ALT-BU-2023-7490-1
Branch sisyphus_riscv64 update bulletin.
Package libtar updated to version 1.2.20-alt3.git.6d0ab4c for branch sisyphus_riscv64.
Closed vulnerabilities
Modified: 2025-04-02
CVE-2021-33643
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read.
- FEDORA-2022-88772d0a2d
- FEDORA-2022-88772d0a2d
- FEDORA-2022-fe1a4e3cf0
- FEDORA-2022-fe1a4e3cf0
- FEDORA-2022-44a20bba43
- FEDORA-2022-44a20bba43
- FEDORA-2022-ccc68b06cc
- FEDORA-2022-ccc68b06cc
- FEDORA-2022-50e8a1b51d
- FEDORA-2022-50e8a1b51d
- https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1807
- https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1807
Modified: 2025-04-02
CVE-2021-33644
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read.
- FEDORA-2022-88772d0a2d
- FEDORA-2022-88772d0a2d
- FEDORA-2022-fe1a4e3cf0
- FEDORA-2022-fe1a4e3cf0
- FEDORA-2022-44a20bba43
- FEDORA-2022-44a20bba43
- FEDORA-2022-ccc68b06cc
- FEDORA-2022-ccc68b06cc
- FEDORA-2022-50e8a1b51d
- FEDORA-2022-50e8a1b51d
- https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1807
- https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1807
Modified: 2025-04-02
CVE-2021-33645
The th_read() function doesn’t free a variable t->th_buf.gnu_longlink after allocating memory, which may cause a memory leak.
- FEDORA-2022-88772d0a2d
- FEDORA-2022-88772d0a2d
- FEDORA-2022-fe1a4e3cf0
- FEDORA-2022-fe1a4e3cf0
- FEDORA-2022-44a20bba43
- FEDORA-2022-44a20bba43
- FEDORA-2022-ccc68b06cc
- FEDORA-2022-ccc68b06cc
- FEDORA-2022-50e8a1b51d
- FEDORA-2022-50e8a1b51d
- https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1807
- https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1807
Modified: 2025-04-02
CVE-2021-33646
The th_read() function doesn’t free a variable t->th_buf.gnu_longname after allocating memory, which may cause a memory leak.
- FEDORA-2022-88772d0a2d
- FEDORA-2022-88772d0a2d
- FEDORA-2022-fe1a4e3cf0
- FEDORA-2022-fe1a4e3cf0
- FEDORA-2022-44a20bba43
- FEDORA-2022-44a20bba43
- FEDORA-2022-ccc68b06cc
- FEDORA-2022-ccc68b06cc
- FEDORA-2022-50e8a1b51d
- FEDORA-2022-50e8a1b51d
- https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1807
- https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1807
Package propagator updated to version 20231121-alt1 for branch sisyphus_riscv64.
Closed bugs
50-udev-default.rules no effect при загрузке с propagator
Package ImageMagick updated to version 7.1.1.21-alt1 for branch sisyphus_riscv64.
Closed vulnerabilities
BDU:2023-06874
Уязвимость компонента coders/tiff.c консольного графического редактора ImageMagick, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2023-3428
A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. This issue may allow a local attacker to trick the user into opening a specially crafted file, resulting in an application crash and denial of service.
Package atop updated to version 2.9.0-alt2 for branch sisyphus_riscv64.
Closed bugs
Несовпадающие версии при использовании команд atop -V и rpm -q atop