Branch c8.1 update bulletin.

Package chrooted updated to version 0.3.8-alt1.M80P.1.M80C.1 for branch c8.1 in task 247668.

No data currently available.

Package libnss-role updated to version 0.4.1-alt1 for branch c8.1 in task 244180.

Регрегрессия при назначении групп

Package qt5-base updated to version 5.12.4-alt2.M80C.2 for branch c8.1 in task 245602.

Published: 2019-10-23

BDU:2021-03592

Уязвимость функции generateDirectionalRuns() библиотеки Qt, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании

Severity: MEDIUM (4.3) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

References:

CVE-2019-18281

Published: 2019-10-23
Modified: 2024-11-21

CVE-2019-18281

An out-of-bounds memory access in the generateDirectionalRuns() function in qtextengine.cpp in Qt qtbase 5.11.x and 5.12.x before 5.12.5 allows attackers to cause a denial of service by crashing an application via a text file containing many directional characters.

Severity: MEDIUM (4.3) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

References:

Published: 2020-11-23
Modified: 2024-11-21

CVE-2020-0569

Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access.

Severity: MEDIUM (5.7) Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References:

Published: 2020-09-14
Modified: 2024-11-21

CVE-2020-0570

Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access.

Severity: HIGH (7.3) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

References:

Version: 2.1.0

Branch c8.1 update on 2020-03-17

ALT-BU-2020-3701-1

ALT-PU-2020-1489-1

Closed vulnerabilities

OVE-20200311-0001

ALT-PU-2020-1497-1

Closed bugs

Bug #37077

ALT-PU-2020-1498-1

Closed vulnerabilities

BDU:2021-03592

CVE-2019-18281

CVE-2020-0569

CVE-2020-0570