Security
Dec 6, 2019, 01:53 PM
oniguruma
Version: 6.9.4-alt1
Summary: Regular expressions library
Changelog:
- 6.9.4 - fixes: * CVE-2019-19012 Integer overflow related to reg->dmax in search_in_range() * CVE-2019-19203 heap-buffer-overflow in gb18030_mbc_enc_len() * CVE-2019-19204 heap-buffer-overflow in fetch_interval_quantifier()
Oct 31, 2019, 05:11 AM
sudo
Version: 1.8.28-alt1
Summary: Allows command execution as another user
Changelog:
- Update to autumn security release (closes: 37334) - Code execution with euid==0 in rare box configurations (fixes: CVE-2019-14287) - Fix post script for sudowheel control in case of upgrade in not default state
Oct 7, 2019, 03:31 PM
libXfont2
Version: 2.0.3-alt1
Summary: X.Org libXfont runtime library
Changelog:
- fixes: + CVE-2017-16611 Open files with O_NOFOLLOW
Sep 25, 2019, 05:16 PM
libspice-gtk
Version: 0.34-alt0.M80C.1
Summary: A GTK widget for SPICE clients
Changelog:
- Port to c8.1 branch due to upgrade of the server side (SPICE); - (Fixes: CVE-2016-3066).
Aug 30, 2019, 01:37 PM
dovecot-pigeonhole
Version: 0.4.11-alt1.M80C.1
Summary: Sieve language and the ManageSieve protocol for the Dovecot Secure IMAP Server
Changelog:
- Applied upstream security fix (fixes CVE-2019-11500).
Aug 30, 2019, 01:35 PM
dovecot
Version: 2.2.21-alt1.M80C.1
Summary: Dovecot secure IMAP/POP3 server
Changelog:
- Applied upstream security fix (fixes CVE-2019-11500).
Aug 6, 2019, 02:26 PM
firmware-intel-ucode
Version: 9-alt1.20190514
Summary: Microcode definitions for Intel processors
Changelog:
- Sync with Debian 3.20190514.1: + New upstream microcode datafile 20190514 + SECURITY UPDATE Implements MDS mitigation (RIDL, Fallout, Zombieload), INTEL-SA-00223 CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 + New Microcodes: sig 0x00030678, pf_mask 0x02, 2019-04-22, rev 0x0838, size 52224 sig 0x00030678, pf_mask 0x0c, 2019-04-22, rev 0x0838, size 52224 sig 0x00030679, pf_mask 0x0f, 2019-04-23, rev 0x090c, size 52224 sig 0x000406c3, pf_mask 0x01, 2019-04-23, rev 0x0368, size 69632 sig 0x000406c4, pf_mask 0x01, 2019-04-23, rev 0x0411, size 68608 sig 0x00050657, pf_mask 0xbf, 2019-02-27, rev 0x5000021, size 47104 + Updated Microcodes: sig 0x000206a7, pf_mask 0x12, 2019-02-17, rev 0x002f, size 12288 sig 0x000306a9, pf_mask 0x12, 2019-02-13, rev 0x0021, size 14336 sig 0x000306c3, pf_mask 0x32, 2019-02-26, rev 0x0027, size 23552 sig 0x000306d4, pf_mask 0xc0, 2019-03-07, rev 0x002d, size 19456 sig 0x000306e4, pf_mask 0xed, 2019-03-14, rev 0x042e, size 16384 sig 0x000306e7, pf_mask 0xed, 2019-03-14, rev 0x0715, size 17408 sig 0x000306f2, pf_mask 0x6f, 2019-03-01, rev 0x0043, size 34816 sig 0x000306f4, pf_mask 0x80, 2019-03-01, rev 0x0014, size 18432 sig 