ALT-BU-2025-1535-1
Branch sisyphus_e2k update bulletin.
Package libwebkitgtk4 updated to version 2.44.4-alt1.2 for branch sisyphus_e2k.
Closed vulnerabilities
BDU:2022-04198
Уязвимость реализации технологии WebRTC браузера Google Chrome, позволяющая нарушителю выполнить произвольный код
BDU:2022-04287
Уязвимость функции WebCore::TextureMapperLayer::setContentsLayer модулей отображения веб-страниц WebKitGTK и WPE WebKit, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2022-05100
Уязвимость модулей отображения веб-страниц WebKit операционных систем macOS, iOS, iPadOS, позволяющая нарушителю выполнить произвольный код
BDU:2022-05716
Уязвимость модуля отображения веб-страниц WebKitGTK, связанная с использованием памяти после её освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
BDU:2023-00677
Уязвимость модулей отображения веб-страниц WebKitGTK и WPE WebKit, связанная с использованием памяти после ее освобождения, позволяющая нарушителю выполнить произвольный код
BDU:2023-02854
Уязвимость модуля отображения веб-страниц WebKit операционных систем iOS, iPadOS, watchOS, tvOS, браузера Safari, позволяющая нарушителю выполнить произвольный код
BDU:2023-02858
Уязвимость модуля отображения веб-страниц WebKit операционных систем iOS, iPadOS, watchOS,tvOS, браузера Safari, позволяющая нарушителю раскрыть защищаемую информацию
BDU:2023-04523
Уязвимость модулей отображения веб-страниц WebKitGTK и WPE WebKit операционных систем iOS, iPadOS, tvOS, macOS, watchOS, браузера Safari, позволяющая нарушителю выполнить произвольный код
BDU:2023-04538
Уязвимость модуля отображения веб-страниц WebKit операционной системы macOS, позволяющая нарушителю выполнить произвольный код
BDU:2023-05914
Уязвимость модулей отображения веб-страниц WebKitGTK и WPE WebKit, связанная с ошибками обработки входных данных при выполнении синтаксического анализа кода, позволяющая нарушителю выполнить произвольный код
BDU:2023-06113
Уязвимость модуля отображения веб-страниц WebKit браузера Safari и операционных систем iOS и iPadOS, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
BDU:2023-07654
Уязвимость модулей отображения веб-страниц WPE WebKit и WebKitGTK, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю оказать воздействие на целостность данных
BDU:2023-08366
Уязвимость операционных систем iOS, iPadOS, macOS и браузера Safari, связанная с недостатками контроля доступа, позволяющая нарушителю раскрыть защищаемую информацию
BDU:2023-08367
Уязвимость модуля отображения веб-страниц WebKit операционных систем iOS, iPadOS, macOS и браузера Safari, позволяющая нарушителю выполнить произвольный код
BDU:2024-06898
Уязвимость модулей отображения веб-страниц WebKitGTK и WPE WebKit, связанная с ошибками наследуемых разрешений, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
BDU:2024-06902
Уязвимость модулей отображения веб-страниц WebKitGTK и WPE WebKit, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю получить доступ к конфиденциальным данным и нарушить их целостность
BDU:2024-06942
Уязвимость модулей отображения веб-страниц WPE WebKit и WebKitGTK, связанная с использованием памяти после её освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
BDU:2024-07418
Уязвимость функции WebCore::RenderLayer::setNextSibling модулей отображения веб-страниц WPE WebKit и WebKitGTK, позволяющая нарушителю выполнить произвольный код
BDU:2024-07421
Уязвимость функции WebCore::RenderLayer::repaintBlockSelectionGaps модулей отображения веб-страниц WPE WebKit и WebKitGTK, позволяющая нарушителю выполнить произвольный код
BDU:2024-07422
Уязвимость функции WebCore::RenderLayer::addChild модулей отображения веб-страниц WPE WebKit и WebKitGTK, позволяющая нарушителю выполнить произвольный код
BDU:2024-07423
Уязвимость функции WebCore::RenderLayer::renderer модулей отображения веб-страниц WPE WebKit и WebKitGTK, позволяющая нарушителю выполнить произвольный код
BDU:2024-09451
Уязвимость модулей отображения веб-страниц WebKitGTK и WPE WebKit, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
BDU:2024-09456
Уязвимость модулей отображения веб-страниц WPE WebKit и WebKitGTK, связанная с обходом аутентификации посредством спуфинга, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2022-22590
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may lead to arbitrary code execution.
