ALT-BU-2022-5517-1
Branch p10_e2k update bulletin.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2021-3618
ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
- https://alpaca-attack.com/
- https://alpaca-attack.com/
- https://bugzilla.redhat.com/show_bug.cgi?id=1975623
- https://bugzilla.redhat.com/show_bug.cgi?id=1975623
- [debian-lts-announce] 20221122 [SECURITY] [DLA 3203-1] nginx security update
- [debian-lts-announce] 20221122 [SECURITY] [DLA 3203-1] nginx security update
Package branding-alt-workstation updated to version 10.0.900-alt1 for branch p10_e2k.
Closed bugs
При потере фокуса выбранный пользователь не подсвечивается в списке
Closed vulnerabilities
BDU:2022-04307
Уязвимость библиотеки приложений exo среды рабочего стола XFCE, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-21
CVE-2022-32278
XFCE 4.16 allows attackers to execute arbitrary code because xdg-open can execute a .desktop file on an attacker-controlled FTP server.
- https://gitlab.xfce.org/xfce/exo/-/commit/c71c04ff5882b2866a0d8506fb460d4ef796de9f
- https://gitlab.xfce.org/xfce/exo/-/commit/c71c04ff5882b2866a0d8506fb460d4ef796de9f
- [debian-lts-announce] 20220622 [SECURITY] [DLA 3056-1] exo security update
- [debian-lts-announce] 20220622 [SECURITY] [DLA 3056-1] exo security update
- DSA-5164
- DSA-5164
Closed bugs
Обновить до версии 5.1
Package installer-alterator-pkg updated to version 3.0.1-alt1 for branch p10_e2k.
Closed bugs
Groups multiple lists