ALT-BU-2024-2859-1
Branch sisyphus_riscv64 update bulletin.
Package faad updated to version 2.11.1-alt1 for branch sisyphus_riscv64.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2023-38857
Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the stcoin function in mp4read.c.
Modified: 2024-11-21
CVE-2023-38858
Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the mp4info function in mp4read.c:1039.
Package linux-pam updated to version 1.6.0-alt1 for branch sisyphus_riscv64.
Closed vulnerabilities
BDU:2024-00829
Уязвимость функции protect_dir (pam_namespace.so) модуля аутентификации Linux-PAM, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2024-22365
linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.
- http://www.openwall.com/lists/oss-security/2024/01/18/3
- http://www.openwall.com/lists/oss-security/2024/01/18/3
- https://github.com/linux-pam/linux-pam
- https://github.com/linux-pam/linux-pam
- https://github.com/linux-pam/linux-pam/commit/031bb5a5d0d950253b68138b498dc93be69a64cb
- https://github.com/linux-pam/linux-pam/commit/031bb5a5d0d950253b68138b498dc93be69a64cb
- https://github.com/linux-pam/linux-pam/releases/tag/v1.6.0
- https://github.com/linux-pam/linux-pam/releases/tag/v1.6.0
Package cmake updated to version 3.28.3-alt1.1 for branch sisyphus_riscv64.
Closed bugs
Добавить %_cmakedir
Package evms updated to version 2.5.5-alt75 for branch sisyphus_riscv64.
Closed bugs
После создания raid1 на nvme разделе остается device-mapper устройство раздела