Security

polkit Jan 26, 2022, 05:55 PMJan 26, 2022, 05:55 PM
Version: 0.116-alt2.M90P.4
Summary: PolicyKit Authorization Framework
Changelog:
- (Fixes: CVE-2021-4034)
log4j Dec 15, 2021, 11:35 PMDec 15, 2021, 11:35 PM
Version: 2.9.1-alt2.c9.1_4jpp8
Summary: Java logging package
Changelog:
- security fix CVE-2021-44228 and CVE-2021-45046
postgresql11 Nov 10, 2021, 01:05 PMNov 10, 2021, 01:05 PM
Version: 11.14-alt0.M90P.1
Summary: PostgreSQL client programs and libraries
Changelog:
- 11.14 (Fixes CVE-2021-23214, CVE-2021-23222)
postgresql10 Nov 10, 2021, 12:52 PMNov 10, 2021, 12:52 PM
Version: 10.19-alt0.M90P.1
Summary: PostgreSQL client programs and libraries
Changelog:
- 10.19 (Fixes CVE-2021-23214, CVE-2021-23222)
postgresql9.6 Nov 10, 2021, 12:41 PMNov 10, 2021, 12:41 PM
Version: 9.6.24-alt0.M90P.1
Summary: PostgreSQL client programs and libraries
Changelog:
- 9.6.24 (Fixes CVE-2021-23214, CVE-2021-23222)
postgresql12-1C Nov 10, 2021, 12:12 PMNov 10, 2021, 12:12 PM
Version: 12.7-alt0.M90P.3
Summary: PostgreSQL client programs and libraries (edition for 1C 8.3.13 and later)
Changelog:
- Fixes CVE-2021-23214, CVE-2021-23222
postgresql12 Nov 10, 2021, 11:55 AMNov 10, 2021, 11:55 AM
Version: 12.9-alt0.M90P.1
Summary: PostgreSQL client programs and libraries
Changelog:
- 12.9 (Fixes CVE-2021-23214, CVE-2021-23222)
java-1.8.0-openjdk Oct 23, 2021, 08:43 AMOct 23, 2021, 08:43 AM
Version: 1.8.0.312.b07-alt1_1jpp8
Summary: OpenJDK Runtime Environment 8
Changelog:
- New version.
- Security fixes:
  + CVE-2021-35588 InnerClasses: VM permits wrong Throw ClassFormatError if InnerClasses attribute's inner_class_info_index is 0
  + CVE-2021-35550 Update the default enabled cipher suites preference
  + CVE-2021-35565 com.sun.net.HttpsServer spins on TLS session close
  + CVE-2021-35556 Richer Text Editors
  + CVE-2021-35559 Enhanced style for RTF kit
  + CVE-2021-35561 Better hashing support
  + CVE-2021-35564 Improve Keystore integrity
  + CVE-2021-35567 More Constrained Delegation
  + CVE-2021-35578 Improve TLS client handshaking
  + CVE-2021-35586 Better BMP support
  + CVE-2021-35603 Better session identification
freerdp Oct 21, 2021, 04:06 PMOct 21, 2021, 04:06 PM
Version: 2.4.1-alt1
Summary: Remote Desktop Protocol functionality
Changelog:
- New version.
- Security fixes:
  + CVE-2021-41159 Improper client input validation for gateway connections allows to overwrite memory
  + CVE-2021-41160 Improper region checks in all clients allow out of bound write to memory
openssl1.1 Aug 24, 2021, 05:24 PMAug 24, 2021, 05:24 PM
Version: 1.1.1l-alt1
Summary: OpenSSL - Secure Sockets Layer and cryptography shared libraries and tools
Changelog:
- Updated to 1.1.1l (fixes CVE-2021-3711, CVE-2021-3712).
dovecot Aug 12, 2021, 01:39 PMAug 12, 2021, 01:39 PM
Version: 2.3.16-alt1
Summary: Dovecot secure IMAP/POP3 server
Changelog:
- Updated to 2.3.16 (fixes CVE-2021-33515, CVE-2021-29157, CVE-2021-33515, CVE-2021-29157).
- Package watch file.
pacemaker Jul 24, 2021, 03:36 PMJul 24, 2021, 03:36 PM
Version: 2.1.0-alt1
Summary: Scalable High-Availability cluster resource manager
Changelog:
- New version.
