Branch sisyphus update bulletin.

Package smstools updated to version 3.1.21-alt1 for branch sisyphus in task 233529.

Обновить пакет smstools до версии 3.1.21

Package man-db updated to version 2.8.5-alt1 for branch sisyphus in task 233574.

Published: 2023-01-27
Modified: 2025-04-02

CVE-2018-25078

man-db before 2.8.5 on Gentoo allows local users (with access to the man user account) to gain root privileges because /usr/bin/mandb is executed by root but not owned by root. (Also, the owner can strip the setuid and setgid bits.)

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

https://bugs.gentoo.org/662438
GLSA-202310-08
https://bugs.gentoo.org/662438
GLSA-202310-08

Version: 2.1.0

Branch sisyphus update on 2019-07-02

ALT-BU-2019-3780-1

ALT-PU-2019-2187-1

Closed bugs

Bug #36961

ALT-PU-2019-2192-1

Closed vulnerabilities

CVE-2018-25078