glibc Jan 28, 2015, 07:06 PM | Jan 28, 2015, 07:06 PM |
Version: 2.11.2-alt1.M51.2
|
Summary: The GNU libc libraries
|
Changelog: |
- Backported upstream fix for Sourceware#15014 (CVE-2015-0235). |
strongswan Apr 30, 2013, 07:04 PM | Apr 30, 2013, 07:04 PM |
Version: 4.3.7-alt1.M51.1
|
Summary: StrongSWAN IPSEC implementation
|
Changelog: |
- applied the upstream provided patch to fix CVE-2013-2944
(ECDSA signature vulnerability if openssl backend is loaded) |
samba Apr 11, 2012, 10:28 AM | Apr 11, 2012, 10:28 AM |
Version: 3.0.37-alt5.M50P.1
|
Summary: Samba SMB/CIFS server
|
Changelog: |
- CVE-2012-1182 |
libtiff Sep 29, 2011, 08:17 PM | Sep 29, 2011, 08:17 PM |
Version: 3.9.5-alt1.M50P.1
|
Summary: A library of functions for manipulating TIFF format image files
|
Changelog: |
- Backport to p5 branch (CVE-2010-3087 CVE-2010-2595 CVE-2011-0192 CVE-2011-1167)
- no libtiffxx subpackage |
exim May 16, 2011, 06:24 PM | May 16, 2011, 06:24 PM |
Version: 4.76-alt0.M50P.1
|
Summary: Exim Mail Transport Agent
|
Changelog: |
- Backport to p5 (fixes CVE-2011-1764) |
postfix May 16, 2011, 02:44 PM | May 16, 2011, 02:44 PM |
Version: 2.5.13-alt0.M50P.1
|
Summary: Postfix Mail Transport Agent
|
Changelog: |
- Backport to p5 (fixes CVE-2011-1720) |
pidgin-mini Mar 30, 2011, 09:16 PM | Mar 30, 2011, 09:16 PM |
Version: 2.7.11-alt0.M50P.1
|
Summary: A GTK+ based multiprotocol instant messaging client
|
Changelog: |
- Backport to p5 branch (fixes CVE-2011-1091) |
libxml2 Jan 20, 2011, 01:13 PM | Jan 20, 2011, 01:13 PM |
Version: 2.7.8-alt3.M50P.1
|
Summary: The library for manipulating XML files
|
Changelog: |
- backport to p5 branch (fixes CVE-2010-4494) |
cvs Dec 5, 2010, 01:02 PM | Dec 5, 2010, 01:02 PM |
Version: 1.11.23-alt3.M50P.1
|
Summary: A version control system
|
Changelog: |
- backport to p5 branch (fixed CVE-2010-3846) |
vlc Nov 19, 2010, 04:49 PM | Nov 19, 2010, 04:49 PM |
Version: 1.1.4-alt0.M50P.1
|
Summary: VLC media player
|
Changelog: |
- backport to p5 (new version with CVE-2010-2937 fix)
- disable services_discovery/libudev_plugin.so
- disable SDL_image support |
gnome-vfs Nov 13, 2010, 06:39 PM | Nov 13, 2010, 06:39 PM |
Version: 2.24.4-alt0.M50P.1
|
Summary: The GNOME virtual file-system libraries
|
Changelog: |
- backport to p5 branch (fixed CVE-2009-2473) |
vips Nov 12, 2010, 08:58 PM | Nov 12, 2010, 08:58 PM |
Version: 7.22.4-alt0.M50P.1
|
Summary: Large image processing library
|
Changelog: |
- backport to p5 branch (fixed CVE-2010-3364) |
subversion Nov 12, 2010, 07:40 PM | Nov 12, 2010, 07:40 PM |
Version: 1.6.13-alt0.M50P.1
|
Summary: A version control system
|
Changelog: |
- backport to p5 branch (fixed CVE-2010-3315) |
poppler5 Oct 20, 2010, 02:18 PM | Oct 20, 2010, 02:18 PM |
Version: 0.12.4-alt0.M51.3
|
Summary: PDF rendering library
|
Changelog: |
- fix CVE-2010-3703 |
kernel-image-el-smp Oct 12, 2010, 08:06 PM | Oct 12, 2010, 08:06 PM |
Version: 2.6.32-alt10
|
Summary: The Linux kernel (the core of the Linux operating system)
|
Changelog: |
- CVE-2010-2962
- build af_packet as module |
libesmtp Oct 5, 2010, 11:49 PM | Oct 5, 2010, 11:49 PM |
Version: 1.0.4-alt2.1.0.M51.1
|
Summary: LibESMTP is a library to manage posting email using SMTP
|
Changelog: |
- Fixed CVE-2010-1192, CVE-2010-1194 (certificate validation flaws).
