ALT-BU-2024-7558-1
Branch sisyphus update bulletin.
Package plasma5-aura-browser updated to version 5.27.11-alt2 for branch sisyphus in task 345771.
Closed bugs
Браузер Aura расположен в неверной категории в меню KDE.
Closed bugs
После создания raid1 на nvme разделе остается device-mapper устройство раздела
Package kde5-kalgebra updated to version 23.08.5-alt2 for branch sisyphus in task 345983.
Closed bugs
Не импортируется содержимое сценария в kAlgebra
Closed bugs
Отсутствует иконка sniffnet в меню приложений
Closed bugs
graphviz: redundant redeclaration of 'aghtmlstr'
Closed vulnerabilities
Modified: 2024-11-21
CVE-2023-49606
A use-after-free vulnerability exists in the HTTP Connection Headers parsing in Tinyproxy 1.11.1 and Tinyproxy 1.10.0. A specially crafted HTTP header can trigger reuse of previously freed memory, which leads to memory corruption and could lead to remote code execution. An attacker needs to make an unauthenticated HTTP request to trigger this vulnerability.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2024-24787
On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the Apple version of ld, due to usage of the -lto_library flag in a "#cgo LDFLAGS" directive.
- http://www.openwall.com/lists/oss-security/2024/05/08/3
- http://www.openwall.com/lists/oss-security/2024/05/08/3
- https://go.dev/cl/583815
- https://go.dev/cl/583815
- https://go.dev/issue/67119
- https://go.dev/issue/67119
- https://groups.google.com/g/golang-announce/c/wkkO4P9stm0
- https://groups.google.com/g/golang-announce/c/wkkO4P9stm0
- https://pkg.go.dev/vuln/GO-2024-2825
- https://pkg.go.dev/vuln/GO-2024-2825
- https://security.netapp.com/advisory/ntap-20240531-0006/
- https://security.netapp.com/advisory/ntap-20240531-0006/
Modified: 2024-11-21
CVE-2024-24788
A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop.
- http://www.openwall.com/lists/oss-security/2024/05/08/3
- http://www.openwall.com/lists/oss-security/2024/05/08/3
- https://go.dev/cl/578375
- https://go.dev/cl/578375
- https://go.dev/issue/66754
- https://go.dev/issue/66754
- https://groups.google.com/g/golang-announce/c/wkkO4P9stm0
- https://groups.google.com/g/golang-announce/c/wkkO4P9stm0
- https://pkg.go.dev/vuln/GO-2024-2824
- https://pkg.go.dev/vuln/GO-2024-2824
- https://security.netapp.com/advisory/ntap-20240605-0002/
- https://security.netapp.com/advisory/ntap-20240605-0002/
- https://security.netapp.com/advisory/ntap-20240614-0001/
- https://security.netapp.com/advisory/ntap-20240614-0001/