Packages from AltLinux

Security

May 30, 2012, 01:49 PM

openssl098

Version: 0.9.8d-alt4.M41.2
Summary: OpenSSL - Secure Sockets Layer and cryptography shared libraries and tools
Changelog:
- 4.1 security update (fix CVE-2011-4109 CVE-2011-4576 CVE-2011-4619
    CVE-2012-0884 CVE-2012-1165 CVE-2012-2110 CVE-2012-2333)
Mar 14, 2012, 05:01 PM

icu

Version: 3.8.1-alt2.M41.2
Summary: International Components for Unicode
Changelog:
- 4.1 security update (fix CVE-2011-4599)
Mar 13, 2012, 05:57 PM

cups

Version: 1.3.10-alt0.M41.4
Summary: Common Unix Printing System - server package
Changelog:
- 4.1 security update (fix cups-CVE-2011-2896)
Mar 13, 2012, 03:32 PM

libXfont

Version: 1.3.3-alt0.M41.2
Summary: X font Library
Changelog:
- 4.1 security update (fix CVE-2011-2895)
Mar 13, 2012, 02:38 PM

avahi

Version: 0.6.22-alt6.M41.2
Summary: Local network service discovery
Changelog:
- 4.1 security update (fix CVE-2011-1002)
Mar 2, 2012, 04:17 PM

libfreetype

Version: 2.3.11-alt1.M41.1
Summary: The FreeType2 library
Changelog:
- 4.1 security update (fix CVE-2010-1797 CVE-2010-2498 CVE-2010-2499 CVE-2010-2500
   CVE-2010-2519 CVE-2010-2520 CVE-2010-2527 CVE-2010-2805 CVE-2010-2806
   CVE-2010-2808 CVE-2010-3311 CVE-2010-3855 CVE-2011-0226 CVE-2011-3256
   CVE-2011-3439)
Dec 9, 2011, 04:09 PM

glibc

Version: 2.5.1-alt4.M41.2
Summary: The GNU libc libraries
Changelog:
- CVE-2010-0296
  CVE-2011-1095
  CVE-2011-0536
Dec 9, 2011, 12:21 PM

ghostscript

Version: 8.63-alt0.M41.4
Summary: PostScript interpreter and renderer, most printer drivers
Changelog:
- CVE-2008-0411
Dec 8, 2011, 04:42 PM

mailman

Version: 2.1.10-alt0.3.1.M41.1
Summary: Mailing list manager with built in web access
Changelog:
- CVE-2010-3089
  CVE-2011-0707
Dec 8, 2011, 03:35 PM

libtiff

Version: 3.8.2-alt2.M41.4
Summary: A library of functions for manipulating TIFF format image files
Changelog:
- CVE-2010-2065
  CVE-2011-0192
  CVE-2011-1167
Dec 8, 2011, 03:13 PM

libtiff3

Version: 3.5.7-alt7.M41.2
Summary: A library of functions for manipulating TIFF format image files
Changelog:
- CVE-2009-2347
  CVE-2010-2065
  CVE-2011-0192
Dec 8, 2011, 12:45 PM

dhcp

Version: 3.0.6-alt2.M41.1
Summary: Dynamic Host Configuration Protocol (DHCP) distribution
Changelog:
- CVE-2009-0692
  CVE-2011-0997
  CVE-2011-2748-2749
Dec 2, 2011, 01:10 PM

curl

Version: 7.18.1-alt3.M41.3
Summary: Gets a file from a FTP, GOPHER or HTTP server
Changelog:
- CVE-2011-2192
Dec 2, 2011, 12:21 PM

libneon0.25

Version: 0.25.5-alt1.1.M41.1
Summary: neon is an HTTP and WebDAV client library
Changelog:
- CVE-2009-2473
Dec 2, 2011, 12:04 PM

libneon

Version: 0.24.7-alt3.1.M41.1
Summary: neon is an HTTP and WebDAV client library
Changelog:
- CVE-2009-2473
  CVE-2009-2474
Dec 1, 2011, 04:19 PM

