ALT-BU-2025-5408-1
Branch sisyphus_loongarch64 update bulletin.
Package fcitx5-qt updated to version 5.1.9-alt1_4 for branch sisyphus_loongarch64.
Closed bugs
Предлагаю обновить
Package apt updated to version 0.5.15lorg2-alt91 for branch sisyphus_loongarch64.
Closed bugs
[FR] закомментированная отладка "из коробки"
Неправильное форматирование списка удаляемых системных пакетов
Package gcompris-qt updated to version 25.0.12-alt3 for branch sisyphus_loongarch64.
Closed bugs
Не хватает зависимости на libqt6-multimediaquick
gcompris-qt - не запускается игра "Шар в лабиринте"
Package kernel-image-6.12 updated to version 6.12.22-alt1.port.la64 for branch sisyphus_loongarch64.
Closed bugs
Включить поддержку платформ Intel(R) cAVS 1.5
Package screen updated to version 5.0.0-alt1 for branch sisyphus_loongarch64.
Closed vulnerabilities
BDU:2021-03746
Уязвимость компонента encoding.c оконного менеджера GNU Screen, связанная с внедрением или модификацией аргумента, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2021-26937
encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and application crash) or possibly have unspecified other impact via a crafted UTF-8 character sequence.
- [oss-security] 20210210 Re: screen crash processing combining characters
- [oss-security] 20210210 Re: screen crash processing combining characters
- https://ftp.gnu.org/gnu/screen/
- https://ftp.gnu.org/gnu/screen/
- [debian-lts-announce] 20210219 [SECURITY] [DLA 2570-1] screen security update
- [debian-lts-announce] 20210219 [SECURITY] [DLA 2570-1] screen security update
- FEDORA-2021-9107eeb95c
- FEDORA-2021-9107eeb95c
- FEDORA-2021-5e9894a0c5
- FEDORA-2021-5e9894a0c5
- https://lists.gnu.org/archive/html/screen-devel/2021-02/msg00000.html
- https://lists.gnu.org/archive/html/screen-devel/2021-02/msg00000.html
- GLSA-202105-11
- GLSA-202105-11
- DSA-4861
- DSA-4861
- https://www.openwall.com/lists/oss-security/2021/02/09/3
- https://www.openwall.com/lists/oss-security/2021/02/09/3
Modified: 2025-02-12
CVE-2023-24626
socket.c in GNU Screen through 4.9.0, when installed setuid or setgid (the default on platforms such as Arch Linux and FreeBSD), allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the target process.
- https://git.savannah.gnu.org/cgit/screen.git/patch/?id=e9ad41bfedb4537a6f0de20f00b27c7739f168f7
- https://git.savannah.gnu.org/cgit/screen.git/patch/?id=e9ad41bfedb4537a6f0de20f00b27c7739f168f7
- https://savannah.gnu.org/bugs/?63195
- https://savannah.gnu.org/bugs/?63195
- https://www.exploit-db.com/exploits/51252
- https://www.exploit-db.com/exploits/51252
- https://www.exploit-db.com/exploits/51252
Package passim updated to version 0.1.9-alt1 for branch sisyphus_loongarch64.
Closed bugs
passim: FTBFS
Package alterator-application-systeminfo updated to version 0.4.4-alt1 for branch sisyphus_loongarch64.
Closed bugs
Неверное название ветки репозитория
Package docs-alt-server updated to version 11.0-alt3 for branch sisyphus_loongarch64.
Closed bugs
Опечатка в главе " 51.2. Подготовка среды"
Опечатка в главе " 31.3. Модуль components"
Package atasm updated to version 1.26-alt1_1 for branch sisyphus_loongarch64.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2021-34123
An issue was discovered on atasm, version 1.09. A stack-buffer-overflow vulnerability in function aprintf() in asm.c allows attackers to execute arbitrary code on the system via a crafted file.
Package perl-DBI updated to version 1.647-alt1 for branch sisyphus_loongarch64.
Closed vulnerabilities
BDU:2022-05974
Уязвимость модуля DBI интерфейса базы данных Perl DBI, позволяющая нарушителю получить доступ к конфиденциальным данным, а также вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2014-10402
An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute in the data source name (DSN). NOTE: this issue exists because of an incomplete fix for CVE-2014-10401.