Fix backported from 1.0.6 |
python-module-mako Oct 2, 2010, 06:06 PM | Oct 2, 2010, 06:06 PM |
Version: 0.2.5-alt1.M51.1
|
Summary: template library written in Python
|
Changelog: |
- Fixed CVE-2010-2480 - XSS via inadequate escaping (patch from ubuntu)
+ lib/mako/filters.py: use xml.sax.saxutils.escape instead of
cgi.escape so we can escape single quotes. |
bzip2 Sep 20, 2010, 10:07 PM | Sep 20, 2010, 10:07 PM |
Version: 1.0.6-alt1
|
Summary: Extremely powerful file compression utility
|
Changelog: |
- Updated to 1.0.6 (fixes CVE-2010-0405). |
libmikmod Aug 26, 2010, 01:53 PM | Aug 26, 2010, 01:53 PM |
Version: 3.1.11-alt0.8
|
Summary: A portable sound library for Unix
|
Changelog: |
- imported security fixes from openSUSE 3.1.11a-84.5 package:
+ CVE-2007-6720:
denial of service (crash) by loading multiple MOD files
with different numbers of channels
+ CVE-2009-0179:
denial of service (crash) by loading an XM file
+ CVE-2009-3995:
arbitrary code execution via (1) crafted samples
or (2) crafted instrument definitions in an Impulse Tracker file
+ CVE-2009-3996:
arbitrary code execution via an Ultratracker file |
socat Aug 4, 2010, 08:40 PM | Aug 4, 2010, 08:40 PM |
Version: 1.7.1.3-alt1
|
Summary: 'socket cat' - multipurpose relay for bidirectional data transfer
|
Changelog: |
- New version: CVE-2010-2799 fixed (closes #23839). |
openldap2.4 Jul 1, 2010, 03:22 PM | Jul 1, 2010, 03:22 PM |
Version: 2.4.23-alt0.M50P.1
|
Summary: LDAP libraries and sample clients
|
Changelog: |
- backport to p5 branch (security fixes: CVE-2010-0212 and CVE-2010-0211) |
libpng Jun 29, 2010, 07:53 PM | Jun 29, 2010, 07:53 PM |
Version: 1.2.44-alt1
|
Summary: A library of functions for manipulating PNG image format files
|
Changelog: |
- Updated to 1.2.44 (fixes: CVE-2010-1205, CVE-2010-2249). |
tomcat5 Mar 19, 2010, 04:42 PM | Mar 19, 2010, 04:42 PM |
Version: 5.5.27-alt4_7.4jpp5
|
Summary: Apache Servlet/JSP Engine, RI for Servlet 2.4/JSP 2.0 API
|
Changelog: |
- updated to fc 7.4
- CVE-2009-0033, CVE-2009-0580 (closes: 20311, 20314)
- su -s /bin/sh -c instead of su - (closes: #23073) |
netpbm Mar 2, 2010, 07:55 AM | Mar 2, 2010, 07:55 AM |
Version: 10.35.32-alt1.M51.1
|
Summary: Tools for manipulating graphics files in netpbm supported formats
|
Changelog: |
- fixed stack-based buffer overflow (CVE-2009-4274)
- fixed build
+ netpbm-10.35-alt-fix-overflow-destination-buffer.patch
+ netpbm-10.35-fix-gcc43.patch (backported fix) |
dnsmasq Mar 1, 2010, 08:30 PM | Mar 1, 2010, 08:30 PM |
Version: 2.46-alt1.1.M51.2
|
Summary: A lightweight caching nameserver
|
Changelog: |
- fix TFTP server vulnerabilities (CVE-2009-2957, CVE-2009-2958). |
sudo Feb 23, 2010, 06:23 PM | Feb 23, 2010, 06:23 PM |
Version: 1.6.8p12-alt7
|
Summary: Allows command execution as another user
|
Changelog: |
- Backported upstream fix for CVE-2010-0426 (a flaw in sudoedit could
give a user with permission to run sudoedit the ability to run
arbitrary commands). |
chrony Feb 8, 2010, 12:09 PM | Feb 8, 2010, 12:09 PM |
Version: 1.24-alt1
|
Summary: Chrony clock synchronization program
|
Changelog: |
- 1.24. Contains security fixes for CVE-2010-0292, CVE-2010-0293, CVE-2010-0294. |
fuse Jan 27, 2010, 01:26 PM | Jan 27, 2010, 01:26 PM |
Version: 2.8.2-alt1
|
Summary: tool for creating virtual filesystems
|
Changelog: |
- 2.8.2
- CVE-2009-3297 (ALT #22834) |
MySQL Jan 27, 2010, 01:26 AM | Jan 27, 2010, 01:26 AM |
Version: 5.0.89-alt1
|
Summary: MySQL: A very fast and reliable SQL database engine
|
Changelog: |
- new version (closes #18943)
- fixed CVE-2009-2446 from upstream (closes #20724)
- setup utf8 encoding instead of latin1 by default (closes #12390)
- include C99 aliasing violation patch from mythtv (closes #22452)
- removed username-length patch
- wait for mysqld shutdown (closes #22234)
- don't run initial setup mysql database if mysql.user table already exists |
gzip Jan 20, 2010, 06:01 PM | Jan 20, 2010, 06:01 PM |
Version: 1.3.5-alt6
|
Summary: The GNU data compression program
|
Changelog: |
- Applied upstream fix for integer underflow bug (CVE-2010-0001). |