ALT-BU-2020-3709-1
Branch sisyphus update bulletin.
Closed bugs
opus version is unknown
Package kernel-image-un-def updated to version 5.5.10-alt1 for branch sisyphus in task 248029.
Closed vulnerabilities
BDU:2020-02425
Уязвимость функции mt76_add_fragment (drivers/net/wireless/mediatek/mt76/dma.c) ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании и раскрыть защищаемую информацию
Modified: 2024-11-21
CVE-2020-12465
An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. An oversized packet with too many rx fragments can corrupt memory of adjacent pages.
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.5.10
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b102f0c522cf668c8382c56a4f771b37d011cda2
- https://github.com/torvalds/linux/commit/b102f0c522cf668c8382c56a4f771b37d011cda2
- https://security.netapp.com/advisory/ntap-20200608-0001/
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.5.10
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b102f0c522cf668c8382c56a4f771b37d011cda2
- https://github.com/torvalds/linux/commit/b102f0c522cf668c8382c56a4f771b37d011cda2
- https://security.netapp.com/advisory/ntap-20200608-0001/
Package prometheus updated to version 2.16.0-alt1 for branch sisyphus in task 248035.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2019-10215
Bootstrap-3-Typeahead after version 4.0.2 is vulnerable to a cross-site scripting flaw in the highlighter() function. An attacker could exploit this via user interaction to execute code in the user's browser.
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00083.html
- https://access.redhat.com/errata/RHSA-2019:3771
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10215
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00083.html
- https://access.redhat.com/errata/RHSA-2019:3771
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10215
Closed bugs
libqcadcore.so provides zlib
Closed bugs
Ошибка при установке slinux-8.990_rc1-x86_64.iso