2019-09-03
ALT-BU-2019-3918-1
Branch sisyphus update bulletin.
Closed vulnerabilities
Published: 2019-06-06
BDU:2019-02881
Уязвимость функции BZ2_decompress утилиты для сжатия данных bzip2, позволяющая нарушителю выполнить произвольный код
Severity: HIGH (8.6)
Vector: AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
References:
Published: 2019-10-03
BDU:2020-01710
Уязвимость пакета антивирусных программ ClamAV, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.3)
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
References:
Published: 2019-11-05
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2019-12625
ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system.
Severity: HIGH (7.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2019-06-20
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2019-12900
BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.
Severity: CRITICAL (9.8)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
- openSUSE-SU-2019:1781
- openSUSE-SU-2019:1781
- openSUSE-SU-2019:1918
- openSUSE-SU-2019:1918
- openSUSE-SU-2019:2595
- openSUSE-SU-2019:2595
- openSUSE-SU-2019:2597
- openSUSE-SU-2019:2597
- http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html
- http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html
- http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html
- http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html
- https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc
- https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc
- [kafka-users] 20200413 CVEs for the dependency software guava and rocksdbjni of Kafka
- [kafka-users] 20200413 CVEs for the dependency software guava and rocksdbjni of Kafka
- [flink-user] 20210717 Re: Flink 1.13.1 - Vulnerabilities CVE-2019-12900 for librocksdbjni
- [flink-user] 20210717 Re: Flink 1.13.1 - Vulnerabilities CVE-2019-12900 for librocksdbjni
- [flink-user] 20210716 Flink 1.13.1 - Vulnerabilities CVE-2019-12900 for librocksdbjni
- [flink-user] 20210716 Flink 1.13.1 - Vulnerabilities CVE-2019-12900 for librocksdbjni
- [debian-lts-announce] 20190624 [SECURITY] [DLA 1833-1] bzip2 security update
- [debian-lts-announce] 20190624 [SECURITY] [DLA 1833-1] bzip2 security update
- [debian-lts-announce] 20190718 [SECURITY] [DLA 1833-2] bzip2 regression update
- [debian-lts-announce] 20190718 [SECURITY] [DLA 1833-2] bzip2 regression update
- [debian-lts-announce] 20191010 [SECURITY] [DLA 1953-1] clamav security update
- [debian-lts-announce] 20191010 [SECURITY] [DLA 1953-1] clamav security update
- [debian-lts-announce] 20191014 [SECURITY] [DLA 1953-2] clamav regression update
- [debian-lts-announce] 20191014 [SECURITY] [DLA 1953-2] clamav regression update
- 20190806 FreeBSD Security Advisory FreeBSD-SA-19:18.bzip2
- 20190806 FreeBSD Security Advisory FreeBSD-SA-19:18.bzip2
- 20190715 [slackware-security] bzip2 (SSA:2019-195-01)
- 20190715 [slackware-security] bzip2 (SSA:2019-195-01)
- FreeBSD-SA-19:18
- FreeBSD-SA-19:18
- https://support.f5.com/csp/article/K68713584?utm_source=f5support&%3Butm_medium=RSS
- https://support.f5.com/csp/article/K68713584?utm_source=f5support&%3Butm_medium=RSS
- USN-4038-1
- USN-4038-1
- USN-4038-2
- USN-4038-2
- USN-4146-1
- USN-4146-1
- USN-4146-2
- USN-4146-2
- https://www.oracle.com/security-alerts/cpuoct2020.html
- https://www.oracle.com/security-alerts/cpuoct2020.html
Closed bugs
Please build with server support