0x00040651, pf_mask 0x72, 2019-02-26, rev 0x0025, size 21504 sig 0x00040661, pf_mask 0x32, 2019-02-26, rev 0x001b, size 25600 sig 0x00040671, pf_mask 0x22, 2019-03-07, rev 0x0020, size 14336 sig 0x000406e3, pf_mask 0xc0, 2019-04-01, rev 0x00cc, size 100352 sig 0x000406f1, pf_mask 0xef, 2019-03-02, rev 0xb000036, size 30720 sig 0x00050654, pf_mask 0xb7, 2019-04-02, rev 0x200005e, size 32768 sig 0x00050662, pf_mask 0x10, 2019-03-23, rev 0x001a, size 32768 sig 0x00050663, pf_mask 0x10, 2019-03-23, rev 0x7000017, size 24576 sig 0x00050664, pf_mask 0x10, 2019-03-23, rev 0xf000015, size 23552 sig 0x00050665, pf_mask 0x10, 2019-03-23, rev 0xe00000d, size 19456 sig 0x000506c9, pf_mask 0x03, 2019-01-15, rev 0x0038, size 17408 sig 0x000506ca, pf_mask 0x03, 2019-03-01, rev 0x0016, size 15360 sig 0x000506e3, pf_mask 0x36, 2019-04-01, rev 0x00cc, size 100352 sig 0x000506f1, pf_mask 0x01, 2019-03-21, rev 0x002e, size 11264 sig 0x000706a1, pf_mask 0x01, 2019-01-02, rev 0x002e, size 73728 sig 0x000806e9, pf_mask 0x10, 2019-04-01, rev 0x00b4, size 98304 sig 0x000806e9, pf_mask 0xc0, 2019-04-01, rev 0x00b4, size 99328 sig 0x000806ea, pf_mask 0xc0, 2019-04-01, rev 0x00b4, size 99328 sig 0x000806eb, pf_mask 0xd0, 2019-03-30, rev 0x00b8, size 98304 sig 0x000806ec, pf_mask 0x94, 2019-03-30, rev 0x00b8, size 97280 sig 0x000906e9, pf_mask 0x2a, 2019-04-01, rev 0x00b4, size 99328 sig 0x000906ea, pf_mask 0x22, 2019-04-01, rev 0x00b4, size 98304 sig 0x000906eb, pf_mask 0x02, 2019-04-01, rev 0x00b4, size 99328 sig 0x000906ec, pf_mask 0x22, 2019-02-14, rev 0x00ae, size 98304 sig 0x000906ed, pf_mask 0x22, 2019-03-17, rev 0x00b8, size 97280
Aug 5, 2019, 08:56 PM
samba-DC
Version: 4.6.16-alt1.M80C.1
Summary: Samba Active Directory Domain Controller
Changelog:
- Update to latest samba-4.6 security release - Security fixes: + CVE-2018-10858 Insufficient input validation on client directory listing in libsmbclient + CVE-2018-10919 Confidential attribute disclosure from the AD LDAP server
Aug 5, 2019, 08:22 PM
samba
Version: 4.6.16-alt1.M80C.1
Summary: The Samba4 CIFS and AD client and server suite
Changelog:
- Update to latest samba-4.6 security release - Security fixes: + CVE-2018-10858 Insufficient input validation on client directory listing in libsmbclient + CVE-2018-10919 Confidential attribute disclosure from the AD LDAP server
May 21, 2019, 12:09 PM
libxmlsec1
Version: 1.2.26-alt1.M80C.1
Summary: Library providing support for "XML Signature" and "XML Encryption" standards
Changelog:
- for c8, soap reenabled (Fixes: CVE-2017-1000061)
May 14, 2019, 08:09 PM
dhcpcd
Version: 6.11.7-alt1
Summary: DHCP Client
Changelog:
- Fix crash on lease renewals (closes: #36730). - Updated to 6.11.7 (fixes: CVE-2019-11766).
