ALT-BU-2021-4015-1
Branch sisyphus update bulletin.
Closed vulnerabilities
BDU:2021-03700
Уязвимость функции uv__idna_toascii() программной платформы Node.js, позволяющая нарушителю вызвать отказ в обслуживании или получить несанкционированный доступ к защищаемой информации
BDU:2021-04210
Уязвимость функции uv__idna_toascii() программной платформы Node.js, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации или вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2021-22918
Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read when uv__idna_toascii() is used to convert strings to ASCII. The pointer p is read and increased without checking whether it is beyond pe, with the latter holding a pointer to the end of the buffer. This can lead to information disclosures or crashes. This function can be triggered via uv_getaddrinfo().
- https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
- https://hackerone.com/reports/1209681
- https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/
- https://security.gentoo.org/glsa/202401-23
- https://security.netapp.com/advisory/ntap-20210805-0003/
- https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
- https://hackerone.com/reports/1209681
- https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/
- https://security.gentoo.org/glsa/202401-23
- https://security.netapp.com/advisory/ntap-20210805-0003/
Closed vulnerabilities
BDU:2021-03700
Уязвимость функции uv__idna_toascii() программной платформы Node.js, позволяющая нарушителю вызвать отказ в обслуживании или получить несанкционированный доступ к защищаемой информации
BDU:2021-04210
Уязвимость функции uv__idna_toascii() программной платформы Node.js, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации или вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2021-22918
Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read when uv__idna_toascii() is used to convert strings to ASCII. The pointer p is read and increased without checking whether it is beyond pe, with the latter holding a pointer to the end of the buffer. This can lead to information disclosures or crashes. This function can be triggered via uv_getaddrinfo().
- https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
- https://hackerone.com/reports/1209681
- https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/
- https://security.gentoo.org/glsa/202401-23
- https://security.netapp.com/advisory/ntap-20210805-0003/
- https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
- https://hackerone.com/reports/1209681
- https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/
- https://security.gentoo.org/glsa/202401-23
- https://security.netapp.com/advisory/ntap-20210805-0003/
Package vorbis-tools updated to version 1.4.2-alt1 for branch sisyphus in task 262536.
Closed vulnerabilities
BDU:2018-00034
Уязвимость функции aiff_open (oggenc/audio.c) пакета vorbis-tools, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-04-12
CVE-2014-9638
oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero.
- http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150543.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150570.html
- http://lists.opensuse.org/opensuse-updates/2015-03/msg00054.html
- http://seclists.org/fulldisclosure/2015/Jan/78
- http://www.openwall.com/lists/oss-security/2015/01/21/5
- http://www.openwall.com/lists/oss-security/2015/01/22/9
- http://www.securityfocus.com/bid/72290
- https://trac.xiph.org/ticket/2137
- http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150543.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150570.html
- http://lists.opensuse.org/opensuse-updates/2015-03/msg00054.html
- http://seclists.org/fulldisclosure/2015/Jan/78
- http://www.openwall.com/lists/oss-security/2015/01/21/5
- http://www.openwall.com/lists/oss-security/2015/01/22/9
- http://www.securityfocus.com/bid/72290
- https://trac.xiph.org/ticket/2137
Modified: 2025-04-12
CVE-2014-9639
Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access.
- http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150543.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150570.html
- http://lists.opensuse.org/opensuse-updates/2015-03/msg00054.html
- http://seclists.org/fulldisclosure/2015/Jan/78
- http://www.openwall.com/lists/oss-security/2015/01/21/5
- http://www.openwall.com/lists/oss-security/2015/01/22/9
- http://www.securityfocus.com/bid/72295
- https://trac.xiph.org/ticket/2136
- http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150543.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150570.html
- http://lists.opensuse.org/opensuse-updates/2015-03/msg00054.html
- http://seclists.org/fulldisclosure/2015/Jan/78
- http://www.openwall.com/lists/oss-security/2015/01/21/5
- http://www.openwall.com/lists/oss-security/2015/01/22/9
- http://www.securityfocus.com/bid/72295
- https://trac.xiph.org/ticket/2136
Modified: 2025-04-12
CVE-2014-9640
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file.
- http://advisories.mageia.org/MGASA-2015-0051.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148852.html
- http://lists.opensuse.org/opensuse-updates/2015-02/msg00032.html
- http://www.mandriva.com/security/advisories?name=MDVSA-2015:037
- http://www.openwall.com/lists/oss-security/2015/01/21/6
- http://www.openwall.com/lists/oss-security/2015/01/22/9
- https://trac.xiph.org/changeset/19117
- https://trac.xiph.org/ticket/2009
- http://advisories.mageia.org/MGASA-2015-0051.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148852.html
- http://lists.opensuse.org/opensuse-updates/2015-02/msg00032.html
- http://www.mandriva.com/security/advisories?name=MDVSA-2015:037
- http://www.openwall.com/lists/oss-security/2015/01/21/6
- http://www.openwall.com/lists/oss-security/2015/01/22/9
- https://trac.xiph.org/changeset/19117
- https://trac.xiph.org/ticket/2009
Modified: 2025-04-12
CVE-2015-6749
Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted AIFF file.
