ALT-BU-2025-3816-1
Branch sisyphus update bulletin.
Closed vulnerabilities
BDU:2024-08860
Уязвимость прокси-сервера Squid, связанная с ошибками при обработке входных данных, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-01-03
CVE-2024-45802
Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted server against all clients using the proxy. This bug is fixed in the default build configuration of Squid version 6.10.
Closed bugs
Оключение tls в qt6.6
Конфликт действий на комбинации клавиш Dolphin
Имеет зависимость от libgtk+3
Package php8.3-swoole updated to version 6.0.1-alt2.17 for branch sisyphus in task 376760.
Closed bugs
Unable to load dynamic library 'swoole.so'
Unable to load dynamic library 'swoole.so'
В системе остаётся файл swoole.ini после удаления пакета php8.4-swoole
swoole отсутствует в списке загруженных модулей
swoole.so: undefined symbol: BrotliEncoderCompress
Package php8.4-swoole updated to version 6.0.1-alt2.4 for branch sisyphus in task 376760.
Closed bugs
Unable to load dynamic library 'swoole.so'
Unable to load dynamic library 'swoole.so'
swoole отсутствует в списке загруженных модулей
swoole.so: undefined symbol: BrotliEncoderCompress
Package php8.2-swoole updated to version 6.0.1-alt2.27 for branch sisyphus in task 376760.
Closed bugs
Unable to load dynamic library 'swoole.so'
Unable to load dynamic library 'swoole.so'
В системе остаётся файл swoole.ini после удаления пакета php8.4-swoole
swoole отсутствует в списке загруженных модулей
swoole.so: undefined symbol: BrotliEncoderCompress
Package kernel-modules-nvidia-6.12 updated to version 570.124.04-alt1.396305.1 for branch sisyphus in task 376687.
Closed vulnerabilities
CVE-2024-0131
NVIDIA GPU kernel driver for Windows and Linux contains a vulnerability where a potential user-mode attacker could read a buffer with an incorrect length. A successful exploit of this vulnerability might lead to denial of service.
CVE-2024-0147
NVIDIA GPU display driver for Windows and Linux contains a vulnerability where referencing memory after it has been freed can lead to denial of service or data tampering.
Modified: 2025-03-27
CVE-2024-0149
NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an attacker unauthorized access to files. A successful exploit of this vulnerability might lead to limited information disclosure.
CVE-2024-0150
NVIDIA GPU display driver for Windows and Linux contains a vulnerability where data is written past the end or before the beginning of a buffer. A successful exploit of this vulnerability might lead to information disclosure, denial of service, or data tampering.
CVE-2024-53869
NVIDIA Unified Memory driver for Linux contains a vulnerability where an attacker could leak uninitialized memory. A successful exploit of this vulnerability might lead to information disclosure.
Closed bugs
Модуль kgamma отсутствует в параметрах системы KDE
Closed bugs
Файлы переводов не те и не там
сервис cups слушает 0.0.0.0 вместо localhost
Closed vulnerabilities
BDU:2025-02172
Уязвимость функции шаблона в host_templates.php программного средства мониторинга сети Cacti, позволяющая нарушителю получить доступ к конфиденциальным данным
CVE-2025-26520
Cacti through 1.2.29 allows SQL injection in the template function in host_templates.php via the graph_template parameter. NOTE: this issue exists because of an incomplete fix for CVE-2024-54146.