- GLSA-202208-39
- GLSA-202208-39
- https://support.apple.com/en-us/HT213053
- https://support.apple.com/en-us/HT213053
- https://support.apple.com/en-us/HT213054
- https://support.apple.com/en-us/HT213054
- https://support.apple.com/en-us/HT213057
- https://support.apple.com/en-us/HT213057
- https://support.apple.com/en-us/HT213058
- https://support.apple.com/en-us/HT213058
- https://support.apple.com/en-us/HT213059
- https://support.apple.com/en-us/HT213059
Modified: 2025-04-03
CVE-2022-2294
Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- [oss-security] 20220728 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0007
- [oss-security] 20220728 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0007
- https://chromereleases.googleblog.com/2022/07/stable-channel-update-for-desktop.html
- https://chromereleases.googleblog.com/2022/07/stable-channel-update-for-desktop.html
- https://crbug.com/1341043
- https://crbug.com/1341043
- FEDORA-2022-0102ccc2a2
- FEDORA-2022-0102ccc2a2
- FEDORA-2022-1d3d5a0341
- FEDORA-2022-1d3d5a0341
- GLSA-202208-35
- GLSA-202208-35
- GLSA-202208-39
- GLSA-202208-39
- GLSA-202311-11
- GLSA-202311-11
Modified: 2024-11-21
CVE-2022-30293
In WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp.
- [oss-security] 20220530 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0005
- [oss-security] 20220530 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0005
- https://bugs.webkit.org/show_bug.cgi?id=237187
- https://bugs.webkit.org/show_bug.cgi?id=237187
- https://github.com/ChijinZ/security_advisories/tree/master/webkitgtk-2.36.0
- https://github.com/ChijinZ/security_advisories/tree/master/webkitgtk-2.36.0
- GLSA-202208-39
- GLSA-202208-39
- DSA-5154
- DSA-5154
- DSA-5155
- DSA-5155
Modified: 2025-02-28
CVE-2022-32893
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1, Safari 15.6.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
- 20220831 APPLE-SA-2022-08-31-1 iOS 12.5.6
- 20220831 APPLE-SA-2022-08-31-1 iOS 12.5.6
- 20221030 APPLE-SA-2022-10-27-13 watchOS 9
- 20221030 APPLE-SA-2022-10-27-13 watchOS 9
- [oss-security] 20220825 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0008
- [oss-security] 20220825 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0008
- [oss-security] 20220826 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2022-0008
- [oss-security] 20220826 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2022-0008
- [oss-security] 20220829 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2022-0008
- [oss-security] 20220829 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2022-0008
- [oss-security] 20220829 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2022-0008
- [oss-security] 20220829 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2022-0008
- [oss-security] 20220902 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2022-0008
- [oss-security] 20220902 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2022-0008
- [oss-security] 20220913 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2022-0008
- [oss-security] 20220913 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2022-0008
- [debian-lts-announce] 20220830 [SECURITY] [DLA 3087-1] webkit2gtk security update
- [debian-lts-announce] 20220830 [SECURITY] [DLA 3087-1] webkit2gtk security update
- FEDORA-2022-eada5f24a0
- FEDORA-2022-eada5f24a0
- FEDORA-2022-ddfeee50c9
- FEDORA-2022-ddfeee50c9
- GLSA-202208-39
- GLSA-202208-39
- https://support.apple.com/en-us/HT213412
- https://support.apple.com/en-us/HT213412
- https://support.apple.com/en-us/HT213413
- https://support.apple.com/en-us/HT213413
- https://support.apple.com/en-us/HT213414
- https://support.apple.com/en-us/HT213414
- DSA-5219
- DSA-5219
- DSA-5220
- DSA-5220
Modified: 2024-11-21
CVE-2022-42826
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13, iOS 16.1 and iPadOS 16, Safari 16.1. Processing maliciously crafted web content may lead to arbitrary code execution.
Modified: 2025-03-07
CVE-2023-25358
A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remotely.
