2025-10-19
ALT-BU-2025-13190-1
Branch sisyphus update bulletin.
Closed bugs
Linkage with library under the license GPL
Closed bugs
Не собирается с poppler-25.07.0
Closed bugs
Ошибка uninitialized constant Rack::Handler при запуске pcsd
Closed bugs
interface 'kde_output_device_v2' has no event 27
Package gem-passenger updated to version 6.1.0-alt1 for branch sisyphus in task 396221.
Closed vulnerabilities
Published: 2025-02-24
Modified: 2025-02-28
Modified: 2025-02-28
CVE-2025-26803
The http parser in Phusion Passenger 6.0.21 through 6.0.25 before 6.0.26 allows a denial of service during parsing of a request with an invalid HTTP method.
Severity: HIGH (7.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- https://blog.phusion.nl/2025/02/19/passenger-6-0-26/
- https://github.com/phusion/passenger/commit/bb15591646687064ab2d578d5f9660b2a4168017
- https://github.com/phusion/passenger/compare/release-6.0.25...release-6.0.26
- https://github.com/phusion/passenger/releases/tag/release-6.0.26
- https://www.phusionpassenger.com/support
Package clementine updated to version 1.4.1.58-alt1.gbae968a2f for branch sisyphus in task 397660.
Closed bugs
Linkage with library under the license GPL
Closed bugs
убрать vulkan-amdgpu из зависимостей