Apr 23, 2019, 07:24 AM
SPICE
Version: 0.14.1-alt1
Summary: Implements the SPICE protocol
Changelog:
- 0.14.1 (Fixes: CVE-2018-10873)
Jan 11, 2019, 02:32 PM
nettle
Version: 3.4.1-alt1
Summary: A low-level cryptographic library
Changelog:
- Updated to 3.4.1 (fixes: CVE-2018-16869).
Jan 10, 2019, 05:13 PM
systemd
Version: 233-alt0.M80C.3
Summary: System and Session Manager
Changelog:
- journald: set a limit on the number of fields once more. - Backported patches from upstream (fixes: CVE-2018-16864, CVE-2018-16865, CVE-2018-16866).
Nov 9, 2018, 06:29 PM
NetworkManager
Version: 1.4.7-alt1.git3712c5180676
Summary: Install NetworkManager daemon and plugins
Changelog:
- Upstream git snapshot (nm-1-4 branch) (fixes: CVE-2018-15688).
Oct 25, 2018, 02:55 PM
libssh
Version: 0.7.6-alt2
Summary: C library to authenticate in a simple manner to one or more SSH servers
Changelog:
- fix changelog - security fixes: CVE-2018-10933
Sep 13, 2018, 08:20 PM
mariadb
Version: 10.1.35-alt0.N.M80C.1
Summary: A very fast and reliable SQL database engine
Changelog:
- 10.1.35 - Fixes for the following security vulnerabilities: + CVE-2018-3064 + CVE-2018-3063 + CVE-2018-3058 + CVE-2018-3066 - change mode of plugin dir in chroot (ALT #33259)
Aug 24, 2018, 06:51 PM
openssh
Version: 7.2p2-alt2.M80C.3
Summary: OpenSSH free Secure Shell (SSH) implementation
Changelog:
- Correction for fix for CVE-2018-15473
May 18, 2018, 02:47 PM
ruby
Version: 2.4.4-alt0.M80C.1
Summary: An Interpreted Object-Oriented Scripting Language
Changelog:
- New version. - Fixes: + CVE-2017-17742: HTTP response splitting in WEBrick + CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir + CVE-2018-8777: DoS by large request in WEBrick + CVE-2018-8778: Buffer under-read in String#unpack + CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket + CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
Mar 31, 2018, 09:35 AM
curl
Version: 7.59.0-alt1.N.M80C.1
Summary: Gets a file from a FTP, GOPHER or HTTP server
Changelog:
- new version - fixes: * CVE-2018-1000120 FTP path trickery leads to NIL byte out of bounds write * CVE-2018-1000121 LDAP NULL pointer dereference * CVE-2018-1000122 RTSP RTP buffer over-read
Feb 19, 2018, 09:22 PM
kernel-image-std-restricted
Version: 4.4.116-alt0.M80C.1
Summary: Restricted version of the Linux kernel
Changelog:
- v4.4.116 (Fixes: CVE-2017-8824)
Feb 19, 2018, 08:38 PM
kernel-image-srv-restricted
Version: 4.4.116-alt0.M80C.1
Summary: Restricted version of the Linux kernel
Changelog:
- v4.4.116 (Fixes: CVE-2017-8824)
Dec 7, 2017, 06:17 PM
openssl10
Version: 1.0.2n-alt0.M80C.1
Summary: OpenSSL - Secure Sockets Layer and cryptography shared libraries and tools
Changelog:
- Backported to c8 branch (fixes CVE-2017-3737, CVE-2017-3738).
Oct 23, 2017, 09:53 PM
glibc
Version: 2.23-alt3.M80C.3
Summary: The GNU libc libraries
Changelog:
- Backported upstream secutiry patches (fixes CVE-2017-15670 CVE-2017-15804).