- http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165555.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166424.html
- http://lists.opensuse.org/opensuse-updates/2015-10/msg00013.html
- http://seclists.org/oss-sec/2015/q3/455
- http://seclists.org/oss-sec/2015/q3/457
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797461
- https://bugzilla.redhat.com/show_bug.cgi?id=1258424
- https://bugzilla.redhat.com/show_bug.cgi?id=1258443
- https://trac.xiph.org/attachment/ticket/2212/0001-oggenc-Fix-large-alloca-on-bad-AIFF-input.patch
- https://trac.xiph.org/ticket/2212
- http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165555.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166424.html
- http://lists.opensuse.org/opensuse-updates/2015-10/msg00013.html
- http://seclists.org/oss-sec/2015/q3/455
- http://seclists.org/oss-sec/2015/q3/457
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797461
- https://bugzilla.redhat.com/show_bug.cgi?id=1258424
- https://bugzilla.redhat.com/show_bug.cgi?id=1258443
- https://trac.xiph.org/attachment/ticket/2212/0001-oggenc-Fix-large-alloca-on-bad-AIFF-input.patch
- https://trac.xiph.org/ticket/2212
Modified: 2025-04-20
CVE-2017-11331
The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (memory allocation error) via a crafted wav file.
Closed vulnerabilities
BDU:2022-00233
Уязвимость функций расшифровки RSA криптографической библиотеки Nettle, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2021-3580
A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.
- https://bugzilla.redhat.com/show_bug.cgi?id=1967983
- https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html
- https://security.gentoo.org/glsa/202401-24
- https://security.netapp.com/advisory/ntap-20211104-0006/
- https://bugzilla.redhat.com/show_bug.cgi?id=1967983
- https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html
- https://security.gentoo.org/glsa/202401-24
- https://security.netapp.com/advisory/ntap-20211104-0006/
Closed bugs
Зависит от python3(PyQt5.QtWebKitWidgets)
Package keepalived updated to version 2.2.2-alt2 for branch sisyphus in task 276791.
Closed bugs
Сломалась сборка keepalived
Closed bugs
Не работает без ntp-server
Package mnogosearch updated to version 3.4.1-alt1 for branch sisyphus in task 276884.
Closed bugs
mnoGoSearch 3.4.1 is available
Package password-store updated to version 1.7.4-alt1 for branch sisyphus in task 276901.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2018-12356
An issue was discovered in password-store.sh in pass in Simple Password Store 1.7.x before 1.7.2. The signature verification routine parses the output of GnuPG with an incomplete regular expression, which allows remote attackers to spoof file signatures on configuration files and extension scripts. Modifying the configuration file allows the attacker to inject additional encryption keys under their control, thereby disclosing passwords to the attacker. Modifying the extension scripts allows the attacker arbitrary code execution.
- http://openwall.com/lists/oss-security/2018/06/14/3
- http://packetstormsecurity.com/files/152703/Johnny-You-Are-Fired.html
- http://seclists.org/fulldisclosure/2019/Apr/38
- http://www.openwall.com/lists/oss-security/2019/04/30/4
- https://git.zx2c4.com/password-store/commit/?id=8683403b77f59c56fcb1f05c61ab33b9fd61a30d
- https://github.com/RUB-NDS/Johnny-You-Are-Fired
- https://github.com/RUB-NDS/Johnny-You-Are-Fired/blob/master/paper/johnny-fired.pdf
- https://lists.zx2c4.com/pipermail/password-store/2018-June/003308.html
- http://openwall.com/lists/oss-security/2018/06/14/3
- http://packetstormsecurity.com/files/152703/Johnny-You-Are-Fired.html
- http://seclists.org/fulldisclosure/2019/Apr/38
- http://www.openwall.com/lists/oss-security/2019/04/30/4
- https://git.zx2c4.com/password-store/commit/?id=8683403b77f59c56fcb1f05c61ab33b9fd61a30d
- https://github.com/RUB-NDS/Johnny-You-Are-Fired
- https://github.com/RUB-NDS/Johnny-You-Are-Fired/blob/master/paper/johnny-fired.pdf
- https://lists.zx2c4.com/pipermail/password-store/2018-June/003308.html
Modified: 2024-11-21
CVE-2020-28086
pass through 1.7.3 has a possibility of using a password for an unintended resource. For exploitation to occur, the user must do a git pull, decrypt a password, and log into a remote service with the password. If an attacker controls the central Git server or one of the other members' machines, and also controls one of the services already in the password store, they can rename one of the password files in the Git repository to something else: pass doesn't correctly verify that the content of a file matches the filename, so a user might be tricked into decrypting the wrong password and sending that to a service that the attacker controls. NOTE: for environments in which this threat model is of concern, signing commits can be a solution.
Closed bugs
упаковать completion для zsh и fish
Просьба мантейнеру пакета собрать новую версию