ALT-BU-2025-4178-1
Branch p11 update bulletin.
Closed bugs
rizin: Segfault after PDB Signature Error (-P option)
rizin: /usr/share/rizin/magic/archive warnings (Duplicate magic entry)
the package's %description has a rogue line
Package pam_pkcs11 updated to version 0.6.13-alt1 for branch p11 in task 376320.
Closed vulnerabilities
BDU:2025-01619
Уязвимость функции pam_sm_authenticate() модуля аутентификации PAM-PKCS#11 операционных систем Linux, позволяющая нарушителю обойти процедуру аутентификации и получить несанкционированный доступ к защищаемой информации
Modified: 2025-02-18
CVE-2025-24032
PAM-PKCS#11 is a Linux-PAM login module that allows a X.509 certificate based user login. Prior to version 0.6.13, if cert_policy is set to none (the default value), then pam_pkcs11 will only check if the user is capable of logging into the token. An attacker may create a different token with the user's public data (e.g. the user's certificate) and a PIN known to the attacker. If no signature with the private key is required, then the attacker may now login as user with that created token. The default to *not* check the private key's signature has been changed with commit commi6638576892b59a99389043c90a1e7dd4d783b921, so that all versions starting with pam_pkcs11-0.6.0 should be affected. As a workaround, in `pam_pkcs11.conf`, set at least `cert_policy = signature;`.
- https://github.com/OpenSC/pam_pkcs11/commit/470263258d1ac59c5eade439c4d9caba0097e6e6
- https://github.com/OpenSC/pam_pkcs11/commit/b665b287ff955bbbd9539252ff9f9e2754c3fb48
- https://github.com/OpenSC/pam_pkcs11/commit/d9530167966a77115db6e885d459382a2e52ee9e
- https://github.com/OpenSC/pam_pkcs11/releases/tag/pam_pkcs11-0.6.13
- https://github.com/OpenSC/pam_pkcs11/security/advisories/GHSA-8r8p-7mgp-vf56
- https://lists.debian.org/debian-lts-announce/2025/02/msg00021.html
No data currently available.
Package php8.4-swoole updated to version 6.0.1-alt2.4 for branch p11 in task 376764.
Closed bugs
Unable to load dynamic library 'swoole.so'
Unable to load dynamic library 'swoole.so'
В системе остаётся файл swoole.ini после удаления пакета php8.4-swoole
swoole отсутствует в списке загруженных модулей
swoole.so: undefined symbol: BrotliEncoderCompress
Package php8.3-swoole updated to version 6.0.1-alt2.17 for branch p11 in task 376764.
Closed bugs
Unable to load dynamic library 'swoole.so'
Unable to load dynamic library 'swoole.so'
В системе остаётся файл swoole.ini после удаления пакета php8.4-swoole
swoole отсутствует в списке загруженных модулей
swoole.so: undefined symbol: BrotliEncoderCompress
Package php8.2-swoole updated to version 6.0.1-alt2.27 for branch p11 in task 376764.
Closed bugs
Unable to load dynamic library 'swoole.so'
Unable to load dynamic library 'swoole.so'
В системе остаётся файл swoole.ini после удаления пакета php8.4-swoole
swoole отсутствует в списке загруженных модулей
swoole.so: undefined symbol: BrotliEncoderCompress
Closed vulnerabilities
BDU:2023-08323
Уязвимость функции copyvar (awk.c) набора UNIX-утилит командной строки BusyBox, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2023-08324
Уязвимость функции evaluate (awk.c) набора UNIX-утилит командной строки BusyBox, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2023-08325
Уязвимость функции next_token (awk.c) набора UNIX-утилит командной строки BusyBox, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2024-07096
Уязвимость функции xasprintf (xfuncs_printf.c:344) набора UNIX-утилит командной строки BusyBox, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2023-42363
A use-after-free vulnerability was discovered in xasprintf function in xfuncs_printf.c:344 in BusyBox v.1.36.1.
Modified: 2024-11-21
CVE-2023-42364
A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function.
Modified: 2024-11-21
CVE-2023-42365
A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function.
Modified: 2024-12-06
CVE-2023-42366
A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the next_token function at awk.c:1159.
Closed vulnerabilities
BDU:2025-01869
Уязвимость функции iconv библиотеки musl libc, позволяющая нарушителю выполнить произвольный код
Modified: 2025-02-14
CVE-2025-26519
musl libc 0.9.13 through 1.2.5 before 1.2.6 has an out-of-bounds write vulnerability when an attacker can trigger iconv conversion of untrusted EUC-KR text to UTF-8.
- http://www.openwall.com/lists/oss-security/2025/02/13/2
- http://www.openwall.com/lists/oss-security/2025/02/13/3
- http://www.openwall.com/lists/oss-security/2025/02/13/4
- http://www.openwall.com/lists/oss-security/2025/02/13/5
- http://www.openwall.com/lists/oss-security/2025/02/14/5
- http://www.openwall.com/lists/oss-security/2025/02/14/6
- https://git.musl-libc.org/cgit/musl/commit/?id=c47ad25ea3b484e10326f933e927c0bc8cded3da
- https://git.musl-libc.org/cgit/musl/commit/?id=e5adcd97b5196e29991b524237381a0202a60659
- https://www.openwall.com/lists/oss-security/2025/02/13/2
Closed bugs
All releases through 1.2.5 are affected by CVE-2025-26519 and should be patched.
Package mkimage-profiles updated to version 1.7.5-alt1 for branch p11 in task 376649.
Closed bugs
Добавляет шрифты без необходимости