ALT-BU-2019-3770-1
Branch sisyphus update bulletin.
Package slick-greeter updated to version 1.2.4-alt3 for branch sisyphus in task 233324.
Closed bugs
Только английская раскладка клавиатуры
Closed vulnerabilities
Modified: 2024-11-21
CVE-2019-12790
In radare2 through 3.5.1, there is a heap-based buffer over-read in the r_egg_lang_parsechar function of egg_lang.c. This allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because of missing length validation in libr/egg/egg.c.
Modified: 2024-11-21
CVE-2019-12802
In radare2 through 3.5.1, the rcc_context function of libr/egg/egg_lang.c mishandles changing context. This allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact (invalid memory access in r_egg_lang_parsechar; invalid free in rcc_pusharg).
Modified: 2024-11-21
CVE-2019-12829
radare2 through 3.5.1 mishandles the RParse API, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact, as demonstrated by newstr buffer overflows during replace operations. This affects libr/asm/asm.c and libr/parse/parse.c.
Modified: 2024-11-21
CVE-2019-12865
In radare2 through 3.5.1, cmd_mount in libr/core/cmd_mount.c has a double free for the ms command.