ALT Linux Team

Branch sisyphus update on 2016-08-11

2016-08-11

ALT-BU-2016-2927-2

Branch sisyphus update bulletin.

ALT-PU-2016-1831-1

Package virtualbox updated to version 5.1.2-alt1 for branch sisyphus in task 168096.

Closed vulnerabilities

Published: 2016-07-21
Modified: 2025-04-12

CVE-2016-3597

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.26 allows local users to affect availability via vectors related to Core.

Severity: LOW (2.1)Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
Severity: MEDIUM (5.5)Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2016-07-21
Modified: 2025-04-12

CVE-2016-3612

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.22 allows remote attackers to affect confidentiality via vectors related to Core.

Severity: MEDIUM (4.3)Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Severity: MEDIUM (5.9)Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2016-1832-1

Package kernel-modules-virtualbox-addition-std-def updated to version 5.1.2-alt1.263184.1 for branch sisyphus in task 168096.

Closed vulnerabilities

Published: 2016-07-21
Modified: 2025-04-12

CVE-2016-3597

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.26 allows local users to affect availability via vectors related to Core.

Severity: LOW (2.1)Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
Severity: MEDIUM (5.5)Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2016-07-21
Modified: 2025-04-12

CVE-2016-3612

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.22 allows remote attackers to affect confidentiality via vectors related to Core.

Severity: MEDIUM (4.3)Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Severity: MEDIUM (5.9)Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2016-1833-1

Package kernel-modules-virtualbox-addition-un-def updated to version 5.1.2-alt1.263685.1 for branch sisyphus in task 168096.

Closed vulnerabilities

Published: 2016-07-21
Modified: 2025-04-12

CVE-2016-3597

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.26 allows local users to affect availability via vectors related to Core.

Severity: LOW (2.1)Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
Severity: MEDIUM (5.5)Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2016-07-21
Modified: 2025-04-12

CVE-2016-3612

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.22 allows remote attackers to affect confidentiality via vectors related to Core.

Severity: MEDIUM (4.3)Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Severity: MEDIUM (5.9)Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2016-1834-1

Package kernel-modules-virtualbox-std-def updated to version 5.1.2-alt1.263184.1 for branch sisyphus in task 168096.

Closed vulnerabilities

Published: 2016-07-21
Modified: 2025-04-12

CVE-2016-3597

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.26 allows local users to affect availability via vectors related to Core.

Severity: LOW (2.1)Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
Severity: MEDIUM (5.5)Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2016-07-21
Modified: 2025-04-12

CVE-2016-3612

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.22 allows remote attackers to affect confidentiality via vectors related to Core.

Severity: MEDIUM (4.3)Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Severity: MEDIUM (5.9)Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2016-1835-1

Package kernel-modules-virtualbox-un-def updated to version 5.1.2-alt1.263685.1 for branch sisyphus in task 168096.

Closed vulnerabilities

Published: 2016-07-21
Modified: 2025-04-12

CVE-2016-3597

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.26 allows local users to affect availability via vectors related to Core.

Severity: LOW (2.1)Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
Severity: MEDIUM (5.5)Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2016-07-21
Modified: 2025-04-12

CVE-2016-3612

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.22 allows remote attackers to affect confidentiality via vectors related to Core.

Severity: MEDIUM (4.3)Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Severity: MEDIUM (5.9)Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2016-3273-1

Package postgresql9.4 updated to version 9.4.9-alt1 for branch sisyphus in task 168447.

Closed vulnerabilities

Published: 2016-12-09
Modified: 2025-04-12

CVE-2016-5423

PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 allow remote authenticated users to cause a denial of service (NULL pointer dereference and server crash), obtain sensitive memory information, or possibly execute arbitrary code via (1) a CASE expression within the test value subexpression of another CASE or (2) inlining of an SQL function that implements the equality operator used for a CASE expression involving values of different types.

Severity: MEDIUM (6.5)Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Severity: HIGH (8.3)Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
References:
Published: 2016-12-09
Modified: 2025-04-12

CVE-2016-5424

PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 might allow remote authenticated users with the CREATEDB or CREATEROLE role to gain superuser privileges via a (1) " (double quote), (2) \ (backslash), (3) carriage return, or (4) newline character in a (a) database or (b) role name that is mishandled during an administrative operation.

Severity: MEDIUM (4.6)Vector: AV:N/AC:H/Au:S/C:P/I:P/A:P
Severity: HIGH (7.1)Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
References:

ALT-PU-2016-3313-1

Package postgresql9.5 updated to version 9.5.4-alt1 for branch sisyphus in task 168446.

Closed vulnerabilities

Published: 2016-12-09
Modified: 2025-04-12

CVE-2016-5423

PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 allow remote authenticated users to cause a denial of service (NULL pointer dereference and server crash), obtain sensitive memory information, or possibly execute arbitrary code via (1) a CASE expression within the test value subexpression of another CASE or (2) inlining of an SQL function that implements the equality operator used for a CASE expression involving values of different types.

Severity: MEDIUM (6.5)Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Severity: HIGH (8.3)Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
References:
Published: 2016-12-09
Modified: 2025-04-12

CVE-2016-5424

PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 might allow remote authenticated users with the CREATEDB or CREATEROLE role to gain superuser privileges via a (1) " (double quote), (2) \ (backslash), (3) carriage return, or (4) newline character in a (a) database or (b) role name that is mishandled during an administrative operation.

Severity: MEDIUM (4.6)Vector: AV:N/AC:H/Au:S/C:P/I:P/A:P
Severity: HIGH (7.1)Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
References:
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: 2.1.2
Back to top