ALT-BU-2023-2595-1
Branch p10 update bulletin.
Package pkcs11-profiles updated to version 0.1.13-alt2 for branch p10 in task 314429.
Closed bugs
После применении профиля pkcs11-profiles-jacarta нельзя добавить опцию slot_num
После применении профиля pkcs11-profiles-p11-kit-proxy нельзя добавить опцию slot_num
Package kernel-image-std-def updated to version 5.10.168-alt1 for branch p10 in task 315301.
Closed vulnerabilities
BDU:2023-01205
Уязвимость функции rds_rm_zerocopy_callback() в модуле net/rds/message.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2023-1078
A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user can trigger this with rds_message_put(). Type confusion leads to `struct rds_msg_zcopy_info *info` actually points to something else that is potentially controlled by local user. It is known how to trigger this, which causes an out of bounds access, and a lock corruption.
- [oss-security] 20231105 CVE-2023-1078: Linux: rds_rm_zerocopy_callback() bugs
- [oss-security] 20231105 CVE-2023-1078: Linux: rds_rm_zerocopy_callback() bugs
- https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=f753a68980cf4b59a80fe677619da2b1804f526d
- https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=f753a68980cf4b59a80fe677619da2b1804f526d
- [debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update
- [debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update
- [debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update
- [debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update
- https://security.netapp.com/advisory/ntap-20230505-0004/
- https://security.netapp.com/advisory/ntap-20230505-0004/
Package openuds-server updated to version 3.5.0-alt6 for branch p10 in task 314886.
Closed bugs
Не работает подключение по протоколу SPICE
Closed vulnerabilities
BDU:2023-02263
Уязвимость интерпретатора языка программирования PHP, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2023-02264
Уязвимость интерпретатора языка программирования PHP, позволяющая нарушителю получить доступ к конфиденциальным данным и нарушить их целостность
Modified: 2024-11-21
CVE-2023-0567
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid.
Modified: 2025-02-13
CVE-2023-0568
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value, which might lead to unauthorized data access or modification.
Modified: 2025-02-13
CVE-2023-0662
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space.