Уязвимость криптографической хэш-функции SHA-3 программного пакета eXtended Keccak Code Package (XKCP), позволяющая нарушителю выполнить произвольный код

The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.

Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network namespace, which in many system configurations means any user on the same machine. Pickles can execute arbitrary code. Thus, this allows for local user privilege escalation to the user that any forkserver process is running as. Setting multiprocessing.util.abstract_sockets_supported to False is a workaround. The forkserver start method for multiprocessing is not the default start method. This issue is Linux specific because only Linux supports abstract namespace sockets. CPython before 3.9 does not make use of Linux abstract namespace sockets by default. Support for users manually specifying an abstract namespace socket was added as a bugfix in 3.7.8 and 3.8.3, but users would need to make specific uncommon API calls in order to do that in CPython before 3.9.

An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.

The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.

The GitHub Security Lab discovered sixteen ways to exploit a cross-site scripting vulnerability in nbconvert. When using nbconvert to generate an HTML version of a user-controllable notebook, it is possible to inject arbitrary HTML which may lead to cross-site scripting (XSS) vulnerabilities if these HTML notebooks are served by a web server (eg: nbviewer).

Уязвимость компонента netCDF библиотеки-транслятора для геопространственных данных GDAL, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

netCDF in GDAL 2.4.2 through 3.0.4 has a stack-based buffer overflow in nc4_get_att (called from nc4_get_att_tc and nc_get_att_text) and in uffd_cleanup (called from netCDFDataset::~netCDFDataset and netCDFDataset::~netCDFDataset).

разучился возвращать звук на вернувшееся устройство

Уязвимость текстового редактора vim, связанная с ошибкой деления на ноль, позволяющая нарушителю выполнить произвольный код

Уязвимость функции class_object_index() (vim9class.c) текстового редактора Vim, позволяющая нарушителю вызвать отказ в обслуживании

Divide By Zero in GitHub repository vim/vim prior to 9.0.1367.

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376.

Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378.

NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1392.

NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1402.

Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 9.0.1499.

NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531.

Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532.

aptitude показывает только первую строчку в описании

apt: ошибка сборки с GCC 13

packagekit fails to show the description of a package if it is translated

URL пакета устарел

Нарушение GPL в libtiff, слинкованном с libjbig

Уязвимость библиотеки среды выполнения Java Protocol Buffers protobuf-java, связанная с недостаточной проверкой входных данных, позволяющая нарушителю вызвать отказ в обслуживании

An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause frequent, repeated pauses. We recommend upgrading libraries beyond the vulnerable versions.

A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.

Уязвимость библиотеки для работы с изображениями Pillow, связанная с ошибкой управления ресурсами, позволяющая нарушителю выполнить атаку типа «отказ в обслуживании»

Уязвимость библиотеки для работы с изображениями Pillow, связанная с неконтролируемым потреблением ресурсов, позволяющая нарушителю выполнить атаку типа «отказ в обслуживании»

Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification).

Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL.

Уязвимость системы управления базами данных PostgreSQL, связанная с раскрытием информации, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

Уязвимость компонента Schema Handler системы управления базами данных PostgreSQL, позволяющая нарушителю обойти ограничения безопасности

Уязвимость системы управления базами данных PostgreSQL, связанная с недостатками разграничения доступа, позволяющая нарушителю повысить свои привилегии и выполнить произвольный код

In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes.

schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code.

Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications. This affects only databases that have used CREATE POLICY to define a row security policy.

Невозможно инициализировать кластер с локалью отличной от текущей системной

Неработающий пример в комментариях файла postgresql.service