- [oss-security] 20230421 WebKitGTK and WPE WebKit Security Advisory WSA-2023-0003
- [oss-security] 20230421 WebKitGTK and WPE WebKit Security Advisory WSA-2023-0003
- https://bugs.webkit.org/show_bug.cgi?id=242683
- https://bugs.webkit.org/show_bug.cgi?id=242683
- FEDORA-2023-a4bbf02a57
- FEDORA-2023-a4bbf02a57
- FEDORA-2023-5b61346bbe
- FEDORA-2023-5b61346bbe
- FEDORA-2023-8900b35c6f
- FEDORA-2023-8900b35c6f
- GLSA-202305-32
- GLSA-202305-32
Modified: 2025-03-07
CVE-2023-25360
A use-after-free vulnerability in WebCore::RenderLayer::renderer in WebKitGTK before 2.36.8 allows attackers to execute code remotely.
Modified: 2025-03-07
CVE-2023-25361
A use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK before 2.36.8 allows attackers to execute code remotely.
Modified: 2024-11-21
CVE-2023-25362
A use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK before 2.36.8 allows attackers to execute code remotely.
Modified: 2024-11-21
CVE-2023-25363
A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK before 2.36.8 allows attackers to execute code remotely.
Modified: 2024-11-21
CVE-2023-28198
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution.
- http://www.openwall.com/lists/oss-security/2023/09/11/1
- https://security.gentoo.org/glsa/202401-04
- https://support.apple.com/en-us/HT213670
- https://support.apple.com/en-us/HT213676
- http://www.openwall.com/lists/oss-security/2023/09/11/1
- https://support.apple.com/en-us/HT213676
- https://support.apple.com/en-us/HT213670
- https://security.gentoo.org/glsa/202401-04
Modified: 2025-02-14
CVE-2023-28204
An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited.
- https://security.gentoo.org/glsa/202401-04
- https://security.gentoo.org/glsa/202401-04
- https://support.apple.com/en-us/HT213757
- https://support.apple.com/en-us/HT213757
- https://support.apple.com/en-us/HT213758
- https://support.apple.com/en-us/HT213758
- https://support.apple.com/en-us/HT213761
- https://support.apple.com/en-us/HT213761
- https://support.apple.com/en-us/HT213762
- https://support.apple.com/en-us/HT213762
- https://support.apple.com/en-us/HT213764
- https://support.apple.com/en-us/HT213764
- https://support.apple.com/en-us/HT213765
- https://support.apple.com/en-us/HT213765
Modified: 2024-11-21
CVE-2023-32370
A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3. Content Security Policy to block domains with wildcards may fail.
Modified: 2025-02-28
CVE-2023-32373
A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
- https://security.gentoo.org/glsa/202401-04
- https://security.gentoo.org/glsa/202401-04
- https://support.apple.com/en-us/HT213757
- https://support.apple.com/en-us/HT213757
- https://support.apple.com/en-us/HT213758
- https://support.apple.com/en-us/HT213758
- https://support.apple.com/en-us/HT213761
- https://support.apple.com/en-us/HT213761
- https://support.apple.com/en-us/HT213762
- https://support.apple.com/en-us/HT213762
- https://support.apple.com/en-us/HT213764
- https://support.apple.com/en-us/HT213764
- https://support.apple.com/en-us/HT213765
- https://support.apple.com/en-us/HT213765
Modified: 2025-02-14
CVE-2023-37450
The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, Safari 16.5.2, tvOS 16.6, macOS Ventura 13.5, watchOS 9.6. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
- https://security.gentoo.org/glsa/202401-04
- https://security.gentoo.org/glsa/202401-04
- https://support.apple.com/en-us/HT213826
- https://support.apple.com/en-us/HT213826
- https://support.apple.com/en-us/HT213841
- https://support.apple.com/en-us/HT213841
- https://support.apple.com/en-us/HT213843
- https://support.apple.com/en-us/HT213843
- https://support.apple.com/en-us/HT213846
- https://support.apple.com/en-us/HT213846
- https://support.apple.com/en-us/HT213848
- https://support.apple.com/en-us/HT213848
Modified: 2024-11-21
CVE-2023-40397
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. A remote attacker may be able to cause arbitrary javascript code execution.
