ALT Linux Team

Branch sisyphus_e2k update on 2023-08-31

2023-08-31

ALT-BU-2023-5295-1

Branch sisyphus_e2k update bulletin.

ALT-PU-2023-5254-1

Package libfreetype updated to version 2.13.1-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-03-19

BDU:2022-06905

Уязвимость функции FT_Request_Size библиотеки FreeType, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2022-03-17

BDU:2022-06908

Уязвимость функции sfnt_init_face библиотеки FreeType, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-18

BDU:2022-06917

Уязвимость функции FNT_Size_Request библиотеки FreeType, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2022-04-22
Modified: 2024-11-21

CVE-2022-27404

FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face.

Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-04-22
Modified: 2024-11-21

CVE-2022-27405

FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2022-04-22
Modified: 2024-11-21

CVE-2022-27406

FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:

ALT-PU-2023-5255-1

Package qt5-declarative updated to version 5.15.10-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2023-5256-1

Package qt5-xmlpatterns updated to version 5.15.10-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2023-5257-1

Package qt5-websockets updated to version 5.15.10-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2023-5258-1

Package qt5-multimedia updated to version 5.15.10-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2023-5259-1

Package qt5-serialport updated to version 5.15.10-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2023-5260-1

Package qt5-location updated to version 5.15.10-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

Closed bugs

Bug #46360

qt5-location: ошибка сборки с GCC 13

ALT-PU-2023-5261-1

Package qt5-webglplugin updated to version 5.15.10-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2023-5262-1

Package qt5-sensors updated to version 5.15.10-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2023-5263-1

Package qt5-webchannel updated to version 5.15.10-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2023-5264-1

Package qt5-quickcontrols updated to version 5.15.10-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2023-5265-1

Package qt5-x11extras updated to version 5.15.10-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2023-5266-1

Package qt5-svg updated to version 5.15.10-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2023-5267-1

Package qt5-imageformats updated to version 5.15.10-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2023-5268-1

Package qt5-quickcontrols2 updated to version 5.15.10-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2023-5269-1

Package qt5-quicktimeline updated to version 5.15.10-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2023-5270-1

Package qt5-serialbus updated to version 5.15.10-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2023-5271-1

Package qt5-connectivity updated to version 5.15.10-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2023-5272-1

Package qt5-graphicaleffects updated to version 5.15.10-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2023-5273-1

Package qt5-translations updated to version 5.15.10-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2023-5274-1

Package qt5-doc updated to version 5.15.10-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2023-5275-1

Package qt5-wayland updated to version 5.15.10-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2023-5276-1

Package qt5-3d updated to version 5.15.10-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2023-5277-1

Package qt5-scxml updated to version 5.15.10-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2023-5278-1

Package qt5-virtualkeyboard updated to version 5.15.10-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2023-5279-1

Package qt5-charts updated to version 5.15.10-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2023-5280-1

Package qt5-speech updated to version 5.15.10-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2023-5281-1

Package qt5-datavis3d updated to version 5.15.10-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2023-5282-1

Package qt5-gamepad updated to version 5.15.10-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2023-5283-1

Package qt5-networkauth updated to version 5.15.10-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2023-5284-1

Package qt5-remoteobjects updated to version 5.15.10-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2023-5285-1

Package qt5-tools updated to version 5.15.10-alt2 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

Closed bugs

Bug #47087

Не работает просмотр кода C++ / Python в qt5-designer

ALT-PU-2023-5286-1

Package qt5-base updated to version 5.15.10-alt1.E2K.1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

Closed bugs

Bug #46358

qt5-base: ошибки сборки на архитектуре LoongArch

ALT-PU-2023-5287-1

Package qt5-webkit updated to version 5.212.0-alt25.1 for branch sisyphus_e2k.

Closed bugs

Bug #46582

qt5-webkit: ошибка сборки на архитектуре LoongArch

ALT-PU-2023-5288-1

Package qt5-script updated to version 5.15.10-alt1.E2K.1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2022-02-16

BDU:2022-00893

Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
Published: 2022-02-16
Modified: 2024-11-21

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-02
Modified: 2024-11-21

CVE-2022-25634

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

Closed bugs

Bug #46803

qt5-script: ошибка сборки на LoongArch

ALT-PU-2023-5289-1

Package gmp updated to version 6.3.0-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2021-09-15

BDU:2022-05776

Уязвимость компонента mpz/inp_raw.c библиотеки арифметических операций GMP на 32-разрядных платформах, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2021-11-15
Modified: 2024-11-21

CVE-2021-43618

GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:

ALT-PU-2023-5290-1

Package imlib2 updated to version 1.12.0-alt2 for branch sisyphus_e2k.

Closed bugs

Bug #47331

icewmbg segfault при запуске на i586

Bug #47376

После обновления imlib2 до 1.12.0-alt1 на i586 icewm падает с segfault

ALT-PU-2023-5292-1

Package zynaddsubfx updated to version 3.0.6-alt4 for branch sisyphus_e2k.

Closed bugs

Bug #47068

zynaddsubfx LV2: чёрное окно вместо GUI

ALT-PU-2023-5293-1

Package python3-module-typogrify updated to version 2.0.7-alt3 for branch sisyphus_e2k.

Closed bugs

Bug #47400

python3-module-typogrify приобретает зависимость при пересборке

ALT-PU-2023-5294-1

Package rpm-macros-branding updated to version 1.0.8-alt1 for branch sisyphus_e2k.

Closed bugs

Bug #47384

Добавить etersoft-ximper в список.

VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top