ALT Linux Team

Branch sisyphus update on 2020-10-27

2020-10-27

ALT-BU-2020-4110-1

Branch sisyphus update bulletin.

ALT-PU-2020-3125-1

Package alterator-datetime updated to version 4.6.2-alt1 for branch sisyphus in task 260416.

Closed bugs

Bug #39050

Некорректное значение параметра clocksource в /etc/sysconfig/grub2

ALT-PU-2020-3126-1

Package inspircd updated to version 2.0.29-alt1 for branch sisyphus in task 260438.

Closed vulnerabilities

Published: 2019-08-19

BDU:2022-06171

Уязвимость демона InspIRCd, связанная с ошибками разыменования указателей, позволяющая нарушителю вызвать отказ в обслуживании

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2020-04-22

BDU:2022-06172

Уязвимость демона InspIRCd, связанная с использованием памяти после ее освобождения, позволяющая нарушителю вызвать отказ в обслуживании

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2020-09-11
Modified: 2024-11-21

CVE-2019-20917

An issue was discovered in InspIRCd 2 before 2.0.28 and 3 before 3.3.0. The mysql module contains a NULL pointer dereference when built against mariadb-connector-c 3.0.5 or newer. When combined with the sqlauth or sqloper modules, this vulnerability can be used for remote crashing of an InspIRCd server by any user able to connect to a server.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2020-09-11
Modified: 2024-11-21

CVE-2020-25269

An issue was discovered in InspIRCd 2 before 2.0.29 and 3 before 3.6.0. The pgsql module contains a use after free vulnerability. When combined with the sqlauth or sqloper modules, this vulnerability can be used for remote crashing of an InspIRCd server by any user able to connect to a server.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:

ALT-PU-2020-3127-1

Package dmd updated to version 2.094.0-alt3 for branch sisyphus in task 260457.

Closed bugs

Bug #39060

в пакете dmd отсутвуют утилиты, входящие в обязательный комплект компилятора

VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top