Modified: 2024-11-29
CVE-2023-41993
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
- https://security.gentoo.org/glsa/202401-33
- https://security.gentoo.org/glsa/202401-33
- https://security.netapp.com/advisory/ntap-20240426-0004/
- https://security.netapp.com/advisory/ntap-20240426-0004/
- https://support.apple.com/en-us/HT213940
- https://support.apple.com/en-us/HT213940
- https://webkitgtk.org/security/WSA-2023-0009.html
Modified: 2024-12-09
CVE-2023-42843
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, Safari 17.1, macOS Sonoma 14.1. Visiting a malicious website may lead to address bar spoofing.
- http://www.openwall.com/lists/oss-security/2024/03/26/1
- http://www.openwall.com/lists/oss-security/2024/03/26/1
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/
- https://support.apple.com/en-us/HT213981
- https://support.apple.com/en-us/HT213981
- https://support.apple.com/en-us/HT213982
- https://support.apple.com/en-us/HT213982
- https://support.apple.com/en-us/HT213984
- https://support.apple.com/en-us/HT213984
- https://support.apple.com/en-us/HT213986
- https://support.apple.com/en-us/HT213986
Modified: 2024-11-29
CVE-2023-42916
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.
- http://seclists.org/fulldisclosure/2023/Dec/12
- http://seclists.org/fulldisclosure/2023/Dec/12
- http://seclists.org/fulldisclosure/2023/Dec/13
- http://seclists.org/fulldisclosure/2023/Dec/13
- http://seclists.org/fulldisclosure/2023/Dec/3
- http://seclists.org/fulldisclosure/2023/Dec/3
- http://seclists.org/fulldisclosure/2023/Dec/4
- http://seclists.org/fulldisclosure/2023/Dec/4
- http://seclists.org/fulldisclosure/2023/Dec/5
- http://seclists.org/fulldisclosure/2023/Dec/5
- http://seclists.org/fulldisclosure/2023/Dec/8
- http://seclists.org/fulldisclosure/2023/Dec/8
- http://seclists.org/fulldisclosure/2024/Jan/35
- http://seclists.org/fulldisclosure/2024/Jan/35
- http://www.openwall.com/lists/oss-security/2023/12/05/1
- http://www.openwall.com/lists/oss-security/2023/12/05/1
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR/
- https://security.gentoo.org/glsa/202401-04
- https://security.gentoo.org/glsa/202401-04
- https://support.apple.com/en-us/HT214031
- https://support.apple.com/en-us/HT214031
- https://support.apple.com/en-us/HT214032
- https://support.apple.com/en-us/HT214032
- https://support.apple.com/en-us/HT214033
- https://support.apple.com/en-us/HT214033
- https://support.apple.com/kb/HT214033
- https://support.apple.com/kb/HT214033
- https://support.apple.com/kb/HT214034
- https://support.apple.com/kb/HT214034
- https://support.apple.com/kb/HT214062
- https://support.apple.com/kb/HT214062
- https://www.debian.org/security/2023/dsa-5575
- https://www.debian.org/security/2023/dsa-5575
Modified: 2025-02-10
CVE-2023-42917
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.
- http://seclists.org/fulldisclosure/2023/Dec/12
- http://seclists.org/fulldisclosure/2023/Dec/12
- http://seclists.org/fulldisclosure/2023/Dec/13
- http://seclists.org/fulldisclosure/2023/Dec/13
- http://seclists.org/fulldisclosure/2023/Dec/3
- http://seclists.org/fulldisclosure/2023/Dec/3
- http://seclists.org/fulldisclosure/2023/Dec/4
- http://seclists.org/fulldisclosure/2023/Dec/4
- http://seclists.org/fulldisclosure/2023/Dec/5
- http://seclists.org/fulldisclosure/2023/Dec/5
- http://seclists.org/fulldisclosure/2023/Dec/8
- http://seclists.org/fulldisclosure/2023/Dec/8
- http://seclists.org/fulldisclosure/2024/Jan/35
- http://seclists.org/fulldisclosure/2024/Jan/35
- http://www.openwall.com/lists/oss-security/2023/12/05/1
- http://www.openwall.com/lists/oss-security/2023/12/05/1
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR/
- https://security.gentoo.org/glsa/202401-04
- https://security.gentoo.org/glsa/202401-04
- https://support.apple.com/en-us/HT214031
- https://support.apple.com/en-us/HT214031
- https://support.apple.com/en-us/HT214032
- https://support.apple.com/en-us/HT214032
- https://support.apple.com/en-us/HT214033
- https://support.apple.com/en-us/HT214033
- https://support.apple.com/kb/HT214033
- https://support.apple.com/kb/HT214033
- https://support.apple.com/kb/HT214034
- https://support.apple.com/kb/HT214034
- https://support.apple.com/kb/HT214062
- https://support.apple.com/kb/HT214062
- https://www.debian.org/security/2023/dsa-5575
- https://www.debian.org/security/2023/dsa-5575
Modified: 2024-12-06
CVE-2024-23254
The issue was addressed with improved UI handling. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, Safari 17.4. A malicious website may exfiltrate audio data cross-origin.