Oct 20, 2017, 11:18 AM
apache2
Version: 2.4.28-alt1.N.M80C.1
Summary: The most widely used Web server on the Internet
Changelog:
- new version 2.4.28 - disabled NameVirtualHost directive in ports_all.conf (closes: #32269) - increased timeout for restarting httpd on SysVinit sytems (closes: #31062) - increased LOOPSSTART and TimeoutStartSec (closes: #33978) - fixes: * CVE-2017-9798 Corrupted or freed memory access
Oct 17, 2017, 03:17 PM
xorg-server
Version: 1.18.4-alt2.M80C.2
Summary: Xserver - X Window System display server
Changelog:
- (Fixes: CVE-2017-12176, CVE-2017-12177, CVE-2017-12178, CVE-2017-12183).
Oct 16, 2017, 05:29 PM
wpa_supplicant
Version: 2.6-alt1.M80C.1
Summary: wpa_supplicant is an implementation of the WPA Supplicant component
Changelog:
- backport to c8 - multiple vulnerabilities (so-called KRACK attack) (Fixes: + CVE-2017-13077 + CVE-2017-13078 + CVE-2017-13079 + CVE-2017-13080 + CVE-2017-13081 + CVE-2017-13082 + CVE-2017-13086 + CVE-2017-13087 + CVE-2017-13088)
Sep 28, 2017, 10:04 PM
nagios
Version: 3.0.6-alt4.M80C.1
Summary: Services and network monitoring system
Changelog:
- Backport to C8 (Fixes: CVE-2009-2288, CVE-2011-1523, CVE-2012-6096, CVE-2013-2214, CVE-2013-7108, CVE-2013-7205)
Sep 28, 2017, 05:01 PM
openvswitch
Version: 2.7.2-alt0.M80C.1
Summary: An open source, production quality, multilayer virtual switch
Changelog:
- backport to c8 (Fixes: CVE-2016-2074)
Sep 28, 2017, 03:10 PM
libpng
Version: 1.5.28-alt0.M80C.1
Summary: A library of functions for manipulating PNG image format files
Changelog:
- Updated to 1.5.28 (Fixes: CVE-2016-10087)
Sep 28, 2017, 02:54 PM
zlib
Version: 1.2.8-alt1.M80C.1
Summary: The zlib compression and decompression library
Changelog:
- backport to c8 (Fixes: CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843)
Sep 27, 2017, 11:20 PM
chrony
Version: 3.1-alt0.M80C.1
Summary: Chrony clock synchronization program
Changelog:
- backport to c8 (Fixes: CVE-2016-1567)
Sep 27, 2017, 06:12 PM
libtirpc
Version: 1.0.2-alt0.M80C.1
Summary: transport-independent RPC library
Changelog:
- backport to c8 (Fixed: CVE-2017-8779)
Sep 27, 2017, 03:34 PM
lxc
Version: 2.0.6-alt0.M80C.1
Summary: lxc : Linux Container
Changelog:
- backport to c8 (Fixes: CVE-2016-8649)
Sep 27, 2017, 01:07 PM
libimobiledevice
Version: 1.2.0-alt2.M80C.1
Summary: Library for connecting to Apple iPhone and iPod touch
Changelog:
- Fixes: + CVE-2016-5104 The socket_create function in common/socket.c in libimobiledevice allows remote attackers to bypass intended access restrictions
Sep 27, 2017, 12:06 PM
libcroco
Version: 0.6.11-alt2.M80C.1
Summary: A CSS2 parsing library
Changelog:
- Fixes: + CVE-2017-7960 denial of service in cr_input_new_from_uri function in cr-input.c
