ALT-BU-2022-5217-1
Branch sisyphus_riscv64 update bulletin.
Package libexo updated to version 4.17.2-alt1 for branch sisyphus_riscv64.
Closed vulnerabilities
BDU:2022-04307
Уязвимость библиотеки приложений exo среды рабочего стола XFCE, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-21
CVE-2022-32278
XFCE 4.16 allows attackers to execute arbitrary code because xdg-open can execute a .desktop file on an attacker-controlled FTP server.
- https://gitlab.xfce.org/xfce/exo/-/commit/c71c04ff5882b2866a0d8506fb460d4ef796de9f
- https://gitlab.xfce.org/xfce/exo/-/commit/c71c04ff5882b2866a0d8506fb460d4ef796de9f
- [debian-lts-announce] 20220622 [SECURITY] [DLA 3056-1] exo security update
- [debian-lts-announce] 20220622 [SECURITY] [DLA 3056-1] exo security update
- DSA-5164
- DSA-5164
Package gimp updated to version 2.10.32-alt1 for branch sisyphus_riscv64.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2022-30067
GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash.
Modified: 2024-11-21
CVE-2022-32990
An issue in gimp_layer_invalidate_boundary of GNOME GIMP 2.10.30 allows attackers to trigger an unhandled exception via a crafted XCF file, causing a Denial of Service (DoS).
Package make-initrd-bootchain updated to version 0.1.5-alt10 for branch sisyphus_riscv64.
Closed bugs
Передаёт инсталятору неверный $PREFIX
Package jack-audio-connection-kit updated to version 1.9.21-alt1 for branch sisyphus_riscv64.
Closed bugs
JACK 1.9.21
Падения клиентов jack