newt

Version: 0.50.39-alt3.1.M41.1
Summary: A development library for text mode user interfaces.
Changelog:
- CVE-2009-2905
Dec 1, 2011, 12:49 PM

dstat

Version: 0.6.6-alt1.1.M41.1
Summary: Versatile vmstat, iostat and ifstat replacement
Changelog:
- CVE-2009-3894
Dec 1, 2011, 12:25 PM

expat

Version: 2.0.1-alt0.1.M41.1
Summary: An XML parser written in C
Changelog:
- CVE-2009-3560
  CVE-2009-3720
Nov 30, 2011, 04:44 PM

gd2

Version: 2.0.35-alt1.M41.1
Summary: A graphics library for drawing image files in various formats
Changelog:
- CVE-2009-3546
Nov 30, 2011, 04:29 PM

krb5

Version: 1.6.3-alt3.M41.4
Summary: The Kerberos network authentication system
Changelog:
- CVE-2010-1321
  CVE-2009-0846
  CVE-2007-5971
  CVE-2007-5901
Nov 30, 2011, 04:09 PM

gcc3.4

Version: 3.4.5-alt7.M41.1
Summary: GNU Compiler Collection
Changelog:
- CVE-2006-3619
  CVE-2009-3736
Nov 30, 2011, 02:26 PM

libtool_1.5

Version: 1.5.26-alt2.M41.1
Summary: The GNU libtool, which simplifies the use of shared libraries
Changelog:
- CVE-2009-3736
Nov 28, 2011, 03:21 PM

bind

Version: 9.3.6-alt4.M41.2
Summary: ISC BIND - DNS server
Changelog:
- CVE-2009-4022
  CVE-2010-0097
  CVE-2010-3762
  CVE-2011-4313
Nov 28, 2011, 12:09 PM

sudo

Version: 1.6.8p12-alt5.M41.1
Summary: Allows command execution as another user
Changelog:
- CVE-2010-0426 sudo: sudoedit option can possibly allow for arbitrary code execution
Nov 25, 2011, 03:18 PM

cpio

Version: 2.10-alt2.M41.2
Summary: A GNU archiving program
Changelog:
- CVE-2010-0624
Nov 17, 2011, 02:49 PM

tar

Version: 1.20-alt1.M41.1
Summary: A GNU file archiving program
Changelog:
- fixed CVE-2010-0624
Nov 16, 2011, 04:50 PM

ntp

Version: 4.2.4-alt3.p4.M41.2
Summary: The Network Time Protocol (NTP)
Changelog:
- fixed CVE-2009-3563
Nov 15, 2011, 04:33 PM

xmlsec1

Version: 1.2.10-alt1.M41.1
Summary: Library providing support for "XML Signature" and "XML Encryption" standards
Changelog:
- Fixed CVE-2009-0217
Nov 14, 2011, 03:41 PM

fetchmail

Version: 6.3.8-alt6.1.M41.1
Summary: Full-featured POP/IMAP/ETRN mail retrieval daemon
Changelog:
- Fixed: CVE-2008-2711, CVE-2009-2666
Apr 4, 2011, 02:53 PM

nss

Version: 3.12.1-alt0.20080628.M41.2
Summary: Netscape Network Security Services(NSS)
Changelog:
- Fixed CVE-2009-2408
- Fixed CVE-2009-2409
Apr 4, 2011, 01:50 PM

poppler08

Version: 0.8.7-alt1.M41.3
Summary: PDF rendering library
Changelog:
- Security fixes:
  - CVE-2009-0755
  - CVE-2009-3603
  - CVE-2009-3604
  - CVE-2009-3608
  - CVE-2009-3609
  - CVE-2010-3702
  - CVE-2010-3704
- Don't package utils
Apr 4, 2011, 11:12 AM

