- https://github.com/ansible/ansible/blob/v1.9.6-1/CHANGELOG.md#196-dancing-in-the-street---tbd
- https://github.com/ansible/ansible/blob/v1.9.6-1/CHANGELOG.md#196-dancing-in-the-street---tbd
- https://github.com/ansible/ansible/blob/v2.0.2.0-1/CHANGELOG.md#202-over-the-hills-and-far-away
- https://github.com/ansible/ansible/blob/v2.0.2.0-1/CHANGELOG.md#202-over-the-hills-and-far-away
- https://github.com/ansible/ansible-modules-extras/pull/1941
- https://github.com/ansible/ansible-modules-extras/pull/1941
- https://github.com/ansible/ansible-modules-extras/pull/1941/commits/8c6fe646ee79f5e55361b885b7efed5bec72d4a4
- https://github.com/ansible/ansible-modules-extras/pull/1941/commits/8c6fe646ee79f5e55361b885b7efed5bec72d4a4
- [ansible-announce] 20160419 Ansible 2.0.2.0 has been released
- [ansible-announce] 20160419 Ansible 2.0.2.0 has been released
- [ansible-announce] 20160415 Ansible 1.9.6-1 has been released
- [ansible-announce] 20160415 Ansible 1.9.6-1 has been released
- GLSA-201607-14
- GLSA-201607-14
Package livecd-setlocale updated to version 0.3.7-alt1 for branch sisyphus in task 164712.
Closed bugs
[gnome3] не даёт поставить свою клавиатурную раскладку
Closed vulnerabilities
Modified: 2024-11-21
CVE-2016-1371
ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted mew packer executable.
- http://blog.clamav.net/2016/05/clamav-0992-has-been-released.html
- http://blog.clamav.net/2016/05/clamav-0992-has-been-released.html
- 93222
- 93222
- USN-3093-1
- USN-3093-1
- https://bugzilla.clamav.net/show_bug.cgi?id=11514
- https://bugzilla.clamav.net/show_bug.cgi?id=11514
- https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/
- https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/
Modified: 2024-11-21
CVE-2016-1372
ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted 7z file.
- http://blog.clamav.net/2016/05/clamav-0992-has-been-released.html
- http://blog.clamav.net/2016/05/clamav-0992-has-been-released.html
- 93221
- 93221
- USN-3093-1
- USN-3093-1
- https://bugzilla.clamav.net/show_bug.cgi?id=11514
- https://bugzilla.clamav.net/show_bug.cgi?id=11514
- https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/
- https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/