ALT Linux Team

Branch sisyphus update on 2019-02-02

2019-02-02

ALT-BU-2019-3468-1

Branch sisyphus update bulletin.

ALT-PU-2019-1165-1

Package qt5ct updated to version 0.37-alt1 for branch sisyphus in task 220362.

Closed bugs

Bug #35769

The QT_QPA_PLATFORMTHEME environment variable is not set correctly

ALT-PU-2019-1166-1

Package kodi updated to version 18.0-alt1 for branch sisyphus in task 220363.

Closed vulnerabilities

Published: 2018-04-18
Modified: 2024-11-21

CVE-2018-8831

A Persistent XSS vulnerability exists in Kodi (formerly XBMC) through 17.6 that allows the execution of arbitrary HTML/script code in the context of the victim user's browser via a playlist.

Severity: MEDIUM (6.1) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
References:

ALT-PU-2019-1167-1

Package python-module-pexpect updated to version 4.6-alt2 for branch sisyphus in task 220382.

Closed bugs

Bug #36015

Сломалась сборка пакета python-module-pexpect

ALT-PU-2019-1168-1

Package gitea updated to version 1.7.1-alt1 for branch sisyphus in task 220390.

Closed vulnerabilities

Published: 2019-07-18
Modified: 2024-11-21

CVE-2019-1010261

Gitea 1.7.0 and earlier is affected by: Cross Site Scripting (XSS). The impact is: Attacker is able to have victim execute arbitrary JS in browser. The component is: go-get URL generation - PR to fix: https://github.com/go-gitea/gitea/pull/5905. The attack vector is: victim must open a specifically crafted URL. The fixed version is: 1.7.1 and later.

Severity: MEDIUM (6.1) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
References:

ALT-PU-2019-1169-1

Package remmina updated to version 1.3.2-alt1 for branch sisyphus in task 220379.

Closed bugs

Bug #35993

hangs when asking SPICE password

VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top