ALT-BU-2025-4772-1
Branch sisyphus_riscv64 update bulletin.
Package lynx updated to version 2.9.2-alt2.rel.0 for branch sisyphus_riscv64.
Closed bugs
lynx некорректно отображает надписи на русском на экране настроек
Package branding-simply-linux updated to version 10.910-alt1 for branch sisyphus_riscv64.
Closed bugs
Оторвать зависимость на /etc/sysconfig/i18n
Package freeipmi updated to version 1.6.15.1-alt2 for branch sisyphus_riscv64.
Closed bugs
freeipmi-bmc-watchdog: Необходимо обеспечить совместимость службы с systemd
Package suricata updated to version 7.0.9-alt1 for branch sisyphus_riscv64.
Closed vulnerabilities
Modified: 2025-05-29
CVE-2025-29915
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The AF_PACKET defrag option is enabled by default and allows AF_PACKET to re-assemble fragmented packets before reaching Suricata. However the default packet size in Suricata is based on the network interface MTU which leads to Suricata seeing truncated packets. Upgrade to Suricata 7.0.9, which uses better defaults and adds warnings for user configurations that may lead to issues.
Modified: 2025-05-29
CVE-2025-29916
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Datasets declared in rules have an option to specify the `hashsize` to use. This size setting isn't properly limited, so the hash table allocation can be large. Untrusted rules can lead to large memory allocations, potentially leading to denial of service due to resource starvation. This vulnerability is fixed in 7.0.9.
Modified: 2025-05-29
CVE-2025-29917
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The bytes setting in the decode_base64 keyword is not properly limited. Due to this, signatures using the keyword and setting can cause large memory allocations of up to 4 GiB per thread. This vulnerability is fixed in 7.0.9.
Modified: 2025-05-29
CVE-2025-29918
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. A PCRE rule can be written that leads to an infinite loop when negated PCRE is used. Packet processing thread becomes stuck in infinite loop limiting visibility and availability in inline mode. This vulnerability is fixed in 7.0.9.
Package man-db updated to version 2.13.0-alt1 for branch sisyphus_riscv64.
Closed bugs
Не отключается обновление базы man
Package gearlever updated to version 3.0.2-alt1 for branch sisyphus_riscv64.
Closed bugs
Добавить Requires на /usr/bin/7z
Package istioctl updated to version 1.25.0-alt2 for branch sisyphus_riscv64.
Closed bugs
Команда 'istioctl version' показывает некорректную версию
Package moodle updated to version 4.5.3-alt1 for branch sisyphus_riscv64.
Closed vulnerabilities
BDU:2025-02321
Уязвимость виртуальной обучающей среды Moodle, связанная с недостатками контроля доступа, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
BDU:2025-02322
Уязвимость виртуальной обучающей среды Moodle, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю получить провести атаку межсайтового скриптинга (XSS)
BDU:2025-02323
Уязвимость виртуальной обучающей среды Moodle, связанная с недостаточной защитой служебных данных, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
BDU:2025-02324
Уязвимость виртуальной обучающей среды Moodle, связанная с недостатками контроля доступа, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
BDU:2025-02325
Уязвимость виртуальной обучающей среды Moodle, связанная с непринятием мер по защите структуры запроса SQL, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
BDU:2025-02326
Уязвимость виртуальной обучающей среды Moodle, связанная с недостаточной защитой служебных данных, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
BDU:2025-02327
Уязвимость виртуальной обучающей среды Moodle, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю получить провести атаку межсайтового скриптинга (XSS)
BDU:2025-02328
Уязвимость виртуальной обучающей среды Moodle, связанная с недостатками контроля доступа, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
BDU:2025-02329
Уязвимость виртуальной обучающей среды Moodle, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю получить провести атаку межсайтового скриптинга (XSS)
Modified: 2024-11-21
CVE-2024-38999
jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function s.contexts._.configure. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.
CVE-2025-26525
Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available (such as those with TeX Live installed).
CVE-2025-26526
Separate Groups mode restrictions were not factored into permission checks before allowing viewing or deletion of responses in Feedback activities.
CVE-2025-26527
Tags not expected to be visible to a user could still be discovered by them via the tag search page or in the tags block.
CVE-2025-26528
The drag-and-drop onto image (ddimageortext) question type required additional sanitizing to prevent a stored XSS risk.
CVE-2025-26529
Description information displayed in the site administration live log required additional sanitizing to prevent a stored XSS risk.
CVE-2025-26530
The question bank filter required additional sanitizing to prevent a reflected XSS risk.
CVE-2025-26531
Insufficient capability checks made it possible to disable badges a user does not have permission to access.
CVE-2025-26532
Additional checks were required to ensure trusttext is applied (when enabled) to glossary entries being restored.
CVE-2025-26533
An SQL injection risk was identified in the module list filter within course search.
Package mbedtls updated to version 3.6.3-alt1 for branch sisyphus_riscv64.
Closed vulnerabilities
Modified: 2025-03-25
CVE-2025-27809
Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side, accepts servers that have trusted certificates for arbitrary hostnames unless the TLS client application calls mbedtls_ssl_set_hostname.
CVE-2025-27810
Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays.
Package mdadm updated to version 4.4-alt3 for branch sisyphus_riscv64.
Closed bugs
Crash
Crash
Package mbedtls-compat updated to version 2.28.10-alt1 for branch sisyphus_riscv64.
Closed vulnerabilities
Modified: 2025-03-25
CVE-2025-27809
Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side, accepts servers that have trusted certificates for arbitrary hostnames unless the TLS client application calls mbedtls_ssl_set_hostname.
CVE-2025-27810
Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays.
Package lightdm-kde-greeter updated to version 6.0.2-alt5 for branch sisyphus_riscv64.
Closed bugs
Не загружается на ARM64
Не виден вводимый логин и пароль на экране входа
Package ykman-gui updated to version 1.2.6-alt2 for branch sisyphus_riscv64.
Closed bugs
[ykman-gui] Не определяет ключ YubiKey 5 Nano
Package alt-rootfs-installer updated to version 0.6.3-alt1 for branch sisyphus_riscv64.
Closed bugs
Опция repka_pi4 для параметра --target
Package docs-alt-kworkstation updated to version 11.0-alt2 for branch sisyphus_riscv64.
Closed bugs
Документация docs-alt-kworkstation, п.78.2.1 Запуск
Документация docs-alt-kworkstation, п.42.1.7. Открытие файлов
Документация docs-alt-kworkstation, п.75.1 Поддержка шифрования по ГОСТ в OpenSSL
Документация docs-alt-kworkstation, п.42.1.10. Подсчет контрольных сумм файлов: лишние запятые