BDU:2023-02653

Уязвимость системы балансировки сетевого трафика Keepalived, связанная с недостатками разграничения доступа, позволяющая нарушителю получить доступ к конфиденциальным данным и нарушить их целостность

Severity: MEDIUM (5.4) Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

References:

CVE-2021-44225

Published: 2021-11-26
Modified: 2024-11-21

CVE-2021-44225

In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to inspect and manipulate any property. This leads to access-control bypass in some situations in which an unrelated D-Bus system service has a settable (writable) property

Severity: MEDIUM (5.4) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

References:

Package vim updated to version 9.0.0984-alt1 for branch sisyphus_riscv64.

Published: 2022-11-25
Modified: 2024-11-21

CVE-2022-4141

Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References:

Published: 2022-12-05
Modified: 2024-11-21

CVE-2022-4292

Use After Free in GitHub repository vim/vim prior to 9.0.0882.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References:

Package hasher updated to version 1.6.1-alt1 for branch sisyphus_riscv64.

Не работает опция --no-query-repackage

Package systemd updated to version 251.8-alt2 for branch sisyphus_riscv64.

control libnss-role status не работает

Version: 2.1.1

Branch sisyphus_riscv64 update on 2022-12-02

ALT-BU-2022-7297-1

ALT-PU-2022-7293-1

Closed vulnerabilities

BDU:2023-02653

CVE-2021-44225

ALT-PU-2022-7294-1

Closed vulnerabilities

CVE-2022-4141

CVE-2022-4292

ALT-PU-2022-7295-1

Closed bugs

Bug #44511

ALT-PU-2022-7296-1

Closed bugs

Bug #44505