ALT-BU-2017-3015-1
Branch p8 update bulletin.
Closed vulnerabilities
Modified: 2025-04-20
CVE-2016-8685
The findnext function in decompose.c in potrace 1.13 allows remote attackers to cause a denial of service (invalid memory access and crash) via a crafted BMP image.
- http://www.openwall.com/lists/oss-security/2016/10/08/17
- http://www.openwall.com/lists/oss-security/2016/10/16/9
- http://www.securityfocus.com/bid/93470
- https://blogs.gentoo.org/ago/2016/08/29/potrace-invalid-memory-access-in-findnext-decompose-c/
- http://www.openwall.com/lists/oss-security/2016/10/08/17
- http://www.openwall.com/lists/oss-security/2016/10/16/9
- http://www.securityfocus.com/bid/93470
- https://blogs.gentoo.org/ago/2016/08/29/potrace-invalid-memory-access-in-findnext-decompose-c/
Modified: 2025-04-20
CVE-2016-8686
The bm_new function in bitmap.h in potrace 1.13 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure.
- http://www.openwall.com/lists/oss-security/2016/10/16/10
- http://www.securityfocus.com/bid/93777
- https://blogs.gentoo.org/ago/2016/08/29/potrace-memory-allocation-failure/
- http://www.openwall.com/lists/oss-security/2016/10/16/10
- http://www.securityfocus.com/bid/93777
- https://blogs.gentoo.org/ago/2016/08/29/potrace-memory-allocation-failure/
Closed vulnerabilities
Modified: 2016-11-28
BDU:2015-10226
Уязвимость интерпретатора PHP, позволяющая удалённому нарушителю вызвать отказ в обслуживании или оказать иное воздействие на систему
Modified: 2025-04-12
CVE-2014-9653
readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service (uninitialized memory access) or possibly have unspecified other impact via a crafted ELF file.
- http://bugs.gw.com/view.php?id=409
- http://marc.info/?l=bugtraq&m=143748090628601&w=2
- http://marc.info/?l=bugtraq&m=144050155601375&w=2
- http://mx.gw.com/pipermail/file/2014/001649.html
- http://openwall.com/lists/oss-security/2015/02/05/13
- http://php.net/ChangeLog-5.php
- http://rhn.redhat.com/errata/RHSA-2016-0760.html
- http://www.debian.org/security/2015/dsa-3196
- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- http://www.securityfocus.com/bid/72516
- https://github.com/file/file/commit/445c8fb0ebff85195be94cd9f7e1df89cade5c7f
- https://security.gentoo.org/glsa/201701-42
- https://usn.ubuntu.com/3686-1/
- http://bugs.gw.com/view.php?id=409
- http://marc.info/?l=bugtraq&m=143748090628601&w=2
- http://marc.info/?l=bugtraq&m=144050155601375&w=2
- http://mx.gw.com/pipermail/file/2014/001649.html
- http://openwall.com/lists/oss-security/2015/02/05/13
- http://php.net/ChangeLog-5.php
- http://rhn.redhat.com/errata/RHSA-2016-0760.html
- http://www.debian.org/security/2015/dsa-3196
- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- http://www.securityfocus.com/bid/72516
- https://github.com/file/file/commit/445c8fb0ebff85195be94cd9f7e1df89cade5c7f
- https://security.gentoo.org/glsa/201701-42
- https://usn.ubuntu.com/3686-1/
Closed bugs
Add gzip-rsyncable patch
Closed vulnerabilities
Modified: 2024-11-28
BDU:2018-00462
Уязвимость функции png_set_text_2 библиотеки libpng, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-04-20
CVE-2016-10087
The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure.
- http://www.openwall.com/lists/oss-security/2016/12/29/2
- http://www.openwall.com/lists/oss-security/2016/12/30/4
- http://www.securityfocus.com/bid/95157
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
- https://security.gentoo.org/glsa/201701-74
- https://usn.ubuntu.com/3712-1/
- https://usn.ubuntu.com/3712-2/
- http://www.openwall.com/lists/oss-security/2016/12/29/2
- http://www.openwall.com/lists/oss-security/2016/12/30/4
- http://www.securityfocus.com/bid/95157
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
- https://security.gentoo.org/glsa/201701-74
- https://usn.ubuntu.com/3712-1/
- https://usn.ubuntu.com/3712-2/
Closed vulnerabilities
Modified: 2024-11-28
BDU:2019-03749
Уязвимость функции safer_name_suffix архиватора GNU Tar, позволяющая нарушителю обойти предполагаемый механизм защиты и произвести запись в произвольные файлы
Modified: 2025-08-06
CVE-2016-6321
Directory traversal vulnerability in the safer_name_suffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the file_name parameter, aka POINTYFEATHER.
