ALT-BU-2022-3562-1
Branch sisyphus_e2k update bulletin.
Package qd updated to version 2.3.23-alt1 for branch sisyphus_e2k.
Closed bugs
qd: please, update to 2.3.23 and package pkgconfig(qd)
Package util-linux updated to version 2.37.2-alt2 for branch sisyphus_e2k.
Closed vulnerabilities
BDU:2021-03990
Уязвимость пакета служебных утилит командной строки util-linux, позволяющая нарушителю выполнить произвольный код в целевой системе
Modified: 2024-11-21
CVE-2021-37600
An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and possibly in all realistic environments.
- https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
- https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
- https://github.com/karelzak/util-linux/issues/1395
- https://github.com/karelzak/util-linux/issues/1395
- [debian-lts-announce] 20240407 [SECURITY] [DLA 3782-1] util-linux security update
- [debian-lts-announce] 20240407 [SECURITY] [DLA 3782-1] util-linux security update
- GLSA-202401-08
- GLSA-202401-08
- https://security.netapp.com/advisory/ntap-20210902-0002/
- https://security.netapp.com/advisory/ntap-20210902-0002/
Closed bugs
losetup cannot use hashalot package and therefore should not require it
Package newt52 updated to version 0.52.21-alt3 for branch sisyphus_e2k.
Closed bugs
newt52: no devel-static any more
Package openssh updated to version 8.6p1-alt2 for branch sisyphus_e2k.
Closed vulnerabilities
BDU:2021-03492
Уязвимость функции toremote средства криптографической защиты OpenSSH, позволяющая нарушителю выполнить произвольную команду
BDU:2021-03494
Уязвимость средства криптографической защиты OpenSSH, связанная с отсутствием защиты служебных данных, позволяющая нарушителю раскрыть защищаемую информацию
Modified: 2024-11-21
CVE-2020-14145
The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.
- [oss-security] 20201202 Some mitigation for openssh CVE-2020-14145
- [oss-security] 20201202 Some mitigation for openssh CVE-2020-14145
- https://anongit.mindrot.org/openssh.git/commit/?id=b3855ff053f5078ec3d3c653cdaedefaa5fc362d
- https://anongit.mindrot.org/openssh.git/commit/?id=b3855ff053f5078ec3d3c653cdaedefaa5fc362d
- https://docs.ssh-mitm.at/CVE-2020-14145.html
- https://docs.ssh-mitm.at/CVE-2020-14145.html
- https://github.com/openssh/openssh-portable/compare/V_8_3_P1...V_8_4_P1
- https://github.com/openssh/openssh-portable/compare/V_8_3_P1...V_8_4_P1
- https://github.com/ssh-mitm/ssh-mitm/blob/master/ssh_proxy_server/plugins/session/cve202014145.py
- https://github.com/ssh-mitm/ssh-mitm/blob/master/ssh_proxy_server/plugins/session/cve202014145.py
- GLSA-202105-35
- GLSA-202105-35
- https://security.netapp.com/advisory/ntap-20200709-0004/
- https://security.netapp.com/advisory/ntap-20200709-0004/
- https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-2-ausnutzung-eines-informationslecks-fuer-gezielte-mitm-angriffe-auf-ssh-clients/
- https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-2-ausnutzung-eines-informationslecks-fuer-gezielte-mitm-angriffe-auf-ssh-clients/
Modified: 2024-11-21
CVE-2020-15778
scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."
- https://access.redhat.com/errata/RHSA-2024:3166
- https://access.redhat.com/errata/RHSA-2024:3166
- https://github.com/cpandya2909/CVE-2020-15778/
- https://github.com/cpandya2909/CVE-2020-15778/
- https://news.ycombinator.com/item?id=25005567
- https://news.ycombinator.com/item?id=25005567
- GLSA-202212-06
- GLSA-202212-06
- https://security.netapp.com/advisory/ntap-20200731-0007/
- https://security.netapp.com/advisory/ntap-20200731-0007/
- https://www.openssh.com/security.html
- https://www.openssh.com/security.html
Package libldb updated to version 2.3.2-alt2 for branch sisyphus_e2k.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2021-3670
MaxQueryDuration not honoured in Samba AD DC LDAP
- https://bugzilla.redhat.com/show_bug.cgi?id=2077533
- https://bugzilla.redhat.com/show_bug.cgi?id=2077533
- https://bugzilla.samba.org/show_bug.cgi?id=14694
- https://bugzilla.samba.org/show_bug.cgi?id=14694
- https://gitlab.com/samba-team/samba/-/commit/1d5b155619bc532c46932965b215bd73a920e56f
- https://gitlab.com/samba-team/samba/-/commit/1d5b155619bc532c46932965b215bd73a920e56f
- https://gitlab.com/samba-team/samba/-/commit/2b3af3b560c9617a233c131376c870fce146c002
- https://gitlab.com/samba-team/samba/-/commit/2b3af3b560c9617a233c131376c870fce146c002
- https://gitlab.com/samba-team/samba/-/commit/3507e96b3dcf0c0b8eff7b2c08ffccaf0812a393
- https://gitlab.com/samba-team/samba/-/commit/3507e96b3dcf0c0b8eff7b2c08ffccaf0812a393
- https://gitlab.com/samba-team/samba/-/commit/5f0590362c5c0c5ee20503a67467f9be2d50e73b
- https://gitlab.com/samba-team/samba/-/commit/5f0590362c5c0c5ee20503a67467f9be2d50e73b
- https://gitlab.com/samba-team/samba/-/commit/86fe9d48883f87c928bf31ccbd275db420386803
- https://gitlab.com/samba-team/samba/-/commit/86fe9d48883f87c928bf31ccbd275db420386803
- https://gitlab.com/samba-team/samba/-/commit/dcfcafdbf756e12d9077ad7920eea25478c29f81
- https://gitlab.com/samba-team/samba/-/commit/dcfcafdbf756e12d9077ad7920eea25478c29f81
- https://gitlab.com/samba-team/samba/-/commit/e1ab0c43629686d1d2c0b0b2bcdc90057a792049
- https://gitlab.com/samba-team/samba/-/commit/e1ab0c43629686d1d2c0b0b2bcdc90057a792049
- https://security.gentoo.org/glsa/202309-06
- https://security.gentoo.org/glsa/202309-06
Package samba updated to version 4.14.11-alt1 for branch sisyphus_e2k.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2020-25727
The Reset Password add-on before 1.2.0 for Alfresco suffers from CMIS-SQL Injection, which allows a malicious user to inject a query within the email input field.
