ALT-BU-2023-3971-1
Branch sisyphus_mipsel update bulletin.
Package tcpdump updated to version 4.99.4-alt1 for branch sisyphus_mipsel.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2018-16301
The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump.
Modified: 2024-11-21
CVE-2020-8037
The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.
- 20210427 APPLE-SA-2021-04-26-3 Security Update 2021-002 Catalina
- 20210427 APPLE-SA-2021-04-26-3 Security Update 2021-002 Catalina
- https://github.com/the-tcpdump-group/tcpdump/commit/32027e199368dad9508965aae8cd8de5b6ab5231
- https://github.com/the-tcpdump-group/tcpdump/commit/32027e199368dad9508965aae8cd8de5b6ab5231
- [debian-lts-announce] 20201110 [SECURITY] [DLA 2444-1] tcpdump security update
- [debian-lts-announce] 20201110 [SECURITY] [DLA 2444-1] tcpdump security update
- FEDORA-2020-c5e78886d6
- FEDORA-2020-c5e78886d6
- FEDORA-2020-fae2e1f2bc
- FEDORA-2020-fae2e1f2bc
- https://support.apple.com/kb/HT212325
- https://support.apple.com/kb/HT212325
- https://support.apple.com/kb/HT212326
- https://support.apple.com/kb/HT212326
- https://support.apple.com/kb/HT212327
- https://support.apple.com/kb/HT212327
Package ruby updated to version 3.1.2-alt2.1 for branch sisyphus_mipsel.
Closed bugs
ruby: сборочная зависимость от самой себя
Package timeshift updated to version 23.06.2-alt3 for branch sisyphus_mipsel.
Closed bugs
не работает обзор файлов снимков
Package brasero updated to version 3.12.3-alt3 for branch sisyphus_mipsel.
Closed bugs
Долгий запуск brasero через терминал выдает ** (brasero:6656): WARNING **: 15:40:46.846: Could not establish a connection to Tracker: Время ожидания истекло (в итоге запускается)
Package gem-git updated to version 1.18.0-alt1 for branch sisyphus_mipsel.
Closed vulnerabilities
Modified: 2025-04-04
CVE-2022-46648
ruby-git versions prior to v1.13.0 allows a remote authenticated attacker to execute an arbitrary ruby code by having a user to load a repository containing a specially crafted filename to the product. This vulnerability is different from CVE-2022-47318.
- https://github.com/ruby-git/ruby-git
- https://github.com/ruby-git/ruby-git
- https://github.com/ruby-git/ruby-git/pull/602
- https://github.com/ruby-git/ruby-git/pull/602
- https://jvn.jp/en/jp/JVN16765254/index.html
- https://jvn.jp/en/jp/JVN16765254/index.html
- [debian-lts-announce] 20230130 [SECURITY] [DLA 3303-1] ruby-git security update
- [debian-lts-announce] 20230130 [SECURITY] [DLA 3303-1] ruby-git security update
Modified: 2025-04-04
CVE-2022-47318
ruby-git versions prior to v1.13.0 allows a remote authenticated attacker to execute an arbitrary ruby code by having a user to load a repository containing a specially crafted filename to the product. This vulnerability is different from CVE-2022-46648.
- https://github.com/ruby-git/ruby-git
- https://github.com/ruby-git/ruby-git
- https://github.com/ruby-git/ruby-git/pull/602
- https://github.com/ruby-git/ruby-git/pull/602
- https://jvn.jp/en/jp/JVN16765254/index.html
- https://jvn.jp/en/jp/JVN16765254/index.html
- [debian-lts-announce] 20230130 [SECURITY] [DLA 3303-1] ruby-git security update
- [debian-lts-announce] 20230130 [SECURITY] [DLA 3303-1] ruby-git security update
- FEDORA-2023-e3985c2b3b
- FEDORA-2023-e3985c2b3b
Package bind updated to version 9.16.42-alt1 for branch sisyphus_mipsel.
Closed vulnerabilities
BDU:2023-03436
Уязвимость сервера DNS BIND, связанная с переполнением буфера в стеке при работе BIND в качестве «резолвера», позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2023-2828
Every `named` instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the `max-cache-size` statement in the configuration file; it defaults to 90% of the total amount of memory available on the host. When the size of the cache reaches 7/8 of the configured limit, a cache-cleaning algorithm starts to remove expired and/or least-recently used RRsets from the cache, to keep memory use below the configured limit. It has been discovered that the effectiveness of the cache-cleaning algorithm used in `named` can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured `max-cache-size` limit to be significantly exceeded. This issue affects BIND 9 versions 9.11.0 through 9.16.41, 9.18.0 through 9.18.15, 9.19.0 through 9.19.13, 9.11.3-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1.
- http://www.openwall.com/lists/oss-security/2023/06/21/6
- CVE-2023-2828
- https://lists.debian.org/debian-lts-announce/2023/07/msg00021.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3K6AJK7RRSR53HRF5GGKPA6PDUDWOD2/
- https://security.netapp.com/advisory/ntap-20230703-0010/
- https://www.debian.org/security/2023/dsa-5439
- http://www.openwall.com/lists/oss-security/2023/06/21/6
- https://www.debian.org/security/2023/dsa-5439
- https://security.netapp.com/advisory/ntap-20230703-0010/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3K6AJK7RRSR53HRF5GGKPA6PDUDWOD2/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI/
- https://lists.debian.org/debian-lts-announce/2023/07/msg00021.html
- CVE-2023-2828
Modified: 2024-11-21
CVE-2023-2911
If the `recursive-clients` quota is reached on a BIND 9 resolver configured with both `stale-answer-enable yes;` and `stale-answer-client-timeout 0;`, a sequence of serve-stale-related lookups could cause `named` to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9 versions 9.16.33 through 9.16.41, 9.18.7 through 9.18.15, 9.16.33-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1.
- http://www.openwall.com/lists/oss-security/2023/06/21/6
- CVE-2023-2911
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3K6AJK7RRSR53HRF5GGKPA6PDUDWOD2/
- https://security.netapp.com/advisory/ntap-20230703-0010/
- https://www.debian.org/security/2023/dsa-5439
- http://www.openwall.com/lists/oss-security/2023/06/21/6
- https://www.debian.org/security/2023/dsa-5439
- https://security.netapp.com/advisory/ntap-20230703-0010/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3K6AJK7RRSR53HRF5GGKPA6PDUDWOD2/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI/
- CVE-2023-2911
Package sysstat updated to version 12.7.4-alt1 for branch sisyphus_mipsel.
Closed vulnerabilities
Modified: 2025-01-22
CVE-2023-33204
sysstat through 12.7.2 allows a multiplication integer overflow in check_overflow in common.c. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377.
- https://github.com/sysstat/sysstat/pull/360
- https://github.com/sysstat/sysstat/pull/360
- [debian-lts-announce] 20230527 [SECURITY] [DLA 3434-1] sysstat security update
- [debian-lts-announce] 20230527 [SECURITY] [DLA 3434-1] sysstat security update
- FEDORA-2023-4706cef256
- FEDORA-2023-4706cef256
- FEDORA-2023-ac947ec260
- FEDORA-2023-ac947ec260
Package cinnamon-menus updated to version 5.8.0-alt1 for branch sisyphus_mipsel.
Closed bugs
В описании пакета cinnamon-menus указано, что его не должно быть в репозитории