52418 2024-12-13 10:38:47 +0300 Необходимо закрыть CVE-2024-8185, CVE-2024-9180, CVE-2024-6468 2024-12-15 21:08:24 +0300 1 1 4 Development Sisyphus vault unstable x86_64 Linux CLOSED FIXED P5 normal --- 1 felix_z bne bne qa-sisyphus oldest_to_newest 255992 0 felix_z 2024-12-13 10:38:47 +0300 Прошу закрыть следующие уязвимости в пакете vault: CVE-2024-8185 - https://discuss.hashicorp.com/t/hcsec-2024-26-vault-vulnerable-to-denial-of-service-through-memory-exhaustion-when-processing-raft-cluster-join-requests/71047 CVE-2024-9180 - https://discuss.hashicorp.com/t/hcsec-2024-21-vault-operators-in-root-namespace-may-elevate-their-privileges/70565 CVE-2024-6468 - https://discuss.hashicorp.com/t/hcsec-2024-14-vault-vulnerable-to-denial-of-service-when-setting-a-proxy-protocol-behavior/68518 256103 1 repository-robot 2024-12-15 21:08:24 +0300 vault-1.13.12-alt6 -> sisyphus: Sun Dec 15 2024 Nikolay Burykin <bne@altlinux> 1.13.12-alt6 - Fixes: CVE-2024-8185, CVE-2024-9180, CVE-2024-6468 (Closes: #52418)