ALT-BU-2019-3929-1
Branch p8 update bulletin.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2018-14345
An issue was discovered in SDDM through 0.17.0. If configured with ReuseSession=true, the password is not checked for users with an already existing session. Any user with access to the system D-Bus can therefore unlock any graphical session. This is related to daemon/Display.cpp and helper/backend/PamBackend.cpp.
Closed vulnerabilities
BDU:2019-02881
Уязвимость функции BZ2_decompress утилиты для сжатия данных bzip2, позволяющая нарушителю выполнить произвольный код
BDU:2020-01710
Уязвимость пакета антивирусных программ ClamAV, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2019-12625
ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system.
Modified: 2024-11-21
CVE-2019-12900
BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.
- openSUSE-SU-2019:1781
- openSUSE-SU-2019:1781
- openSUSE-SU-2019:1918
- openSUSE-SU-2019:1918
- openSUSE-SU-2019:2595
- openSUSE-SU-2019:2595
- openSUSE-SU-2019:2597
- openSUSE-SU-2019:2597
- http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html
- http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html
- http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html
- http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html
- https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc
- https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc
- [kafka-users] 20200413 CVEs for the dependency software guava and rocksdbjni of Kafka
- [kafka-users] 20200413 CVEs for the dependency software guava and rocksdbjni of Kafka
- [flink-user] 20210717 Re: Flink 1.13.1 - Vulnerabilities CVE-2019-12900 for librocksdbjni
- [flink-user] 20210717 Re: Flink 1.13.1 - Vulnerabilities CVE-2019-12900 for librocksdbjni
- [flink-user] 20210716 Flink 1.13.1 - Vulnerabilities CVE-2019-12900 for librocksdbjni
- [flink-user] 20210716 Flink 1.13.1 - Vulnerabilities CVE-2019-12900 for librocksdbjni
- [debian-lts-announce] 20190624 [SECURITY] [DLA 1833-1] bzip2 security update
- [debian-lts-announce] 20190624 [SECURITY] [DLA 1833-1] bzip2 security update
- [debian-lts-announce] 20190718 [SECURITY] [DLA 1833-2] bzip2 regression update
- [debian-lts-announce] 20190718 [SECURITY] [DLA 1833-2] bzip2 regression update
- [debian-lts-announce] 20191010 [SECURITY] [DLA 1953-1] clamav security update
- [debian-lts-announce] 20191010 [SECURITY] [DLA 1953-1] clamav security update
- [debian-lts-announce] 20191014 [SECURITY] [DLA 1953-2] clamav regression update
- [debian-lts-announce] 20191014 [SECURITY] [DLA 1953-2] clamav regression update
- 20190806 FreeBSD Security Advisory FreeBSD-SA-19:18.bzip2
- 20190806 FreeBSD Security Advisory FreeBSD-SA-19:18.bzip2
- 20190715 [slackware-security] bzip2 (SSA:2019-195-01)
- 20190715 [slackware-security] bzip2 (SSA:2019-195-01)
- FreeBSD-SA-19:18
- FreeBSD-SA-19:18
- https://support.f5.com/csp/article/K68713584?utm_source=f5support&%3Butm_medium=RSS
- https://support.f5.com/csp/article/K68713584?utm_source=f5support&%3Butm_medium=RSS
- USN-4038-1
- USN-4038-1
- USN-4038-2
- USN-4038-2
- USN-4146-1
- USN-4146-1
- USN-4146-2
- USN-4146-2
- https://www.oracle.com/security-alerts/cpuoct2020.html
- https://www.oracle.com/security-alerts/cpuoct2020.html