ALT Linux Team

Branch p11 update on 2025-07-19

2025-07-19

ALT-BU-2025-9459-2

Branch p11 update bulletin.

ALT-PU-2025-9036-2

Package stellarium updated to version 25.2-alt1 for branch p11 in task 389226.

Closed bugs

Bug #52591

Новая версия Stellarium (24.4)

Bug #53705

Новая версия Stellarium (25.1)

Bug #54997

Не собирается с Qt-6.9

ALT-PU-2025-9065-4

Package chromium updated to version 138.0.7204.96-alt0.p11.1 for branch p11 in task 388622.

Closed vulnerabilities

Published: 2025-07-02
Modified: 2026-03-04

BDU:2025-07783

Уязвимость обработчика JavaScript-сценариев V8 браузера Google Chrome, позволяющая нарушителю получить доступ на чтение и запись произвольных файлов

Severity: HIGH (8.8)Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Severity: CRITICAL (10.0)Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
References:
Published: 2025-07-16
Modified: 2026-03-04

BDU:2025-08582

Уязвимость компонента Animation браузера Google Chrome, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (5.4)Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Severity: MEDIUM (6.4)Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N
References:
Published: 2025-07-28
Modified: 2026-03-04

BDU:2025-09102

Уязвимость компонента DevTools браузеров Google Chrome, позволяющая нарушителю выполнить произвольный код

Severity: MEDIUM (5.4)Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Severity: MEDIUM (6.4)Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N
References:
Published: 2025-07-28
Modified: 2026-03-04

BDU:2025-09103

Уязвимость компонента Loader браузеров Google Chrome, позволяющая нарушителю обойти ограничения безопасности

Severity: MEDIUM (5.4)Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Severity: MEDIUM (6.4)Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N
References:
Published: 2025-06-30
Modified: 2025-10-24

CVE-2025-6554

Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

Severity: HIGH (8.1)Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
References:
Published: 2025-06-24
Modified: 2025-07-02

CVE-2025-6555

Use after free in Animation in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Severity: MEDIUM (5.4)Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
References:
Published: 2025-06-24
Modified: 2025-07-02

CVE-2025-6556

Insufficient policy enforcement in Loader in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)

Severity: MEDIUM (5.4)Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
References:
Published: 2025-06-24
Modified: 2025-07-15

CVE-2025-6557

Insufficient data validation in DevTools in Google Chrome on Windows prior to 138.0.7204.49 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low)

Severity: MEDIUM (5.4)Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
References:

ALT-PU-2025-9246-2

Package FlightGear updated to version 2024.1.1-alt1 for branch p11 in task 389753.

Closed vulnerabilities

Published: 2025-01-28
Modified: 2025-08-06

CVE-2025-0781

An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level.

Severity: CRITICAL (9.9)Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
References:

Closed bugs

Bug #43674

Ошибка в файле org.flightgear.FlightGear.metainfo.xml

ALT-PU-2025-9248-2

Package SimGear updated to version 2024.1.1-alt1 for branch p11 in task 389753.

Closed vulnerabilities

Published: 2025-01-28
Modified: 2025-08-06

CVE-2025-0781

An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level.

Severity: CRITICAL (9.9)Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
References:

ALT-PU-2025-9271-2

Package branding-alt-server updated to version 11.0-alt29 for branch p11 in task 389786.

Closed bugs

Bug #54876

Отсутствует интервал между надписями

Bug #54877

Ссылки плохо видны на белом фоне

ALT-PU-2025-9391-2

Package prometheus updated to version 3.4.1-alt2 for branch p11 in task 387680.

Closed bugs

Bug #54920

Не открывается web интерфейс prometheus

VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: 2.1.2
Back to top