2019-01-15
ALT-BU-2019-3436-2
Branch sisyphus update bulletin.
Closed vulnerabilities
Published: 2020-06-02
Modified: 2026-03-16
Modified: 2026-03-16
BDU:2020-02558
Уязвимость модуля виртуальных таблиц FTS3 системы управления базами данных SQLite, позволяющая нарушителю выполнить произвольный код
Severity: HIGH (8.1)Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH (7.6)Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
References:
Published: 2020-06-17
BDU:2020-02776
Уязвимость системы управления базами данных SQLite, связанная с отсутствием защиты структуры запроса SQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5)Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH (7.8)Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
References:
Published: 2020-10-27
Modified: 2023-11-21
Modified: 2023-11-21
BDU:2020-04840
Уязвимость расширения FTS3 системы управления базами данных SQLite, позволяющая нарушителю выполнить произвольный код
Severity: HIGH (8.1)Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL (9.3)Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
References:
Published: 2018-12-21
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2018-20346
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan.
Severity: MEDIUM (6.8)Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Severity: HIGH (8.1)Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00040.html
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00070.html
- http://www.securityfocus.com/bid/106323
- https://access.redhat.com/articles/3758321
- https://blade.tencent.com/magellan/index_en.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1659379
- https://bugzilla.redhat.com/show_bug.cgi?id=1659677
- https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html
- https://chromium.googlesource.com/chromium/src/+/c368e30ae55600a1c3c9cb1710a54f9c55de786e
- https://crbug.com/900910
- https://github.com/zhuowei/worthdoingbadly.com/blob/master/_posts/2018-12-14-sqlitebug.html
- https://kc.mcafee.com/corporate/index?page=content&id=SB10365
- https://lists.debian.org/debian-lts-announce/2018/12/msg00012.html
- https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PU4NZ6DDU4BEM3ACM3FM6GLEPX56ZQXK/
- https://news.ycombinator.com/item?id=18685296
- https://security.gentoo.org/glsa/201904-21
- https://sqlite.org/src/info/940f2adc8541a838
- https://sqlite.org/src/info/d44318f59044162e
- https://support.apple.com/HT209443
- https://support.apple.com/HT209446
- https://support.apple.com/HT209447
- https://support.apple.com/HT209448
- https://support.apple.com/HT209450
- https://support.apple.com/HT209451
- https://usn.ubuntu.com/4019-1/
- https://usn.ubuntu.com/4019-2/
- https://worthdoingbadly.com/sqlitebug/
- https://www.freebsd.org/security/advisories/FreeBSD-EN-19:03.sqlite.asc
- https://www.mail-archive.com/sqlite-users%40mailinglists.sqlite.org/msg113218.html
- https://www.oracle.com/security-alerts/cpuapr2020.html
- https://www.sqlite.org/releaselog/3_25_3.html
- https://www.synology.com/security/advisory/Synology_SA_18_61
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00040.html
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00070.html
- http://www.securityfocus.com/bid/106323
- https://access.redhat.com/articles/3758321
- https://blade.tencent.com/magellan/index_en.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1659379
- https://bugzilla.redhat.com/show_bug.cgi?id=1659677
- https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html
- https://chromium.googlesource.com/chromium/src/+/c368e30ae55600a1c3c9cb1710a54f9c55de786e
- https://crbug.com/900910
- https://github.com/zhuowei/worthdoingbadly.com/blob/master/_posts/2018-12-14-sqlitebug.html
- https://kc.mcafee.com/corporate/index?page=content&id=SB10365
- https://lists.debian.org/debian-lts-announce/2018/12/msg00012.html
- https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PU4NZ6DDU4BEM3ACM3FM6GLEPX56ZQXK/
- https://news.ycombinator.com/item?id=18685296
- https://security.gentoo.org/glsa/201904-21
- https://sqlite.org/src/info/940f2adc8541a838
- https://sqlite.org/src/info/d44318f59044162e
- https://support.apple.com/HT209443
- https://support.apple.com/HT209446
- https://support.apple.com/HT209447
- https://support.apple.com/HT209448
- https://support.apple.com/HT209450
- https://support.apple.com/HT209451
- https://usn.ubuntu.com/4019-1/
- https://usn.ubuntu.com/4019-2/
- https://worthdoingbadly.com/sqlitebug/
- https://www.freebsd.org/security/advisories/FreeBSD-EN-19:03.sqlite.asc
- https://www.mail-archive.com/sqlite-users%40mailinglists.sqlite.org/msg113218.html
- https://www.oracle.com/security-alerts/cpuapr2020.html
- https://www.sqlite.org/releaselog/3_25_3.html
- https://www.synology.com/security/advisory/Synology_SA_18_61
Published: 2019-04-03
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2018-20505
SQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, allows remote attackers to cause a denial of service (application crash) by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases).
