ALT-BU-2025-5122-1
Branch sisyphus_riscv64 update bulletin.
Package golang updated to version 1.24.2-alt0.port for branch sisyphus_riscv64.
Closed vulnerabilities
BDU:2025-02476
Уязвимость пакетов net/http, x/net/proxy и x/net/http/httpproxy языка программирования Go, позволяющая нарушителю оказать воздействие на конфиденциальность и доступность защищаемой информации
Modified: 2025-03-18
CVE-2025-22870
Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to "*.example.com", a request to "[::1%25.example.com]:80` will incorrectly match and not be proxied.
Modified: 2025-04-09
CVE-2025-22871
The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.
Closed bugs
Убрать node из зависимостей пакета golang
Package docs-alt-kworkstation updated to version 11.0-alt3 for branch sisyphus_riscv64.
Closed bugs
Документация docs-alt-kworkstation, глава 57. Установка принтера в Альт Рабочая станция K
Package obs-studio updated to version 31.0.3-alt1 for branch sisyphus_riscv64.
Closed bugs
Не хватает зависимости на pipewire
Package python3-module-scipy updated to version 1.11.4-alt4 for branch sisyphus_riscv64.
Closed bugs
scipy: pitivi не запускается без модуля python3-module-numpy-testing