ALT-BU-2021-3805-1
Branch sisyphus update bulletin.
Closed vulnerabilities
BDU:2021-03706
Уязвимость системы управления конфигурациями Ansible, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальным данным
Modified: 2024-11-21
CVE-2021-20228
A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.
Closed bugs
Не грузятся образы, собранные с версией 4.04-alt17
Package apache2-mod_apreq updated to version 2.15-alt1 for branch sisyphus in task 268001.
Closed vulnerabilities
BDU:2020-01287
Уязвимость функции create_multipart_context() библиотеки libapreq2, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2019-12412
A flaw in the libapreq2 v2.07 to v2.13 multipart parser can deference a null pointer leading to a process crash. A remote attacker could send a request causing a process crash which could lead to a denial of service attack.
- https://bugs.debian.org/939937
- https://bugs.debian.org/939937
- https://lists.apache.org/thread.html/rce5814279a615d4a17c870a3c5b77f57975874d382ffee0b73b7f9da%40%3Cmodperl.perl.apache.org%3E
- https://lists.apache.org/thread.html/rce5814279a615d4a17c870a3c5b77f57975874d382ffee0b73b7f9da%40%3Cmodperl.perl.apache.org%3E
Package pam_pkcs11 updated to version 0.6.11-alt4 for branch sisyphus in task 268011.
Closed bugs
Please migrate from libpwquality to libpasswdqc
Closed bugs
Добавить поддержку specsubst в gear-create-tag