Branch sisyphus update bulletin.

Package php8.0 updated to version 8.0.20-alt1 for branch sisyphus in task 302190.

Published: 2022-05-16

BDU:2022-03725

Уязвимость функции mysqlnd/pdo (mysqlnd_wireprotocol.c) интерпретатора языка программирования PHP, позволяющая нарушителю выполнить произвольный код

Severity: HIGH (7.5) Vector: AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

CVE-2022-31626

Published: 2022-02-27

BDU:2022-05351

Уязвимость функции pg_query_params() интерпретатора языка программирования PHP, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

CVE-2022-31625

Published: 2022-06-16
Modified: 2024-11-21

CVE-2022-31625

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.

Severity: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

Published: 2022-06-16
Modified: 2024-11-21

CVE-2022-31626

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when pdo_mysql extension with mysqlnd driver, if the third party is allowed to supply host to connect to and the password for the connection, password of excessive length can trigger a buffer overflow in PHP, which can lead to a remote code execution vulnerability.

Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Package php8.1 updated to version 8.1.7-alt1 for branch sisyphus in task 302188.

Published: 2022-05-16

BDU:2022-03725

Severity: HIGH (7.5) Vector: AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

CVE-2022-31626

Published: 2022-02-27

BDU:2022-05351

Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

CVE-2022-31625

Published: 2022-06-16
Modified: 2024-11-21

CVE-2022-31625

Severity: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

Published: 2022-06-16
Modified: 2024-11-21

CVE-2022-31626

Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Package python updated to version 2.7.18-alt10 for branch sisyphus in task 302234.

Published: 2022-04-13

BDU:2022-03962

Уязвимость модуля mailcap интерпретатора языка программирования Python, позволяющая нарушителю выполнить произвольную команду

Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

CVE-2015-20107

Published: 2022-04-13
Modified: 2024-11-21

CVE-2015-20107

In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9

Severity: HIGH (7.6) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L

References:

Package bootloader-utils updated to version 0.5.4-alt1 for branch sisyphus in task 299892.

Не поддерживается загрузка с /boot на отдельном разделе при загрузке с extlinux.conf

Version: 2.1.0

Branch sisyphus update on 2022-06-18

ALT-BU-2022-5235-1

ALT-PU-2022-2064-1

Closed vulnerabilities

BDU:2022-03725

BDU:2022-05351

CVE-2022-31625

CVE-2022-31626

ALT-PU-2022-2065-1

Closed vulnerabilities

BDU:2022-03725

BDU:2022-05351

CVE-2022-31625

CVE-2022-31626

ALT-PU-2022-2066-1

Closed vulnerabilities

BDU:2022-03962

CVE-2015-20107

ALT-PU-2022-2068-1

Closed bugs

Bug #41140