ALT-BU-2020-4027-1
Branch sisyphus update bulletin.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2020-14370
An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.
Closed bugs
openshot: собрать без blender на 32-битных платформах
Package kernel-image-mp updated to version 5.8.8-alt1 for branch sisyphus in task 257834.
Closed vulnerabilities
BDU:2020-05635
Уязвимость утилиты sysctl hugetlbl операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или повышение привилегий
BDU:2021-03394
Уязвимость компонента net/packet/af_packet.c ядра операционной системы Linux, связанная с выходом операции за допустимые границы буфера данных, позволяющая нарушителю получить доступ к конфиденциальной информации или вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2020-14386
A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.
- openSUSE-SU-2020:1655
- openSUSE-SU-2020:1655
- http://packetstormsecurity.com/files/159565/Kernel-Live-Patch-Security-Notice-LSN-0072-1.html
- http://packetstormsecurity.com/files/159565/Kernel-Live-Patch-Security-Notice-LSN-0072-1.html
- [oss-security] 20210916 Containers-optimized OS (COS) membership in the linux-distros list
- [oss-security] 20210916 Containers-optimized OS (COS) membership in the linux-distros list
- [oss-security] 20210917 Re: Containers-optimized OS (COS) membership in the linux-distros list
- [oss-security] 20210917 Re: Containers-optimized OS (COS) membership in the linux-distros list
- [oss-security] 20210920 Re: Containers-optimized OS (COS) membership in the linux-distros list
- [oss-security] 20210920 Re: Containers-optimized OS (COS) membership in the linux-distros list
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14386
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14386
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=acf69c946233259ab4d64f8869d4037a198c7f06
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=acf69c946233259ab4d64f8869d4037a198c7f06
- [debian-lts-announce] 20200928 [SECURITY] [DLA 2385-1] linux-4.19 security update
- [debian-lts-announce] 20200928 [SECURITY] [DLA 2385-1] linux-4.19 security update
- [debian-lts-announce] 20201030 [SECURITY] [DLA 2420-1] linux security update
- [debian-lts-announce] 20201030 [SECURITY] [DLA 2420-1] linux security update
- [debian-lts-announce] 20201031 [SECURITY] [DLA 2420-2] linux regression update
- [debian-lts-announce] 20201031 [SECURITY] [DLA 2420-2] linux regression update
- FEDORA-2020-468121099e
- FEDORA-2020-468121099e
- https://seclists.org/oss-sec/2020/q3/146
- https://seclists.org/oss-sec/2020/q3/146
Modified: 2024-11-21
CVE-2020-25211
In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c, aka CID-1cc5ef91d2ff.
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1cc5ef91d2ff94d2bf2de3b3585423e8a1051cb6
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1cc5ef91d2ff94d2bf2de3b3585423e8a1051cb6
- [debian-lts-announce] 20201028 [SECURITY] [DLA 2417-1] linux-4.19 security update
- [debian-lts-announce] 20201028 [SECURITY] [DLA 2417-1] linux-4.19 security update
- [debian-lts-announce] 20201030 [SECURITY] [DLA 2420-1] linux security update
- [debian-lts-announce] 20201030 [SECURITY] [DLA 2420-1] linux security update
- [debian-lts-announce] 20201031 [SECURITY] [DLA 2420-2] linux regression update
- [debian-lts-announce] 20201031 [SECURITY] [DLA 2420-2] linux regression update
- FEDORA-2020-3c6fedeb83
- FEDORA-2020-3c6fedeb83
- FEDORA-2020-5920a7a0b2
- FEDORA-2020-5920a7a0b2
- https://security.netapp.com/advisory/ntap-20201009-0001/
- https://security.netapp.com/advisory/ntap-20201009-0001/
- https://twitter.com/grsecurity/status/1303646421158109185
- https://twitter.com/grsecurity/status/1303646421158109185
- DSA-4774
- DSA-4774
Modified: 2024-11-21
CVE-2020-25221
get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting (caused by gate page mishandling) of the struct page that backs the vsyscall page. The result is a refcount underflow. This can be triggered by any 64-bit process that can use ptrace() or process_vm_readv(), aka CID-9fa2dd946743.
- [oss-security] 20200910 Re: CVE Request: Linux kernel vsyscall page refcounting error
- [oss-security] 20200910 Re: CVE Request: Linux kernel vsyscall page refcounting error
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8.7
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8.7
- https://git.kernel.org/linus/8891adc61dce2a8a41fc0c23262b681c3ec4b73a
- https://git.kernel.org/linus/8891adc61dce2a8a41fc0c23262b681c3ec4b73a
- https://git.kernel.org/linus/9fa2dd946743ae6f30dc4830da19147bf100a7f2
- https://git.kernel.org/linus/9fa2dd946743ae6f30dc4830da19147bf100a7f2
- https://security.netapp.com/advisory/ntap-20201001-0003/
- https://security.netapp.com/advisory/ntap-20201001-0003/
- https://www.openwall.com/lists/oss-security/2020/09/08/4
- https://www.openwall.com/lists/oss-security/2020/09/08/4
Modified: 2024-11-21
CVE-2020-25285
A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812.
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8.8
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8.8
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=17743798d81238ab13050e8e2833699b54e15467
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=17743798d81238ab13050e8e2833699b54e15467
- [debian-lts-announce] 20200928 [SECURITY] [DLA 2385-1] linux-4.19 security update
- [debian-lts-announce] 20200928 [SECURITY] [DLA 2385-1] linux-4.19 security update
- [debian-lts-announce] 20201030 [SECURITY] [DLA 2420-1] linux security update
- [debian-lts-announce] 20201030 [SECURITY] [DLA 2420-1] linux security update
- [debian-lts-announce] 20201031 [SECURITY] [DLA 2420-2] linux regression update
- [debian-lts-announce] 20201031 [SECURITY] [DLA 2420-2] linux regression update
- https://security.netapp.com/advisory/ntap-20201009-0002/
- https://security.netapp.com/advisory/ntap-20201009-0002/
- https://twitter.com/grsecurity/status/1303749848898904067
- https://twitter.com/grsecurity/status/1303749848898904067
- USN-4576-1
- USN-4576-1
- USN-4579-1
- USN-4579-1
Package repocop-unittest-lintian-noncollectors updated to version 0.16.1.23.48-alt7 for branch sisyphus in task 257843.
Closed bugs
False positives reported by aspell-package-not-arch-all test
Closed bugs
Создает файл в /etc/ld.so.conf.d/
Package apt-conf-autoimports-sisyphus updated to version 1.0-alt7 for branch sisyphus in task 257847.
Closed bugs
Ошибка в русскоязычной части описания пакета