ALT Linux Team

Branch sisyphus update on 2018-03-21

2018-03-21

ALT-BU-2018-3146-2

Branch sisyphus update bulletin.

ALT-PU-2018-1454-1

Package calibre updated to version 3.19.0-alt1 for branch sisyphus in task 202546.

Closed vulnerabilities

Published: 2018-03-08
Modified: 2024-11-21

CVE-2018-7889

gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call.

Severity: MEDIUM (6.8)Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Severity: HIGH (7.8)Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:

ALT-PU-2018-1455-2

Package phpMyAdmin updated to version 4.7.9-alt1 for branch sisyphus in task 202553.

Closed vulnerabilities

Published: 2018-02-21
Modified: 2024-11-21

CVE-2018-7260

Cross-site scripting (XSS) vulnerability in db_central_columns.php in phpMyAdmin before 4.7.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

Severity: LOW (3.5)Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N
Severity: MEDIUM (5.4)Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
References:
Published: 2022-05-14
Modified: 2024-04-24

GHSA-gqmj-f46x-wqhw

phpMyAdmin Cross-site scripting (XSS) vulnerability in central columns feature

Severity: MEDIUM (5.4)Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
References:

ALT-PU-2018-1458-1

Package llvm4.0 updated to version 4.0.1-alt3.rel for branch sisyphus in task 202575.

Closed bugs

Bug #34662

Конфликт с пакетом llvm4

VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: 2.1.2
Back to top