ALT-BU-2020-3912-1
Branch sisyphus update bulletin.
Closed vulnerabilities
BDU:2020-04091
Уязвимость компонентов auths/spa.c и auths/auth-spa.c почтового сервера Exim, позволяющая нарушителю получить доступ к конфиденциальным данным
Modified: 2024-11-21
CVE-2020-12783
Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c.
- [oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim
- https://bugs.exim.org/show_bug.cgi?id=2571
- https://git.exim.org/exim.git/commit/57aa14b216432be381b6295c312065b2fd034f86
- https://git.exim.org/exim.git/commit/a04174dc2a84ae1008c23b6a7109e7fa3fb7b8b0
- [debian-lts-announce] 20200518 [SECURITY] [DLA 2213-1] exim4 security update
- FEDORA-2020-93d7305d71
- FEDORA-2020-2e084c987d
- USN-4366-1
- DSA-4687
- [oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim
- DSA-4687
- USN-4366-1
- FEDORA-2020-2e084c987d
- FEDORA-2020-93d7305d71
- [debian-lts-announce] 20200518 [SECURITY] [DLA 2213-1] exim4 security update
- https://git.exim.org/exim.git/commit/a04174dc2a84ae1008c23b6a7109e7fa3fb7b8b0
- https://git.exim.org/exim.git/commit/57aa14b216432be381b6295c312065b2fd034f86
- https://bugs.exim.org/show_bug.cgi?id=2571
Closed vulnerabilities
BDU:2020-03977
Уязвимость веб-почты для IMAP-серверов на основе AJAX Roundcube, связанная с недостатками используемых мер по защите структур веб-страницы, позволяющая нарушителю оказать воздействие на целостность данных
Modified: 2024-11-21
CVE-2020-15562
An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. It allows XSS via a crafted HTML e-mail message, as demonstrated by a JavaScript payload in the xmlns (aka XML namespace) attribute of a HEAD element when an SVG element exists.
- openSUSE-SU-2020:1516
- openSUSE-SU-2020:1516
- https://github.com/roundcube/roundcubemail/commit/3e8832d029b035e3fcfb4c75839567a9580b4f82
- https://github.com/roundcube/roundcubemail/commit/3e8832d029b035e3fcfb4c75839567a9580b4f82
- https://github.com/roundcube/roundcubemail/releases/tag/1.2.11
- https://github.com/roundcube/roundcubemail/releases/tag/1.2.11
- https://github.com/roundcube/roundcubemail/releases/tag/1.3.14
- https://github.com/roundcube/roundcubemail/releases/tag/1.3.14
- https://github.com/roundcube/roundcubemail/releases/tag/1.4.7
- https://github.com/roundcube/roundcubemail/releases/tag/1.4.7
- DSA-4720
- DSA-4720
Package make-initrd updated to version 2.8.1-alt2 for branch sisyphus in task 254632.
Closed bugs
не собирается initrd, если не установлен make-initrd-ucode
Closed vulnerabilities
BDU:2021-01345
Уязвимость компонентов из mem_cache_store.rb и redis_cache_store.rb программной платформы Ruby on Rails, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
BDU:2021-01346
Уязвимость функции each_pair из strong_parameters.rb программной платформы Ruby on Rails, позволяющая нарушителю получить доступ к конфиденциальным данным
BDU:2022-06175
Уязвимость программной платформы Ruby on Rails, связанная с реализацией функций безопасности на стороне клиента, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-21
CVE-2020-8162
A client side enforcement of server side security vulnerability exists in rails < 5.2.4.2 and rails < 6.0.3.1 ActiveStorage's S3 adapter that allows the Content-Length of a direct file upload to be modified by an end user bypassing upload limits.
Modified: 2024-11-21
CVE-2020-8164
A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters.
- openSUSE-SU-2020:1533
- openSUSE-SU-2020:1533
- openSUSE-SU-2020:1536
- openSUSE-SU-2020:1536
- openSUSE-SU-2020:1575
- openSUSE-SU-2020:1575
- https://groups.google.com/g/rubyonrails-security/c/f6ioe4sdpbY
- https://groups.google.com/g/rubyonrails-security/c/f6ioe4sdpbY
- https://hackerone.com/reports/292797
- https://hackerone.com/reports/292797
- [debian-lts-announce] 20200619 [SECURITY] [DLA 2251-1] rails security update
- [debian-lts-announce] 20200619 [SECURITY] [DLA 2251-1] rails security update
- [debian-lts-announce] 20200720 [SECURITY] [DLA 2282-1] rails security update
- [debian-lts-announce] 20200720 [SECURITY] [DLA 2282-1] rails security update
- DSA-4766
- DSA-4766
Modified: 2024-11-21
CVE-2020-8165
A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE.
- openSUSE-SU-2020:1677
- openSUSE-SU-2020:1677
- openSUSE-SU-2020:1679
- openSUSE-SU-2020:1679
- https://groups.google.com/g/rubyonrails-security/c/bv6fW4S0Y1c
- https://groups.google.com/g/rubyonrails-security/c/bv6fW4S0Y1c
- https://hackerone.com/reports/413388
- https://hackerone.com/reports/413388
- [debian-lts-announce] 20200619 [SECURITY] [DLA 2251-1] rails security update
- [debian-lts-announce] 20200619 [SECURITY] [DLA 2251-1] rails security update
- [debian-lts-announce] 20200720 [SECURITY] [DLA 2282-1] rails security update
- [debian-lts-announce] 20200720 [SECURITY] [DLA 2282-1] rails security update
- https://weblog.rubyonrails.org/2020/5/18/Rails-5-2-4-3-and-6-0-3-1-have-been-released/
- https://weblog.rubyonrails.org/2020/5/18/Rails-5-2-4-3-and-6-0-3-1-have-been-released/
- DSA-4766
- DSA-4766
Modified: 2024-11-21
CVE-2020-8166
A CSRF forgery vulnerability exists in rails < 5.2.5, rails < 6.0.4 that makes it possible for an attacker to, given a global CSRF token such as the one present in the authenticity_token meta tag, forge a per-form CSRF token.
Modified: 2024-11-21
CVE-2020-8167
A CSRF vulnerability exists in rails <= 6.0.3 rails-ujs module that could allow attackers to send CSRF tokens to wrong domains.