ALT Linux Team

Branch p9 update on 2020-10-14

2020-10-14

ALT-BU-2020-4085-1

Branch p9 update bulletin.

ALT-PU-2020-3038-1

Package osec updated to version 1.3.1-alt1.M90P.1 for branch p9 in task 259023.

Closed bugs

Bug #38771

Account all types of changes

Bug #38902

Добавить timerunit для systemd

Bug #38903

Добавить опцию в pipe.conf для управления -r

ALT-PU-2020-3051-1

Package gdal updated to version 2.2.3-alt3.1.M90P.3 for branch p9 in task 259375.

Closed vulnerabilities

Published: 2019-10-13

BDU:2022-03342

Уязвимость функции OGRExpatRealloc файла ogr/ogr_expat.cpp. библиотеки-транслятора для геопространственных данных GDAL, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2019-10-14
Modified: 2024-11-21

CVE-2019-17545

GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is exceeded.

Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:

ALT-PU-2020-3052-1

Package tpm2-tss updated to version 2.4.3-alt1 for branch p9 in task 259419.

Closed vulnerabilities

Published: 2021-02-26
Modified: 2024-11-21

CVE-2020-24455

Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.4.3.

Severity: MEDIUM (6.7) Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top