Sisyphus repositório
Última atualização: 2018-10-20 23:10:32 +0400 | SRPMs: 19748 | Sign in or Sign up
en ru uk br
Security fixes

kde5-kio-extras-18.04.3-alt2  build 2018-11-13

Group: Graphical desktop/KDE
Sumário: KDE Workspace 5 additional kio-slaves
Mudanças:

- don't package htmlthumbnail plugin
- security fixes: CVE-2018-19120

firefox-63.0.1-alt1  build 2018-11-13

Group: Networking/WWW
Sumário: The Mozilla Firefox project is a redesign of Mozilla's browser
Mudanças:

- New release (63.0.1).
- Fixed:
+ CVE-2018-12391: HTTP Live Stream audio data is accessible cross-origin
+ CVE-2018-12392: Crash with nested event loops
+ CVE-2018-12393: Integer overflow during Unicode conversion while loading JavaScript
+ CVE-2018-12395: WebExtension bypass of domain restrictions through header rewriting
+ CVE-2018-12396: WebExtension content scripts can execute in disallowed contexts
+ CVE-2018-12397: Missing warning prompt when WebExtension requests local file access
+ CVE-2018-12398: CSP bypass through stylesheet injection in resource URIs
+ CVE-2018-12399: Spoofing of protocol registration notification bar
+ CVE-2018-12400: Favicons are cached in private browsing mode on Firefox for Android
+ CVE-2018-12401: DOS attack through special resource URI parsing
+ CVE-2018-12402: SameSite cookies leak when pages are explicitly saved
+ CVE-2018-12403: Mixed content warning is not displayed when HTTPS page loads a favicon over HTTP
+ CVE-2018-12388: Memory safety bugs fixed in Firefox 63
+ CVE-2018-12390: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3

postgresql11-11.1-alt1  build 2018-11-08

Group: Databases
Sumário: PostgreSQL client programs and libraries
Mudanças:

- 11.1
- Fix CVE-2018-16850

postgresql10-10.6-alt1  build 2018-11-08

Group: Databases
Sumário: PostgreSQL client programs and libraries
Mudanças:

- 10.6
- Fix CVE-2018-16850

postgresql10-1C-10.6-alt1  build 2018-11-08

Group: Databases
Sumário: PostgreSQL client programs and libraries (edition for 1C 8.3.3 and later)
Mudanças:

- 10.6
- Fix CVE-2018-16850

libopenjpeg2.0-2.3.0-alt2  build 2018-11-07

Group: System/Libraries
Sumário: JPEG 2000 codec library (API version 2.0)
Mudanças:

- use -DBUILD_STATIC_LIBS=OFF (ALT #35586)
- fixed .cmake-files (ALT#35585)
- applied upstream fix for CVE-2018-5785

icecast-2.4.4-alt1  build 2018-11-06

Group: System/Servers
Sumário: Streaming Media Server
Mudanças:

- Updated to upstream version 2.4.4 (Fixes: CVE-2018-18820).

nginx-1.14.1-alt1  build 2018-11-06

Group: System/Servers
Sumário: Fast HTTP server
Mudanças:

- 1.14.1 (fixes: CVE-2018-16845, CVE-2018-16843, CVE-2018-16844)

nginx-1.14.1-alt1  build 2018-11-06

Group: System/Servers
Sumário: Fast HTTP server
Mudanças:

- 1.14.1 (fixes: CVE-2018-16845, CVE-2018-16843, CVE-2018-16844)

ffmpeg-2:4.0.3-alt1  build 2018-11-05

Group: Video
Sumário: A command line toolbox to manipulate, convert and stream multimedia content
Mudanças:

- 4.0.3 (fixes: CVE-2018-15822)

ffmpeg-2:4.0.3-alt1  build 2018-11-05

Group: Video
Sumário: A command line toolbox to manipulate, convert and stream multimedia content
Mudanças:

- 4.0.3 (fixes: CVE-2018-15822)

p7zip-16.02-alt3  build 2018-11-04

Group: Archiving/Compression
Sumário: 7zip unofficial port - a file-archiver with highest compression ratio
Mudanças:

- applied debian security patches
(Fixes: CVE-2016-9296, CVE-2017-17969, CVE-2018-5996, CVE-2018-10115)
- avoid tarball compression
- minor spec cleanup

p7zip-16.02-alt3  build 2018-11-04

Group: Archiving/Compression
Sumário: 7zip unofficial port - a file-archiver with highest compression ratio
Mudanças:

- applied debian security patches
(Fixes: CVE-2016-9296, CVE-2017-17969, CVE-2018-5996, CVE-2018-10115)
- avoid tarball compression
- minor spec cleanup

NetworkManager-1.14.5-alt1.gitba83251bba87  build 2018-11-01

Group: System/Configuration/Networking
Sumário: Install NetworkManager daemon and plugins
Mudanças:

- Upstream git snapshot (nm-1-14 branch) (fixes: CVE-2018-15688).

curl-7.62.0-alt1  build 2018-10-31

Group: Networking/File transfer
Sumário: Gets a file from a FTP, GOPHER or HTTP server
Mudanças:

- 7.62.0
- fixes:
* CVE-2018-16839 - buffer overrun in the SASL authentication code.
* CVE-2018-16840 - use-after-free in handle close
* CVE-2018-16842 - warning message out-of-buffer read

curl-7.62.0-alt1  build 2018-10-31

Group: Networking/File transfer
Sumário: Gets a file from a FTP, GOPHER or HTTP server
Mudanças:

- 7.62.0
- fixes:
* CVE-2018-16839 - buffer overrun in the SASL authentication code.
* CVE-2018-16840 - use-after-free in handle close
* CVE-2018-16842 - warning message out-of-buffer read

curl-7.62.0-alt1  build 2018-10-31

Group: Networking/File transfer
Sumário: Gets a file from a FTP, GOPHER or HTTP server
Mudanças:

- 7.62.0
- fixes:
* CVE-2018-16839 - buffer overrun in the SASL authentication code.
* CVE-2018-16840 - use-after-free in handle close
* CVE-2018-16842 - warning message out-of-buffer read

systemd-1:239-alt3  build 2018-10-29

Group: System/Configuration/Boot and Init
Sumário: System and Session Manager
Mudanças:

- merge with v239-stable
- Fixes for the following security vulnerabilities:
+ CVE-2018-15688 dhcp6: make sure we have enough space for the DHCP6 option header
+ CVE-2018-15687 chown-recursive: rework the recursive logic to use O_PATH

firefox-esr-60.3.0-alt1  build 2018-10-23

Group: Networking/WWW
Sumário: The Mozilla Firefox project is a redesign of Mozilla's browser
Mudanças:

- New ESR version (60.3.0).
- Fixed:
+ CVE-2018-12391 HTTP Live Stream audio data is accessible cross-origin
+ CVE-2018-12392 Crash with nested event loops
+ CVE-2018-12393 Integer overflow during Unicode conversion while loading JavaScript
+ CVE-2018-12395 WebExtension bypass of domain restrictions through header rewriting
+ CVE-2018-12396 WebExtension content scripts can execute in disallowed contexts
+ CVE-2018-12397 WebExtension can request access to local files without the warning prompt
+ CVE-2018-12389 Memory safety bugs fixed in Firefox ESR 60.3
+ CVE-2018-12390 Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3

chromium-70.0.3538.67-alt1  build 2018-10-22

Group: Networking/WWW
Sumário: An open source web browser developed by Google
Mudanças:

- New version (70.0.3538.67).
- Security fixes:
- CVE-2018-17462: Sandbox escape in AppCache.
- CVE-2018-17463: Remote code execution in V8.
- CVE to be assigned: Heap buffer overflow in Little CMS in PDFium.
- CVE-2018-17464: URL spoof in Omnibox.
- CVE-2018-17465: Use after free in V8.
- CVE-2018-17466: Memory corruption in Angle.
- CVE-2018-17467: URL spoof in Omnibox.
- CVE-2018-17468: Cross-origin URL disclosure in Blink.
- CVE-2018-17469: Heap buffer overflow in PDFium.
- CVE-2018-17470: Memory corruption in GPU Internals.
- CVE-2018-17471: Security UI occlusion in full screen mode.
- CVE-2018-17472: iframe sandbox escape on iOS.
- CVE-2018-17473: URL spoof in Omnibox.
- CVE-2018-17474: Use after free in Blink.
- CVE-2018-17475: URL spoof in Omnibox.
- CVE-2018-17476: Security UI occlusion in full screen mode.
- CVE-2018-5179: Lack of limits on update() in ServiceWorker.
- CVE-2018-17477: UI spoof in Extensions.

chromium-70.0.3538.67-alt1  build 2018-10-22

Group: Networking/WWW
Sumário: An open source web browser developed by Google
Mudanças:

