ALT-BU-2024-4895-1
Branch sisyphus_loongarch64 update bulletin.
Package libp11 updated to version 0.4.12.63-alt0.2 for branch sisyphus_loongarch64.
Closed bugs
Сборка libp11
Package accel-ppp updated to version 1.13.0-alt1 for branch sisyphus_loongarch64.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2020-15173
In ACCEL-PPP (an implementation of PPTP/PPPoE/L2TP/SSTP), there is a buffer overflow when receiving an l2tp control packet ith an AVP which type is a string and no hidden flags, length set to less than 6. If your application is used in open networks or there are untrusted nodes in the network it is highly recommended to apply the patch. The problem was patched with commit 2324bcd5ba12cf28f47357a8f03cd41b7c04c52b As a workaround changes of commit 2324bcd5ba12cf28f47357a8f03cd41b7c04c52b can be applied to older versions.
- https://github.com/accel-ppp/accel-ppp/commit/2324bcd5ba12cf28f47357a8f03cd41b7c04c52b
- https://github.com/accel-ppp/accel-ppp/commit/2324bcd5ba12cf28f47357a8f03cd41b7c04c52b
- https://github.com/accel-ppp/accel-ppp/security/advisories/GHSA-rr68-fchr-69vf
- https://github.com/accel-ppp/accel-ppp/security/advisories/GHSA-rr68-fchr-69vf
Modified: 2024-11-21
CVE-2020-28194
Variable underflow exists in accel-ppp radius/packet.c when receiving a RADIUS vendor-specific attribute with length field is less than 2. It has an impact only when the attacker controls the RADIUS server, which can lead to arbitrary code execution.
- https://github.com/accel-ppp/accel-ppp/commit/e9d369aa0054312b7633e964e9f7eb323f1f3d69
- https://github.com/accel-ppp/accel-ppp/commit/e9d369aa0054312b7633e964e9f7eb323f1f3d69
- https://github.com/accel-ppp/accel-ppp/security/advisories/GHSA-2m44-rh3c-x4gr
- https://github.com/accel-ppp/accel-ppp/security/advisories/GHSA-2m44-rh3c-x4gr
Modified: 2024-11-21
CVE-2021-42054
ACCEL-PPP 1.12.0 has an out-of-bounds read in triton_context_schedule if the client exits after authentication.
Modified: 2024-11-21
CVE-2021-42870
ACCEL-PPP 1.12.0 has an out-of-bounds read in post_msg when processing a call_clear_request.
Modified: 2024-11-21
CVE-2022-0982
The telnet_input_char function in opt/src/accel-pppd/cli/telnet.c suffers from a memory corruption vulnerability, whereby user input cmdline_len is copied into a fixed buffer b->buf without any bound checks. If the server connects with a malicious client, crafted client requests can remotely trigger this vulnerability.
Modified: 2024-11-21
CVE-2022-24704
The rad_packet_recv function in opt/src/accel-pppd/radius/packet.c suffers from a buffer overflow vulnerability, whereby user input len is copied into a fixed buffer &attr->val.integer without any bound checks. If the client connects to the server and sends a large radius packet, a buffer overflow vulnerability will be triggered.
Package radare2 updated to version 5.9.0-alt1 for branch sisyphus_loongarch64.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2023-4322
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.
- https://github.com/radareorg/radare2/commit/ba919adb74ac368bf76b150a00347ded78b572dd
- https://github.com/radareorg/radare2/commit/ba919adb74ac368bf76b150a00347ded78b572dd
- https://huntr.dev/bounties/06e2484c-d6f1-4497-af67-26549be9fffd
- https://huntr.dev/bounties/06e2484c-d6f1-4497-af67-26549be9fffd
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/64KUV6OGEVQ75QOV35PUVVDOJTKSJHYN/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/64KUV6OGEVQ75QOV35PUVVDOJTKSJHYN/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SOZ6XCADVAPAIHMVSV3FUAN742BHXF55/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SOZ6XCADVAPAIHMVSV3FUAN742BHXF55/
Modified: 2024-11-21
CVE-2023-46569
An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of libr/arch/p/nds32/nds32-dis.h.
Modified: 2024-11-21
CVE-2023-46570
An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr/arch/p/nds32/nds32-dis.h.
Modified: 2024-11-21
CVE-2023-47016
radare2 5.8.9 has an out-of-bounds read in r_bin_object_set_items in libr/bin/bobj.c, causing a crash in r_read_le32 in libr/include/r_endian.h.
- https://gist.github.com/gandalf4a/65705be4f84269cb7cd725a1d4ab2ffa
- https://gist.github.com/gandalf4a/65705be4f84269cb7cd725a1d4ab2ffa
- https://github.com/radareorg/radare2/commit/40c9f50e127be80b9d816bce2ab2ee790831aefd
- https://github.com/radareorg/radare2/commit/40c9f50e127be80b9d816bce2ab2ee790831aefd
- https://github.com/radareorg/radare2/issues/22349
- https://github.com/radareorg/radare2/issues/22349
Modified: 2024-11-21
CVE-2023-5686
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.
- https://github.com/radareorg/radare2/commit/1bdda93e348c160c84e30da3637acef26d0348de
- https://github.com/radareorg/radare2/commit/1bdda93e348c160c84e30da3637acef26d0348de
- https://huntr.com/bounties/bbfe1f76-8fa1-4a8c-909d-65b16e970be0
- https://huntr.com/bounties/bbfe1f76-8fa1-4a8c-909d-65b16e970be0
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/64KUV6OGEVQ75QOV35PUVVDOJTKSJHYN/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/64KUV6OGEVQ75QOV35PUVVDOJTKSJHYN/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SOZ6XCADVAPAIHMVSV3FUAN742BHXF55/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SOZ6XCADVAPAIHMVSV3FUAN742BHXF55/
Package plasma5-workspace updated to version 5.27.11-alt3 for branch sisyphus_loongarch64.
Closed bugs
"Ошибка: переходные периоды пересекаются" отображается при отсутствии соответствующих полей ввода (Ночная цветовая схема)
Не работают кнопки "По умолчанию" и "Сброс" в настройках "Региональные и языковые параметры" в plasma5-systemsettings
Package wireshark updated to version 4.2.4-alt1 for branch sisyphus_loongarch64.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2024-2955
T.38 dissector crash in Wireshark 4.2.0 to 4.0.3 and 4.0.0 to 4.0.13 allows denial of service via packet injection or crafted capture file
- GitLab Issue #19695
- GitLab Issue #19695
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7TWJQKXOV4HYI5C4TWRKTN7B5YL7GTU/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZD2MNS6EW2K2SSMN4YBGPZCC47KBDNEE/
- https://www.wireshark.org/security/wnpa-sec-2024-06.html
- https://www.wireshark.org/security/wnpa-sec-2024-06.html
Package installer-feature-samba-automount updated to version 0.1.1-alt3 for branch sisyphus_loongarch64.
Closed bugs
Не работает autofs при подключении к AD
Package python3-module-spnego updated to version 0.10.2-alt1 for branch sisyphus_loongarch64.
Closed bugs
Утилита pyspnego-parse не запускается
Package python3-module-betamax updated to version 0.9.0-alt1 for branch sisyphus_loongarch64.
Closed bugs
betamax: new version