ALT-BU-2023-3992-1
Branch sisyphus_riscv64 update bulletin.
Package appinstall updated to version 1.4.2-alt1 for branch sisyphus_riscv64.
Closed bugs
Долго запускается на системах с KDE
Package qt6-base updated to version 6.4.2-alt3 for branch sisyphus_riscv64.
Closed bugs
qt6-base: ошибка сборки на архитектуре LoongArch
Package qt6-3d updated to version 6.4.2-alt2 for branch sisyphus_riscv64.
Closed bugs
qt6-3d: ошибка сборки с GCC 13
Package yajl updated to version 2.1.0-alt3 for branch sisyphus_riscv64.
Closed vulnerabilities
Modified: 2025-01-08
CVE-2023-33460
There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse function. which will cause out-of-memory in server and cause crash.
- https://github.com/lloyd/yajl/issues/250
- https://lists.debian.org/debian-lts-announce/2023/07/msg00000.html
- https://lists.debian.org/debian-lts-announce/2023/07/msg00013.html
- https://lists.debian.org/debian-lts-announce/2023/08/msg00003.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBUUHG27RM4ROEYKMVRROR27AX6R63MB/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KLE3C4CECEJ4EUYI56KXI6OWACWXX7WN/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YO32YDJ74DADC7CMJNLSLBVWN5EXGF5J/
- https://github.com/lloyd/yajl/issues/250
- https://lists.debian.org/debian-lts-announce/2023/07/msg00000.html
- https://lists.debian.org/debian-lts-announce/2023/07/msg00013.html
- https://lists.debian.org/debian-lts-announce/2023/08/msg00003.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBUUHG27RM4ROEYKMVRROR27AX6R63MB/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KLE3C4CECEJ4EUYI56KXI6OWACWXX7WN/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YO32YDJ74DADC7CMJNLSLBVWN5EXGF5J/
Package tcpdump updated to version 4.99.4-alt1 for branch sisyphus_riscv64.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2018-16301
The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump.
Modified: 2024-11-21
CVE-2020-8037
The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.
- http://seclists.org/fulldisclosure/2021/Apr/51
- https://github.com/the-tcpdump-group/tcpdump/commit/32027e199368dad9508965aae8cd8de5b6ab5231
- https://lists.debian.org/debian-lts-announce/2020/11/msg00018.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2MX34MJIUJQGL6CMEPLTKFOOOC3CJ4Z/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWDBONZVLC6BAOR2KM376DJCM4H3FERV/
- https://support.apple.com/kb/HT212325
- https://support.apple.com/kb/HT212326
- https://support.apple.com/kb/HT212327
- http://seclists.org/fulldisclosure/2021/Apr/51
- https://github.com/the-tcpdump-group/tcpdump/commit/32027e199368dad9508965aae8cd8de5b6ab5231
- https://lists.debian.org/debian-lts-announce/2020/11/msg00018.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2MX34MJIUJQGL6CMEPLTKFOOOC3CJ4Z/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWDBONZVLC6BAOR2KM376DJCM4H3FERV/
- https://support.apple.com/kb/HT212325
- https://support.apple.com/kb/HT212326
- https://support.apple.com/kb/HT212327
Package timeshift updated to version 23.06.2-alt3 for branch sisyphus_riscv64.
Closed bugs
не работает обзор файлов снимков
На вкладке "Пользователи" отображается только пользователь root
Package brasero updated to version 3.12.3-alt3 for branch sisyphus_riscv64.
Closed bugs
Долгий запуск brasero через терминал выдает ** (brasero:6656): WARNING **: 15:40:46.846: Could not establish a connection to Tracker: Время ожидания истекло (в итоге запускается)