ALT-BU-2025-2250-3

Branch sisyphus update bulletin.

Package netbox updated to version 4.2.2-alt1 for branch sisyphus in task 372174.

Уязвимость системы контроля доступа и мониторинга событий LenelS2 NetBox, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю проводить межсайтовые сценарные атаки (XSS)

Severity: MEDIUM (6.5)Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Severity: HIGH (7.8)Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N

References:

CVE-2024-56915

Severity: HIGH (7.1)Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N

Severity: HIGH (8.5)Vector: AV:N/AC:L/Au:N/C:C/I:P/A:N

References:

CVE-2024-56917

Уязвимость системы контроля доступа и мониторинга событий LenelS2 NetBox, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

Severity: MEDIUM (6.1)Vector: AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: MEDIUM (6.4)Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

CVE-2024-56918

Netbox Community v4.1.7 and fixed in v.4.2.2 is vulnerable to Cross Site Scripting (XSS) via the RSS feed widget.

Severity: MEDIUM (6.5)Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

References:

In Netbox Community 4.1.7, once authenticated, Configuration History > Add`is vulnerable to cross-site scripting (XSS) due to the `current value` field rendering user supplied html. An authenticated attacker can leverage this to add malicious JavaScript to the any banner field. Once a victim edits a Configuration History version or attempts to Add a new version, the XSS payload will trigger.

Severity: MEDIUM (6.1)Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References:

Netbox Community 4.1.7 is vulnerable to Cross Site Scripting (XSS) via the maintenance banner` in maintenance mode.

Severity: HIGH (7.1)Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N

References:

In Netbox Community 4.1.7, the login page is vulnerable to cross-site scripting (XSS), which allows a privileged, authenticated attacker to exfiltrate user input from the login form.

Severity: MEDIUM (6.1)Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References:

Package incus updated to version 6.9.0-alt1 for branch sisyphus in task 372061.

Сообщения "usermod: /etc/subgid не существует" при установке пакета incus

Непрописанный файловый конфликт с пакетом lxd

Package gambas updated to version 3.20.1-alt2 for branch sisyphus in task 372034.

Не запускается на wayland

Package chromium updated to version 132.0.6834.159-alt1 for branch sisyphus in task 372101.

Уязвимость набора инструментов для веб-разработки DevTools браузера Google Chrome, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании

Severity: HIGH (8.8)Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: CRITICAL (10.0)Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

References:

CVE-2025-0762

Use after free in DevTools in Google Chrome prior to 132.0.6834.159 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium)

Severity: HIGH (8.8)Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References:

Медленная работа с сайтом 2gis

Package gem-rexml updated to version 3.3.9-alt1 for branch sisyphus in task 372132.

Уязвимость набора инструментов XML для Ruby REXML, связанная с неконтролируемым потреблением ресурсов, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (7.5)Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: HIGH (7.8)Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

References:

CVE-2024-41946

Уязвимость набора инструментов XML для Ruby REXML, связанная с неправильным ограничением рекурсивных ссылок на сущности в DTD, позволяющая нарушителю вызвать отказ в обслуживании

Severity: MEDIUM (5.9)Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: MEDIUM (5.4)Vector: AV:N/AC:H/Au:N/C:N/I:N/A:C

References:

CVE-2024-43398

REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser API. The REXML gem 3.3.3 or later include the patch to fix the vulnerability.

Severity: HIGH (7.5)Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrusted XMLs with tree parser API like REXML::Document.new, you may be impacted to this vulnerability. If you use other parser APIs such as stream parser API and SAX2 parser API, this vulnerability is not affected. The REXML gem 3.3.6 or later include the patch to fix the vulnerability.

Severity: MEDIUM (5.9)Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

REXML DoS vulnerability

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

References:

REXML denial of service vulnerability

Severity: HIGH (8.2)Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: HIGH (8.2)Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

References:

Package byedpi updated to version 0.16.2-alt1 for branch sisyphus in task 372134.

Mark /etc/sysconfig/byedpi as %config(noreplace)

Package bind updated to version 9.18.33-alt1 for branch sisyphus in task 372146.

Уязвимость сервера DNS BIND, связанная с асимметричным потреблением ресурсов, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (7.5)Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: HIGH (7.8)Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

References:

CVE-2024-11187

Уязвимость реализации DoH сервера DNS BIND, связанная с выделением неограниченной памяти, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (7.5)Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: HIGH (7.8)Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

References:

CVE-2024-12705

It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either the authoritative server itself or an independent resolver to use disproportionate resources processing the queries. Zones will usually need to have been deliberately crafted to attack this exposure. This issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.32-S1.