- http://seclists.org/fulldisclosure/2024/Mar/20
- http://seclists.org/fulldisclosure/2024/Mar/20
- http://seclists.org/fulldisclosure/2024/Mar/21
- http://seclists.org/fulldisclosure/2024/Mar/21
- http://seclists.org/fulldisclosure/2024/Mar/24
- http://seclists.org/fulldisclosure/2024/Mar/24
- http://seclists.org/fulldisclosure/2024/Mar/25
- http://seclists.org/fulldisclosure/2024/Mar/25
- http://seclists.org/fulldisclosure/2024/Mar/26
- http://seclists.org/fulldisclosure/2024/Mar/26
- http://www.openwall.com/lists/oss-security/2024/03/26/1
- http://www.openwall.com/lists/oss-security/2024/03/26/1
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/
- https://support.apple.com/en-us/HT214081
- https://support.apple.com/en-us/HT214081
- https://support.apple.com/en-us/HT214084
- https://support.apple.com/en-us/HT214084
- https://support.apple.com/en-us/HT214086
- https://support.apple.com/en-us/HT214086
- https://support.apple.com/en-us/HT214087
- https://support.apple.com/en-us/HT214087
- https://support.apple.com/en-us/HT214088
- https://support.apple.com/en-us/HT214088
- https://support.apple.com/en-us/HT214089
- https://support.apple.com/en-us/HT214089
Modified: 2024-12-09
CVE-2024-23263
A logic issue was addressed with improved validation. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, Safari 17.4. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.
- http://seclists.org/fulldisclosure/2024/Mar/20
- http://seclists.org/fulldisclosure/2024/Mar/20
- http://seclists.org/fulldisclosure/2024/Mar/21
- http://seclists.org/fulldisclosure/2024/Mar/21
- http://seclists.org/fulldisclosure/2024/Mar/24
- http://seclists.org/fulldisclosure/2024/Mar/24
- http://seclists.org/fulldisclosure/2024/Mar/25
- http://seclists.org/fulldisclosure/2024/Mar/25
- http://seclists.org/fulldisclosure/2024/Mar/26
- http://seclists.org/fulldisclosure/2024/Mar/26
- http://www.openwall.com/lists/oss-security/2024/03/26/1
- http://www.openwall.com/lists/oss-security/2024/03/26/1
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AO4BNNL5X2LQBJ6WX7VT4SGMA6R7DUU5/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AO4BNNL5X2LQBJ6WX7VT4SGMA6R7DUU5/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAIPBVDQV3GHMSNSZNEJCRZEPM7BEYGF/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAIPBVDQV3GHMSNSZNEJCRZEPM7BEYGF/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXORDRCSQAQU436W4S2Z3X5B5PDXL3LI/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXORDRCSQAQU436W4S2Z3X5B5PDXL3LI/
- https://support.apple.com/en-us/HT214081
- https://support.apple.com/en-us/HT214081
- https://support.apple.com/en-us/HT214082
- https://support.apple.com/en-us/HT214082
- https://support.apple.com/en-us/HT214084
- https://support.apple.com/en-us/HT214084
- https://support.apple.com/en-us/HT214086
- https://support.apple.com/en-us/HT214086
- https://support.apple.com/en-us/HT214087
- https://support.apple.com/en-us/HT214087
- https://support.apple.com/en-us/HT214088
- https://support.apple.com/en-us/HT214088
- https://support.apple.com/en-us/HT214089
- https://support.apple.com/en-us/HT214089
Modified: 2024-12-07
CVE-2024-23280
An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, watchOS 10.4, tvOS 17.4. A maliciously crafted webpage may be able to fingerprint the user.
