ALT-BU-2020-4137-1
Branch sisyphus update bulletin.
Package firefox-esr updated to version 78.4.1-alt1 for branch sisyphus in task 261479.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2020-26950
In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox < 82.0.3, Firefox ESR < 78.4.1, and Thunderbird < 78.4.2.
- http://packetstormsecurity.com/files/166175/Firefox-MCallGetProperty-Write-Side-Effects-Use-After-Free.html
- http://packetstormsecurity.com/files/166175/Firefox-MCallGetProperty-Write-Side-Effects-Use-After-Free.html
- https://bugzilla.mozilla.org/show_bug.cgi?id=1675905
- https://bugzilla.mozilla.org/show_bug.cgi?id=1675905
- https://www.mozilla.org/security/advisories/mfsa2020-49/
- https://www.mozilla.org/security/advisories/mfsa2020-49/
Closed bugs
Вылет на экран авторизации при смене доменного пароля
Closed vulnerabilities
Modified: 2024-11-21
CVE-2020-25412
com_line() in command.c in gnuplot 5.4 leads to an out-of-bounds-write from strncpy() that may lead to arbitrary code execution.
Modified: 2024-11-21
CVE-2020-25559
gnuplot 5.5 is affected by double free when executing print_set_output. This may result in context-dependent arbitrary code execution.
Closed bugs
Closed vulnerabilities
BDU:2022-00328
Уязвимость компонента url.cpp библиотеки для управления конфигурацией прокси Libproxy, связанная с недостатком механизма проверки размера копируемых данных, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
BDU:2022-00336
Уязвимость функции url::recvline компонента url.cpp библиотеки для управления конфигурацией прокси Libproxy, связанная с выходом операции за допустимые границы буфера данных, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2020-25219
url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion.
- openSUSE-SU-2020:1676
- openSUSE-SU-2020:1676
- openSUSE-SU-2020:1680
- openSUSE-SU-2020:1680
- https://github.com/libproxy/libproxy/issues/134
- https://github.com/libproxy/libproxy/issues/134
- [debian-lts-announce] 20200912 [SECURITY] [DLA 2372-1] libproxy security update
- [debian-lts-announce] 20200912 [SECURITY] [DLA 2372-1] libproxy security update
- FEDORA-2020-2407cb0512
- FEDORA-2020-2407cb0512
- FEDORA-2020-f92d372cf1
- FEDORA-2020-f92d372cf1
- FEDORA-2020-7e1e9abf77
- FEDORA-2020-7e1e9abf77
- USN-4514-1
- USN-4514-1
- DSA-4800
- DSA-4800
Modified: 2024-11-21
CVE-2020-26154
url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header.
- openSUSE-SU-2020:1676
- openSUSE-SU-2020:1676
- openSUSE-SU-2020:1680
- openSUSE-SU-2020:1680
- https://bugs.debian.org/968366
- https://bugs.debian.org/968366
- https://github.com/libproxy/libproxy/pull/126
- https://github.com/libproxy/libproxy/pull/126
- [debian-lts-announce] 20201113 [SECURITY] [DLA 2450-1] libproxy security update
- [debian-lts-announce] 20201113 [SECURITY] [DLA 2450-1] libproxy security update
- FEDORA-2020-15b775b07e
- FEDORA-2020-15b775b07e
- FEDORA-2020-941b563a80
- FEDORA-2020-941b563a80
- DSA-4800
- DSA-4800
Package kernel-image-mp updated to version 5.9.8-alt1 for branch sisyphus in task 261551.
Closed vulnerabilities
BDU:2020-05544
Уязвимость функции KD_FONT_OP_COPY драйвера fbcon ядра операционных систем Linux, позволяющая нарушителю повысить свои привилегии или вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2020-28974
A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can be used for manipulations such as font height.
- [oss-security] 20201124 Re: Linux kernel slab-out-of-bounds Read in fbcon
- [oss-security] 20201124 Re: Linux kernel slab-out-of-bounds Read in fbcon
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.9.7
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.9.7
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3c4e0dff2095c579b142d5a0693257f1c58b4804
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3c4e0dff2095c579b142d5a0693257f1c58b4804
- [debian-lts-announce] 20201210 [SECURITY] [DLA 2483-1] linux-4.19 security update
- [debian-lts-announce] 20201210 [SECURITY] [DLA 2483-1] linux-4.19 security update
- [debian-lts-announce] 20201218 [SECURITY] [DLA 2494-1] linux security update
- [debian-lts-announce] 20201218 [SECURITY] [DLA 2494-1] linux security update
- https://seclists.org/oss-sec/2020/q4/104
- https://seclists.org/oss-sec/2020/q4/104
- https://security.netapp.com/advisory/ntap-20210108-0003/
- https://security.netapp.com/advisory/ntap-20210108-0003/
Package thunderbird updated to version 78.4.2-alt1 for branch sisyphus in task 261523.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2020-26950
In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox < 82.0.3, Firefox ESR < 78.4.1, and Thunderbird < 78.4.2.
- http://packetstormsecurity.com/files/166175/Firefox-MCallGetProperty-Write-Side-Effects-Use-After-Free.html
- http://packetstormsecurity.com/files/166175/Firefox-MCallGetProperty-Write-Side-Effects-Use-After-Free.html
- https://bugzilla.mozilla.org/show_bug.cgi?id=1675905
- https://bugzilla.mozilla.org/show_bug.cgi?id=1675905
- https://www.mozilla.org/security/advisories/mfsa2020-49/
- https://www.mozilla.org/security/advisories/mfsa2020-49/
Package ispell-ru-lebedev updated to version 0.99g5-alt15 for branch sisyphus in task 261578.
Closed bugs
aspell-ru-lebedev provides several different versions of its paths
Package perl-HTTP-Message updated to version 6.26-alt2 for branch sisyphus in task 261580.
Closed bugs
perl-HTTP-Message provides two different versions of perl(HTTP/Request/Common.pm)
Package perl-DateTime-Format-XSD updated to version 0.2-alt2_25 for branch sisyphus in task 261582.
Closed bugs
perl-DateTime-Format-XSD provides two different versions of perl(DateTime/Format/XSD.pm)