ALT-BU-2016-2992-1
Branch sisyphus update bulletin.
Package kernel-image-un-def updated to version 4.7.4-alt1 for branch sisyphus in task 169397.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2016-10318
A missing authorization check in the fscrypt_process_policy function in fs/crypto/policy.c in the ext4 and f2fs filesystem encryption support in the Linux kernel before 4.7.4 allows a user to assign an encryption policy to a directory owned by a different user, potentially creating a denial of service.
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=163ae1c6ad6299b19e22b4a35d5ab24a89791a98
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=163ae1c6ad6299b19e22b4a35d5ab24a89791a98
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.4
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.4
- 97404
- 97404
- https://github.com/torvalds/linux/commit/163ae1c6ad6299b19e22b4a35d5ab24a89791a98
- https://github.com/torvalds/linux/commit/163ae1c6ad6299b19e22b4a35d5ab24a89791a98
Closed vulnerabilities
Modified: 2024-11-21
CVE-2020-15803
Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.
- openSUSE-SU-2020:1604
- openSUSE-SU-2020:1604
- [debian-lts-announce] 20200803 [SECURITY] [DLA 2311-1] zabbix security update
- [debian-lts-announce] 20200803 [SECURITY] [DLA 2311-1] zabbix security update
- [debian-lts-announce] 20210421 [SECURITY] [DLA 2631-1] zabbix security update
- [debian-lts-announce] 20210421 [SECURITY] [DLA 2631-1] zabbix security update
- [debian-lts-announce] 20230412 [SECURITY] [DLA 3390-1] zabbix security update
- [debian-lts-announce] 20230412 [SECURITY] [DLA 3390-1] zabbix security update
- FEDORA-2020-02cf7850ca
- FEDORA-2020-02cf7850ca
- FEDORA-2020-519516feec
- FEDORA-2020-519516feec
- https://support.zabbix.com/browse/ZBX-18057
- https://support.zabbix.com/browse/ZBX-18057
Package virtualbox updated to version 5.1.6-alt1 for branch sisyphus in task 169046.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2016-5605
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.1.4 in Oracle Virtualization allows remote attackers to affect confidentiality and integrity via vectors related to VRDE.
Package kernel-modules-virtualbox-std-def updated to version 5.1.6-alt1.263189.1 for branch sisyphus in task 169046.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2016-5605
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.1.4 in Oracle Virtualization allows remote attackers to affect confidentiality and integrity via vectors related to VRDE.
Package kernel-modules-virtualbox-un-def updated to version 5.1.6-alt1.263940.1 for branch sisyphus in task 169046.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2016-5605
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.1.4 in Oracle Virtualization allows remote attackers to affect confidentiality and integrity via vectors related to VRDE.
Package kernel-modules-virtualbox-addition-std-def updated to version 5.1.6-alt1.263189.1 for branch sisyphus in task 169046.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2016-5605
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.1.4 in Oracle Virtualization allows remote attackers to affect confidentiality and integrity via vectors related to VRDE.
Package kernel-modules-virtualbox-addition-un-def updated to version 5.1.6-alt1.263940.1 for branch sisyphus in task 169046.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2016-5605
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.1.4 in Oracle Virtualization allows remote attackers to affect confidentiality and integrity via vectors related to VRDE.