ALT-BU-2019-3471-1
Branch sisyphus update bulletin.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2015-5276
The std::random_device class in libstdc++ in the GNU Compiler Collection (aka GCC) before 4.9.4 does not properly handle short reads from blocking sources, which makes it easier for context-dependent attackers to predict the random values via unspecified vectors.
- openSUSE-SU-2015:1946
- openSUSE-SU-2015:1946
- openSUSE-SU-2016:1069
- openSUSE-SU-2016:1069
- 1034375
- 1034375
- https://bugzilla.redhat.com/show_bug.cgi?id=1262846
- https://bugzilla.redhat.com/show_bug.cgi?id=1262846
- https://gcc.gnu.org/bugzilla/show_bug.cgi?id=65142
- https://gcc.gnu.org/bugzilla/show_bug.cgi?id=65142
Closed vulnerabilities
Modified: 2024-11-21
CVE-2018-20457
In radare2 through 3.1.3, the assemble function inside libr/asm/p/asm_arm_cs.c allows attackers to cause a denial-of-service (application crash via an r_num_calc out-of-bounds read) by crafting an arm assembly input because a loop uses an incorrect index in armass.c and certain length validation is missing in armass64.c, a related issue to CVE-2018-20459.
Modified: 2024-11-21
CVE-2018-20459
In radare2 through 3.1.3, the armass_assemble function in libr/asm/arch/arm/armass.c allows attackers to cause a denial-of-service (application crash by out-of-bounds read) by crafting an arm assembly input because a loop uses an incorrect index in armass.c and certain length validation is missing in armass64.c, a related issue to CVE-2018-20457.
Closed bugs
Сломалась сборка jeuclud