Branch sisyphus_e2k update bulletin.

Package setup updated to version 2.2.19-alt1 for branch sisyphus_e2k.

Обновить protocols, убрать ложный timestamp в файлах protocols и services

Package propagator updated to version 20231121-alt1 for branch sisyphus_e2k.

50-udev-default.rules no effect при загрузке с propagator

Package libtar updated to version 1.2.20-alt3.git.6d0ab4c for branch sisyphus_e2k.

Published: 2022-08-10
Modified: 2025-11-03

CVE-2021-33643

An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read.

Severity: CRITICAL (9.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

References:

Published: 2022-08-10
Modified: 2025-11-03

CVE-2021-33644

An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read.

Severity: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

References:

Published: 2022-08-10
Modified: 2025-11-03

CVE-2021-33645

The th_read() function doesn’t free a variable t->th_buf.gnu_longlink after allocating memory, which may cause a memory leak.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Published: 2022-08-10
Modified: 2025-11-03

CVE-2021-33646

The th_read() function doesn’t free a variable t->th_buf.gnu_longname after allocating memory, which may cause a memory leak.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Package atop updated to version 2.9.0-alt2 for branch sisyphus_e2k.

Несовпадающие версии при использовании команд atop -V и rpm -q atop

Package cert-distro-updater updated to version 1.3-alt6 for branch sisyphus_e2k.

Typo in the updater-after.service unit file

Package audacity updated to version 3.4.2-alt1.1 for branch sisyphus_e2k.

Сломалась сборка audacity

Package alterator-auth updated to version 0.44.7-alt1 for branch sisyphus_e2k.

Отсутствует открывающая кавычка для createcomputer в описании справки (раздел AD)

Package distcc updated to version 3.4-alt10 for branch sisyphus_e2k.

Сборка без distutils

Version: 2.1.2

Branch sisyphus_e2k update on 2023-11-23

ALT-BU-2023-7547-1

ALT-PU-2023-7539-1

Closed bugs

Bug #47357

ALT-PU-2023-7540-1

Closed bugs

Bug #37201

ALT-PU-2023-7541-1

Closed vulnerabilities

CVE-2021-33643

CVE-2021-33644

CVE-2021-33645

CVE-2021-33646

ALT-PU-2023-7542-1

Closed bugs

Bug #48545

ALT-PU-2023-7543-1

Closed bugs

Bug #48553

ALT-PU-2023-7544-1

Closed bugs

Bug #48434

ALT-PU-2023-7545-1

Closed bugs

Bug #48139

ALT-PU-2023-7546-1

Closed bugs

Bug #48232