Branch p9 update bulletin.

Package python-module-logilab-devtools updated to version 0.23.0-alt3 for branch p9 in task 261539.

Не правильный путь импорта.

Package zabbix updated to version 5.0.5-alt2.1.p9 for branch p9 in task 259248.

Published: 2020-07-17
Modified: 2024-11-21

CVE-2020-15803

Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.

Severity: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References:

Права доступа к каталогу и миграция параметров с zabbix4

Нет double.sql необходимого для обновления баз с 4-й версии до 5-й

Package libXtst updated to version 1.2.3-alt1 for branch p9 in task 261891.

Published: 2016-12-13
Modified: 2024-11-21

CVE-2016-7951

Multiple integer overflows in X.org libXtst before 1.2.3 allow remote X servers to trigger out-of-bounds memory access operations by leveraging the lack of range checks.

Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

Published: 2016-12-13
Modified: 2024-11-21

CVE-2016-7952

X.org libXtst before 1.2.3 allows remote X servers to cause a denial of service (infinite loop) via a reply in the (1) XRecordStartOfData, (2) XRecordEndOfData, or (3) XRecordClientDied category without a client sequence and with attached data.

Severity: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Package libXrender updated to version 0.9.10-alt1 for branch p9 in task 261891.

Published: 2016-12-13
Modified: 2024-11-21

CVE-2016-7949

Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields.

Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

Published: 2016-12-13
Modified: 2024-11-21

CVE-2016-7950

The XRenderQueryFilters function in X.org libXrender before 0.9.10 allows remote X servers to trigger out-of-bounds write operations via vectors involving filter name lengths.

Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

Version: 2.1.0

Branch p9 update on 2020-11-24

ALT-BU-2020-4159-1

ALT-PU-2020-3397-1

Closed bugs

Bug #39250

ALT-PU-2020-3398-1

Closed vulnerabilities

CVE-2020-15803

Closed bugs

Bug #39282

Bug #39311

ALT-PU-2020-3399-1

Closed vulnerabilities

CVE-2016-7951

CVE-2016-7952

ALT-PU-2020-3400-1

Closed vulnerabilities

CVE-2016-7949

CVE-2016-7950