2023-02-21
ALT-BU-2023-2663-1
Branch sisyphus_riscv64 update bulletin.
Package epiphany updated to version 43.1-alt1 for branch sisyphus_riscv64.
Closed vulnerabilities
Published: 2023-02-19
BDU:2023-01753
Уязвимость веб-браузера Epiphany, связанная с недостатками контроля доступа, позволяющая нарушителю раскрыть защищаемую информацию
Severity: HIGH (7.5)
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity: HIGH (7.8)
Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N
References:
Published: 2023-02-20
Modified: 2025-03-18
Modified: 2025-03-18
CVE-2023-26081
In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts.
Severity: HIGH (7.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:
- https://github.com/google/security-research/security/advisories/GHSA-mhhf-w9xw-pp9x
- https://gitlab.gnome.org/GNOME/epiphany/-/merge_requests/1275
- https://lists.debian.org/debian-lts-announce/2023/05/msg00015.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFWUNG6E4ZT43EYNHKYXS7QVSO2VW2H2/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SADQCSQKTJKTTIJMEPY7GII6IVQSKEKV/
- https://github.com/google/security-research/security/advisories/GHSA-mhhf-w9xw-pp9x
- https://gitlab.gnome.org/GNOME/epiphany/-/merge_requests/1275
- https://lists.debian.org/debian-lts-announce/2023/05/msg00015.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFWUNG6E4ZT43EYNHKYXS7QVSO2VW2H2/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SADQCSQKTJKTTIJMEPY7GII6IVQSKEKV/
Package python3-module-Reportlab updated to version 3.6.12-alt1 for branch sisyphus_riscv64.
Closed bugs
Обновить до 3.6.12
Package clamav-db-main updated to version 20210715-alt1 for branch sisyphus_riscv64.
Closed bugs
17.03.2016 вышло обновление
Обновление антивирусных баз clamav.
Package nfs updated to version 2.6.2-alt2 for branch sisyphus_riscv64.
Closed bugs
rpcctl requires python3