Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Severity: MEDIUM (4.9) Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

https://www.oracle.com/security-alerts/cpuoct2025.html

Published: 2025-10-21
Modified: 2025-10-23

CVE-2025-53042

Severity: MEDIUM (4.9) Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

https://www.oracle.com/security-alerts/cpuoct2025.html

Published: 2025-10-21
Modified: 2025-10-23

CVE-2025-53044

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Severity: MEDIUM (4.9) Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

https://www.oracle.com/security-alerts/cpuoct2025.html

Published: 2025-10-21
Modified: 2025-10-23

CVE-2025-53045

Severity: MEDIUM (4.9) Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

https://www.oracle.com/security-alerts/cpuoct2025.html

Published: 2025-10-21
Modified: 2025-10-23

CVE-2025-53053

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H

References:

https://www.oracle.com/security-alerts/cpuoct2025.html

Published: 2025-10-21
Modified: 2025-10-23

CVE-2025-53054

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H

References:

https://www.oracle.com/security-alerts/cpuoct2025.html

Published: 2025-10-21
Modified: 2025-10-28

CVE-2025-53062

Severity: MEDIUM (4.9) Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

https://www.oracle.com/security-alerts/cpuoct2025.html

Published: 2025-10-21
Modified: 2025-10-24

CVE-2025-53069

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Severity: MEDIUM (4.9) Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References:

https://www.oracle.com/security-alerts/cpuoct2025.html

Package libshape updated to version 1.6.2-alt1 for branch sisyphus_riscv64.

Published: 2022-11-02
Modified: 2025-03-05

BDU:2022-06588

Уязвимость реализации функции malloc() библиотеки shapelib, позволяющая нарушителю вызвать отказ в обслуживании

Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: CRITICAL (10.0) Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

References:

CVE-2022-0699

Published: 2022-10-17
Modified: 2025-05-13

CVE-2022-0699

A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This issue may allow an attacker to cause a denial of service or have other unspecified impact via control over malloc.

Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

Package python3.14 updated to version 3.14.0-alt2 for branch sisyphus_riscv64.

python3.14-dev: непрописанный файловый конфликт с пакетом python3-dev

Version: 2.1.2

Branch sisyphus_riscv64 update on 2025-11-25

ALT-BU-2025-15032-1

ALT-PU-2025-15028-1

Closed vulnerabilities

BDU:2025-13384

BDU:2025-13385

BDU:2025-13386

BDU:2025-13387

CVE-2025-53040

CVE-2025-53042

CVE-2025-53044

CVE-2025-53045

CVE-2025-53053

CVE-2025-53054

CVE-2025-53062

CVE-2025-53069

ALT-PU-2025-15030-1

Closed vulnerabilities

BDU:2022-06588

CVE-2022-0699

ALT-PU-2025-15031-1

Closed bugs

Bug #56948