xpdf

Version: 3.02-alt4.M41.1
Summary: Portable Document Format (PDF) suite
Changelog:
- Apply xpdf-3.02pl3 security patch to fix:
  CVE-2009-0146, CVE-2009-0147, CVE-2009-0166, CVE-2009-0799,
  CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181,
  CVE-2009-1182, CVE-2009-1183, CVE-2009-1187, CVE-2009-1188.
- Apply xpdf-3.02pl4 security patch to fix:
  CVE-2009-3603, CVE-2009-3604, CVE-2009-3605, CVE-2009-3606,
  CVE-2009-3608, CVE-2009-3609.
- Security fixes: CVE-2010-3702, CVE-2010-3704.
Mar 22, 2011, 03:41 PM

libxml2

Version: 2.7.2-alt1.M41.2
Summary: The library for manipulating XML files
Changelog:
- fixed CVE-2009-2414, CVE-2009-2416
Mar 18, 2011, 03:50 PM

php

Version: 4.4.8-alt1.M41.1
Summary: The PHP4 scripting language
Changelog:
- Fixed:
   + CVE-2008-3658
   + CVE-2008-3660
   + CVE-2008-5498
   + CVE-2008-5557
   + CVE-2009-0754
Mar 17, 2011, 05:15 PM

acpid

Version: 1.0.6-alt2.M41.1
Summary: ACPI kernel daemon and control utility
Changelog:
- fixed CVE-2009-0798
Mar 17, 2011, 10:58 AM

libvorbis

Version: 1.2.0-alt3.M41.1
Summary: The Vorbis General Audio Compression Codec
Changelog:
- fixed CVE-2009-2663
Mar 17, 2011, 10:49 AM

subversion

Version: 1.4.4-alt2.1.M41.1
Summary: A version control system
Changelog:
- Fixed CVE-2009-2411
Mar 16, 2011, 02:49 PM

ruby

Version: 1.8.7-alt0.M41.5
Summary: Interpreter of object-oriented scripting language Ruby 1.8
Changelog:
- Fixed CVE-2007-1558
- Fixed CVE-2009-0642
Mar 15, 2011, 05:28 PM

aprutil1

Version: 1.2.12-alt1.M41.1
Summary: Apache Portable Runtime Utility shared library
Changelog:
- Fixed CVE-2009-0023
- Fixed CVE-2009-1955
- Fixed CVE-2009-1956
Mar 15, 2011, 01:34 PM

glib2

Version: 2.16.6-alt0.M41.2
Summary: A library of handy utility functions
Changelog:
- fixed CVE-2008-4316
Mar 15, 2011, 12:13 PM

libjasper

Version: 1.900.1-alt1.M41.1
Summary: JasPer -- implementation of the codec specified in the JPEG-2000 Part-1 standard
Changelog:
- fixed CVE-2007-2721
- fixed CVE-2008-3520
Mar 2, 2010, 01:50 PM

netpbm

Version: 10.35.32-alt1.M41.1
Summary: Tools for manipulating graphics files in netpbm supported formats
Changelog:
- fixed stack-based buffer overflow (CVE-2009-4274)
- fixed build
  + netpbm-10.35-alt-fix-overflow-destination-buffer.patch
Mar 1, 2010, 08:36 PM

dnsmasq

Version: 2.41-alt4.M41.1
Summary: A lightweight caching nameserver
Changelog:
- fix TFTP server vulnerabilities (CVE-2009-2957, CVE-2009-2958).
Jan 20, 2010, 06:05 PM

gzip

Version: 1.3.5-alt4.M40.1
Summary: The GNU data compression program
Changelog:
- Applied upstream fix for integer underflow bug (CVE-2010-0001).
Aug 21, 2009, 11:53 AM

kernel-image-std-ll

Version: 2.6.25-alt8.M41.5
Summary: The Linux kernel (the core of the Linux operating system) low latency version
Changelog:
- [SECURITY] fix CVE-2009-2692
Aug 19, 2009, 06:11 PM

kernel-image-std-pae

Version: 2.6.25-alt8.M41.5
Summary: The Linux kernel (the core of the Linux operating system)
Changelog:
- [SECURITY] fix CVE-2009-2692
Aug 19, 2009, 11:51 AM

