ALT-BU-2025-9459-1
Branch p11 update bulletin.
Package stellarium updated to version 25.2-alt1 for branch p11 in task 389226.
Closed bugs
Новая версия Stellarium (24.4)
Новая версия Stellarium (25.1)
Не собирается с Qt-6.9
Closed vulnerabilities
Modified: 2025-10-29
BDU:2025-07783
Уязвимость обработчика JavaScript-сценариев V8 браузера Google Chrome, позволяющая нарушителю получить доступ на чтение и запись произвольных файлов
Modified: 2025-10-29
BDU:2025-08582
Уязвимость компонента Animation браузера Google Chrome, позволяющая нарушителю выполнить произвольный код
Modified: 2025-10-24
CVE-2025-6554
Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
Modified: 2025-07-02
CVE-2025-6555
Use after free in Animation in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
Modified: 2025-07-02
CVE-2025-6556
Insufficient policy enforcement in Loader in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)
Modified: 2025-07-15
CVE-2025-6557
Insufficient data validation in DevTools in Google Chrome on Windows prior to 138.0.7204.49 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low)
Package FlightGear updated to version 2024.1.1-alt1 for branch p11 in task 389753.
Closed vulnerabilities
Modified: 2025-08-06
CVE-2025-0781
An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level.
- https://gitlab.com/flightgear/flightgear/-/commit/ad37afce28083fad7f79467b3ffdead753584358
- https://gitlab.com/flightgear/flightgear/-/issues/3025
- https://gitlab.com/flightgear/simgear/-/commit/5bb023647114267141a7610e8f1ca7d6f4f5a5a8
- https://lists.debian.org/debian-lts-announce/2025/01/msg00028.html
- https://lists.debian.org/debian-lts-announce/2025/01/msg00029.html
Closed bugs
Ошибка в файле org.flightgear.FlightGear.metainfo.xml
Closed vulnerabilities
Modified: 2025-08-06
CVE-2025-0781
An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level.
- https://gitlab.com/flightgear/flightgear/-/commit/ad37afce28083fad7f79467b3ffdead753584358
- https://gitlab.com/flightgear/flightgear/-/issues/3025
- https://gitlab.com/flightgear/simgear/-/commit/5bb023647114267141a7610e8f1ca7d6f4f5a5a8
- https://lists.debian.org/debian-lts-announce/2025/01/msg00028.html
- https://lists.debian.org/debian-lts-announce/2025/01/msg00029.html
Package branding-alt-server updated to version 11.0-alt29 for branch p11 in task 389786.
Closed bugs
Отсутствует интервал между надписями
Ссылки плохо видны на белом фоне
Package prometheus updated to version 3.4.1-alt2 for branch p11 in task 387680.
Closed bugs
Не открывается web интерфейс prometheus