ALT-BU-2025-11876-2
Branch p11 update bulletin.
Package diag-domain-client updated to version 0.5-alt1 for branch p11 in task 392186.
Closed bugs
diag-domain-client: check_domain_controllers: ldapsearch: unrecognized option -h
Package alt-components-base updated to version 0.8.3-alt1 for branch p11 in task 392186.
Closed bugs
В образе отсутствует пакет glibc
Пакеты haproxy и keepalived отсутствуют в составе образа
Package alterator-l10n updated to version 2.9.166-alt1 for branch p11 in task 392186.
Closed bugs
Отсутствует перевод сообщения о несовпадающих паролях
Closed bugs
Белый шрифт на белом фоне в подсказке
Package make-initrd updated to version 2.55.1-alt2 for branch p11 in task 391832.
Closed bugs
make-initrd: при загрузке сообщение о невозможности редиректа в /dev/null
Closed vulnerabilities
Modified: 2025-08-04
CVE-2025-54386
Traefik is an HTTP reverse proxy and load balancer. In versions 2.11.27 and below, 3.0.0 through 3.4.4 and 3.5.0-rc1, a path traversal vulnerability was discovered in WASM Traefik’s plugin installation mechanism. By supplying a maliciously crafted ZIP archive containing file paths with ../ sequences, an attacker can overwrite arbitrary files on the system outside of the intended plugin directory. This can lead to remote code execution (RCE), privilege escalation, persistence, or denial of service. This is fixed in versions 2.11.28, 3.4.5 and 3.5.0.
- https://github.com/traefik/plugin-service/pull/71
- https://github.com/traefik/plugin-service/pull/72
- https://github.com/traefik/traefik/commit/5ef853a0c53068f69a6c229a5815a0dc6e0a8800
- https://github.com/traefik/traefik/pull/11911
- https://github.com/traefik/traefik/releases/tag/v2.11.28
- https://github.com/traefik/traefik/security/advisories/GHSA-q6gg-9f92-r9wg
Modified: 2025-08-04
GHSA-q6gg-9f92-r9wg
Traefik Client Plugin's Path Traversal Vulnerability Allows Arbitrary File Overwrite and Remote Code Execution
- https://github.com/traefik/traefik/security/advisories/GHSA-q6gg-9f92-r9wg
- https://nvd.nist.gov/vuln/detail/CVE-2025-54386
- https://github.com/traefik/plugin-service/pull/71
- https://github.com/traefik/plugin-service/pull/72
- https://github.com/traefik/traefik/pull/11911
- https://github.com/traefik/traefik/commit/5ef853a0c53068f69a6c229a5815a0dc6e0a8800
- https://github.com/traefik/traefik
- https://github.com/traefik/traefik/releases/tag/v2.11.28