ALT-BU-2024-1662-1
Branch sisyphus_e2k update bulletin.
Package dblatex updated to version 0.3.12-alt2 for branch sisyphus_e2k.
Closed bugs
dblatex: multiple invalid escape sequences
Package colord updated to version 1.4.7-alt1.1 for branch sisyphus_e2k.
Closed bugs
Не запускается colord.service
Package libebml updated to version 1.4.5-alt1 for branch sisyphus_e2k.
Closed vulnerabilities
Modified: 2025-01-20
CVE-2023-52339
In libebml before 1.4.5, an integer overflow in MemIOCallback.cpp can occur when reading or writing. It may result in buffer overflows.
- https://github.com/Matroska-Org/libebml/blob/v1.x/NEWS.md
- https://github.com/Matroska-Org/libebml/blob/v1.x/NEWS.md
- https://github.com/Matroska-Org/libebml/compare/release-1.4.4...release-1.4.5
- https://github.com/Matroska-Org/libebml/compare/release-1.4.4...release-1.4.5
- https://github.com/Matroska-Org/libebml/issues/147
- https://github.com/Matroska-Org/libebml/issues/147
- https://github.com/Matroska-Org/libebml/pull/148
- https://github.com/Matroska-Org/libebml/pull/148
- https://lists.debian.org/debian-lts-announce/2025/01/msg00016.html
- FEDORA-2024-ab879eeed1
- FEDORA-2024-ab879eeed1
- FEDORA-2024-7261a9f668
- FEDORA-2024-7261a9f668
Package redis updated to version 7.2.4-alt1 for branch sisyphus_e2k.
Closed vulnerabilities
BDU:2024-00349
Уязвимость системы управления базами данных (СУБД) Redis, связанная с целочисленным переполнением, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-21
CVE-2023-41056
Redis is an in-memory database that persists on disk. Redis incorrectly handles resizing of memory buffers which can result in integer overflow that leads to heap overflow and potential remote code execution. This issue has been patched in version 7.0.15 and 7.2.4.
- https://github.com/redis/redis/releases/tag/7.0.15
- https://github.com/redis/redis/releases/tag/7.0.15
- https://github.com/redis/redis/releases/tag/7.2.4
- https://github.com/redis/redis/releases/tag/7.2.4
- https://github.com/redis/redis/security/advisories/GHSA-xr47-pcmx-fq2m
- https://github.com/redis/redis/security/advisories/GHSA-xr47-pcmx-fq2m
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JTGQJ2YLYB24B72I5B5H32YIMPVSWIT/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JTGQJ2YLYB24B72I5B5H32YIMPVSWIT/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JTWHPLC3RI67VNRDOIXLDVNC5YMYBMQN/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JTWHPLC3RI67VNRDOIXLDVNC5YMYBMQN/
- https://security.netapp.com/advisory/ntap-20240223-0003/
- https://security.netapp.com/advisory/ntap-20240223-0003/
Package IMSProg updated to version 1.1.10-alt1 for branch sisyphus_e2k.
Closed bugs
New version: 1.1.4