- http://seclists.org/fulldisclosure/2024/Mar/20
- http://seclists.org/fulldisclosure/2024/Mar/20
- http://seclists.org/fulldisclosure/2024/Mar/21
- http://seclists.org/fulldisclosure/2024/Mar/21
- http://seclists.org/fulldisclosure/2024/Mar/24
- http://seclists.org/fulldisclosure/2024/Mar/24
- http://seclists.org/fulldisclosure/2024/Mar/25
- http://seclists.org/fulldisclosure/2024/Mar/25
- http://www.openwall.com/lists/oss-security/2024/03/26/1
- http://www.openwall.com/lists/oss-security/2024/03/26/1
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AO4BNNL5X2LQBJ6WX7VT4SGMA6R7DUU5/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AO4BNNL5X2LQBJ6WX7VT4SGMA6R7DUU5/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAIPBVDQV3GHMSNSZNEJCRZEPM7BEYGF/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAIPBVDQV3GHMSNSZNEJCRZEPM7BEYGF/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXORDRCSQAQU436W4S2Z3X5B5PDXL3LI/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXORDRCSQAQU436W4S2Z3X5B5PDXL3LI/
- https://support.apple.com/en-us/HT214081
- https://support.apple.com/en-us/HT214081
- https://support.apple.com/en-us/HT214084
- https://support.apple.com/en-us/HT214084
- https://support.apple.com/en-us/HT214086
- https://support.apple.com/en-us/HT214086
- https://support.apple.com/en-us/HT214088
- https://support.apple.com/en-us/HT214088
- https://support.apple.com/en-us/HT214089
- https://support.apple.com/en-us/HT214089
Modified: 2025-03-29
CVE-2024-23284
A logic issue was addressed with improved state management. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, Safari 17.4. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.
- http://seclists.org/fulldisclosure/2024/Mar/20
- http://seclists.org/fulldisclosure/2024/Mar/20
- http://seclists.org/fulldisclosure/2024/Mar/21
- http://seclists.org/fulldisclosure/2024/Mar/21
- http://seclists.org/fulldisclosure/2024/Mar/24
- http://seclists.org/fulldisclosure/2024/Mar/24
- http://seclists.org/fulldisclosure/2024/Mar/25
- http://seclists.org/fulldisclosure/2024/Mar/25
- http://seclists.org/fulldisclosure/2024/Mar/26
- http://seclists.org/fulldisclosure/2024/Mar/26
- http://www.openwall.com/lists/oss-security/2024/03/26/1
- http://www.openwall.com/lists/oss-security/2024/03/26/1
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AO4BNNL5X2LQBJ6WX7VT4SGMA6R7DUU5/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AO4BNNL5X2LQBJ6WX7VT4SGMA6R7DUU5/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAIPBVDQV3GHMSNSZNEJCRZEPM7BEYGF/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAIPBVDQV3GHMSNSZNEJCRZEPM7BEYGF/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXORDRCSQAQU436W4S2Z3X5B5PDXL3LI/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXORDRCSQAQU436W4S2Z3X5B5PDXL3LI/
- https://support.apple.com/en-us/HT214081
- https://support.apple.com/en-us/HT214081
- https://support.apple.com/en-us/HT214082
- https://support.apple.com/en-us/HT214082
- https://support.apple.com/en-us/HT214084
- https://support.apple.com/en-us/HT214084
- https://support.apple.com/en-us/HT214086
- https://support.apple.com/en-us/HT214086
- https://support.apple.com/en-us/HT214087
- https://support.apple.com/en-us/HT214087
- https://support.apple.com/en-us/HT214088
- https://support.apple.com/en-us/HT214088
- https://support.apple.com/en-us/HT214089
- https://support.apple.com/en-us/HT214089
Modified: 2024-12-12
CVE-2024-27834
The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, Safari 17.5, watchOS 10.5, macOS Sonoma 14.5. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.
