ALT-BU-2017-3375-1
Branch sisyphus update bulletin.
Package libleveldb updated to version 1.20-alt1 for branch sisyphus in task 188741.
Closed bugs
Собрать версию 1.20
Closed vulnerabilities
BDU:2017-01850
Уязвимость функции wwunpack (libclamav/wwunpack.c) средства антивирусной защиты Clam Antivirus, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2017-01851
Уязвимость компонента libclamav/message.c средства антивирусной защиты Clam Antivirus, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2017-6418
libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted e-mail message.
- 100154
- 100154
- https://bugzilla.clamav.net/show_bug.cgi?id=11797
- https://bugzilla.clamav.net/show_bug.cgi?id=11797
- https://github.com/varsleak/varsleak-vul/blob/master/clamav-vul/heap-overflow/clamav_email_crash.md
- https://github.com/varsleak/varsleak-vul/blob/master/clamav-vul/heap-overflow/clamav_email_crash.md
- https://github.com/vrtadmin/clamav-devel/commit/586a5180287262070637c8943f2f7efd652e4a2c
- https://github.com/vrtadmin/clamav-devel/commit/586a5180287262070637c8943f2f7efd652e4a2c
- GLSA-201804-16
- GLSA-201804-16
Modified: 2024-11-21
CVE-2017-6420
The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (use-after-free) via a crafted PE file with WWPack compression.
- https://bugzilla.clamav.net/show_bug.cgi?id=11798
- https://bugzilla.clamav.net/show_bug.cgi?id=11798
- https://github.com/varsleak/varsleak-vul/blob/master/clamav-vul/use-after-free/clamav-use-after-free-pe.md
- https://github.com/varsleak/varsleak-vul/blob/master/clamav-vul/use-after-free/clamav-use-after-free-pe.md
- https://github.com/vrtadmin/clamav-devel/commit/dfc00cd3301a42b571454b51a6102eecf58407bc
- https://github.com/vrtadmin/clamav-devel/commit/dfc00cd3301a42b571454b51a6102eecf58407bc
- GLSA-201804-16
- GLSA-201804-16
Package perl-TermReadKey updated to version 2.37-alt2 for branch sisyphus in task 188770.
Closed bugs
missing package summury and really long package description
Closed bugs
Нужен конфликт со strongswan
Package perl-CGI-Fast updated to version 2.12-alt2 for branch sisyphus in task 188771.
Closed bugs
missing package summary
Closed vulnerabilities
BDU:2022-05864
Уязвимость библиотеки Simple DirectMedia Layer, связанная с целочисленным переполнением, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2017-2888
An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. A specially crafted file can cause an integer overflow resulting in too little memory being allocated which can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability.
- 101215
- 101215
- [debian-lts-announce] 20211031 [SECURITY] [DLA 2803-1] libsdl2 security update
- [debian-lts-announce] 20211031 [SECURITY] [DLA 2803-1] libsdl2 security update
- USN-4143-1
- USN-4143-1
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0395
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0395