ALT Linux Team

Branch sisyphus_e2k update on 2022-10-05

2022-10-05

ALT-BU-2022-6401-1

Branch sisyphus_e2k update bulletin.

ALT-PU-2022-6383-1

Package installer updated to version 1.12.6-alt1 for branch sisyphus_e2k.

Closed bugs

Bug #43832

installer: установка по HTTP с нераспакованного образа

ALT-PU-2022-6384-1

Package bluez updated to version 5.65-alt1 for branch sisyphus_e2k.

Closed bugs

Bug #38747

some tools aren't packed

ALT-PU-2022-6385-1

Package php8.0 updated to version 8.0.24-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-09-28
Modified: 2024-11-21

CVE-2022-31628

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2022-09-28
Modified: 2025-11-04

CVE-2022-31629

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
References:

ALT-PU-2022-6386-1

Package php7 updated to version 7.4.32-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-09-28
Modified: 2024-11-21

CVE-2022-31628

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2022-09-28
Modified: 2025-11-04

CVE-2022-31629

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
References:

ALT-PU-2022-6387-1

Package php7-curl updated to version 7.4.32-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-09-28
Modified: 2024-11-21

CVE-2022-31628

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2022-09-28
Modified: 2025-11-04

CVE-2022-31629

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
References:

ALT-PU-2022-6388-1

Package php7-gd updated to version 7.4.32-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-09-28
Modified: 2024-11-21

CVE-2022-31628

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2022-09-28
Modified: 2025-11-04

CVE-2022-31629

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
References:

ALT-PU-2022-6389-1

Package php7-openssl updated to version 7.4.32-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-09-28
Modified: 2024-11-21

CVE-2022-31628

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2022-09-28
Modified: 2025-11-04

CVE-2022-31629

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
References:

ALT-PU-2022-6390-1

Package php7-pdo_mysql updated to version 7.4.32-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-09-28
Modified: 2024-11-21

CVE-2022-31628

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2022-09-28
Modified: 2025-11-04

CVE-2022-31629

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
References:

ALT-PU-2022-6391-1

Package php7-pgsql updated to version 7.4.32-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-09-28
Modified: 2024-11-21

CVE-2022-31628

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2022-09-28
Modified: 2025-11-04

CVE-2022-31629

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
References:

ALT-PU-2022-6392-1

Package php7-zip updated to version 7.4.32-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-09-28
Modified: 2024-11-21

CVE-2022-31628

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2022-09-28
Modified: 2025-11-04

CVE-2022-31629

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
References:

ALT-PU-2022-6393-1

Package php7-xsl updated to version 7.4.32-alt1.1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-09-28
Modified: 2024-11-21

CVE-2022-31628

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2022-09-28
Modified: 2025-11-04

CVE-2022-31629

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
References:

ALT-PU-2022-6394-1

Package php7-intl updated to version 7.4.32-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-09-28
Modified: 2024-11-21

CVE-2022-31628

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2022-09-28
Modified: 2025-11-04

CVE-2022-31629

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
References:

ALT-PU-2022-6395-1

Package php7-opcache updated to version 7.4.32-alt1.2 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-09-28
Modified: 2024-11-21

CVE-2022-31628

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2022-09-28
Modified: 2025-11-04

CVE-2022-31629

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
References:

ALT-PU-2022-6396-1

Package php7-xmlrpc updated to version 7.4.32-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-09-28
Modified: 2024-11-21

CVE-2022-31628

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2022-09-28
Modified: 2025-11-04

CVE-2022-31629

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
References:

ALT-PU-2022-6397-1

Package php7-tidy updated to version 7.4.32-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-09-28
Modified: 2024-11-21

CVE-2022-31628

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2022-09-28
Modified: 2025-11-04

CVE-2022-31629

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
References:

ALT-PU-2022-6398-1

Package eepm updated to version 3.27.1-alt1 for branch sisyphus_e2k.

Closed bugs

Bug #43751

WPS Office создаёт лишний раздел в меню

Bug #43760

epm play chromium-gost: иконка Chromium в меню приложений

ALT-PU-2022-6399-1

Package installer-alterator-pkg updated to version 3.0.3-alt1 for branch sisyphus_e2k.

Closed bugs

Bug #43831

installer-alterator-pkg: установка по HTTP с нераспакованного образа

ALT-PU-2022-6400-1

Package s3cmd updated to version 2.3.0-alt1 for branch sisyphus_e2k.

Closed bugs

Bug #43928

Необходимо обновить пакет s3cmd

VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.2
Back to top