ALT-BU-2023-2335-1
Branch sisyphus_e2k update bulletin.
Package ipmitool updated to version 1.8.19-alt1 for branch sisyphus_e2k.
Closed vulnerabilities
BDU:2020-03947
Уязвимость реализации функций read_fru_area(), read_fru_area_section(), ipmi_spd_print_fru(), ipmi_get_session_info(), ipmi_get_channel_cipher_suites() и get_lan_param_select() утилиты для управления и настройки устройств с поддержкой IPMI ipmitool, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
BDU:2020-04640
Уязвимость функции read_fru_area_section (lib/ipmi_fru.c) утилиты для управления и настройки устройств с поддержкой IPMI ipmitool, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-21
CVE-2020-5208
It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. This is especially dangerous if ipmitool is run as a privileged user. This problem is fixed in version 1.8.19.
- openSUSE-SU-2020:0247
- openSUSE-SU-2020:0247
- https://github.com/ipmitool/ipmitool/commit/e824c23316ae50beb7f7488f2055ac65e8b341f2
- https://github.com/ipmitool/ipmitool/commit/e824c23316ae50beb7f7488f2055ac65e8b341f2
- https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp
- https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp
- [debian-lts-announce] 20200209 [SECURITY] [DLA 2098-1] ipmitool security update
- [debian-lts-announce] 20200209 [SECURITY] [DLA 2098-1] ipmitool security update
- [debian-lts-announce] 20210630 [SECURITY] [DLA 2699-1] ipmitool security update
- [debian-lts-announce] 20210630 [SECURITY] [DLA 2699-1] ipmitool security update
- FEDORA-2020-eb0cf4d268
- FEDORA-2020-eb0cf4d268
- FEDORA-2020-92cc67ff5a
- FEDORA-2020-92cc67ff5a
- GLSA-202101-03
- GLSA-202101-03
Package vim updated to version 9.0.1238-alt1 for branch sisyphus_e2k.
Closed vulnerabilities
BDU:2023-00387
Уязвимость компонента src/normal.c текстового редактора Vim, позволяющая нарушителю выполнить произвольный код
BDU:2023-00451
Уязвимость функций same_leader() и utfc_ptr2len() текстового редактора Vim, позволяющая нарушителю выполнить произвольный код в целевой системе
Modified: 2024-11-21
CVE-2023-0288
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1189.
- 20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3
- 20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3
- https://github.com/vim/vim/commit/232bdaaca98c34a99ffadf27bf6ee08be6cc8f6a
- https://github.com/vim/vim/commit/232bdaaca98c34a99ffadf27bf6ee08be6cc8f6a
- https://huntr.dev/bounties/550a0852-9be0-4abe-906c-f803b34e41d3
- https://huntr.dev/bounties/550a0852-9be0-4abe-906c-f803b34e41d3
- FEDORA-2023-340f1d6ab9
- FEDORA-2023-340f1d6ab9
- https://support.apple.com/kb/HT213670
- https://support.apple.com/kb/HT213670
Modified: 2024-11-21
CVE-2023-0433
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225.
- 20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3
- 20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3
- 20230327 APPLE-SA-2023-03-27-4 macOS Monterey 12.6.4
- 20230327 APPLE-SA-2023-03-27-4 macOS Monterey 12.6.4
- 20230327 APPLE-SA-2023-03-27-5 macOS Big Sur 11.7.5
- 20230327 APPLE-SA-2023-03-27-5 macOS Big Sur 11.7.5
- https://github.com/vim/vim/commit/11977f917506d950b7e0cae558bd9189260b253b
- https://github.com/vim/vim/commit/11977f917506d950b7e0cae558bd9189260b253b
- https://huntr.dev/bounties/ae933869-a1ec-402a-bbea-d51764c6618e
- https://huntr.dev/bounties/ae933869-a1ec-402a-bbea-d51764c6618e
- FEDORA-2023-93fb5b08eb
- FEDORA-2023-93fb5b08eb
- FEDORA-2023-2db4df65c3
- FEDORA-2023-2db4df65c3
- https://support.apple.com/kb/HT213670
- https://support.apple.com/kb/HT213670
- https://support.apple.com/kb/HT213675
- https://support.apple.com/kb/HT213675
- https://support.apple.com/kb/HT213677
- https://support.apple.com/kb/HT213677