ALT-BU-2022-4221-1
Branch sisyphus_mipsel update bulletin.
Package samba updated to version 4.14.12-alt2 for branch sisyphus_mipsel.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2021-44142
The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root.
- https://bugzilla.samba.org/show_bug.cgi?id=14914
- https://bugzilla.samba.org/show_bug.cgi?id=14914
- https://kb.cert.org/vuls/id/119678
- https://kb.cert.org/vuls/id/119678
- GLSA-202309-06
- GLSA-202309-06
- https://www.kb.cert.org/vuls/id/119678
- https://www.samba.org/samba/security/CVE-2021-44142.html
- https://www.samba.org/samba/security/CVE-2021-44142.html
- https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin
- https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin
Modified: 2024-11-21
CVE-2022-0336
The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as one added when a computer is joined to a domain. An attacker who has the ability to write to an account can exploit this to perform a denial-of-service attack by adding an SPN that matches an existing service. Additionally, an attacker who can intercept traffic can impersonate existing services, resulting in a loss of confidentiality and integrity.
- https://access.redhat.com/security/cve/CVE-2022-0336
- https://access.redhat.com/security/cve/CVE-2022-0336
- https://bugzilla.redhat.com/show_bug.cgi?id=2046134
- https://bugzilla.redhat.com/show_bug.cgi?id=2046134
- https://bugzilla.samba.org/show_bug.cgi?id=14950
- https://bugzilla.samba.org/show_bug.cgi?id=14950
- https://github.com/samba-team/samba/commit/1a5dc817c0c9379bbaab14c676681b42b0039a3c
- https://github.com/samba-team/samba/commit/1a5dc817c0c9379bbaab14c676681b42b0039a3c
- https://github.com/samba-team/samba/commit/c58ede44f382bd0125f761f0479c8d48156be400
- https://github.com/samba-team/samba/commit/c58ede44f382bd0125f761f0479c8d48156be400
- GLSA-202309-06
- GLSA-202309-06
- https://www.samba.org/samba/security/CVE-2022-0336.html
- https://www.samba.org/samba/security/CVE-2022-0336.html
Package ffmpeg updated to version 4.4.1-alt0.1.mips1 for branch sisyphus_mipsel.
Closed vulnerabilities
BDU:2021-04610
Уязвимость функции dwa_uncompress компонента libavcodec/exr.c мультимедийной библиотеки FFmpeg, связанная с непроверенным индексированием массива, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
BDU:2021-05242
Уязвимость компонента libavcodec/dnxhddec.c мультимедийной библиотеки FFmpeg, связанная с непроверенным возвращаемым значением, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2022-00199
Уязвимость функции adts_decode_extradata компонента libavformat/adtsenc.c мультимедийной библиотеки FFmpeg, связанная с непроверенным возвращаемым значением, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2021-30123
FFmpeg <=4.3 contains a buffer overflow vulnerability in libavcodec through a crafted file that may lead to remote code execution.
- http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=d6f293353c94c7ce200f6e0975ae3de49787f91f
- http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=d6f293353c94c7ce200f6e0975ae3de49787f91f
- GLSA-202105-24
- GLSA-202105-24
- https://trac.ffmpeg.org/ticket/8845
- https://trac.ffmpeg.org/ticket/8845
- https://trac.ffmpeg.org/ticket/8863
- https://trac.ffmpeg.org/ticket/8863
Modified: 2024-11-21
CVE-2021-33815
dwa_uncompress in libavcodec/exr.c in FFmpeg 4.4 allows an out-of-bounds array access because dc_count is not strictly checked.
Modified: 2024-11-21
CVE-2021-38114
libavcodec/dnxhddec.c in FFmpeg 4.4 does not check the return value of the init_vlc function, a similar issue to CVE-2013-0868.
- https://github.com/FFmpeg/FFmpeg/commit/7150f9575671f898382c370acae35f9087a30ba1
- https://github.com/FFmpeg/FFmpeg/commit/7150f9575671f898382c370acae35f9087a30ba1
- [debian-lts-announce] 20210815 [SECURITY] [DLA 2742-1] ffmpeg security update
- [debian-lts-announce] 20210815 [SECURITY] [DLA 2742-1] ffmpeg security update
- https://patchwork.ffmpeg.org/project/ffmpeg/patch/PAXP193MB12624C21AE412BE95BA4D4A4B6F09%40PAXP193MB1262.EURP193.PROD.OUTLOOK.COM/
- https://patchwork.ffmpeg.org/project/ffmpeg/patch/PAXP193MB12624C21AE412BE95BA4D4A4B6F09%40PAXP193MB1262.EURP193.PROD.OUTLOOK.COM/
- DSA-4990
- DSA-4990
- DSA-4998
- DSA-4998
Modified: 2024-11-21
CVE-2021-38171
adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4 does not check the init_get_bits return value, which is a necessary step because the second argument to init_get_bits can be crafted.
- https://github.com/FFmpeg/FFmpeg/commit/9ffa49496d1aae4cbbb387aac28a9e061a6ab0a6
- https://github.com/FFmpeg/FFmpeg/commit/9ffa49496d1aae4cbbb387aac28a9e061a6ab0a6
- [debian-lts-announce] 20211114 [SECURITY] [DLA 2818-1] ffmpeg security update
- [debian-lts-announce] 20211114 [SECURITY] [DLA 2818-1] ffmpeg security update
- https://patchwork.ffmpeg.org/project/ffmpeg/patch/AS8P193MB12542A86E22F8207EC971930B6F19%40AS8P193MB1254.EURP193.PROD.OUTLOOK.COM/
- https://patchwork.ffmpeg.org/project/ffmpeg/patch/AS8P193MB12542A86E22F8207EC971930B6F19%40AS8P193MB1254.EURP193.PROD.OUTLOOK.COM/
- GLSA-202312-14
- GLSA-202312-14
- DSA-4990
- DSA-4990
- DSA-4998
- DSA-4998
Closed bugs
srt streams support