ALT-BU-2019-4080-11
Branch sisyphus update bulletin.
Closed bugs
Отсутствует ярлык у приложения
Closed vulnerabilities
BDU:2020-00013
Уязвимость компонента sapi/fpm/fpm/fpm_main.c расширения PHP-FPM интерпретатора языка программирования PHP, позволяющая нарушителю выполнять произвольные команды
Modified: 2025-02-14
CVE-2019-11043
In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.
- openSUSE-SU-2019:2441
- openSUSE-SU-2019:2441
- openSUSE-SU-2019:2457
- openSUSE-SU-2019:2457
- http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html
- 20200131 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra
- 20200131 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra
- RHSA-2019:3286
- RHSA-2019:3286
- RHSA-2019:3287
- RHSA-2019:3287
- RHSA-2019:3299
- RHSA-2019:3299
- RHSA-2019:3300
- RHSA-2019:3300
- RHSA-2019:3724
- RHSA-2019:3724
- RHSA-2019:3735
- RHSA-2019:3735
- RHSA-2019:3736
- RHSA-2019:3736
- RHSA-2020:0322
- RHSA-2020:0322
- https://bugs.php.net/bug.php?id=78599
- https://bugs.php.net/bug.php?id=78599
- https://github.com/neex/phuip-fpizdam
- https://github.com/neex/phuip-fpizdam
- FEDORA-2019-187ae3128d
- FEDORA-2019-187ae3128d
- FEDORA-2019-7bb07c3b02
- FEDORA-2019-7bb07c3b02
- FEDORA-2019-4adc49a476
- FEDORA-2019-4adc49a476
- 20200129 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra
- 20200129 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra
- https://security.netapp.com/advisory/ntap-20191031-0003/
- https://security.netapp.com/advisory/ntap-20191031-0003/
- https://support.apple.com/kb/HT210919
- https://support.apple.com/kb/HT210919
- https://support.f5.com/csp/article/K75408500?utm_source=f5support&%3Butm_medium=RSS
- https://support.f5.com/csp/article/K75408500?utm_source=f5support&%3Butm_medium=RSS
- USN-4166-1
- USN-4166-1
- USN-4166-2
- USN-4166-2
- DSA-4552
- DSA-4552
- DSA-4553
- DSA-4553
- https://www.synology.com/security/advisory/Synology_SA_19_36
- https://www.synology.com/security/advisory/Synology_SA_19_36
- https://www.tenable.com/security/tns-2021-14
- https://www.tenable.com/security/tns-2021-14
Closed vulnerabilities
BDU:2019-04891
Уязвимость DNS-сервера BIND, связанная с неконтролируемым расходом ресурсов, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2019-6477
With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resources than the server has been provisioned to handle. When a TCP connection with a large number of pipelined queries is closed, the load on the server releasing these multiple resources can cause it to become unresponsive, even for queries that can be answered authoritatively or from cache. (This is most likely to be perceived as an intermittent server problem).
- openSUSE-SU-2020:1699
- openSUSE-SU-2020:1701
- https://kb.isc.org/docs/cve-2019-6477
- FEDORA-2019-c703d2304a
- FEDORA-2019-73a8737068
- https://support.f5.com/csp/article/K15840535?utm_source=f5support&%3Butm_medium=RSS
- DSA-4689
- https://www.synology.com/security/advisory/Synology_SA_19_39
- openSUSE-SU-2020:1699
- https://www.synology.com/security/advisory/Synology_SA_19_39
- DSA-4689
- https://support.f5.com/csp/article/K15840535?utm_source=f5support&%3Butm_medium=RSS
- FEDORA-2019-73a8737068
- FEDORA-2019-c703d2304a
- https://kb.isc.org/docs/cve-2019-6477
- openSUSE-SU-2020:1701