ALT-BU-2017-3339-2
Branch sisyphus update bulletin.
Package python-module-html5lib updated to version 0.999999999-alt2 for branch sisyphus in task 187931.
Closed bugs
Ошибка при импортировании
Closed vulnerabilities
Modified: 2025-04-20
CVE-2016-9400
The CClient::ProcessServerPacket method in engine/client/client.cpp in Teeworlds before 0.6.4 allows remote servers to write to arbitrary physical memory locations and possibly execute arbitrary code via vectors involving snap handling.
- http://www.openwall.com/lists/oss-security/2016/11/16/8
- http://www.openwall.com/lists/oss-security/2016/11/17/8
- http://www.securityfocus.com/bid/94381
- https://github.com/teeworlds/teeworlds/commit/ff254722a2683867fcb3e67569ffd36226c4bc62
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C4JNSBXXPE7O32ZMFK7D7YL6EKLG7PRV/
- https://security.gentoo.org/glsa/201705-13
- https://www.teeworlds.com/?page=news&id=12086
- http://www.openwall.com/lists/oss-security/2016/11/16/8
- http://www.openwall.com/lists/oss-security/2016/11/17/8
- http://www.securityfocus.com/bid/94381
- https://github.com/teeworlds/teeworlds/commit/ff254722a2683867fcb3e67569ffd36226c4bc62
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C4JNSBXXPE7O32ZMFK7D7YL6EKLG7PRV/
- https://security.gentoo.org/glsa/201705-13
- https://www.teeworlds.com/?page=news&id=12086
Closed bugs
Прошу обновить версию
Package ConsoleKit2 updated to version 1.2.0-alt2 for branch sisyphus in task 187951.
Closed bugs
Неверные Obsoletes
Package kernel-image-std-def updated to version 4.9.48-alt1 for branch sisyphus in task 187946.
Closed vulnerabilities
Modified: 2025-04-20
CVE-2017-11600
net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink message.
- http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html
- http://seclists.org/bugtraq/2017/Jul/30
- http://www.debian.org/security/2017/dsa-3981
- http://www.securityfocus.com/bid/99928
- https://access.redhat.com/errata/RHSA-2018:1965
- https://access.redhat.com/errata/RHSA-2018:2003
- https://access.redhat.com/errata/RHSA-2019:1170
- https://access.redhat.com/errata/RHSA-2019:1190
- https://source.android.com/security/bulletin/pixel/2017-11-01
- http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html
- http://seclists.org/bugtraq/2017/Jul/30
- http://www.debian.org/security/2017/dsa-3981
- http://www.securityfocus.com/bid/99928
- https://access.redhat.com/errata/RHSA-2018:1965
- https://access.redhat.com/errata/RHSA-2018:2003
- https://access.redhat.com/errata/RHSA-2019:1170
- https://access.redhat.com/errata/RHSA-2019:1190
- https://source.android.com/security/bulletin/pixel/2017-11-01
Package kernel-image-un-def updated to version 4.12.11-alt1 for branch sisyphus in task 187947.
Closed vulnerabilities
Modified: 2025-04-20
CVE-2017-11600
net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink message.
- http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html
- http://seclists.org/bugtraq/2017/Jul/30
- http://www.debian.org/security/2017/dsa-3981
- http://www.securityfocus.com/bid/99928
- https://access.redhat.com/errata/RHSA-2018:1965
- https://access.redhat.com/errata/RHSA-2018:2003
- https://access.redhat.com/errata/RHSA-2019:1170
- https://access.redhat.com/errata/RHSA-2019:1190
- https://source.android.com/security/bulletin/pixel/2017-11-01
- http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html
- http://seclists.org/bugtraq/2017/Jul/30
- http://www.debian.org/security/2017/dsa-3981
- http://www.securityfocus.com/bid/99928
- https://access.redhat.com/errata/RHSA-2018:1965
- https://access.redhat.com/errata/RHSA-2018:2003
- https://access.redhat.com/errata/RHSA-2019:1170
- https://access.redhat.com/errata/RHSA-2019:1190
- https://source.android.com/security/bulletin/pixel/2017-11-01
Modified: 2025-04-20
CVE-2017-14051
An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service (memory corruption and system crash) by leveraging root access.
- http://www.securityfocus.com/bid/100571
- https://bugzilla.kernel.org/show_bug.cgi?id=194061
- https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html
- https://patchwork.kernel.org/patch/9929625/
- https://usn.ubuntu.com/3583-1/
- https://usn.ubuntu.com/3583-2/
- http://www.securityfocus.com/bid/100571
- https://bugzilla.kernel.org/show_bug.cgi?id=194061
- https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html
- https://patchwork.kernel.org/patch/9929625/
- https://usn.ubuntu.com/3583-1/
- https://usn.ubuntu.com/3583-2/
Modified: 2025-04-20
CVE-2017-14156
The atyfb_ioctl function in drivers/video/fbdev/aty/atyfb_base.c in the Linux kernel through 4.12.10 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading locations associated with padding bytes.
- http://www.debian.org/security/2017/dsa-3981
- http://www.securityfocus.com/bid/100634
- https://github.com/torvalds/linux/pull/441
- https://marc.info/?l=linux-kernel&m=150401461613306&w=2
- https://marc.info/?l=linux-kernel&m=150453196710422&w=2
- https://usn.ubuntu.com/3583-1/
- https://usn.ubuntu.com/3583-2/
- http://www.debian.org/security/2017/dsa-3981
- http://www.securityfocus.com/bid/100634
- https://github.com/torvalds/linux/pull/441
- https://marc.info/?l=linux-kernel&m=150401461613306&w=2
- https://marc.info/?l=linux-kernel&m=150453196710422&w=2
- https://usn.ubuntu.com/3583-1/
- https://usn.ubuntu.com/3583-2/
Package mate-desktop updated to version 1.19.0-alt1_1 for branch sisyphus in task 187726.
Closed bugs
Обновление mate в Сизифе до текущей версии
Package mate-file-archiver updated to version 1.19.0-alt1_4 for branch sisyphus in task 187726.
Closed bugs
Выделить субпакет mate-file-manager-archiver