kernel-image-std-srv

Version: 2.6.25-alt8.M41.5
Summary: The Linux kernel (the core of the Linux operating system)
Changelog:
- [SECURITY] fix CVE-2009-2692
Aug 18, 2009, 04:10 PM

kernel-image-std-def

Version: 2.6.25-alt8.M41.5
Summary: The Linux kernel (the core of the Linux operating system)
Changelog:
- [SECURITY] fix CVE-2009-2692
Apr 21, 2009, 12:58 PM

poppler

Version: 0.6.4-alt2.M41.1
Summary: PDF rendering library
Changelog:
- Security fixes:
  - CVE-2009-0146
  - CVE-2009-0147
  - CVE-2009-0166
  - CVE-2009-0799
  - CVE-2009-0800
  - CVE-2009-1179
  - CVE-2009-1180
  - CVE-2009-1181
  - CVE-2009-1182
  - CVE-2009-1183
Apr 9, 2009, 10:51 PM

udev

Version: 118-alt1.M41.2
Summary: udev - an userspace implementation of devfs
Changelog:
- fixed CVE-2009-1185
Feb 12, 2009, 05:22 PM

audiofile

Version: 0.2.6-alt2.M41.1
Summary: Library to handle various audio file formats
Changelog:
- Fix CVE-2008-5824.
Feb 12, 2009, 04:59 PM

ffmpeg

Version: 11656-alt1.M41.1
Summary: Hyper fast MPEG1/MPEG4/H263/RV and AC3/MPEG audio encoder
Changelog:
- Fix ffmpeg <r16846 Type conversion vulnerability (CVE-2009-0385).
- Fix CVE-2008-2132.
Nov 21, 2008, 05:10 PM

imlib2

Version: 1.4.0-alt1.M41.2
Summary: Powerful image loading and rendering library
Changelog:
- Fix CVE-2008-5187.
Nov 11, 2008, 05:43 PM

vlc

Version: 0.8.7-alt0.M41.1
Summary: VLC Media Player
Changelog:
- Fixes from 0.8.6-bugfix git branch.
- Fixes CVE-2008-4654, CVE-2008-4686, CVE-2008-3732, CVE-2008-3794.
Nov 10, 2008, 04:42 PM

net-snmp

Version: 5.4.1.1-alt0.M41.2
Summary: Tools and servers for the SNMP protocol
Changelog:
- Fix CVE-2008-4309.
Oct 17, 2008, 03:35 PM

nfs

Version: 1.1.2-alt1.M41.1
Summary: The Linux NFS clients, utilities and server
Changelog:
- CVE-2008-4552 fixed
Oct 13, 2008, 04:13 PM

awstats

Version: 6.9-alt0.0.b2008.08.05.M41.1
Summary: Real-time logfile analyzer to get advanced web statistics
Changelog:
- Rebuild for 4.1
- Security fix: CVE-2008-3714 (AWStats URL Cross-Site Scripting Vulnerability)
Aug 31, 2008, 02:28 PM

ipsec-tools

Version: 0.6.7-alt2.M41
Summary: IPsec-Tools package use the IPsec functionality in the linux-2.5+ kernels.
Changelog:
- CVE-2008-3651 and CVE-2008-3652 patches from RedHat package
  ipsec-tools-0.6.5-9.3:
  + for DoS through various memory leaks (rh#456660, rh#458846)
- other patches from RH
May 10, 2008, 05:41 PM

rdesktop

Version: 1.5.0-alt7
Summary: Powerful tool for remote desktop connection
Changelog:
- CVE-2008-1801
- CVE-2008-1802
- CVE-2008-1803
May 6, 2008, 05:14 PM

kernel-image-ovz-smp

Version: 2.6.18-alt24
Summary: The Linux kernel (the core of the Linux operating system)
Changelog:
- CVE-2008-1669: add rcu_read_lock()  to fs/locks.c and fix fcntl store/load
- CVE-2008-1375: Race condition in the directory notification subsystem (dnotify)
- CVE-2008-1294: does not check when a user attempts to set RLIMIT_CPU to 0
- update to std-smp-alt12.M40.1
Apr 30, 2008, 03:01 PM

