ALT Linux Team

Branch sisyphus update on 2017-02-09

2017-02-09

ALT-BU-2017-2925-1

Branch sisyphus update bulletin.

ALT-PU-2017-1142-1

Package calibre updated to version 2.78.0-alt1 for branch sisyphus in task 177812.

Closed vulnerabilities

Published: 2017-03-16
Modified: 2025-04-20

CVE-2016-10187

The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript.

Severity: MEDIUM (4.3) Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:

ALT-PU-2017-1143-1

Package bind updated to version 9.10.4-alt2 for branch sisyphus in task 177857.

Closed vulnerabilities

Published: 2019-01-16
Modified: 2024-11-21

CVE-2017-3135

Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -> 9.9.9-S7, 9.9.3 -> 9.9.9-P5, 9.9.10b1, 9.10.0 -> 9.10.4-P5, 9.10.5b1, 9.11.0 -> 9.11.0-P2, 9.11.1b1.

Severity: MEDIUM (4.3) Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Severity: MEDIUM (5.9) Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.2
Back to top