ALT-BU-2025-5619-1
Branch sisyphus_e2k update bulletin.
Package libntlm updated to version 1.5-alt2 for branch sisyphus_e2k.
Closed vulnerabilities
BDU:2021-05383
Уязвимость библиотеки libntlm реализации протокола сетевой аутентификации NT LAN Manager (NTLM), позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2019-17455
Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request.
- openSUSE-SU-2020:0816
- openSUSE-SU-2020:0816
- openSUSE-SU-2020:0806
- openSUSE-SU-2020:0806
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942145
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942145
- https://gitlab.com/jas/libntlm/issues/2
- https://gitlab.com/jas/libntlm/issues/2
- [debian-lts-announce] 20200510 [SECURITY] [DLA 2207-1] libntlm security update
- [debian-lts-announce] 20200510 [SECURITY] [DLA 2207-1] libntlm security update
- [debian-lts-announce] 20211128 [SECURITY] [DLA 2831-1] libntlm security update
- [debian-lts-announce] 20211128 [SECURITY] [DLA 2831-1] libntlm security update
- FEDORA-2020-8794383d6f
- FEDORA-2020-8794383d6f
- FEDORA-2020-1f643c272c
- FEDORA-2020-1f643c272c
- https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17455.html
- https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17455.html
- https://security-tracker.debian.org/tracker/CVE-2019-17455
- https://security-tracker.debian.org/tracker/CVE-2019-17455
Package odoo updated to version 18.0-alt1.20250113 for branch sisyphus_e2k.
Closed bugs
Не разворачивается odoo
Package man-db updated to version 2.13.0-alt1 for branch sisyphus_e2k.
Closed bugs
mandb значительно замедлился с версии 2.11.2-alt1
Не отключается обновление базы man
Package keepassxc updated to version 2.7.9-alt3 for branch sisyphus_e2k.
Closed bugs
Нужно добавить интеграцию с Chromium-Gost
Package gcompris-qt updated to version 25.0.12-alt4 for branch sisyphus_e2k.
Closed bugs
Не хватает зависимости на libqt6-multimediaquick
gcompris-qt - не запускается игра "Шар в лабиринте"
Package vim updated to version 9.1.1264-alt1 for branch sisyphus_e2k.
Closed vulnerabilities
BDU:2025-01433
Уязвимость текстового редактора vim, связанная с переполнением буфера в динамической памяти, позволяющая нарушителю выполнить произвольный код
Modified: 2025-03-14
CVE-2025-22134
When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003
Package alterator-sslkey updated to version 0.2.5-alt1 for branch sisyphus_e2k.
Closed bugs
Запрос функционала или исправление проблемы. alterator-sslkey alterator-ca
Package altlinux-repos updated to version 11.0-alt3 for branch sisyphus_e2k.
Closed bugs
Отсутствует архитектура x86_64 в списке репозитория Альт СП 10
Package vorbis-tools updated to version 1.4.2-alt3 for branch sisyphus_e2k.
Closed bugs
SIGABRT по завершению воспроизведения на KDE
Package simplescreenrecorder updated to version 0.4.4.0.23.9559-alt3 for branch sisyphus_e2k.
Closed bugs
Есть в сессии Wayland, но не работает
Package blender updated to version 4.3.0-alt7 for branch sisyphus_e2k.
Closed bugs
Выделить runtime-небоходимые файлы в более нейтральный пакет