Sisyphus repository
Last update: 2018-01-22 10:06:01 +0300 | SRPMs: 18248 | Sign in or Sign up
en ru uk br
Security fixes

kernel-image-un-def-1:4.14.14-alt1  build 2018-01-17

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.14.14 (Fixes: CVE-2017-1000410, CVE-2017-17741, CVE-2017-5753)

wireshark-2.4.4-alt1.S1  build 2018-01-17

Group: Monitoring
Summary: The BugTraq Award Winning Network Traffic Analyzer
Changes:

- 2.4.4
- fixes:
* wnpa-sec-2018-01 Multiple dissectors could crash. CVE-2018-5336
* wnpa-sec-2018-03 The IxVeriWave file parser could crash. CVE-2018-5334
* wnpa-sec-2018-04 The WCP dissector could crash. CVE-2018-5335

kernel-image-std-pae-1:4.4.112-alt1  build 2018-01-17

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.4.112 (Fixes: CVE-2017-1000410, CVE-2017-17741, CVE-2017-5753)

bind-9.11.2.P1-alt1  build 2018-01-17

Group: System/Servers
Summary: ISC BIND - DNS server
Changes:

- 9.11.2 -> 9.11.2-P1 (fixes: CVE-2017-3145).

kernel-image-std-def-1:4.9.77-alt1  build 2018-01-17

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.9.77 (Fixes: CVE-2017-1000410, CVE-2017-17741, CVE-2017-5753)

glibc-6:2.26.0.131.fabef2e-alt1  build 2018-01-12

Group: System/Base
Summary: The GNU libc libraries
Changes:

- Updated to glibc-2.26-131-gfabef2e from 2.26 branch
with assorted backports from master (fixes CVE-2018-1000001).

firmware-intel-ucode-1:3.20180108-alt1  build 2018-01-10

Group: System/Kernel and hardware
Summary: Microcode definitions for Intel processors
Changes:

- Update to 20180108 (adapted debian changelog is below):
* New upstream microcode data file 20180108
+ Updated Microcodes:
sig 0x000306c3, pf_mask 0x32, 2017-11-20, rev 0x0023, size 23552
sig 0x000306d4, pf_mask 0xc0, 2017-11-17, rev 0x0028, size 18432
sig 0x000306e4, pf_mask 0xed, 2017-12-01, rev 0x042a, size 15360
sig 0x000306f2, pf_mask 0x6f, 2017-11-17, rev 0x003b, size 33792
sig 0x000306f4, pf_mask 0x80, 2017-11-17, rev 0x0010, size 17408
sig 0x00040651, pf_mask 0x72, 2017-11-20, rev 0x0021, size 22528
sig 0x00040661, pf_mask 0x32, 2017-11-20, rev 0x0018, size 25600
sig 0x00040671, pf_mask 0x22, 2017-11-17, rev 0x001b, size 13312
sig 0x000406e3, pf_mask 0xc0, 2017-11-16, rev 0x00c2, size 99328
sig 0x00050654, pf_mask 0xb7, 2017-12-08, rev 0x200003c, size 27648
sig 0x00050662, pf_mask 0x10, 2017-12-16, rev 0x0014, size 31744
sig 0x00050663, pf_mask 0x10, 2017-12-16, rev 0x7000011, size 22528
sig 0x000506e3, pf_mask 0x36, 2017-11-16, rev 0x00c2, size 99328
sig 0x000706a1, pf_mask 0x01, 2017-12-26, rev 0x0022, size 73728
sig 0x000806e9, pf_mask 0xc0, 2018-01-04, rev 0x0080, size 98304
sig 0x000806ea, pf_mask 0xc0, 2018-01-04, rev 0x0080, size 98304
sig 0x000906e9, pf_mask 0x2a, 2018-01-04, rev 0x0080, size 98304
sig 0x000906ea, pf_mask 0x22, 2018-01-04, rev 0x0080, size 97280
sig 0x000906eb, pf_mask 0x02, 2018-01-04, rev 0x0080, size 98304
+ Implements IBRS/IBPB support and enhances LFENCE: mitigation
against Spectre (fixes CVE-2017-5715)
+ Very likely fixes several other errata on some of the processors
* supplementary-ucode-CVE-2017-5715.d/: remove.
+ Downgraded microcodes:
sig 0x000406f1, pf_mask 0xef, 2017-03-01, rev 0xb000021, size 26624
sig 0x000506c9, pf_mask 0x03, 2017-03-25, rev 0x002c, size 16384
+ This removes IBRS/IBPB support for these two platforms when compared
with the previous (and unofficial) release, 20171215. We don't know
why Intel declined to include these microcode updates (as well as
several others) in the release.
* source: remove superseded upstream data file: 20171117

libwebkitgtk4-2.18.5-alt1  build 2018-01-10

Group: System/Libraries
Summary: Web browser engine
Changes:

- 2.18.5 (fixed CVE-2017-5753, CVE-2017-5715)

mariadb-10.1.30-alt1.S1  build 2018-01-09

Group: Databases
Summary: A very fast and reliable SQL database engine
Changes:

- 10.1.30
- Fixes for the following security vulnerabilities:
+ CVE-2017-15365

firefox-57.0.4-alt1  build 2018-01-06

Group: Networking/WWW
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Changes:

- New release (57.0.4).
- Fixed:
+ Speculative execution side-channel attack ("Spectre")
+ CVE-2017-7845: Buffer overflow when drawing and validating elements with ANGLE library using Direct 3D 9

firmware-linux-20180104-alt1.1  build 2018-01-05

Group: System/Kernel and hardware
Summary: Firmware files used by the Linux kernel
Changes:

- amd-ucode: Add microcode_amd_fam17h.bin (bsc#1068032 CVE-2017-5715)

firmware-intel-ucode-1:3-alt1.20171121  build 2018-01-04

Group: System/Kernel and hardware
Summary: Microcode definitions for Intel processors
Changes:

- Added new CPU microcodes (microcode counterpart of the CVE-2017-5715
kernel mitigation):
+ sig 0x000306f2, pf_mask 0x6f, 2017-11-17, rev 0x003b, size 33792
+ sig 0x000406f1, pf_mask 0xef, 2017-11-18, rev 0xb000025, size 27648
+ sig 0x00050654, pf_mask 0xb7, 2017-11-21, rev 0x200003a, size 27648

proftpd-1.3.5-alt4.rel.e  build 2018-01-02

Group: System/Servers
Summary: ProFTPd -- Professional FTP Server
Changes:

- 1.3.5e release:
+ Backported fix for "AllowChrootSymlinks off" checking each component
for symlinks (CVE-2017-7418).
- minor .spec cleanup.

kernel-image-un-def-1:4.14.9-alt1  build 2017-12-25

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.14.9 (Fixes: CVE-2017-16995, CVE-2017-16996)

kernel-image-std-def-1:4.9.71-alt1.1  build 2017-12-25

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- SMACK enabled
- kernel.unprivileged_bpf_disabled set by default (Fixes: CVE-2017-16995)

adobe-flash-player-ppapi-3:28-alt1.S1  build 2017-12-25

Group: Networking/WWW
Summary: Adobe Flash Player
Changes:

- new version (ALT#34369)
- security fixes:
CVE-2017-3114, CVE-2017-3112, CVE-2017-11225, CVE-2017-11215,
CVE-2017-11213, CVE-2017-11305

thunderbird-52.5.2-alt1  build 2017-12-25

Group: Networking/Mail
Summary: Thunderbird is Mozilla's e-mail client
Changes:

- New version (52.5.2)
- Enigmail 1.9.9
- Fixes:
+ CVE-2017-7846 JavaScript Execution via RSS in mailbox:// origin
+ CVE-2017-7847 Local path string can be leaked from RSS feed
+ CVE-2017-7848 RSS Feed vulnerable to new line Injection
+ CVE-2017-7829 Mailsploit part 1: From address with encoded null character is cut off in message header display

kernel-image-un-def-1:4.14.8-alt1.1  build 2017-12-25

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- SMACK enabled
- kernel.unprivileged_bpf_disabled set by default (Fixes: CVE-2017-16995, CVE-2017-16996)

kernel-image-std-def-1:4.9.72-alt1  build 2017-12-25

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.9.72 (Fixes: CVE-2017-16995)

libwebkitgtk4-2.18.4-alt1  build 2017-12-20

Group: System/Libraries
Summary: Web browser engine
Changes:

