ALT-BU-2022-6737-1
Branch sisyphus_riscv64 update bulletin.
Package make-initrd updated to version 2.31.0-alt2 for branch sisyphus_riscv64.
Closed bugs
не работает DNS при загрузке по сети
Не работает поддержка /etc/crypttab в luks
Package autofs updated to version 5.1.8-alt5 for branch sisyphus_riscv64.
Closed bugs
autofs-ldap: при установке ломаются права на /etc/autofs_ldap_auth.conf
Package arj updated to version 3.10.22-alt8 for branch sisyphus_riscv64.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2015-0556
Open-source ARJ archiver 3.10.22 allows remote attackers to conduct directory traversal attacks via a symlink attack in an ARJ archive.
- FEDORA-2015-5603
- FEDORA-2015-5603
- FEDORA-2015-5546
- FEDORA-2015-5546
- FEDORA-2015-5524
- FEDORA-2015-5524
- DSA-3213
- DSA-3213
- MDVSA-2015:201
- MDVSA-2015:201
- [oss-security] 20150103 CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash
- [oss-security] 20150103 CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash
- [oss-security] 20150105 Re: CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash
- [oss-security] 20150105 Re: CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash
- 71860
- 71860
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774434
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774434
- GLSA-201612-15
- GLSA-201612-15
Modified: 2024-11-21
CVE-2015-0557
Open-source ARJ archiver 3.10.22 does not properly remove leading slashes from paths, which allows remote attackers to conduct absolute path traversal attacks and write to arbitrary files via multiple leading slashes in a path in an ARJ archive.
- FEDORA-2015-5603
- FEDORA-2015-5603
- FEDORA-2015-5546
- FEDORA-2015-5546
- FEDORA-2015-5524
- FEDORA-2015-5524
- DSA-3213
- DSA-3213
- MDVSA-2015:201
- MDVSA-2015:201
- [oss-security] 20150103 CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash
- [oss-security] 20150103 CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash
- [oss-security] 20150105 Re: CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash
- [oss-security] 20150105 Re: CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash
- 71895
- 71895
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774435
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774435
- GLSA-201612-15
- GLSA-201612-15
Modified: 2024-11-21
CVE-2015-2782
Buffer overflow in Open-source ARJ archiver 3.10.22 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ARJ archive.
- FEDORA-2015-5603
- FEDORA-2015-5603
- FEDORA-2015-5546
- FEDORA-2015-5546
- FEDORA-2015-5524
- FEDORA-2015-5524
- DSA-3213
- DSA-3213
- MDVSA-2015:201
- MDVSA-2015:201
- [oss-security] 20150328 CVE Request: arj: free on invalid pointer due to to buffer overflow
- [oss-security] 20150328 CVE Request: arj: free on invalid pointer due to to buffer overflow
- [oss-security] 20150329 Re: CVE Request: arj: free on invalid pointer due to to buffer overflow
- [oss-security] 20150329 Re: CVE Request: arj: free on invalid pointer due to to buffer overflow
- 73413
- 73413
- GLSA-201612-15
- GLSA-201612-15