ALT Linux Team

Branch p9 update on 2020-09-16

2020-09-16

ALT-BU-2020-4033-1

Branch p9 update bulletin.

ALT-PU-2020-2778-1

Package grub updated to version 2.02-alt29 for branch p9 in task 257544.

Closed bugs

Bug #38681

В efi image grubaa64.efi нет модуля tftp

ALT-PU-2020-2779-1

Package gnutls30 updated to version 3.6.15-alt1 for branch p9 in task 257743.

Closed vulnerabilities

Published: 2020-08-20

BDU:2022-00225

Уязвимость клиента TLS 1.3 библиотеки безопасности транспортного уровня GnuTLS, связанная с записью за границами буфера, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM (5.0) Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
References:
Published: 2020-09-04
Modified: 2024-11-21

CVE-2020-24659

An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the gnutls_deinit function is called after detecting a handshake failure.

Severity: MEDIUM (5.0) Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:

ALT-PU-2020-2782-1

Package alterator-net-domain updated to version 0.7.1-alt1 for branch p9 in task 257896.

Closed bugs

Bug #38917

Имя домена должно содержать точку, но в документации указано, что точка не обязательна.

ALT-PU-2020-2822-1

Package repocop-unittest-lintian-noncollectors updated to version 0.16.1.23.48-alt8 for branch p9 in task 257870.

Closed bugs

Bug #38840

False positives reported by aspell-package-not-arch-all test

VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.2
Back to top