2021-09-13
ALT-BU-2021-4196-1
Branch sisyphus update bulletin.
Closed vulnerabilities
Published: 2021-04-29
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2021-31879
GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007.
Severity: MEDIUM (6.1)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
References:
Package cifs-utils updated to version 6.13-alt3 for branch sisyphus in task 285064.
Closed vulnerabilities
Published: 2021-04-20
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2021-20208
A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host. The highest threat from this vulnerability is to data confidentiality and integrity.
Severity: MEDIUM (6.1)
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
References:
- https://bugzilla.redhat.com/show_bug.cgi?id=1921116
- https://bugzilla.redhat.com/show_bug.cgi?id=1921116
- https://bugzilla.samba.org/show_bug.cgi?id=14651
- https://bugzilla.samba.org/show_bug.cgi?id=14651
- FEDORA-2021-c87ed13391
- FEDORA-2021-c87ed13391
- FEDORA-2021-b1bb3d3b20
- FEDORA-2021-b1bb3d3b20
- FEDORA-2021-d54e02d1b2
- FEDORA-2021-d54e02d1b2
Closed bugs
Не работает монтирование сетевой папки с помощью pam_mount