Severity: HIGH (7.5)Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1.

Severity: HIGH (7.5)Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Package codium updated to version 1.96.4.25026-alt1 for branch sisyphus in task 372148.

Прошу обновить пакет codium до версии 1.91.1.24193

Просьба обновить версию до актуальной(1.95.3.24321)

Package signature-image updated to version 0.4-alt1 for branch sisyphus in task 372166.

Некорректное отображение штампа при добавлении логотипа с белым фоном surguch

Package python3-module-django updated to version 5.1.5-alt1 for branch sisyphus in task 372174.

Уязвимость функции django.utils.html.urlize программной платформы для веб-приложений Django, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (7.5)Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: HIGH (7.8)Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

References:

CVE-2024-45230

Уязвимость класса django.db.models.fields.json.HasKey программной платформы для веб-приложений Django, позволяющая нарушителю выполнить произвольный SQL-код

Severity: CRITICAL (9.1)Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: CRITICAL (9.4)Vector: AV:N/AC:L/Au:N/C:C/I:C/A:N

References:

CVE-2024-53908

Уязвимость функции strip_tags() модуля django.utils.html программной платформы для веб-приложений Django, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (7.5)Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: HIGH (7.8)Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

References:

CVE-2024-53907

Уязвимость функций clean_ipv6_address и is_valid_ipv6_address программной платформы для веб-приложений Django, позволяющая нарушителю вызвать отказ в обслуживании

Severity: MEDIUM (5.8)Vector: AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

Severity: MEDIUM (5.0)Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

CVE-2024-56374

Уязвимость программной платформы для веб-приложений Django, связанная с недостатками механизма формирования отчетов об ошибках, позволяющая нарушителю оказать воздействие на конфиденциальность защищаемой информации

Severity: MEDIUM (5.3)Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Severity: MEDIUM (5.0)Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

References:

CVE-2024-45231

An issue was discovered in Django 5.1 before 5.1.1, 5.0 before 5.0.9, and 4.2 before 4.2.16. The urlize() and urlizetrunc() template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters.

Severity: HIGH (7.5)Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

An issue was discovered in Django v5.1.1, v5.0.9, and v4.2.16. The django.contrib.auth.forms.PasswordResetForm class, when used in a view implementing password reset flows, allows remote attackers to enumerate user e-mail addresses by sending password reset requests and observing the outcome (only when e-mail sending is consistently failing).

Severity: MEDIUM (5.3)Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

References:

An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The strip_tags() method and striptags template filter are subject to a potential denial-of-service attack via certain inputs containing large sequences of nested incomplete HTML entities.

Severity: HIGH (7.5)Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. (Applications that use the jsonfield.has_key lookup via __ are unaffected.)

Severity: CRITICAL (9.8)Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions clean_ipv6_address and is_valid_ipv6_address are vulnerable, as is the django.forms.GenericIPAddressField form field. (The django.db.models.GenericIPAddressField model field is not affected.)

Severity: HIGH (7.5)Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Django vulnerable to denial-of-service attack via the urlize() and urlizetrunc() template filters

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

References:

Django denial-of-service in django.utils.html.strip_tags()

Severity: MEDIUM (6.6)Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: MEDIUM (6.6)Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

References:

Django SQL injection in HasKey(lhs, rhs) on Oracle

Severity: HIGH (7.2)Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: HIGH (7.2)Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

References:

Django has a potential denial-of-service vulnerability in IPv6 validation

Severity: MEDIUM (5.8)Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

References:

Django allows enumeration of user e-mail addresses

Severity: MEDIUM (6.3)Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Severity: MEDIUM (6.3)Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

References:

Package rsync updated to version 3.2.7-alt3 for branch sisyphus in task 372266.

rsync -F: *** buffer overflow detected ***: terminated Aborted (core dumped)

Version: 2.1.2

ALT-BU-2025-2250-3

Closed vulnerabilities

Closed bugs

Closed bugs

Closed vulnerabilities

Closed bugs

Closed vulnerabilities

Closed bugs

Closed vulnerabilities

Closed bugs

Closed bugs

Closed vulnerabilities

Closed bugs