Severity: MEDIUM (5.0)Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Severity: HIGH (7.5)Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- http://seclists.org/fulldisclosure/2019/Jan/62
- http://seclists.org/fulldisclosure/2019/Jan/64
- http://seclists.org/fulldisclosure/2019/Jan/66
- http://seclists.org/fulldisclosure/2019/Jan/67
- http://seclists.org/fulldisclosure/2019/Jan/68
- http://seclists.org/fulldisclosure/2019/Jan/69
- http://www.securityfocus.com/bid/106698
- https://seclists.org/bugtraq/2019/Jan/28
- https://seclists.org/bugtraq/2019/Jan/29
- https://seclists.org/bugtraq/2019/Jan/31
- https://seclists.org/bugtraq/2019/Jan/32
- https://seclists.org/bugtraq/2019/Jan/33
- https://seclists.org/bugtraq/2019/Jan/39
- https://security.netapp.com/advisory/ntap-20190502-0004/
- https://sqlite.org/src/info/1a84668dcfdebaf12415d
- https://support.apple.com/kb/HT209443
- https://support.apple.com/kb/HT209446
- https://support.apple.com/kb/HT209447
- https://support.apple.com/kb/HT209448
- https://support.apple.com/kb/HT209450
- https://support.apple.com/kb/HT209451
- https://usn.ubuntu.com/4019-1/
- http://seclists.org/fulldisclosure/2019/Jan/62
- http://seclists.org/fulldisclosure/2019/Jan/64
- http://seclists.org/fulldisclosure/2019/Jan/66
- http://seclists.org/fulldisclosure/2019/Jan/67
- http://seclists.org/fulldisclosure/2019/Jan/68
- http://seclists.org/fulldisclosure/2019/Jan/69
- http://www.securityfocus.com/bid/106698
- https://seclists.org/bugtraq/2019/Jan/28
- https://seclists.org/bugtraq/2019/Jan/29
- https://seclists.org/bugtraq/2019/Jan/31
- https://seclists.org/bugtraq/2019/Jan/32
- https://seclists.org/bugtraq/2019/Jan/33
- https://seclists.org/bugtraq/2019/Jan/39
- https://security.netapp.com/advisory/ntap-20190502-0004/
- https://sqlite.org/src/info/1a84668dcfdebaf12415d
- https://support.apple.com/kb/HT209443
- https://support.apple.com/kb/HT209446
- https://support.apple.com/kb/HT209447
- https://support.apple.com/kb/HT209448
- https://support.apple.com/kb/HT209450
- https://support.apple.com/kb/HT209451
- https://usn.ubuntu.com/4019-1/
Published: 2019-04-03
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2018-20506
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases). This is a different vulnerability than CVE-2018-20346.