- http://seclists.org/fulldisclosure/2024/May/10
- http://seclists.org/fulldisclosure/2024/May/10
- http://seclists.org/fulldisclosure/2024/May/12
- http://seclists.org/fulldisclosure/2024/May/12
- http://seclists.org/fulldisclosure/2024/May/16
- http://seclists.org/fulldisclosure/2024/May/16
- http://seclists.org/fulldisclosure/2024/May/17
- http://seclists.org/fulldisclosure/2024/May/17
- http://seclists.org/fulldisclosure/2024/May/9
- http://seclists.org/fulldisclosure/2024/May/9
- http://www.openwall.com/lists/oss-security/2024/05/21/1
- http://www.openwall.com/lists/oss-security/2024/05/21/1
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ADCLQW54XN37VJZNYD3UKCYATJFIMYXG/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ADCLQW54XN37VJZNYD3UKCYATJFIMYXG/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WKIXADCW3O4R2OOSDZGPU55XQFE6NA3M/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WKIXADCW3O4R2OOSDZGPU55XQFE6NA3M/
- https://support.apple.com/en-us/HT214101
- https://support.apple.com/en-us/HT214101
- https://support.apple.com/en-us/HT214102
- https://support.apple.com/en-us/HT214102
- https://support.apple.com/en-us/HT214103
- https://support.apple.com/en-us/HT214103
- https://support.apple.com/en-us/HT214104
- https://support.apple.com/en-us/HT214104
- https://support.apple.com/en-us/HT214106
- https://support.apple.com/en-us/HT214106
Package glpi updated to version 10.0.17-alt1 for branch sisyphus_e2k.
Closed vulnerabilities
BDU:2024-09128
Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с некорректным управлением сеансом, позволяющая нарушителю получить полный доступ к приложению
BDU:2024-09424
Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с непринятием мер по защите структуры запроса SQL, позволяющая нарушителю выполнить произвольный код
BDU:2024-09514
Уязвимость функции восстановления пароля системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, позволяющая нарушителю обойти существующие ограничения безопасности
BDU:2024-09515
Уязвимость реализации прикладного программного интерфейса системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, позволяющая нарушителю раскрыть конфиденциальную информацию
BDU:2024-09717
Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с неправильным контролем доступа, позволяющая нарушителю получить несанкционированный доступ к учетной записи
BDU:2025-00328
Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)
BDU:2025-00329
Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)
BDU:2025-00330
Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)
BDU:2025-00331
Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)
BDU:2025-00332
Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)
BDU:2025-00333
Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с непринятием мер по защите структуры запроса SQL, позволяющая нарушителю выполнить SQL-инъекции
BDU:2025-00334
Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)
BDU:2025-00335
Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)
BDU:2025-00336
Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с непринятием мер по защите структуры запроса SQL, позволяющая нарушителю выполнить SQL-инъекции
Modified: 2024-11-20
CVE-2024-40638
GLPI is a free asset and IT management software package. An authenticated user can exploit multiple SQL injection vulnerabilities. One of them can be used to alter another user account data and take control of it. Upgrade to 10.0.17.
Modified: 2024-11-20
CVE-2024-41678
GLPI is a free asset and IT management software package. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability. Upgrade to 10.0.17.
Modified: 2024-11-20
CVE-2024-41679
GLPI is a free asset and IT management software package. An authenticated user can exploit a SQL injection vulnerability from the ticket form. Upgrade to 10.0.17.
Modified: 2025-01-07
CVE-2024-43416
GLPI is a free asset and IT management software package. Starting in version 0.80 and prior to version 10.0.17, an unauthenticated user can use an application endpoint to check if an email address corresponds to a valid GLPI user. Version 10.0.17 fixes the issue.
Modified: 2024-11-20
CVE-2024-43417
GLPI is a free asset and IT management software package. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability located in the Software form. Upgrade to 10.0.17.
Modified: 2024-11-20
CVE-2024-43418
GLPI is a free asset and IT management software package. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability. Upgrade to 10.0.17.
Modified: 2024-11-20
CVE-2024-45608
GLPI is a free asset and IT management software package. An authenticated user can perfom a SQL injection by changing its preferences. Upgrade to 10.0.17.
Modified: 2024-11-20
CVE-2024-45609
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability located in the reports pages. Upgrade to 10.0.17.
Modified: 2024-11-20
CVE-2024-45610
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability located in the Cable form. Upgrade to 10.0.17.
