Security

Version: 5.0.89-alt1

Summary: MySQL: A very fast and reliable SQL database engine

Changelog:

- new version (closes #18943)
- fixed CVE-2009-2446 from upstream (closes #20724)
- setup utf8 encoding instead of latin1 by default (closes #12390)
- include C99 aliasing violation patch from mythtv (closes #22452)
- removed username-length patch
- wait for mysqld shutdown (closes #22234)
- don't run initial setup mysql database if mysql.user table already exists

Version: 1.3.5-alt4.M40.1

Summary: The GNU data compression program

Changelog:

- Applied upstream fix for integer underflow bug (CVE-2010-0001).

Version: 9.3.6-alt5

Summary: ISC BIND - DNS server

Changelog:

- Backported upstream fix for a remote DoS bug (CVE-2009-0696).

Version: 0.2.8.4-alt6

Summary: A library to convert wmf files

Changelog:

- fixed CAN-2004-0941, CAN-2004-0990, CVE-2007-2756, CVE-2007-3473

Version: 2.6.6-alt0.M50.1

Summary: Transport Layer Security library

Changelog:

- 2.6.6 release. 
  + fix Corrected double free on signature verification failure (CVE-2009-1415)
  + fix DSA key generation (CVE-2009-1416)
  + fix gnutls-cli expiration/activation time check (CVE-2009-1417)

Version: 1.0.7-alt1

Summary: The BugTraq Award Winning Network Traffic Analyzer

Changelog:

- [1.0.7]
 + CVE-2009-1210
 + CVE-2009-1267
 + CVE-2009-1268
 + CVE-2009-1269

Version: 1.2.12-alt3

Summary: D-BUS is a simple IPC framework based on messages.

Changelog:

- fixed CVE-2009-1189

Version: 2.3.9-alt2

Summary: The FreeType2 library

Changelog:

- fixed CVE-2009-0946

Version: 8.64-alt3

Summary: PostScript interpreter and renderer, most printer drivers

Changelog:

- CVE-2009-0583, CVE-2009-0584

Version: 0.2.6-alt2.M50.1

Summary: Library to handle various audio file formats

Changelog:

- Fix CVE-2008-5824.

Version: 15151-alt5.M50.1

Summary: Hyper fast MPEG1/MPEG4/H263/RV and AC3/MPEG audio encoder

Changelog:

- Fix ffmpeg <r16846 Type conversion vulnerability (CVE-2009-0385).

Version: 2.6.22-alt1

Summary: Template engine for PHP

Changelog:

- Updated to 2.6.22. Security fixes:
  + CVE-2008-4810
  + CVE-2008-4811

Version: 3.0-alt4

Summary: WordNet English lexical reference system

Changelog:

- applied patches against CVE-2008-2149, CVE-2008-3908 (fix bug #15678)

Version: 6.3.9-alt1

Summary: Full-featured POP/IMAP/ETRN mail retrieval daemon

Changelog:

- 6.3.9
  + CVE-2007-4565: Denial of service
  + CVE-2008-2711: Denial of service
  + close memory leak when SSL connection fails
  and other
- remove obsolete update_menus/clean_menus macroses

Version: 2.7.2-alt2

Summary: The library for manipulating XML files

Changelog:

- updated to svn revision 3803 (fixes CVE-2008-4225, CVE-2008-4226)

Version: 1.4.0-alt3

Summary: Powerful image loading and rendering library

Changelog:

- Fix CVE-2008-5187.

Version: 5.4.2.1-alt1

Summary: Tools and servers for the SNMP protocol

Changelog:

- 5.4.2.1 release (fixes CVE-2008-4309).

Version: 804.028-alt2

Summary: Perl modules providing the Tk graphics library

Changelog:

- merged two fixes from https://svn.perl.org/modules/Tk
  + fixed a buffer overflow in tkImgGIF.c (CVE-2006-4484)
  + fixed event handling for newer X servers (cpan#38745)
- applied perl-Tk-seg.patch from Fedora (RH#235666, RH#431330)
- disabled t/unicode.t test which fails under Xvfb

Version: 0.5.20-alt3

Summary: smart uuenc/xxenc/base64 encoder/decoder

Changelog:

- Security fix: CVE-2008-2266
- Pull in source patches from Debian:
  + Fix temporary file issue (CVE-2004-2265, CVE-2008-2266, DEB#222275)
  + Update uudeview man page, include uuwish man page
  + Don't force overwrite mode if auto-rename enabled, DEB#378076
- Drop uudeview-0.5.20-mkstemp.patch

Version: 1.1.24-alt1

Summary: Library providing XSLT support

Changelog:

- 1.1.23 -> 1.1.24
- applied upstream fix for libexslt/crypto overflow (CVE-2008-2935)

Version: 2.5.0b1-alt1

Summary: database abstraction layer

Changelog:

- new version 2.5.0b1 (with rpmrb script)
- due CVE-2007-5934 (fix bug #16173)

Version: 0.15.1b-alt6

Summary: ID3 Tag manipulation library

Changelog:

- Fix CVE-2008-2109.

Version: 1.2.0-alt3

Summary: The Vorbis General Audio Compression Codec

Changelog:

- CVE-2008-1419 (patch from upstream)
- CVE-2008-1420 (patch from upstream)
- CVE-2008-1423 (patch from upstream)

Version: 0.64-alt1

Summary: Perl module for generating 24 bit Images

Changelog:

- New version 0.64
  -- fix buffer overflow in image fills (CVE-2008-1928)
  -- multiple improvements in image converting code
  -- several other bug fixes and improvements, see Changes for details

Version: 5.52-alt5

Summary: An utility for unpacking zip archives

Changelog:

- fix CVE-2008-0888

Version: 1.2.6-alt3

Summary: Simple DirectMedia Layer - image

Changelog:

- Buffer overflow fix in RLE decompression (CVE-2008-0544).

Version: 4.8-alt1

Summary: Limited shell for secure file transfers

Changelog:

- Updated to new version 4.8, fixes CVE-2007-6415 problem
- Change source URL to SourceForge

Version: 5.0.63-alt1

Summary: IRC Services is a system of services to be used with Internet Relay Chat networks

Changelog:

- Security fix: CVE-2007-6122

Version: 1.14i-alt2

Summary: An archiving and compression utility for LHarc format archives

Changelog:

- ac20050924p1: security fixes for CVE-2006-4335, CVE-2006-4337,
  CVE-2006-4338 (DoS, system access)
- removed patch1, patch2, patch4, patch5 (didn't apply)

Version: v23.05.7

Security

MySQL

gzip

bind

libwmf

gnutls26

wireshark

dbus

libfreetype

ghostscript

audiofile

ffmpeg

smarty

wordnet

fetchmail

libxml2

imlib2

net-snmp

perl-Tk

uudeview

libxslt

pear-MDB2

libid3tag

libvorbis

perl-Imager

unzip

SDL_image

scponly

ircservices

lha