ALT-BU-2022-4932-1
Branch sisyphus update bulletin.
Package alterator-wizardface updated to version 2.3-alt1 for branch sisyphus in task 298757.
Closed bugs
Неправильная справочная страница для второй формы
Closed vulnerabilities
Modified: 2024-11-21
CVE-2018-18409
A stack-based buffer over-read exists in setbit() at iptree.h of TCPFLOW 1.5.0, due to received incorrect values causing incorrect computation, leading to denial of service during an address_histogram call or a get_histogram call.
- https://github.com/simsong/tcpflow/issues/195
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K6MP4YMCJX4ITOBFX427UMOA6E7ZLJDE/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MN5FW6HKPDP7PI2IVNMFSQVIDSCQ5BOR/
- https://usn.ubuntu.com/3955-1/
- https://github.com/simsong/tcpflow/issues/195
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K6MP4YMCJX4ITOBFX427UMOA6E7ZLJDE/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MN5FW6HKPDP7PI2IVNMFSQVIDSCQ5BOR/
- https://usn.ubuntu.com/3955-1/
Closed vulnerabilities
Modified: 2025-03-26
CVE-2022-28923
Caddy v2.4.6 was discovered to contain an open redirection vulnerability which allows attackers to redirect users to phishing websites via crafted URLs.
Modified: 2024-11-21
CVE-2022-29718
Caddy v2.4 was discovered to contain an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links.
- https://github.com/caddyserver/caddy/pull/4499
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CP2VIUT5IKA3OKM6YWA5LTLJ2GTEIH7C/
- https://github.com/caddyserver/caddy/pull/4499
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CP2VIUT5IKA3OKM6YWA5LTLJ2GTEIH7C/