ALT-BU-2024-2213-2

Branch sisyphus update bulletin.

Package update-kernel updated to version 1.15-alt1 for branch sisyphus in task 340445.

update-kernel -n не скачивает пакеты

Package geeqie updated to version 2.2-alt1.1 for branch sisyphus in task 340476.

Убрать принудительную замену gqview на этот пакет

Package cmake updated to version 3.28.3-alt1 for branch sisyphus in task 340485.

Добавить %_cmakedir

Package nbd updated to version 3.25-alt2 for branch sisyphus in task 340486.

Не стартует nbd-server с помощью systemd

Package postgresql13 updated to version 13.14-alt1 for branch sisyphus in task 340457.

Уязвимость функции REFRESH MATERIALIZED VIEW CONCURRENTLY системы управления базами данных PostgreSQL, позволяющая нарушителю выполнять произвольные SQL-команды

Severity: HIGH (8.0)Vector: AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Severity: CRITICAL (9.0)Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

References:

CVE-2024-0985

Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling safe refresh of untrusted materialized views. The victim is a superuser or member of one of the attacker's roles. The attack requires luring the victim into running REFRESH MATERIALIZED VIEW CONCURRENTLY on the attacker's materialized view. Versions before PostgreSQL 16.2, 15.6, 14.11, 13.14, and 12.18 are affected.

Severity: HIGH (8.0)Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

References:

Package postgresql14 updated to version 14.11-alt1 for branch sisyphus in task 340457.

Severity: HIGH (8.0)Vector: AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Severity: CRITICAL (9.0)Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

References:

CVE-2024-0985

Severity: HIGH (8.0)Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

References:

Package postgresql16 updated to version 16.2-alt1 for branch sisyphus in task 340457.

Severity: HIGH (8.0)Vector: AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Severity: CRITICAL (9.0)Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

References:

CVE-2024-0985

Severity: HIGH (8.0)Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

References:

Package postgresql12 updated to version 12.18-alt1 for branch sisyphus in task 340457.

Severity: HIGH (8.0)Vector: AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Severity: CRITICAL (9.0)Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

References:

CVE-2024-0985

Severity: HIGH (8.0)Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

References:

Package postgresql15 updated to version 15.6-alt1 for branch sisyphus in task 340457.

Severity: HIGH (8.0)Vector: AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Severity: CRITICAL (9.0)Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

References:

CVE-2024-0985

Severity: HIGH (8.0)Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

References:

Package postgresql15-1C updated to version 15.5-alt4 for branch sisyphus in task 340457.

Severity: HIGH (8.0)Vector: AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Severity: CRITICAL (9.0)Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

References:

CVE-2024-0985

Severity: HIGH (8.0)Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

References:

Package mongo-tools updated to version 100.9.4-alt1 for branch sisyphus in task 340506.

Обновить до версии 100.9.4

Package linuxcnc updated to version 2.9.2-alt2.20240203 for branch sisyphus in task 340518.

Дублирование LinuxCNC в названии программ

Version: 2.1.2

ALT-BU-2024-2213-2

Closed bugs

Closed bugs

Closed bugs

Closed bugs

Closed vulnerabilities

Closed vulnerabilities

Closed vulnerabilities

Closed vulnerabilities

Closed vulnerabilities

Closed vulnerabilities

Closed bugs

Closed bugs