One Hat Cyber Team

Your IP: 216.73.216.77
Server IP: 13.127.59.50
Server: Linux ip-172-31-46-210 5.15.0-1033-aws #37~20.04.1-Ubuntu SMP Fri Mar 17 11:39:30 UTC 2023 x86_64
Server Software: Apache/2.4.41 (Ubuntu)
PHP Version: 7.4.3-4ubuntu2.29
Buat File | Buat Folder
View File Name : ChangeLog

26/05/2025, commit https://git.launchpad.net/snap-core24/tree/71d05c99c0a3d059ea4fe2b463421a025154f9be

[ Changes in the core24 snap ]

Philip Meulengracht (1):
      hooks: write default configuration for vconsole.conf (#334)

[ Changes in primed packages ]

libglib2.0-0t64:amd64 (built from glib2.0) updated from 2.80.0-6ubuntu3.2 to 2.80.0-6ubuntu3.4:

  glib2.0 (2.80.0-6ubuntu3.4) noble-security; urgency=medium

    * SECURITY UPDATE: Integer Overflow
      - debian/patches/CVE-2025-4373-1.patch: carefully handle gssize
        in glib/gstring.c.
      - debian/patches/CVE-2025-4373-2.patch: make len_unsigned
        unsigned in glib/gstring.c
      - CVE-2025-4373
    * Disable some consistently failing gio tests
      - debian/patches/disable_failing_gio_tests.patch: disable gdbus-peer
        and gdbus-address-get-session in gio/tests/meson.build.

   -- Leonidas Da Silva Barbosa <leo.barbosa@canonical.com>  Thu, 15 May 2025 09:06:49 -0300

opensc, opensc-pkcs11:amd64 (built from opensc) updated from 0.25.0~rc1-1build2 to 0.25.0~rc1-1ubuntu0.1~esm1:

  opensc (0.25.0~rc1-1ubuntu0.1~esm1) noble-security; urgency=medium

    * SECURITY UPDATE: Missing variable initialization
      - debian/patches/CVE-2024-45615-1.patch: Fix uninitialized values
      - debian/patches/CVE-2024-45615-2.patch: Initialize variables for tag and
        CLA
      - debian/patches/CVE-2024-45615-3.patch: Initialize OID length
      - debian/patches/CVE-2024-45615-4.patch: Initialize variables for tag and
        CLA
      - debian/patches/CVE-2024-45615-5.patch: Avoid using uninitialized memory
      - debian/patches/CVE-2024-45617-1.patch: Check return value when selecting
        AID
      - debian/patches/CVE-2024-45617-2.patch: Return error when response length
        is 0
      - debian/patches/CVE-2024-45617-3.patch: Check number of read bytes
      - debian/patches/CVE-2024-45618-1.patch: Check return value of serial num
        conversion
      - debian/patches/CVE-2024-45618-2.patch: Report transport key error
      - CVE-2024-45615
      - CVE-2024-45617
      - CVE-2024-45618
    * SECURITY UPDATE: Buffer overflow
      - debian/patches/CVE-2024-45616-1.patch: Fix uninitialized values
      - debian/patches/CVE-2024-45616-2.patch: Check length of APDU response
      - debian/patches/CVE-2024-45616-3.patch: Correctly calculate certificate
        length based on the resplen
      - debian/patches/CVE-2024-45616-4.patch: Check length of serial number
      - debian/patches/CVE-2024-45616-5.patch: Use actual length of reponse
        buffer
      - debian/patches/CVE-2024-45616-6.patch: Check length of response buffer
        in select
      - debian/patches/CVE-2024-45616-7.patch: Check APDU response length and
        ASN1 lengths
      - debian/patches/CVE-2024-45616-8.patch: Report invalid SW when reading
        object
      - debian/patches/CVE-2024-45616-9.patch: Avoid using uninitialized memory
      - debian/patches/CVE-2024-45616-10.patch: Check length of serial number
      - debian/patches/CVE-2024-45619-1.patch: Check number of read bytes for cert
      - debian/patches/CVE-2024-45619-2.patch: Check certificate length before
        accessing
      - debian/patches/CVE-2024-45619-3.patch: Check length of buffer for object
      - debian/patches/CVE-2024-45619-4.patch: Check length of generated key
      - debian/patches/CVE-2024-45619-5.patch: Properly check length of file list
      - debian/patches/CVE-2024-45619-6.patch: Check length of buffer before
        conversion
      - debian/patches/CVE-2024-45620-1.patch: Check length of file to be non-zero
      - debian/patches/CVE-2024-45620-2.patch: Check length of data before
        dereferencing
      - debian/patches/CVE-2024-45620-3.patch: Check length of data when parsing
      - debian/patches/CVE-2024-8443-1.patch: Avoid buffer overflow when writing
        fingerprint
      - debian/patches/CVE-2024-8443-2.patch: Do not accept non-matching key
        responses
      - CVE-2024-45616
      - CVE-2024-45619
      - CVE-2024-45620
      - CVE-2024-8443

   -- Bruce Cable <bruce.cable@canonical.com>  Thu, 06 Mar 2025 21:29:42 +1100

libsqlite3-0:amd64 (built from sqlite3) updated from 3.45.1-1ubuntu2.1 to 3.45.1-1ubuntu2.3:

  sqlite3 (3.45.1-1ubuntu2.3) noble-security; urgency=medium

    * SECURITY UPDATE: integer overflow through the concat function
      - debian/patches/CVE-2025-29087_3277.patch: add a typecast to avoid
        32-bit integer overflow in src/func.c.
      - CVE-2025-29087
      - CVE-2025-3277
    * SECURITY UPDATE: DoS via sqlite3_db_config arguments
      - debian/patches/CVE-2025-29088.patch: harden SQLITE_DBCONFIG_LOOKASIDE
        interface against misuse in src/main.c, src/sqlite.h.in.
      - CVE-2025-29088

   -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Tue, 29 Apr 2025 12:34:06 -0400