Branch sisyphus update bulletin.

Package whatsapp-for-linux updated to version 1.6.2-alt1 for branch sisyphus in task 318210.

Зависание при открытии чата с переданным видео

Package ctags updated to version 5.8-alt6 for branch sisyphus in task 318241.

Published: 2022-12-20
Modified: 2025-04-14

CVE-2022-4515

A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags() in sort.c calls the system(3) function in an unsafe way.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References:

[debian-lts-announce] 20221231 [SECURITY] [DLA 3254-1] exuberant-ctags security update
[debian-lts-announce] 20221231 [SECURITY] [DLA 3254-1] exuberant-ctags security update
https://sourceforge.net/p/ctags/code/HEAD/tree/tags/ctags-5.8/sort.c#l56
https://sourceforge.net/p/ctags/code/HEAD/tree/tags/ctags-5.8/sort.c#l56

Version: 2.1.1

Branch sisyphus update on 2023-04-09

ALT-BU-2023-3143-1

ALT-PU-2023-1593-1

Closed bugs

Bug #43906

ALT-PU-2023-1594-1

Closed vulnerabilities

CVE-2022-4515