Sep 27, 2017, 11:21 AM
libarchive
Version: 3.3.1-alt0.M80C.1
Summary: A library for handling streaming archive formats
Changelog:
- backport to c8 (Fixes: CVE-2016-8687, CVE-2016-8688, CVE-2016-8689)
Sep 25, 2017, 11:55 PM
expat
Version: 2.2.4-alt0.M80C.1
Summary: An XML parser written in C
Changelog:
- backport to c8 (Fixes: CVE-2012-1148, CVE-2012-6702, CVE-2015-1283, CVE-2015-2716, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300, CVE-2016-9063, CVE-2017-11742, CVE-2017-9233)
Sep 25, 2017, 05:33 PM
dhcp
Version: 4.3.6-alt0.M80C.1
Summary: Dynamic Host Configuration Protocol (DHCP) distribution
Changelog:
- backport to c8 (Fixes: CVE-2015-8605, CVE-2016-2774)
Sep 25, 2017, 05:25 PM
c-ares
Version: 1.13.0-alt0.M80C.1
Summary: A library that performs asynchronous DNS operations
Changelog:
- backport to c8 (Fixes: CVE-2016-5180, CVE-2017-1000381)
Sep 21, 2017, 03:02 PM
postgresql9.5
Version: 9.5.9-alt0.M80C.1
Summary: PostgreSQL client programs and libraries
Changelog:
- port to c8 (Fixes: CVE-2017-7547, CVE-2017-7546, CVE-2017-7547, CVE-2017-7548, CVE-2017-7548, CVE-2017-7547, CVE-2017-7546, CVE-2017-7484, CVE-2017-7484, CVE-2017-7485, CVE-2017-7486, CVE-2017-7484, CVE-2017-7486, CVE-2017-7485, CVE-2017-7484)
Sep 20, 2017, 02:24 PM
postgresql9.6
Version: 9.6.5-alt0.M80C.1
Summary: PostgreSQL client programs and libraries
Changelog:
- backport to c8 (Fixes: CVE-2017-7546, CVE-2017-7547, CVE-2017-7548, CVE-2017-7548, CVE-2017-7547, CVE-2017-7546, CVE-2017-7484, CVE-2017-7484, CVE-2017-7485, CVE-2017-7486, CVE-2017-7484, CVE-2017-7486, CVE-2017-7485, CVE-2017-7484)
Sep 19, 2017, 04:53 PM
pidgin
Version: 2.12.0-alt0.M80C.1
Summary: A GTK+ based multiprotocol instant messaging client
Changelog:
- backport to c8 (Fixes: CVE-2016-2365, CVE-2016-2366, CVE-2016-2367, CVE-2016-2368, CVE-2016-2369, CVE-2016-2370, CVE-2016-2371, CVE-2016-2372, CVE-2016-2373, CVE-2016-2374, CVE-2016-2375, CVE-2016-2376, CVE-2016-2377, CVE-2016-2378, CVE-2016-2380, CVE-2016-4323)
Jun 4, 2017, 09:47 PM
wireshark
Version: 2.2.7-alt1.M80C.1
Summary: The BugTraq Award Winning Network Traffic Analyzer
Changelog:
- new version with these security fixes: * wnpa-sec-2017-22 Bazaar dissector infinite loop CVE-2017-9352 * wnpa-sec-2017-23 DOF dissector read overflow CVE-2017-9348 * wnpa-sec-2017-24 DHCP dissector read overflow CVE-2017-9351 * wnpa-sec-2017-25 SoulSeek dissector infinite loop CVE-2017-9346 * wnpa-sec-2017-26 DNS dissector infinite loop CVE-2017-9345 * wnpa-sec-2017-27 DICOM dissector infinite loop CVE-2017-9349 * wnpa-sec-2017-28 openSAFETY dissector memory exhaustion CVE-2017-9350 * wnpa-sec-2017-29 BT L2CAP dissector divide by zero CVE-2017-9344 * wnpa-sec-2017-30 MSNIP dissector crash CVE-2017-9343 * wnpa-sec-2017-31 ROS dissector crash CVE-2017-9347 * wnpa-sec-2017-32 RGMP dissector crash CVE-2017-9354 * wnpa-sec-2017-30 MSNIP dissector crash CVE-2017-9343 * wnpa-sec-2017-31 ROS dissector crash CVE-2017-9347 * wnpa-sec-2017-32 RGMP dissector crash CVE-2017-9354 * wnpa-sec-2017-33 IPv6 dissector crash CVE-2017-9353
