ALT-BU-2025-4665-1
Branch sisyphus_loongarch64 update bulletin.
Package docs-alt-kworkstation updated to version 11.0-alt2 for branch sisyphus_loongarch64.
Closed bugs
Документация docs-alt-kworkstation, п.78.2.1 Запуск
Документация docs-alt-kworkstation, п.42.1.7. Открытие файлов
Документация docs-alt-kworkstation, п.75.1 Поддержка шифрования по ГОСТ в OpenSSL
Документация docs-alt-kworkstation, п.42.1.10. Подсчет контрольных сумм файлов: лишние запятые
Package branding-simply-linux updated to version 10.910-alt1 for branch sisyphus_loongarch64.
Closed bugs
Оторвать зависимость на /etc/sysconfig/i18n
Package suricata updated to version 7.0.9-alt1 for branch sisyphus_loongarch64.
Closed vulnerabilities
Modified: 2025-05-29
CVE-2025-29915
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The AF_PACKET defrag option is enabled by default and allows AF_PACKET to re-assemble fragmented packets before reaching Suricata. However the default packet size in Suricata is based on the network interface MTU which leads to Suricata seeing truncated packets. Upgrade to Suricata 7.0.9, which uses better defaults and adds warnings for user configurations that may lead to issues.
Modified: 2025-05-29
CVE-2025-29916
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Datasets declared in rules have an option to specify the `hashsize` to use. This size setting isn't properly limited, so the hash table allocation can be large. Untrusted rules can lead to large memory allocations, potentially leading to denial of service due to resource starvation. This vulnerability is fixed in 7.0.9.
Modified: 2025-05-29
CVE-2025-29917
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The bytes setting in the decode_base64 keyword is not properly limited. Due to this, signatures using the keyword and setting can cause large memory allocations of up to 4 GiB per thread. This vulnerability is fixed in 7.0.9.
Modified: 2025-05-29
CVE-2025-29918
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. A PCRE rule can be written that leads to an infinite loop when negated PCRE is used. Packet processing thread becomes stuck in infinite loop limiting visibility and availability in inline mode. This vulnerability is fixed in 7.0.9.
Package alt-rootfs-installer updated to version 0.6.2-alt1 for branch sisyphus_loongarch64.
Closed bugs
Опция repka_pi4 для параметра --target
Package mdadm updated to version 4.4-alt3 for branch sisyphus_loongarch64.
Closed bugs
Crash
Package man-db updated to version 2.13.0-alt1 for branch sisyphus_loongarch64.
Closed bugs
Не отключается обновление базы man
Package systemd updated to version 255.18-alt1 for branch sisyphus_loongarch64.
Closed bugs
При авторизации в tty обычным пользователем переменная окружения USER=root
Package gearlever updated to version 3.0.2-alt1 for branch sisyphus_loongarch64.
Closed bugs
Добавить Requires на /usr/bin/7z