ALT-BU-2025-10218-1
Branch sisyphus_loongarch64 update bulletin.
Package chromium updated to version 138.0.7204.183-alt0.port for branch sisyphus_loongarch64.
Closed vulnerabilities
BDU:2025-09421
Уязвимость интерфейса MediaStream браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Modified: 2025-08-01
CVE-2025-8292
Use after free in Media Stream in Google Chrome prior to 138.0.7204.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Package mate-text-editor updated to version 1.28.0-alt2 for branch sisyphus_loongarch64.
Closed bugs
pluma не запускается
Package webapp-manager updated to version 1.4.2-alt2 for branch sisyphus_loongarch64.
Closed bugs
Созданное приложение не переименовывается в Меню приложений
Package iperf3 updated to version 3.19.1-alt1 for branch sisyphus_loongarch64.
Closed vulnerabilities
Modified: 2025-08-05
CVE-2025-54349
In iperf before 3.19.1, iperf_auth.c has an off-by-one error and resultant heap-based buffer overflow.
Modified: 2025-08-05
CVE-2025-54350
In iperf before 3.19.1, iperf_auth.c has a Base64Decode assertion failure and application exit upon a malformed authentication attempt.
Modified: 2025-08-05
CVE-2025-54351
In iperf before 3.19.1, net.c has a buffer overflow when --skip-rx-copy is used (for MSG_TRUNC in recv).
Package x11vnc updated to version 0.9.17-alt1 for branch sisyphus_loongarch64.
Closed vulnerabilities
BDU:2021-01776
Уязвимость компонента scan.c VNC-сервера X11vnc, связанная с отсутствием механизма авторизации, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2020-29074
scan.c in x11vnc 0.9.16 uses IPC_CREAT|0777 in shmget calls, which allows access by actors other than the current user.
- https://github.com/LibVNC/x11vnc/commit/69eeb9f7baa14ca03b16c9de821f9876def7a36a
- https://lists.debian.org/debian-lts-announce/2020/12/msg00018.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H2FLWSVH32O6JXLRQBYDQLP7XRSTLUPQ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MHVXHZE3YIP4RTWGQ24IDBSW44XPRDOC/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PZL6NQTNK5PT63D2JX5YVV5OLUL76S5C/
- https://www.debian.org/security/2020/dsa-4799
- https://github.com/LibVNC/x11vnc/commit/69eeb9f7baa14ca03b16c9de821f9876def7a36a
- https://lists.debian.org/debian-lts-announce/2020/12/msg00018.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H2FLWSVH32O6JXLRQBYDQLP7XRSTLUPQ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MHVXHZE3YIP4RTWGQ24IDBSW44XPRDOC/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PZL6NQTNK5PT63D2JX5YVV5OLUL76S5C/
- https://www.debian.org/security/2020/dsa-4799
Package libxfce4ui updated to version 4.20.1-alt2 for branch sisyphus_loongarch64.
Closed bugs
libxfce4ui-gtk3-devel: depends on libgladeui2.0
Package docs-alt-server updated to version 11.0-alt7 for branch sisyphus_loongarch64.
Closed bugs
Опечатки в примере команд в главе 57.11. Уведомления
Не стыкуются названия параметров в примерах команд в главе 57.10.3. Настройка резервного копирования
Необходимо поправить опечатку в документации в главе 3
Необходимо внести правки в документацию для раздела "53.3.1. Установка FreeIPA клиента"
Package wolfssl updated to version 5.8.2-alt2 for branch sisyphus_loongarch64.
Closed bugs
Включение options.h в состав пакета
Включение поддержки JNI