Feb 17, 2017, 12:37 PM
adobe-flash-player-ppapi
Version: 24-alt3
Summary: Adobe Flash Player
Changelog:
- new version - security fixes: CVE-2017-2982, CVE-2017-2984, CVE-2017-2985, CVE-2017-2986, CVE-2017-2987, CVE-2017-2988, CVE-2017-2990, CVE-2017-2991, CVE-2017-2992, CVE-2017-2993, CVE-2017-2994, CVE-2017-2995, CVE-2017-2996
Sep 25, 2016, 12:35 PM
ruby-httpclient
Version: 2.8.2.4-alt1
Summary: HTTP accessing library for Ruby
Changelog:
- Update to latest release + Security CVE-2014-3566 critical to rhc: https://blog.openshift.com/poodle-ssl-vulnerability/
Sep 10, 2016, 12:25 AM
libgtk+2
Version: 2.24.31-alt1
Summary: The GIMP ToolKit (GTK+), a library for creating GUIs
Changelog:
- 2.24.31 (CVE-2013-7447)
Jul 9, 2016, 01:30 PM
iperf3
Version: 3.1.3-alt1
Summary: A TCP, UDP, and SCTP network bandwidth measurement tool
Changelog:
- New version (CVE-2016-4303)
Jul 1, 2016, 01:40 PM
rssh
Version: 2.3.4-alt2
Summary: Restricted shell for scp or sftp
Changelog:
- really update sources to 2.3.4 fixes (CVE-2012-3478 and CVE-2012-2252) - add patch for rsync3 compat
Jun 10, 2016, 02:14 PM
wget
Version: 1.18-alt1
Summary: An utility for retrieving files using the HTTP, HTTPS or FTP protocols
Changelog:
- 1.18 (fixes CVE-2016-4971: untrusted filenames when following HTTP to FTP redirects)
Jun 5, 2016, 02:34 PM
ImageMagick
Version: 6.9.4.7-alt1
Summary: An X application for displaying and manipulating images
Changelog:
- new version with fixes for CVE-2016-5118 (closes: #32174)
May 9, 2016, 08:54 PM
squid
Version: 3.5.19-alt1
Summary: The Squid proxy caching server
Changelog:
- Updated to 3.5.19 (inludes fixes for CVE-2016-4553, CVE-2016-4554, CVE-2016-4555, CVE-2016-4556).
Apr 10, 2016, 02:31 PM
libwebkitgtk2
Version: 2.4.11-alt1
Summary: Web browser engine
Changelog:
- 2.4.11 (CVE-2015-1120, CVE-2015-1076, CVE-2015-1071, CVE-2015-1081, CVE-2015-1122, CVE-2015-1155, CVE-2014-1748, CVE-2015-3752, CVE-2015-5809, CVE-2015-5928, CVE-2015-3749, CVE-2015-3659, CVE-2015-3748, CVE-2015-3743, CVE-2015-3731, CVE-2015-3745, CVE-2015-5822, CVE-2015-3658, CVE-2015-3741, CVE-2015-3727, CVE-2015-5801, CVE-2015-5788, CVE-2015-3747, CVE-2015-5794, CVE-2015-1127, CVE-2015-1153, CVE-2015-1083)
Feb 21, 2016, 01:45 AM
ipsec-tools
Version: 0.8.2-alt1
Summary: IPsec-Tools package use the IPsec functionality in the linux-2.5+ kernels.