Severity: MEDIUM (6.8)Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Severity: HIGH (8.1)Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00070.html
- http://seclists.org/fulldisclosure/2019/Jan/62
- http://seclists.org/fulldisclosure/2019/Jan/64
- http://seclists.org/fulldisclosure/2019/Jan/66
- http://seclists.org/fulldisclosure/2019/Jan/67
- http://seclists.org/fulldisclosure/2019/Jan/68
- http://seclists.org/fulldisclosure/2019/Jan/69
- http://www.securityfocus.com/bid/106698
- https://kc.mcafee.com/corporate/index?page=content&id=SB10365
- https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html
- https://seclists.org/bugtraq/2019/Jan/28
- https://seclists.org/bugtraq/2019/Jan/29
- https://seclists.org/bugtraq/2019/Jan/31
- https://seclists.org/bugtraq/2019/Jan/32
- https://seclists.org/bugtraq/2019/Jan/33
- https://seclists.org/bugtraq/2019/Jan/39
- https://security.netapp.com/advisory/ntap-20190502-0004/
- https://sqlite.org/src/info/940f2adc8541a838
- https://support.apple.com/kb/HT209443
- https://support.apple.com/kb/HT209446
- https://support.apple.com/kb/HT209447
- https://support.apple.com/kb/HT209448
- https://support.apple.com/kb/HT209450
- https://support.apple.com/kb/HT209451
- https://usn.ubuntu.com/4019-1/
- https://usn.ubuntu.com/4019-2/
- https://www.oracle.com/security-alerts/cpuapr2020.html
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00070.html
- http://seclists.org/fulldisclosure/2019/Jan/62
- http://seclists.org/fulldisclosure/2019/Jan/64
- http://seclists.org/fulldisclosure/2019/Jan/66
- http://seclists.org/fulldisclosure/2019/Jan/67
- http://seclists.org/fulldisclosure/2019/Jan/68
- http://seclists.org/fulldisclosure/2019/Jan/69
- http://www.securityfocus.com/bid/106698
- https://kc.mcafee.com/corporate/index?page=content&id=SB10365
- https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html
- https://seclists.org/bugtraq/2019/Jan/28
- https://seclists.org/bugtraq/2019/Jan/29
- https://seclists.org/bugtraq/2019/Jan/31
- https://seclists.org/bugtraq/2019/Jan/32
- https://seclists.org/bugtraq/2019/Jan/33
- https://seclists.org/bugtraq/2019/Jan/39
- https://security.netapp.com/advisory/ntap-20190502-0004/
- https://sqlite.org/src/info/940f2adc8541a838
- https://support.apple.com/kb/HT209443
- https://support.apple.com/kb/HT209446
- https://support.apple.com/kb/HT209447
- https://support.apple.com/kb/HT209448
- https://support.apple.com/kb/HT209450
- https://support.apple.com/kb/HT209451
- https://usn.ubuntu.com/4019-1/
- https://usn.ubuntu.com/4019-2/
- https://www.oracle.com/security-alerts/cpuapr2020.html
Package python-module-django updated to version 1.11.17-alt1 for branch sisyphus in task 218036.
Closed vulnerabilities
Published: 2018-12-18
Modified: 2024-10-08
Modified: 2024-10-08
BDU:2018-01507
Уязвимость функции django.utils.html.urlize и методов chars и words объектов django.utils.text.Truncator программной платформы для веб-приложений Django, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.3)Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Severity: MEDIUM (5.0)Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
References:
Published: 2018-03-09
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2018-7536
An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize() function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions (only one regular expression for Django 1.8.x). The urlize() function is used to implement the urlize and urlizetrunc template filters, which were thus vulnerable.
Severity: MEDIUM (5.0)Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Severity: MEDIUM (5.3)Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
References:
- http://www.securityfocus.com/bid/103361
- https://access.redhat.com/errata/RHSA-2018:2927
- https://access.redhat.com/errata/RHSA-2019:0051
- https://access.redhat.com/errata/RHSA-2019:0082
- https://access.redhat.com/errata/RHSA-2019:0265
- https://github.com/django/django/commit/1ca63a66ef3163149ad822701273e8a1844192c2
- https://github.com/django/django/commit/abf89d729f210c692a50e0ad3f75fb6bec6fae16
- https://github.com/django/django/commit/e157315da3ae7005fa0683ffc9751dbeca7306c8
- https://lists.debian.org/debian-lts-announce/2018/03/msg00006.html
- https://usn.ubuntu.com/3591-1/
- https://www.debian.org/security/2018/dsa-4161
- https://www.djangoproject.com/weblog/2018/mar/06/security-releases/
- http://www.securityfocus.com/bid/103361
- https://access.redhat.com/errata/RHSA-2018:2927
- https://access.redhat.com/errata/RHSA-2019:0051
- https://access.redhat.com/errata/RHSA-2019:0082
- https://access.redhat.com/errata/RHSA-2019:0265
- https://github.com/django/django/commit/1ca63a66ef3163149ad822701273e8a1844192c2
- https://github.com/django/django/commit/abf89d729f210c692a50e0ad3f75fb6bec6fae16
- https://github.com/django/django/commit/e157315da3ae7005fa0683ffc9751dbeca7306c8
- https://lists.debian.org/debian-lts-announce/2018/03/msg00006.html
- https://usn.ubuntu.com/3591-1/
- https://www.debian.org/security/2018/dsa-4161
- https://www.djangoproject.com/weblog/2018/mar/06/security-releases/
Published: 2018-03-09
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2018-7537
An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable.