- http://git.savannah.gnu.org/cgit/tar.git/commit/?id=7340f67b9860ea0531c1450e5aa261c50f67165d
- http://lists.gnu.org/archive/html/bug-tar/2016-10/msg00016.html
- http://packetstormsecurity.com/files/139370/GNU-tar-1.29-Extract-Pathname-Bypass.html
- http://seclists.org/fulldisclosure/2016/Oct/102
- http://seclists.org/fulldisclosure/2016/Oct/96
- http://www.debian.org/security/2016/dsa-3702
- http://www.securityfocus.com/bid/93937
- http://www.ubuntu.com/usn/USN-3132-1
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
- https://security.gentoo.org/glsa/201611-19
- https://sintonen.fi/advisories/tar-extract-pathname-bypass.proper.txt
- http://git.savannah.gnu.org/cgit/tar.git/commit/?id=7340f67b9860ea0531c1450e5aa261c50f67165d
- http://lists.gnu.org/archive/html/bug-tar/2016-10/msg00016.html
- http://packetstormsecurity.com/files/139370/GNU-tar-1.29-Extract-Pathname-Bypass.html
- http://seclists.org/fulldisclosure/2016/Oct/102
- http://seclists.org/fulldisclosure/2016/Oct/96
- http://www.debian.org/security/2016/dsa-3702
- http://www.securityfocus.com/bid/93937
- http://www.ubuntu.com/usn/USN-3132-1
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
- https://security.gentoo.org/glsa/201611-19
- https://sintonen.fi/advisories/tar-extract-pathname-bypass.proper.txt
Closed vulnerabilities
Modified: 2025-04-20
CVE-2016-10254
The allocate_elf function in common.h in elfutils before 0.168 allows remote attackers to cause a denial of service (crash) via a crafted ELF file, which triggers a memory allocation failure.
- http://www.openwall.com/lists/oss-security/2017/03/22/2
- https://blogs.gentoo.org/ago/2016/11/04/elfutils-memory-allocation-failure-in-allocate_elf-common-h/
- https://lists.fedorahosted.org/archives/list/elfutils-devel%40lists.fedorahosted.org/message/EJWVY7TMRDEMWPAPNVU3V4MZYG5HANF2/
- https://security.gentoo.org/glsa/201710-10
- https://usn.ubuntu.com/3670-1/
- http://www.openwall.com/lists/oss-security/2017/03/22/2
- https://blogs.gentoo.org/ago/2016/11/04/elfutils-memory-allocation-failure-in-allocate_elf-common-h/
- https://lists.fedorahosted.org/archives/list/elfutils-devel%40lists.fedorahosted.org/message/EJWVY7TMRDEMWPAPNVU3V4MZYG5HANF2/
- https://security.gentoo.org/glsa/201710-10
- https://usn.ubuntu.com/3670-1/
Modified: 2025-04-20
CVE-2016-10255
The __libelf_set_rawdata_wrlock function in elf_getdata.c in elfutils before 0.168 allows remote attackers to cause a denial of service (crash) via a crafted (1) sh_off or (2) sh_size ELF header value, which triggers a memory allocation failure.
- http://www.openwall.com/lists/oss-security/2017/03/22/1
- https://blogs.gentoo.org/ago/2016/11/04/elfutils-memory-allocation-failure-in-__libelf_set_rawdata_wrlock-elf_getdata-c/
- https://bugzilla.redhat.com/show_bug.cgi?id=1387584
- https://lists.fedorahosted.org/archives/list/elfutils-devel%40lists.fedorahosted.org/thread/Q4LE47FPEVRZANMV6JE2NMHYO4H5MHGJ/
- https://security.gentoo.org/glsa/201710-10
- https://usn.ubuntu.com/3670-1/
- http://www.openwall.com/lists/oss-security/2017/03/22/1
- https://blogs.gentoo.org/ago/2016/11/04/elfutils-memory-allocation-failure-in-__libelf_set_rawdata_wrlock-elf_getdata-c/
- https://bugzilla.redhat.com/show_bug.cgi?id=1387584
- https://lists.fedorahosted.org/archives/list/elfutils-devel%40lists.fedorahosted.org/thread/Q4LE47FPEVRZANMV6JE2NMHYO4H5MHGJ/
- https://security.gentoo.org/glsa/201710-10
- https://usn.ubuntu.com/3670-1/
Closed vulnerabilities
Modified: 2021-03-23
BDU:2019-01635
Уязвимость генератора псевдослучайных чисел библиотеки криптографии Libgcrypt, связанная с раскрытием информации, позволяющая нарушителю прогнозировать выходные данные
Modified: 2025-04-12
CVE-2016-6313
The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by leveraging knowledge of the previous 4640 bits.
- http://rhn.redhat.com/errata/RHSA-2016-2674.html
- http://www.debian.org/security/2016/dsa-3649
- http://www.debian.org/security/2016/dsa-3650
- http://www.securityfocus.com/bid/92527
- http://www.securitytracker.com/id/1036635
- http://www.ubuntu.com/usn/USN-3064-1
- http://www.ubuntu.com/usn/USN-3065-1
- https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=blob_plain%3Bf=NEWS
- https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html
- https://security.gentoo.org/glsa/201610-04
- https://security.gentoo.org/glsa/201612-01
- http://rhn.redhat.com/errata/RHSA-2016-2674.html
- http://www.debian.org/security/2016/dsa-3649
- http://www.debian.org/security/2016/dsa-3650
- http://www.securityfocus.com/bid/92527
- http://www.securitytracker.com/id/1036635
- http://www.ubuntu.com/usn/USN-3064-1
- http://www.ubuntu.com/usn/USN-3065-1
- https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=blob_plain%3Bf=NEWS
- https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html
- https://security.gentoo.org/glsa/201610-04
- https://security.gentoo.org/glsa/201612-01
Closed vulnerabilities
Modified: 2025-04-12
CVE-2015-1419
Unspecified vulnerability in vsftpd 3.0.2 and earlier allows remote attackers to bypass access restrictions via unknown vectors, related to deny_file parsing.
- http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00023.html
- http://lists.opensuse.org/opensuse-updates/2015-01/msg00041.html
- http://secunia.com/advisories/62415
- http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00023.html
- http://lists.opensuse.org/opensuse-updates/2015-01/msg00041.html
- http://secunia.com/advisories/62415
Package installer-scripts-remount-stage2 updated to version 0.5.13-alt1 for branch p8 in task 180979.
Closed bugs
Если при установке есть LVM, установка не проходит