ALT-BU-2020-4067-1
Branch sisyphus update bulletin.
Package kernel-image-rt updated to version 4.19.148-alt1.rt64 for branch sisyphus in task 259190.
Closed vulnerabilities
BDU:2021-00106
Уязвимость модуля HDLC_PPP ядра операционной системы Linux, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2020-25643
A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
- openSUSE-SU-2020:1655
- openSUSE-SU-2020:1655
- openSUSE-SU-2020:1698
- openSUSE-SU-2020:1698
- https://bugzilla.redhat.com/show_bug.cgi?id=1879981
- https://bugzilla.redhat.com/show_bug.cgi?id=1879981
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=66d42ed8b25b64eb63111a2b8582c5afc8bf1105
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=66d42ed8b25b64eb63111a2b8582c5afc8bf1105
- [debian-lts-announce] 20201028 [SECURITY] [DLA 2417-1] linux-4.19 security update
- [debian-lts-announce] 20201028 [SECURITY] [DLA 2417-1] linux-4.19 security update
- [debian-lts-announce] 20201030 [SECURITY] [DLA 2420-1] linux security update
- [debian-lts-announce] 20201030 [SECURITY] [DLA 2420-1] linux security update
- [debian-lts-announce] 20201031 [SECURITY] [DLA 2420-2] linux regression update
- [debian-lts-announce] 20201031 [SECURITY] [DLA 2420-2] linux regression update
- https://security.netapp.com/advisory/ntap-20201103-0002/
- https://security.netapp.com/advisory/ntap-20201103-0002/
- DSA-4774
- DSA-4774
- https://www.starwindsoftware.com/security/sw-20210325-0002/
- https://www.starwindsoftware.com/security/sw-20210325-0002/
Closed bugs
Вернуть gtk-версию
Package kde5-connect updated to version 20.08.1-alt2 for branch sisyphus in task 259255.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2020-26164
In kdeconnect-kde (aka KDE Connect) before 20.08.2, an attacker on the local network could send crafted packets that trigger use of large amounts of CPU, memory, or network connection slots, aka a Denial of Service attack.
- openSUSE-SU-2020:1647
- openSUSE-SU-2020:1647
- openSUSE-SU-2020:1650
- openSUSE-SU-2020:1650
- [oss-security] 20201013 kdeconnect: CVE-2020-26164: multiple security issues in kdeconnectd network daemon
- [oss-security] 20201013 kdeconnect: CVE-2020-26164: multiple security issues in kdeconnectd network daemon
- [oss-security] 20201013 Re: kdeconnect: CVE-2020-26164: multiple security issues in kdeconnectd network daemon
- [oss-security] 20201013 Re: kdeconnect: CVE-2020-26164: multiple security issues in kdeconnectd network daemon
- [oss-security] 20201014 Re: kdeconnect: CVE-2020-26164: multiple security issues in kdeconnectd network daemon
- [oss-security] 20201014 Re: kdeconnect: CVE-2020-26164: multiple security issues in kdeconnectd network daemon
- [oss-security] 20201130 Re: kdeconnect: CVE-2020-26164: multiple security issues in kdeconnectd network daemon
- [oss-security] 20201130 Re: kdeconnect: CVE-2020-26164: multiple security issues in kdeconnectd network daemon
- https://bugzilla.suse.com/show_bug.cgi?id=1176268
- https://bugzilla.suse.com/show_bug.cgi?id=1176268
- https://github.com/KDE/kdeconnect-kde/commit/024e5f23db8d8ad3449714b906b46094baaffb89
- https://github.com/KDE/kdeconnect-kde/commit/024e5f23db8d8ad3449714b906b46094baaffb89
- https://github.com/KDE/kdeconnect-kde/commit/4fbd01a3d44a0bcca888c49a77ec7cfd10e113d7
- https://github.com/KDE/kdeconnect-kde/commit/4fbd01a3d44a0bcca888c49a77ec7cfd10e113d7
- https://github.com/KDE/kdeconnect-kde/commit/542d94a70c56aa386c8d4d793481ce181b0422e8
- https://github.com/KDE/kdeconnect-kde/commit/542d94a70c56aa386c8d4d793481ce181b0422e8
- https://github.com/KDE/kdeconnect-kde/commit/613899be24b6e2a6b3e5cc719efce8ae8a122991
- https://github.com/KDE/kdeconnect-kde/commit/613899be24b6e2a6b3e5cc719efce8ae8a122991
- https://github.com/KDE/kdeconnect-kde/commit/8112729eb0f13e6947984416118531078e65580d
- https://github.com/KDE/kdeconnect-kde/commit/8112729eb0f13e6947984416118531078e65580d
- https://github.com/KDE/kdeconnect-kde/commit/ce0f00fc2d3eccb51d0af4eba61a4f60de086a59
- https://github.com/KDE/kdeconnect-kde/commit/ce0f00fc2d3eccb51d0af4eba61a4f60de086a59
- https://github.com/KDE/kdeconnect-kde/releases
- https://github.com/KDE/kdeconnect-kde/releases
- https://kde.org/info/security/advisory-20201002-1.txt
- https://kde.org/info/security/advisory-20201002-1.txt
- https://kdeconnect.kde.org/official/
- https://kdeconnect.kde.org/official/
- https://lists.opensuse.org/opensuse-security-announce/2020-10/msg00014.html
- https://lists.opensuse.org/opensuse-security-announce/2020-10/msg00014.html
- GLSA-202101-16
- GLSA-202101-16
Package make-initrd updated to version 2.11.0-alt1 for branch sisyphus in task 259263.
Closed bugs
При переезде на новый make-initrd потеряли multipathd