ALT Linux Team

Branch sisyphus update on 2018-11-10

2018-11-10

ALT-BU-2018-3566-1

Branch sisyphus update bulletin.

ALT-PU-2018-2616-1

Package nagios-nrpe updated to version 3.2.1-alt1 for branch sisyphus in task 216163.

Closed bugs

Bug #35576

В пакете идёт устаревший конфиг, не позволяющий настроить SSL

ALT-PU-2018-2620-1

Package sddm updated to version 0.17.0-alt3 for branch sisyphus in task 216339.

Closed bugs

Bug #33248

Не запускает x-server

Bug #33728

sddm с темой Эларан игнорирует выбор сессии

Bug #33786

sddm: недостающие зависимости: qt5-quickcontrols

ALT-PU-2018-2623-1

Package vlc updated to version 3.0.4-alt2 for branch sisyphus in task 216320.

Closed bugs

Bug #23213

зависит от fonts-ttf-dejavu

ALT-PU-2018-2624-1

Package devscripts updated to version 2.18.7-alt1_1 for branch sisyphus in task 216357.

Closed vulnerabilities

Published: 2018-07-02
Modified: 2024-11-21

CVE-2018-13043

scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing.

Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top