ALT Linux Team

Branch sisyphus_mipsel update on 2021-11-30

2021-11-30

ALT-BU-2021-4436-1

Branch sisyphus_mipsel update bulletin.

ALT-PU-2021-4424-1

Package perl-CPAN-Checksums updated to version 2.13-alt1 for branch sisyphus_mipsel.

Closed vulnerabilities

Published: 2021-12-13
Modified: 2024-11-21

CVE-2020-16155

The CPAN::Checksums package 2.12 for Perl does not uniquely define signed data.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
References:

ALT-PU-2021-4425-1

Package perl-CPAN updated to version 2.29-alt1 for branch sisyphus_mipsel.

Closed vulnerabilities

Published: 2020-07-08

BDU:2023-01694

Уязвимость функции Module::Signature::_verify() языка программирования Perl, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

Severity: HIGH (7.5) Vector: AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2021-12-13
Modified: 2024-11-21

CVE-2020-16156

CPAN 2.28 allows Signature Verification Bypass.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:

ALT-PU-2021-4426-1

Package espeak updated to version 1.48.04-alt3 for branch sisyphus_mipsel.

Closed bugs

Bug #41463

espeak-data: конфликты при обновлении

ALT-PU-2021-4427-1

Package python3-module-importlib-metadata updated to version 4.8.1-alt2 for branch sisyphus_mipsel.

Closed bugs

Bug #41400

Файловый конфликт при dist-upgrade

ALT-PU-2021-4428-1

Package apache2 updated to version 2.4.51-alt2 for branch sisyphus_mipsel.

Closed bugs

Bug #41456

Зависит от systemd

ALT-PU-2021-4429-1

Package bubblewrap updated to version 0.5.0-alt2 for branch sisyphus_mipsel.

Closed bugs

Bug #41418

Выключает userns_restrict даже в режиме suid

ALT-PU-2021-4430-1

Package wireshark updated to version 3.4.10-alt1 for branch sisyphus_mipsel.

Closed vulnerabilities

Published: 2021-11-17

BDU:2021-05776

Уязвимость компонента Modbus анализатора трафика компьютерных сетей Wireshark, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2021-11-17

BDU:2021-05777

Уязвимость службы Bluetooth SDP анализатора трафика компьютерных сетей Wireshark , позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2021-11-17

BDU:2021-05801

Уязвимость службы Bluetooth DHT анализатора трафика компьютерных сетей Wireshark, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2021-11-17

BDU:2021-05836

Уязвимость компонента C12.22 анализатора трафика компьютерных сетей Wireshark, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2021-11-17

BDU:2021-05837

Уязвимость службы Bluetooth HCI_ISO анализатора трафика компьютерных сетей Wireshark, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2021-11-17

BDU:2021-05936

Уязвимость набора стандартов связи для коммуникации IEEE 802.11 анализатора трафика компьютерных сетей Wireshark, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2021-11-17

BDU:2021-05943

Уязвимость диссектора IPPUSB анализатора трафика компьютерных сетей Wireshark, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2021-11-17

BDU:2022-00029

Уязвимость службы Bluetooth DHT анализатора трафика компьютерных сетей Wireshark, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2021-11-18
Modified: 2024-11-21

CVE-2021-39920

NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2021-11-19
Modified: 2024-11-21

CVE-2021-39921

NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2021-11-19
Modified: 2024-11-21

CVE-2021-39922

Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2021-11-19
Modified: 2024-11-21

CVE-2021-39923

Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2021-11-19
Modified: 2024-11-21

CVE-2021-39924

Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2021-11-19
Modified: 2024-11-21

CVE-2021-39925

Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2021-11-19
Modified: 2024-11-21

CVE-2021-39926

Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2021-11-18
Modified: 2024-11-21

CVE-2021-39928

NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2021-11-19
Modified: 2024-11-21

CVE-2021-39929

Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:

ALT-PU-2021-4431-1

Package ethtool updated to version 5.15-alt1 for branch sisyphus_mipsel.

Closed bugs

Bug #41460

В README.ALT осталось упоминание init-скрипта

ALT-PU-2021-4432-1

Package bluez updated to version 5.62-alt2 for branch sisyphus_mipsel.

Closed bugs

Bug #41458

Требует /bin/systemctl

ALT-PU-2021-4433-1

Package alterator-setup updated to version 0.3.14-alt1 for branch sisyphus_mipsel.

Closed bugs

Bug #41457

alterator-setup зависит от systemd

ALT-PU-2021-4434-1

Package drbd-utils updated to version 9.19.1-alt3 for branch sisyphus_mipsel.

Closed bugs

Bug #41454

Зависит от systemd

ALT-PU-2021-4435-1

Package elinks updated to version 0.14.3-alt1 for branch sisyphus_mipsel.

Closed vulnerabilities

Published: 2018-02-23
Modified: 2024-11-21

CVE-2012-6709

ELinks 0.12 and Twibright Links 2.3 have Missing SSL Certificate Validation.

Severity: MEDIUM (5.9) Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top