ALT Linux Team

Branch c10f1 update on 2024-05-28

2024-05-28

ALT-BU-2024-8432-1

Branch c10f1 update bulletin.

ALT-PU-2024-8026-2

Package avahi updated to version 0.8-alt4 for branch c10f1 in task 348512.

Closed vulnerabilities

Published: 2023-04-25

BDU:2023-08473

Уязвимость функции avahi_rdata_parse() системы обнаружения сервисов в локальной сети Avahi, позволяющая нарушителю вызвать отказ в обслуживании

Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2023-11-02
Modified: 2024-11-21

CVE-2023-38469

A vulnerability was found in Avahi, where a reachable assertion exists in avahi_dns_packet_append_record.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2023-11-02
Modified: 2024-11-21

CVE-2023-38470

A vulnerability was found in Avahi. A reachable assertion exists in the avahi_escape_label() function.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2023-11-02
Modified: 2024-11-21

CVE-2023-38471

A vulnerability was found in Avahi. A reachable assertion exists in the dbus_set_host_name function.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2023-11-02
Modified: 2024-11-21

CVE-2023-38472

A vulnerability was found in Avahi. A reachable assertion exists in the avahi_rdata_parse() function.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2023-11-02
Modified: 2024-11-21

CVE-2023-38473

A vulnerability was found in Avahi. A reachable assertion exists in the avahi_alternative_host_name() function.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:

Closed bugs

Bug #49873

avahi-bookmarks: cannot import name ‘gireactor’ from ‘twisted.internet’

ALT-PU-2024-8032-3

Package ncurses updated to version 6.3.20220618-alt1 for branch c10f1 in task 348518.

Closed vulnerabilities

Published: 2021-10-21

BDU:2023-00296

Уязвимость функции convert_strings компонента tinfo/read_entry.c библиотеки управления вводом-выводом на терминал Ncurses, позволяющая нарушителю получить доступ к конфиденциальным данным, а также вызвать отказ в обслуживании

Severity: HIGH (7.1) Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
References:
Published: 2022-04-19
Modified: 2024-11-21

CVE-2022-29458

ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.

Severity: HIGH (7.1) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
References:

Closed bugs

Bug #40808

Move /usr/bin/infocmp to termutils

VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top