Branch p8 update bulletin.

Package salt updated to version 2017.7.1-alt0.M80P.1 for branch p8 in task 187157.

Published: 2017-08-23
Modified: 2024-11-21

CVE-2017-12791

Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.11.7 and 2017.7.x before 2017.7.1 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID.

Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

Package chromium updated to version 60.0.3112.90-alt1.M80P.1 for branch p8 in task 187179.

Недостающие библиотеки в %_libdir/chromium/swiftshader

Package adobe-flash-player-ppapi updated to version 26-alt2.M80P.1 for branch p8 in task 187190.

Published: 2017-08-11
Modified: 2024-11-21

CVE-2017-3085

Adobe Flash Player versions 26.0.0.137 and earlier have a security bypass vulnerability that leads to information disclosure when performing URL redirect.

Severity: HIGH (7.4) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

References:

Published: 2017-08-11
Modified: 2024-11-21

CVE-2017-3106

Adobe Flash Player versions 26.0.0.137 and earlier have an exploitable type confusion vulnerability when parsing SWF files. Successful exploitation could lead to arbitrary code execution.

Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References:

Package kf5-plasma-workspace updated to version 5.10.4-alt6.M80P.1 for branch p8 in task 187215.

kde5/plasma: неправильно формируется контекстное меню в системном трее

Version: 2.1.0

Branch p8 update on 2017-08-18

ALT-BU-2017-3306-1

ALT-PU-2017-2074-1

Closed vulnerabilities

CVE-2017-12791

ALT-PU-2017-2076-1

Closed bugs

Bug #33750

ALT-PU-2017-2078-1

Closed vulnerabilities

CVE-2017-3085

CVE-2017-3106

ALT-PU-2017-2079-1

Closed bugs

Bug #33763