ALT-BU-2020-4176-1
Branch sisyphus update bulletin.
Package thunderbird updated to version 78.5.1-alt1 for branch sisyphus in task 262794.
Closed vulnerabilities
BDU:2021-01785
Уязвимость почтового клиента Thunderbird, связанная с записью за границами буфера в памяти, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-21
CVE-2020-26970
When reading SMTP server status codes, Thunderbird writes an integer value to a position on the stack that is intended to contain just one byte. Depending on processor architecture and stack layout, this leads to stack corruption that may be exploitable. This vulnerability affects Thunderbird < 78.5.1.
Closed vulnerabilities
BDU:2023-02341
Уязвимость реализации сценариев api_jsonrpc.php и index.php универсальной системы мониторинга Zabbix, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Modified: 2024-11-21
CVE-2019-15132
Zabbix through 4.4.0alpha1 allows User Enumeration. With login requests, it is possible to enumerate application usernames based on the variability of server responses (e.g., the "Login name or password is incorrect" and "No permissions for system access" messages, or just blocking for a number of seconds). This affects both api_jsonrpc.php and index.php.
- [debian-lts-announce] 20210421 [SECURITY] [DLA 2631-1] zabbix security update
- [debian-lts-announce] 20210421 [SECURITY] [DLA 2631-1] zabbix security update
- [debian-lts-announce] 20230412 [SECURITY] [DLA 3390-1] zabbix security update
- [debian-lts-announce] 20230412 [SECURITY] [DLA 3390-1] zabbix security update
- https://support.zabbix.com/browse/ZBX-16532
- https://support.zabbix.com/browse/ZBX-16532
Closed bugs
обновить конфигурацию доступа для httpd-2.4