Severity: MEDIUM (5.0)Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Severity: MEDIUM (5.3)Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
References:
- http://www.securityfocus.com/bid/103357
- https://access.redhat.com/errata/RHSA-2018:2927
- https://access.redhat.com/errata/RHSA-2019:0265
- https://lists.debian.org/debian-lts-announce/2018/03/msg00006.html
- https://usn.ubuntu.com/3591-1/
- https://www.debian.org/security/2018/dsa-4161
- https://www.djangoproject.com/weblog/2018/mar/06/security-releases/
- http://www.securityfocus.com/bid/103357
- https://access.redhat.com/errata/RHSA-2018:2927
- https://access.redhat.com/errata/RHSA-2019:0265
- https://lists.debian.org/debian-lts-announce/2018/03/msg00006.html
- https://usn.ubuntu.com/3591-1/
- https://www.debian.org/security/2018/dsa-4161
- https://www.djangoproject.com/weblog/2018/mar/06/security-releases/
Published: 2019-01-04
Modified: 2024-11-18
Modified: 2024-11-18
GHSA-2f9x-5v75-3qv4
Django Denial-of-service possibility in truncatechars_html and truncatewords_html template filters
Severity: LOW (2.7)Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Severity: LOW (2.7)Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
References:
- https://nvd.nist.gov/vuln/detail/CVE-2018-7537
- https://github.com/django/django/commit/94c5da1d17a6b0d378866c66b605102c19f7988c
- https://github.com/django/django/commit/a91436360b79a6ff995c3e5018bcc666dfaf1539
- https://github.com/django/django/commit/d17974a287a6ea2e361daff88fcc004cbd6835fa
- https://access.redhat.com/errata/RHSA-2018:2927
- https://access.redhat.com/errata/RHSA-2019:0265
- https://github.com/advisories/GHSA-2f9x-5v75-3qv4
- https://github.com/django/django
- https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2018-6.yaml
- https://lists.debian.org/debian-lts-announce/2018/03/msg00006.html
- https://usn.ubuntu.com/3591-1
- https://www.debian.org/security/2018/dsa-4161
- https://www.djangoproject.com/weblog/2018/mar/06/security-releases
Published: 2019-01-04
Modified: 2024-09-18
Modified: 2024-09-18
GHSA-r28v-mw67-m5p9
Django denial-of-service possibility in urlize and urlizetrunc template filters
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
References:
- https://nvd.nist.gov/vuln/detail/CVE-2018-7536
- https://github.com/django/django/commit/1ca63a66ef3163149ad822701273e8a1844192c2
- https://github.com/django/django/commit/abf89d729f210c692a50e0ad3f75fb6bec6fae16
- https://github.com/django/django/commit/e157315da3ae7005fa0683ffc9751dbeca7306c8
- https://access.redhat.com/errata/RHSA-2018:2927
- https://access.redhat.com/errata/RHSA-2019:0051
- https://access.redhat.com/errata/RHSA-2019:0082
- https://access.redhat.com/errata/RHSA-2019:0265
- https://github.com/advisories/GHSA-r28v-mw67-m5p9
- https://github.com/django/django
- https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2018-5.yaml
- https://lists.debian.org/debian-lts-announce/2018/03/msg00006.html
- https://usn.ubuntu.com/3591-1
- https://web.archive.org/web/20200227131019/http://www.securityfocus.com/bid/103361
- https://www.debian.org/security/2018/dsa-4161
- https://www.djangoproject.com/weblog/2018/mar/06/security-releases
Closed bugs
Сломалась сборка