perl-Imager

Version: 0.64-alt1
Summary: Perl module for generating 24 bit Images
Changelog:
- New version 0.64
  -- fix buffer overflow in image fills (CVE-2008-1928)
  -- multiple improvements in image converting code
  -- several other bug fixes and improvements, see Changes for details
Apr 22, 2008, 10:15 AM

dbmail

Version: 2.2.9-alt1
Summary: DBMail is a POP3/IMAP server that enables email to be stored in and retrieved from a database
Changelog:
- move to 2.2.9
- fixed CVE-2007-6714 (thanks to mike@)
Mar 26, 2008, 04:38 AM

sqlite

Version: 2.8.17-alt1
Summary: An Embeddable SQL Database Engine, version 2
Changelog:
- 2.8.16 -> 2.8.17+cvs20070108
- fix for buffer overflow in sqlite_decode_binary (CVE-2007-1888)
- split package sqlite-doc, renamed sqlite-devel to libsqlite-devel
Mar 18, 2008, 10:44 AM

unzip

Version: 5.52-alt5
Summary: An utility for unpacking zip archives
Changelog:
- fix CVE-2008-0888
Mar 16, 2008, 02:57 PM

MySQL

Version: 5.0.51-alt2.a
Summary: MySQL: A very fast and reliable SQL database engine
Changelog:
- 5.0.51a.
- Security fixes:
  + CVE-2008-0226, CVE-2008-0227 (Three vulnerabilities in yaSSL versions 1.7.5
    that could lead to a server crash or execution of unauthorized code.)
  + ALTER VIEW retained the original DEFINER value, even when altered by
    another user, which could allow that user to gain the access rights of the
    view (MySQL #29908).
- Add glibc-locales to -server deps (ALT #13909 #14731).
- Make links to mysqld_safe for backwards compatibility (ALT #14863).
- Update html documentation to 10265 revsion.
Mar 12, 2008, 02:43 PM

smarty

Version: 2.6.19-alt1
Summary: Template engine for PHP
Changelog:
- 2.6.19. Security fixes:
  + CVE-2008-1066 (Smarty "regex_replace" Modifier Template Security Bypass)
Feb 29, 2008, 07:01 PM

apache2

Version: 2.2.8-alt1
Summary: The most widely used Web server on the Internet
Changelog:
- 2.2.8
- Adding SECURITY to upstream:
  + CVE-2007-6421 (cve.mitre.org)
  + CVE-2007-6422 (cve.mitre.org)
  + CVE-2007-6388 (cve.mitre.org)
  + CVE-2007-5000 (cve.mitre.org)
  + CVE-2008-0005 (cve.mitre.org)
- Fix #14601: less-than-optimal examples in con/sites-available.
  (Thanks Mikhail Gusarov <dottedmag altlinux org>)
  + update apache2-2.2.6-alt-configs-0.1.patch to
    apache2-2.2.8-alt-configs-0.2.patch
- Updating patchs for 2.2.6:
  + apache2-2.2.6-alt-debian.conf-0.1.patch to
    apache2-2.2.8-alt-debian.conf-0.1.patch
  + apache2-2.2.6-alt-default_https.conf.in-0.1.patch to
    apache2-2.2.8-alt-default_https.conf.in-0.1.patch
  + apache2-2.2.6-alt-cgi-0.1.patch to
    apache2-2.2.8-alt-cgi-0.1.patch
Feb 22, 2008, 06:29 PM

wyrd

Version: 1.4.4-alt1
Summary: Wyrd is a curses front-end for Remind
Changelog:
- 1.4.4: fixes CVE-2008-0806 (insecure tmpfile handling, see also
  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=466382)
Feb 14, 2008, 09:57 AM