- 2.18.4 (fixed CVE-2017-13866, CVE-2017-13870, CVE-2017-7156, CVE-2017-13856)

kernel-image-std-pae-1:4.4.106-alt1  build 2017-12-17

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.4.106 (Fixes: CVE-2017-0861, CVE-2017-1000407)

chromium-63.0.3239.108-alt1  build 2017-12-16

Group: Networking/WWW
Summary: An open source web browser developed by Google
Changes:

- New version (63.0.3239.108).
- Security fixes:
- CVE-2017-15429: UXSS in V8.

kernel-image-std-def-1:4.9.69-alt1  build 2017-12-15

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.9.69 (Fixes: CVE-2017-0861, CVE-2017-1000407)

kernel-image-un-def-1:4.14.6-alt1  build 2017-12-15

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.14.6 (Fixes: CVE-2017-0861, CVE-2017-1000407)

firefox-esr-52.5.2-alt1  build 2017-12-10

Group: Networking/WWW
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Changes:

- New ESR version (52.5.2)
- Fixes:
+ CVE-2017-7843 Web worker in Private Browsing mode can write IndexedDB data
- Build with DBUS support (ALT #34302)

wireshark-2.4.3-alt1.S1  build 2017-12-09

Group: Monitoring
Summary: The BugTraq Award Winning Network Traffic Analyzer
Changes:

- 2.4.3
- fixes:
* wnpa-sec-2017-49 CIP Safety dissector crash CVE-2017-17085
* wnpa-sec-2017-48 NetBIOS dissector crash CVE-2017-17083
* wnpa-sec-2017-47 IWARP_MPA dissector crash CVE-2017-17084

openssl10-1.0.2n-alt1  build 2017-12-07

Group: System/Base
Summary: OpenSSL - Secure Sockets Layer and cryptography shared libraries and tools
Changes:

- Updated to v1.0.2n (fixes CVE-2017-3737, CVE-2017-3738).
- Added --disable tsget knob.
- Added support of s390x and mips* architectures.

pve-qemu-2.9.1-alt4  build 2017-12-07

Group: Emulators
Summary: QEMU CPU Emulator
Changes:

- fixes:
+ CVE-2017-17381 fix and backup race condition fix

mariadb-10.1.29-alt1.S1  build 2017-12-06

Group: Databases
Summary: A very fast and reliable SQL database engine
Changes:

- 10.1.29
- Fixes for the following security vulnerabilities:
+ CVE-2017-10378
+ CVE-2017-10268
+ MDEV-13819

kernel-image-un-def-1:4.14.4-alt1  build 2017-12-06

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.14.4 (Fixes: CVE-2011-1161, CVE-2017-8824)

kernel-image-std-def-1:4.9.67-alt1  build 2017-12-06

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.9.67 (Fixes: CVE-2017-8824)

kernel-image-std-pae-1:4.4.104-alt1  build 2017-12-06

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.4.104 (Fixes: CVE-2017-8824)

kernel-image-std-def-1:4.9.66-alt1.1  build 2017-12-05

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- temporary fix for HugeDirtyCowPOC (fixes CVE-2017-1000405)

kernel-image-std-pae-1:4.4.103-alt1.1  build 2017-12-05

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- temporary fix for HugeDirtyCowPOC (fixes CVE-2017-1000405)

kernel-image-un-def-1:4.13.16-alt1.1  build 2017-12-05

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- temporary fix for HugeDirtyCowPOC (fixes CVE-2017-1000405)

libXfont-1.5.4-alt1.S1  build 2017-12-04

Group: System/Libraries
Summary: X.Org libXfont runtime library
Changes:

- fixes:
+ CVE-2017-16611 Open files with O_NOFOLLOW

libXcursor-1.1.15-alt1.S1  build 2017-12-04

Group: System/Libraries
Summary: X Cursor Library
Changes:

- fixes:
+ CVE-2017-16612 Fix heap overflows when parsing malicious files

libXfont2-2.0.3-alt1.S1  build 2017-12-04

Group: System/Libraries
Summary: X.Org libXfont runtime library
Changes:

- fixes:
+ CVE-2017-16611 Open files with O_NOFOLLOW

palemoon-2:27.6.2-alt1  build 2017-12-02

Group: Networking/WWW
Summary: The New Moon browser, an unofficial branding of the Pale Moon project browser
Changes:

- New Version - Release 27.6.2
- Fixed CVE-2017-7832, CVE-2017-7835, CVE-2017-7840. See Changelog

curl-7.57.0-alt1.S1  build 2017-12-01

Group: Networking/File transfer
Summary: Gets a file from a FTP, GOPHER or HTTP server
Changes:

- new version
- fixes:
* CVE-2017-8818 SSL out of buffer access
* CVE-2017-8817 FTP wildcard out of bounds read
* CVE-2017-8816 NTLM buffer overflow via integer overflow

tor-0.3.1.9-alt1.S1  build 2017-12-01

Group: System/Servers
Summary: Anonymizing overlay network for TCP (The onion router)
Changes:

- new version (Fixes: CVE-2017-8819, CVE-2017-8820, CVE-2017-8821,
CVE-2017-8822, CVE-2017-8823)

rabbitmq-server-3.6.14-alt4  build 2017-11-27

Group: System/Servers
Summary: The RabbitMQ server
Changes:

- added (Fixes: CVE-2016-9877).

thunderbird-52.5.0-alt1  build 2017-11-24

Group: Networking/Mail
Summary: Thunderbird is Mozilla's e-mail client
Changes:

- New version (52.5.0)
- Fixes:
+ CVE-2017-7828 Use-after-free of PressShell while restyling layout
+ CVE-2017-7830 Cross-origin URL information leak through Resource
+ CVE-2017-7826 Memory safety bugs fixed in Firefox 57, Firefox ESR 52.5, and Thunderbird 52.5

kernel-image-std-pae-1:4.4.100-alt1  build 2017-11-22

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.4.100 (Fixes: CVE-2017-7518)

firefox-57.0-alt1  build 2017-11-21

Group: Networking/WWW
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Changes:

- New release (57.0).
- Fixed:
+ CVE-2017-7828: Use-after-free of PressShell while restyling layout
+ CVE-2017-7830: Cross-origin URL information leak through Resource Timing API
+ CVE-2017-7831: Information disclosure of exposed properties on JavaScript proxy objects
+ CVE-2017-7832: Domain spoofing through use of dotless 'i' character followed by accent markers
+ CVE-2017-7833: Domain spoofing with Arabic and Indic vowel marker characters
+ CVE-2017-7834: data: URLs opened in new tabs bypass CSP protections
+ CVE-2017-7835: Mixed content blocking incorrectly applies with redirects
+ CVE-2017-7836: Pingsender dynamically loads libcurl on Linux and OS X
+ CVE-2017-7837: SVG loaded as can use meta tags to set cookies
+ CVE-2017-7838: Failure of individual decoding of labels in international domain names triggers punycode display of entire IDN
+ CVE-2017-7839: Control characters before javascript: URLs defeats self-XSS prevention mechanism
+ CVE-2017-7840: Exported bookmarks do not strip script elements from user-supplied tags
+ CVE-2017-7842: Referrer Policy is not always respected for elements
+ CVE-2017-7827: Memory safety bugs fixed in Firefox 57
+ CVE-2017-7826: Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5

samba-DC-4.6.11-alt1.S1  build 2017-11-21

Group: System/Servers
Summary: Samba Active Directory Domain Controller
Changes:

- Second autumn security release (Fixes: CVE-2017-14746, CVE-2017-15275)

samba-4.6.11-alt1.S1  build 2017-11-21

Group: System/Servers
Summary: The Samba4 CIFS and AD client and server suite
Changes:

- Second autumn security release (Fixes: CVE-2017-14746, CVE-2017-15275)

weechat-1.9.1-alt1  build 2017-11-20

Group: Networking/IRC
Summary: fast, light & extensible IRC client
Changes:

- NMU: New security version (1.9.1) (Fixes: CVE-2017-14727)

kernel-image-std-pae-1:4.4.99-alt1  build 2017-11-18

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.4.99 (Fixes: CVE-2017-13080)

kernel-image-std-def-1:4.9.63-alt1  build 2017-11-18

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.9.63 (Fixes: CVE-2017-13080)

  1         3     4     5            Last »  

 
© 2009–2018 Igor Zubkov