ALT Linux Team

Branch sisyphus_e2k update on 2023-01-11

2023-01-11

ALT-BU-2023-2169-1

Branch sisyphus_e2k update bulletin.

ALT-PU-2023-2165-1

Package php8.1 updated to version 8.1.14-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2025-02-13
Modified: 2025-02-13

CVE-2022-31631

In PHP versions 8.0.* before 8.0.27, 8.1.* before 8.1.15, 8.2.* before 8.2.2 when using PDO::quote() function to quote user-supplied data for SQLite, supplying an overly long string may cause the driver to incorrectly quote the data, which may further lead to SQL injection vulnerabilities.

References:

ALT-PU-2023-2166-1

Package osec updated to version 1.3.1-alt3 for branch sisyphus_e2k.

Closed bugs

Bug #44842

Изменить таймер запуска задания

ALT-PU-2023-2167-1

Package gtg updated to version 0.6-alt3 for branch sisyphus_e2k.

Closed bugs

Bug #44809

Ошибки при включении модуля Hamster Time Tracker Integration

ALT-PU-2023-2168-1

Package vim updated to version 9.0.1174-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2023-01-05

BDU:2023-00068

Уязвимость функции build_stl_str_hl() (buffer.c) текстового редактора Vim, позволяющая нарушителю выполнить произвольный код

Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2023-01-05

BDU:2023-00069

Уязвимость функции msg_puts_printf() (message.c) текстового редактора Vim, позволяющая нарушителю выполнить произвольный код в целевой системе

Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2023-01-05

BDU:2023-00070

Уязвимость функции do_string_sub() (eval.c) текстового редактора Vim, позволяющая нарушителю выполнить произвольный код

Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2023-01-04
Modified: 2025-01-17

CVE-2023-0049

Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2023-01-04
Modified: 2024-11-21

CVE-2023-0051

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1144.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2023-01-04
Modified: 2024-11-21

CVE-2023-0054

Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1145.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top