SDL_image

Version: 1.2.6-alt3
Summary: Simple DirectMedia Layer - image
Changelog:
- Buffer overflow fix in RLE decompression (CVE-2008-0544).
Feb 10, 2008, 10:16 PM

kernel-image-std-smp

Version: 2.6.18-alt12
Summary: The Linux kernel (the core of the Linux operating system)
Changelog:
- Security-related changes:
  + CVE-2008-0600: splice: fix user pointer access in get_iovec_page_array()
  + check iovec buffers in __bio_map_user_iov() (fixes issue with SG_IO)
  + guard against attempts to call get_user_pages() for 0 pages
Feb 5, 2008, 10:56 PM

tk8.4

Version: 8.4.17-alt1
Summary: A Tk toolkit fot Tcl scripting language
Changelog:
- 8.4.17 released
- CVE-2006-4484 fixed
Feb 5, 2008, 10:56 AM

scponly

Version: 4.8-alt1
Summary: Limited shell for secure file transfers
Changelog:
- Updated to new version 4.8, fixes CVE-2007-6415 problem
- Change source URL to SourceForge
Nov 30, 2007, 04:57 PM

ircservices

Version: 5.0.63-alt1
Summary: IRC Services is a system of services to be used with Internet Relay Chat networks
Changelog:
- Security fix: CVE-2007-6122
Sep 25, 2007, 09:03 PM

fvwm

Version: 2.5.23-alt1
Summary: F(?) Virtual Window Manager
Changelog:
- 2.5.23.
- Removed cvs-CVE-2006-5969 patch (obsolete).
- Enabled HTML documentation build (new in 2.5.22); added HTML docs to the
  fvwm-base package.
- Added alt-configure-datarootdir patch: fake datarootdir for autoconf-2.59
  (temporary build fix while autoconf >= 2.60 is not available).
- Added alt-htmldoc patch: fix HTML documentation build and installation.
- Updated BuildRequires.
Sep 14, 2007, 12:32 AM

id3lib

Version: 3.8.3-alt5
Summary: A software library for manipulating ID3v1 and ID3v2 tags
Changelog:
- Fixed CVE-2007-4460 (SA26536):
  Insecure temporary file privilege escalation.
Aug 2, 2007, 12:41 AM

tcpdump

Version: 3.9.7-alt1
Summary: A network traffic monitoring tool
Changelog:
- Updated to 3.9.7 (fixes CVE-2007-3798: BGP dissector integer overflow).
May 30, 2007, 05:25 PM

mutt

Version: 1.4.2.3-alt1
Summary: A text mode mail and news user agent
Changelog:
- Updated to 1.4.2.3 (fixes CVE-2007-1558).
May 22, 2007, 11:54 AM

file

Version: 4.20-alt5
Summary: A utility for determining file types
Changelog:
- Fixed integer overflow check (CVE-2007-1536), reported by Colin Percival.
May 3, 2007, 05:29 PM

pptpd

Version: 1.3.4-alt1
Summary: A PPTP server daemon
Changelog:
- 1.3.4:
  + Security fix - remote DoS - malformed GRE packets can terminate PPTP
  connections (CVE-2007-0244)
  + Fix two release critical packet reordering bugs
  + Some other (see NEWS)
- Add dirty hack for fix wtmp work on x86_64 (re-Closes: #9817)
- Update default options.pptpd
Apr 16, 2007, 12:14 AM

lha

Version: 1.14i-alt2
Summary: An archiving and compression utility for LHarc format archives
Changelog:
- ac20050924p1: security fixes for CVE-2006-4335, CVE-2006-4337,
  CVE-2006-4338 (DoS, system access)
- removed patch1, patch2, patch4, patch5 (didn't apply)
Feb 14, 2007, 06:29 PM

libchm

Version: 0.39-alt1
Summary: chmlib is a small library designed for accessing MS ITSS files
Changelog:
- Security fix: CVE-2007-0619.
- Update URL.
Nov 3, 2005, 11:34 PM

libungif

Version: 4.1.4-alt1
Summary: A library for manipulating GIF format image files
Changelog:
- Updated to 4.1.4 (fixes CVE-2005-2974 and CVE-2005-3350 but
  the code remains far from clean yet).
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v23.05.7
Back to top