Modified: 2024-11-19
CVE-2024-45611
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated user can bypass the access control policy to create a private RSS feed attached to another user account and use a malicious payload to triggger a stored XSS. Upgrade to 10.0.17.
Modified: 2025-02-06
CVE-2024-47758
GLPI is a free asset and IT management software package. Starting in version 9.3.0 and prior to version 10.0.17, an authenticated user can use the API to take control of any user that have the same or a lower level of privileges. Version 10.0.17 contains a patch for this issue.
Modified: 2025-01-23
CVE-2024-47759
GLPI is a free Asset and IT management software package. An technician can upload a SVG containing a malicious script. The script will then be executed when any user will try to see the document contents. Upgrade to 10.0.17.
Modified: 2025-01-23
CVE-2024-47760
GLPI is a free asset and IT management software package. Starting in version 9.1.0 and prior to version 10.0.17, a technician with an access to the API can take control of an account with higher privileges. Version 10.0.17 contains a patch for this issue.
Modified: 2025-01-23
CVE-2024-47761
GLPI is a free asset and IT management software package. Starting in version 0.80 and prior to version 10.0.17, an administrator with access to the sent notifications contents can take control of an account with higher privileges. Version 10.0.17 contains a patch for this issue.
Modified: 2025-01-10
CVE-2024-48912
GLPI is a free asset and IT management software package. Starting in version 10.0.0 and prior to version 10.0.17, an authenticated user can use an application endpoint to delete any user account. Version 10.0.17 contains a patch for this issue.
Modified: 2025-01-10
CVE-2024-50339
GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to version 10.0.17, an unauthenticated user can retrieve all the sessions IDs and use them to steal any valid session. Version 10.0.17 contains a patch for this issue.
Package libvxl updated to version 3.5.0-alt4 for branch sisyphus_e2k.
Closed bugs
Файловый конфликт при установке librply-devel
Package rsync updated to version 3.2.7-alt2 for branch sisyphus_e2k.
Closed vulnerabilities
BDU:2025-00372
Уязвимость утилиты для передачи и синхронизации файлов Rsync, связанная с ошибками синхронизации при использовании общего ресурса, позволяющая нарушителю повысить свои привилегии
BDU:2025-00373
Уязвимость конфигурации -safe-links демона rsyncd утилиты для передачи и синхронизации файлов Rsync, позволяющая нарушителю записывать произвольные файлы
BDU:2025-00374
Уязвимость демона rsyncd утилиты для передачи и синхронизации файлов Rsync, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
BDU:2025-00376
Уязвимость демона rsyncd утилиты для передачи и синхронизации файлов Rsync, позволяющая нарушителю обойти механизм защиты ASLR и получить несанкционированный доступ к защищаемой информации
BDU:2025-00377
Уязвимость конфигурации --inc-recursive демона rsyncd утилиты для передачи и синхронизации файлов Rsync, позволяющая нарушителю записывать произвольные файлы
BDU:2025-00378
Уязвимость демона rsyncd утилиты для передачи и синхронизации файлов Rsync, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Modified: 2025-02-26
CVE-2024-12084
A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer.
Modified: 2025-03-20
CVE-2024-12085
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.
- RHSA-2025:0324
- RHSA-2025:0325
- RHSA-2025:0637
- RHSA-2025:0688
- RHSA-2025:0714
- RHSA-2025:0774
- RHSA-2025:0787
- RHSA-2025:0790
- RHSA-2025:0849
- RHSA-2025:0884
- RHSA-2025:0885
- RHSA-2025:1120
- RHSA-2025:1123
- RHSA-2025:1128
- RHSA-2025:1225
- RHSA-2025:1227
- RHSA-2025:1242
- RHSA-2025:1451
- RHSA-2025:2701
- https://access.redhat.com/security/cve/CVE-2024-12085
- RHBZ#2330539
- https://kb.cert.org/vuls/id/952657
- https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj
Modified: 2025-02-26
CVE-2024-12086
A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare with in order to determine what data needs to be sent to the server. By sending specially constructed checksum values for arbitrary files, an attacker may be able to reconstruct the data of those files byte-by-byte based on the responses from the client.
Modified: 2025-03-11
CVE-2024-12087
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client.
Modified: 2025-03-11
CVE-2024-12088
A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.
Modified: 2025-03-11
CVE-2024-12747
A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation.