ALT-BU-2025-5559-2
Branch sisyphus update bulletin.
Closed vulnerabilities
Modified: 2025-12-26
BDU:2025-12553
Уязвимость системы управления базами данных (СУБД) Redis, связанная с использованием памяти после её освобождения, позволяющая нарушителю выполнить произвольный код
Modified: 2025-11-12
CVE-2025-49844
Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free and potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2. To workaround this issue without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to restrict EVAL and EVALSHA commands.
Package postgresql17 updated to version 17.4-alt4 for branch sisyphus in task 381543.
Closed bugs
Не замещает libpq5
Package postgresql17-1C updated to version 17.2-alt8 for branch sisyphus in task 381543.
Closed bugs
Не замещает libpq5
Package postgresql15 updated to version 15.12-alt4 for branch sisyphus in task 381543.
Closed bugs
Не замещает libpq5
Package postgresql14 updated to version 14.17-alt4 for branch sisyphus in task 381543.
Closed bugs
Не замещает libpq5
Package postgresql16 updated to version 16.8-alt4 for branch sisyphus in task 381543.
Closed bugs
Не замещает libpq5
Package postgresql13 updated to version 13.20-alt4 for branch sisyphus in task 381543.
Closed bugs
Не замещает libpq5
Package docs-alt-server-v updated to version 10.4-alt7 for branch sisyphus in task 381568.
Closed bugs
Опечатка в команде создания диска EFI
Closed bugs
Segmentation fault in pty_cleanup at ./exec_pty.c:123