ALT-BU-2016-2931-1
Branch sisyphus update bulletin.
Package system-report updated to version 0.1.1-alt1 for branch sisyphus in task 168561.
Closed bugs
В лог не попадает вывод lsusb
Closed bugs
too old
Package kernel-image-std-def updated to version 4.4.17-alt1 for branch sisyphus in task 168549.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2016-7911
Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel before 4.6.6 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call.
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8ba8682107ee2ca3347354e018865d8e1967c5f4
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8ba8682107ee2ca3347354e018865d8e1967c5f4
- http://source.android.com/security/bulletin/2016-11-01.html
- http://source.android.com/security/bulletin/2016-11-01.html
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.6
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.6
- 94135
- 94135
- https://github.com/torvalds/linux/commit/8ba8682107ee2ca3347354e018865d8e1967c5f4
- https://github.com/torvalds/linux/commit/8ba8682107ee2ca3347354e018865d8e1967c5f4
Package kernel-image-un-def updated to version 4.6.6-alt1 for branch sisyphus in task 168551.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2016-7911
Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel before 4.6.6 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call.
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8ba8682107ee2ca3347354e018865d8e1967c5f4
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8ba8682107ee2ca3347354e018865d8e1967c5f4
- http://source.android.com/security/bulletin/2016-11-01.html
- http://source.android.com/security/bulletin/2016-11-01.html
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.6
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.6
- 94135
- 94135
- https://github.com/torvalds/linux/commit/8ba8682107ee2ca3347354e018865d8e1967c5f4
- https://github.com/torvalds/linux/commit/8ba8682107ee2ca3347354e018865d8e1967c5f4
Closed vulnerabilities
Modified: 2024-11-21
CVE-2016-5285
A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.
- http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html
- http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html
- http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html
- http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html
- http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html
- http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html
- http://rhn.redhat.com/errata/RHSA-2016-2779.html
- http://rhn.redhat.com/errata/RHSA-2016-2779.html
- http://www.securityfocus.com/bid/94349
- http://www.securityfocus.com/bid/94349
- http://www.ubuntu.com/usn/USN-3163-1
- http://www.ubuntu.com/usn/USN-3163-1
- https://bto.bluecoat.com/security-advisory/sa137
- https://bto.bluecoat.com/security-advisory/sa137
- https://bugzilla.mozilla.org/show_bug.cgi?id=1306103
- https://bugzilla.mozilla.org/show_bug.cgi?id=1306103
- https://security.gentoo.org/glsa/201701-46
- https://security.gentoo.org/glsa/201701-46
Closed bugs
[FR][PATCH] Добавить юнит systemd