CVE-2022-2509

A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Package cups updated to version 2.4.2-alt1 for branch sisyphus_riscv64.

Package docs-alt-workstation updated to version 10.1-alt2 for branch sisyphus_riscv64.

Документация docs-alt-workstation - Опечатка в частице "то"

Документация docs-alt-workstation пункт 35.3. Центр приложений - Нет выделения для названия кнопки дополнительных сведений

Документация docs-alt-workstation пункт 35.3. Центр приложений - опечатки

Документация docs-alt-workstation пункт 34.2. Xsane - опечатки

Документация docs-alt-workstation пункт 34.2. Xsane - в поле "Назначение" нет значений "Файл", "Просмотр"

Package python3 updated to version 3.10.6-alt1 for branch sisyphus_riscv64.

Published: 2022-08-23
Modified: 2024-11-21

CVE-2021-28861

Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states "Warning: http.server is not recommended for production. It only implements basic security checks."

Severity: HIGH (7.4) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

References:

Version: 2.1.0

Branch sisyphus_riscv64 update on 2022-08-05

ALT-BU-2022-5686-1

ALT-PU-2022-5682-1

Closed vulnerabilities

CVE-2022-2509

ALT-PU-2022-5683-1

Closed bugs

Bug #43413

ALT-PU-2022-5684-1

Closed bugs

Bug #43358

Bug #43369

Bug #43394

Bug #43398

Bug #43400

ALT-PU-2022-5685-1

Closed vulnerabilities

CVE-2021-28861