Branch sisyphus_e2k update bulletin.

Package gnupg2 updated to version 2.2.33-alt1 for branch sisyphus_e2k.

gnupg2: restore setting GPG_TTY in profile.d

Package libpano13 updated to version 2.9.21-alt1 for branch sisyphus_e2k.

Published: 2022-03-10
Modified: 2024-11-21

CVE-2021-33293

Panorama Tools libpano13 v2.9.20 was discovered to contain an out-of-bounds read in the function panoParserFindOLine() in parser.c.

Severity: CRITICAL (9.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

References:

Package appstream updated to version 0.15.1-alt1 for branch sisyphus_e2k.

0.15.1

Package bluefish updated to version 2.2.12-alt2 for branch sisyphus_e2k.

Не выполняется команда chmod в пути с пробелами

Package mc updated to version 4.8.27-alt1 for branch sisyphus_e2k.

Published: 2021-07-09

BDU:2022-00235

Уязвимость файлового менеджера Midnight Commander, связанная с недостатками процедуры аутентификации, позволяющая нарушителю оказать воздействие на целостность данных

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

References:

CVE-2021-36370

Published: 2021-08-30
Modified: 2024-11-21

CVE-2021-36370

An issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection, the fingerprint of the server is neither checked nor displayed. As a result, a user connects to the server without the ability to verify its authenticity.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

References:

Version: 2.1.0

Branch sisyphus_e2k update on 2022-01-12

ALT-BU-2022-3580-1

ALT-PU-2022-3575-1

Closed bugs

Bug #41509

ALT-PU-2022-3576-1

Closed vulnerabilities

CVE-2021-33293

ALT-PU-2022-3577-1

Closed bugs

Bug #41655

ALT-PU-2022-3578-1

Closed bugs

Bug #41636

ALT-PU-2022-3579-1

Closed vulnerabilities

BDU:2022-00235

CVE-2021-36370