Changelog:
- 0.8.2 - fixed CVE-2015-4047
Jan 5, 2016, 02:39 PM
keepassx
Version: 0.4.4-alt1
Summary: KeePassX Password Safe - light-weight cross-platform password manager
Changelog:
- New version: security fixes - Fix CVE-2015-8378: Canceling XML export operation creates export as ".xml"
Dec 16, 2015, 11:58 AM
grub2
Version: 2.00-alt21
Summary: GRand Unified Bootloader
Changelog:
- CVE-2015-8370: those who have set up GRUB passwords MUST upgrade or find their use of this "protection" inefficient: CVE-2015-8370-Grub2-authentication-bypass.html" target="_blank">http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html (closes: #31631) - added fedora patch to piggyback --unrestricted through CLASS thus changing the default for password-protected menuentry items to request password only when an attempt to change boot parameters is made (but to let the system boot by default); see also http://altlinux.org/grub#password - added upstream texinfo patch to fix FTBFS - explicit BR: texinfoDec 4, 2015, 06:18 PMxfsprogs
Version: 3.1.11-alt1Summary: Utilities for managing the XFS filesystemChangelog:- 3.1.11 + reset to pristine source, effectively reverting all patches - applied patch series extracted from opensuse 13.1 updates' 3.1.11-2.3.1 package to fix CVE-2012-2150Nov 25, 2015, 12:53 PMlibssh2
Version: 1.4.3-alt2Summary: A library implementing the SSH2 protocolChangelog:- CVE-2015-1782 fixedSep 15, 2015, 08:56 PMlibunwind
Version: 1.1-alt2Summary: An unwinding libraryChangelog:- Fixed CVE-2015-3239. - Added aarch64 architecture support.Sep 1, 2015, 12:09 PMlibvdpau
Version: 1.1.1-alt1Summary: VDPAU libraryChangelog:- new version - security fixes: CVE-2015-5198, CVE-2015-5199, CVE-2015-5200Jan 27, 2015, 03:50 AMpxz
Version: 4.999.9beta-alt3Summary: Parallel LZMA compressor using liblzmaChangelog:- CVE-2015-1200 fix (patch from debian bug #775306)Sep 13, 2014, 02:29 PMlua5
Version: 5.1.5-alt1Summary: Embeddable programming languageChangelog:- Patch for CVE-2014-5461 applied - 5.1.4 -> 5.1.5 - lua-5.1.4 patches reverted - applied official pathes #1/#2 from lua.org/bugs.htmlSep 11, 2014, 12:25 AMlibmodplug
Version: 0.8.8.5-alt1Summary: Modplug mod music file format libraryChangelog:- 0.8.8.5 + CVE-2013-4233, CVE-2013-4234 fixesJul 15, 2014, 05:35 PMliblzo2
Version: 2.08-alt1Summary: Data compression library with very fast (de)compressionChangelog:- Updated to 2.08 (fixes CVE-2014-4607). - Cleaned up specfile.May 13, 2014, 02:21 AMkernel-src-kvm
Version: 3.10.21-alt8Summary: KVM modules sources for Linux kernelChangelog:- updates from linux-3.10.40: + KVM: ioapic: fix assignment of ioapic->rtc_status.pending_eoi (CVE-2014-0155)Dec 26, 2013, 08:07 PMlibjpeg-turbo
Version: 1.3.1-alt0.1Summary: A SIMD-accelerated library for manipulating JPEG image format filesChangelog:- Updated to 1.3.1 r1092 (fixes CVE-2013-6629, CVE-2013-6630).Oct 27, 2012, 09:44 PMlibexif
Version: 0.6.21-alt1Summary: libexif is a library for parsing, editing, and saving EXIF dataChangelog:- 0.6.21 - fixed CVE-2012-2812, CVE-2012-2813, CVE-2012-2814, CVE-2012-2836, CVE-2012-2837, CVE-2012-2840, CVE-2012-2841, CVE-2012-2845Jan 27, 2009, 09:23 AMsmarty
Version: 2.6.22-alt1Summary: Template engine for PHPChangelog:- Updated to 2.6.22. Security fixes: + CVE-2008-4810 + CVE-2008-4811