- New version (70.0.3538.67).
- Security fixes:
- CVE-2018-17462: Sandbox escape in AppCache.
- CVE-2018-17463: Remote code execution in V8.
- CVE to be assigned: Heap buffer overflow in Little CMS in PDFium.
- CVE-2018-17464: URL spoof in Omnibox.
- CVE-2018-17465: Use after free in V8.
- CVE-2018-17466: Memory corruption in Angle.
- CVE-2018-17467: URL spoof in Omnibox.
- CVE-2018-17468: Cross-origin URL disclosure in Blink.
- CVE-2018-17469: Heap buffer overflow in PDFium.
- CVE-2018-17470: Memory corruption in GPU Internals.
- CVE-2018-17471: Security UI occlusion in full screen mode.
- CVE-2018-17472: iframe sandbox escape on iOS.
- CVE-2018-17473: URL spoof in Omnibox.
- CVE-2018-17474: Use after free in Blink.
- CVE-2018-17475: URL spoof in Omnibox.
- CVE-2018-17476: Security UI occlusion in full screen mode.
- CVE-2018-5179: Lack of limits on update() in ServiceWorker.
- CVE-2018-17477: UI spoof in Extensions.

libyaml-cpp0-0.6.2-alt2  build 2018-10-22

Group: Development/Other
Sumário: A YAML parser and emitter for C++
Mudanças:

- Applied patches from Fedora (Fixes: CVE-2017-5950)

kernel-image-std-pae-1:4.4.162-alt1  build 2018-10-20

Group: System/Kernel and hardware
Sumário: The Linux kernel (the core of the Linux operating system)
Mudanças:

- v4.4.162 (Fixes: CVE-2018-10879)

kernel-image-std-pae-1:4.4.162-alt1  build 2018-10-20

Group: System/Kernel and hardware
Sumário: The Linux kernel (the core of the Linux operating system)
Mudanças:

- v4.4.162 (Fixes: CVE-2018-10879)

libssh-0.8.4-alt1  build 2018-10-17

Group: System/Libraries
Sumário: C library to authenticate in a simple manner to one or more SSH servers
Mudanças:

- new version
- security fix: CVE-2018-10933

libssh-0.8.4-alt2  build 2018-10-17

Group: System/Libraries
Sumário: C library to authenticate in a simple manner to one or more SSH servers
Mudanças:

- fix changelog
- security fixes: CVE-2018-10933

clamav-0.100.2-alt1  build 2018-10-17

Group: File tools
Sumário: Clam Antivirus scanner
Mudanças:

- 0.100.2 (CVE-2018-15378, CVE-2018-14680, CVE-2018-14681, CVE-2018-14682)

texlive-2018-alt1_4  build 2018-10-16

Group: Publishing
Sumário: The TeX formatting system
Mudanças:

- new version; fixes CVE-2018-17407

texlive-2018-alt1_4  build 2018-10-16

Group: Publishing
Sumário: The TeX formatting system
Mudanças:

- new version; fixes CVE-2018-17407

kernel-image-std-pae-1:4.4.161-alt1  build 2018-10-15

Group: System/Kernel and hardware
Sumário: The Linux kernel (the core of the Linux operating system)
Mudanças:

- v4.4.161 (Fixes: CVE-2018-10879, CVE-2018-10880, CVE-2018-7755)

kernel-image-un-def-1:4.18.14-alt1  build 2018-10-15

Group: System/Kernel and hardware
Sumário: The Linux kernel (the core of the Linux operating system)
Mudanças:

- v4.18.14 (Fixes: CVE-2018-15471)

kernel-image-std-pae-1:4.4.161-alt1  build 2018-10-15

Group: System/Kernel and hardware
Sumário: The Linux kernel (the core of the Linux operating system)
Mudanças:

- v4.4.161 (Fixes: CVE-2018-10879, CVE-2018-10880, CVE-2018-7755)

kernel-image-un-def-1:4.18.14-alt1  build 2018-10-15

Group: System/Kernel and hardware
Sumário: The Linux kernel (the core of the Linux operating system)
Mudanças:

- v4.18.14 (Fixes: CVE-2018-15471)

kernel-image-std-def-1:4.14.76-alt1  build 2018-10-15

Group: System/Kernel and hardware
Sumário: The Linux kernel (the core of the Linux operating system)
Mudanças:

- v4.14.76 (Fixes: CVE-2018-15471)

kernel-image-std-debug-1:4.14.76-alt1  build 2018-10-15

Group: System/Kernel and hardware
Sumário: The Linux kernel (the core of the Linux operating system)
Mudanças:

- v4.14.76 (Fixes: CVE-2018-15471)

kernel-image-un-def-1:4.18.14-alt1  build 2018-10-15

Group: System/Kernel and hardware
Sumário: The Linux kernel (the core of the Linux operating system)
Mudanças:

- v4.18.14 (Fixes: CVE-2018-15471)

kernel-image-std-def-1:4.14.76-alt1  build 2018-10-15

Group: System/Kernel and hardware
Sumário: The Linux kernel (the core of the Linux operating system)
Mudanças:

- v4.14.76 (Fixes: CVE-2018-15471)

kernel-image-std-def-1:4.14.76-alt1  build 2018-10-15

Group: System/Kernel and hardware
Sumário: The Linux kernel (the core of the Linux operating system)
Mudanças:

- v4.14.76 (Fixes: CVE-2018-15471)

kernel-image-un-def-1:4.18.14-alt1  build 2018-10-15

Group: System/Kernel and hardware
Sumário: The Linux kernel (the core of the Linux operating system)
Mudanças:

- v4.18.14 (Fixes: CVE-2018-15471)

kernel-image-std-def-1:4.14.76-alt1  build 2018-10-15

Group: System/Kernel and hardware
Sumário: The Linux kernel (the core of the Linux operating system)
Mudanças:

- v4.14.76 (Fixes: CVE-2018-15471)

kernel-image-std-pae-1:4.4.161-alt1  build 2018-10-15

Group: System/Kernel and hardware
Sumário: The Linux kernel (the core of the Linux operating system)
Mudanças:

- v4.4.161 (Fixes: CVE-2018-10879, CVE-2018-10880, CVE-2018-7755)

kernel-image-std-debug-1:4.14.76-alt1  build 2018-10-15

Group: System/Kernel and hardware
Sumário: The Linux kernel (the core of the Linux operating system)
Mudanças:

- v4.14.76 (Fixes: CVE-2018-15471)

wireshark-2.6.4-alt1  build 2018-10-13

Group: Monitoring
Sumário: The BugTraq Award Winning Network Traffic Analyzer
Mudanças:

- 2.6.4 (fixes: CVE-2018-18227, CVE-2018-18225, CVE-2018-18225, CVE-2018-12086)
- disabled build gtk+ UI

glusterfs3-3.12.15-alt1  build 2018-10-13

Group: System/Base
Sumário: Cluster File System
Mudanças:

- new version 3.12.15 (with rpmrb script)
- CVE-2018-10907, CVE-2018-10904, CVE-2018-10911 CVE-2018-10913, CVE-2018-10923, CVE-2018-10930

libgit2-0.26.7-alt1  build 2018-10-12

Group: System/Libraries
Sumário: linkable library for Git
Mudanças:

- 0.26.7 (fixed CVE-2018-17456)

libgit2-0.26.7-alt1  build 2018-10-12

Group: System/Libraries
Sumário: linkable library for Git
Mudanças:

- 0.26.7 (fixed CVE-2018-17456)

tinc-1.0.35-alt1  build 2018-10-11

Group: System/Servers
Sumário: Virtual Private Network (VPN) daemon that uses tunnelling and encryption to create a secure private network between hosts on the Internet.
Mudanças:

- New version
* Prevent oracle attacks (CVE-2018-16737, CVE-2018-16738)
* Prevent a MITM from forcing a NULL cipher for UDP (CVE-2018-16758)
- Disabling VDE support

libpng16-1.6.35-alt1  build 2018-10-10

Group: System/Libraries
Sumário: A library of functions for manipulating PNG image format files
Mudanças:

- 1.6.35 (fixes: CVE-2018-13785, CVE-2018-14048)

kernel-image-std-def-1:4.14.74-alt1  build 2018-10-04

Group: System/Kernel and hardware
Sumário: The Linux kernel (the core of the Linux operating system)
Mudanças:

- v4.14.74 (Fixes: CVE-2018-7755)

kernel-image-un-def-1:4.18.12-alt1  build 2018-10-04

Group: System/Kernel and hardware
Sumário: The Linux kernel (the core of the Linux operating system)
Mudanças:

- v4.18.12 (Fixes: CVE-2018-7755)

  1         3     4     5    Truncate        Last  

 
© 2009–2018 Igor Zubkov