Modified: 2024-11-21
CVE-2021-3670
MaxQueryDuration not honoured in Samba AD DC LDAP
- https://bugzilla.redhat.com/show_bug.cgi?id=2077533
- https://bugzilla.redhat.com/show_bug.cgi?id=2077533
- https://bugzilla.samba.org/show_bug.cgi?id=14694
- https://bugzilla.samba.org/show_bug.cgi?id=14694
- https://gitlab.com/samba-team/samba/-/commit/1d5b155619bc532c46932965b215bd73a920e56f
- https://gitlab.com/samba-team/samba/-/commit/1d5b155619bc532c46932965b215bd73a920e56f
- https://gitlab.com/samba-team/samba/-/commit/2b3af3b560c9617a233c131376c870fce146c002
- https://gitlab.com/samba-team/samba/-/commit/2b3af3b560c9617a233c131376c870fce146c002
- https://gitlab.com/samba-team/samba/-/commit/3507e96b3dcf0c0b8eff7b2c08ffccaf0812a393
- https://gitlab.com/samba-team/samba/-/commit/3507e96b3dcf0c0b8eff7b2c08ffccaf0812a393
- https://gitlab.com/samba-team/samba/-/commit/5f0590362c5c0c5ee20503a67467f9be2d50e73b
- https://gitlab.com/samba-team/samba/-/commit/5f0590362c5c0c5ee20503a67467f9be2d50e73b
- https://gitlab.com/samba-team/samba/-/commit/86fe9d48883f87c928bf31ccbd275db420386803
- https://gitlab.com/samba-team/samba/-/commit/86fe9d48883f87c928bf31ccbd275db420386803
- https://gitlab.com/samba-team/samba/-/commit/dcfcafdbf756e12d9077ad7920eea25478c29f81
- https://gitlab.com/samba-team/samba/-/commit/dcfcafdbf756e12d9077ad7920eea25478c29f81
- https://gitlab.com/samba-team/samba/-/commit/e1ab0c43629686d1d2c0b0b2bcdc90057a792049
- https://gitlab.com/samba-team/samba/-/commit/e1ab0c43629686d1d2c0b0b2bcdc90057a792049
- https://security.gentoo.org/glsa/202309-06
- https://security.gentoo.org/glsa/202309-06
Package mbedtls updated to version 3.1.0-alt1 for branch sisyphus_e2k.
Closed vulnerabilities
BDU:2022-00710
Уязвимость функции mbedtls_ssl_set_session() реализация протоколов TLS и SSL Mbed TLS, связанная с ошибкой повторного освобождения памяти, позволяющая нарушителю выполнить произвольный код
BDU:2022-01625
Уязвимость функции mbedtls_pkcs12_derivation реализации протоколов TLS и SSL программного обеспечения Mbed TLS, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2021-43666
A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkcs12_derivation function when an input password's length is 0.
Modified: 2024-11-21
CVE-2021-44732
Mbed TLS before 3.0.1 has a double free in certain out-of-memory conditions, as demonstrated by an mbedtls_ssl_set_session() failure.
- https://bugs.gentoo.org/829660
- https://bugs.gentoo.org/829660
- https://github.com/ARMmbed/mbedtls/releases
- https://github.com/ARMmbed/mbedtls/releases
- https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.12
- https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.12
- https://github.com/ARMmbed/mbedtls/releases/tag/v2.28.0
- https://github.com/ARMmbed/mbedtls/releases/tag/v2.28.0
- https://github.com/ARMmbed/mbedtls/releases/tag/v3.1.0
- https://github.com/ARMmbed/mbedtls/releases/tag/v3.1.0
- [debian-lts-announce] 20221225 [SECURITY] [DLA 3249-1] mbedtls security update
- [debian-lts-announce] 20221225 [SECURITY] [DLA 3249-1] mbedtls security update
- https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2021-12
- https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2021-12
Modified: 2024-11-21
CVE-2021-45450
In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psa_cipher_generate_iv and psa_cipher_encrypt allow policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application.
- https://github.com/ARMmbed/mbedtls/releases/tag/v2.28.0
- https://github.com/ARMmbed/mbedtls/releases/tag/v2.28.0
- https://github.com/ARMmbed/mbedtls/releases/tag/v3.1.0
- https://github.com/ARMmbed/mbedtls/releases/tag/v3.1.0
- FEDORA-2022-1dd9dc5140
- FEDORA-2022-1dd9dc5140
- FEDORA-2022-ff582c5b0d
- FEDORA-2022-ff582c5b0d
- GLSA-202301-08
- GLSA-202301-08
Modified: 2024-11-21
CVE-2021-45451
In Mbed TLS before 3.1.0, psa_aead_generate_nonce allows policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application.