- Security fix CVE-2020-25654 in 2.0.5.
zabbix Jul 16, 2021, 02:43 PMJul 16, 2021, 02:43 PM
Version: 5.0.12-alt0.p9.2
Summary: A network monitor
Changelog:
- Updated the changelog to reflect CVE fix (Fixes: CVE-2013-1364).
nginx Jun 17, 2021, 12:48 PMJun 17, 2021, 12:48 PM
Version: 1.20.1-alt1
Summary: Fast HTTP server
Changelog:
- 1.20.1 (Fixes: CVE-2021-23017)
- updated rtmp module to 1.2.2
- updated spnego snapshot to a06f9efc
curl May 27, 2021, 11:42 AMMay 27, 2021, 11:42 AM
Version: 7.77.0-alt1
Summary: Gets a file from a FTP, GOPHER or HTTP server
Changelog:
- 7.77.0
- Fixes:
  * CVE-2021-22897 schannel cipher selection surprise
  * CVE-2021-22898 TELNET stack contents disclosure
  * CVE-2021-22901 TLS session caching disaster
bind Apr 29, 2021, 05:55 PMApr 29, 2021, 05:55 PM
Version: 9.11.31-alt1
Summary: ISC BIND - DNS server
Changelog:
- 9.11.28 -> 9.11.31 (fixes: CVE-2021-25214, CVE-2021-25215, CVE-2021-25216).
dnsmasq Apr 9, 2021, 01:11 PMApr 9, 2021, 01:11 PM
Version: 2.85-alt1
Summary: A lightweight caching nameserver
Changelog:
- Dropped obsoleted patch.
- Updated to 2.83 (fixes: CVE-2021-3448).
samba Mar 24, 2021, 08:34 PMMar 24, 2021, 08:34 PM
Version: 4.12.14-alt1
Summary: The Samba4 CIFS and AD client and server suite
Changelog:
- Update to latest security release of the Samba 4.12
- Security fixes:
  + CVE-2020-27840: Heap corruption via crafted DN strings
  + CVE-2021-20277: Out of bounds read in AD DC LDAP server
python-module-yaml Mar 18, 2021, 12:29 PMMar 18, 2021, 12:29 PM
Version: 5.4.1-alt0.c9
Summary: PyYAML, a YAML parser and emitter for Python
Changelog:
- Backport version 5.4.x to c9 branch (fixes CVE-2020-1747).
wpa_supplicant Mar 1, 2021, 01:53 PMMar 1, 2021, 01:53 PM
Version: 2.9-alt4
Summary: wpa_supplicant is an implementation of the WPA Supplicant component
Changelog:
- P2P: Fix a corner case in peer addition based on PD Request
  (Fixes: CVE-2021-27803)
ipmitool Feb 27, 2021, 12:46 PMFeb 27, 2021, 12:46 PM
Version: 1.8.18-alt4
Summary: ipmitool - Utility for IPMI control
Changelog:
- applied patches from upstream git to fix security issue (Fixes: CVE-2020-5208)
  see https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp
- added upstream fix FTBFS with gcc-10
xterm Feb 24, 2021, 03:22 PMFeb 24, 2021, 03:22 PM
Version: 366-alt1
Summary: A standard terminal emulator for the X Window System
Changelog:
- Autobuild version bump to 366
- CVE-2021-27135 (Closes: #39725)
subversion Feb 14, 2021, 09:22 PMFeb 14, 2021, 09:22 PM
Version: 1.14.1-alt1
Summary: A version control system
Changelog:
- New version.
- Fixes:
  + CVE-2020-17525 Remote unauthenticated denial-of-service in Subversion mod_authz_svn
sudo Jan 27, 2021, 09:04 PMJan 27, 2021, 09:04 PM
Version: 1.9.5p2-alt1
Summary: Allows command execution as another user
Changelog:
- Update to latest security release (fixes: CVE-2021-3156) (closes: 39615)
- Added sudo-python package with Sudo Python Plugin API
- Added sudo-logsrvd package with High-performance log server
nagios Jan 27, 2021, 04:30 PMJan 27, 2021, 04:30 PM
Version: 3.0.6-alt15
Summary: Services and network monitoring system
Changelog:
- Fixes:
  + CVE-2017-12847 Kill arbitrary processes by leveraging access to PID file.
- Don't install the PID file.
containerd Jan 22, 2021, 06:18 AMJan 22, 2021, 06:18 AM
Version: 1.3.9-alt1
Summary: A daemon to control runC
Changelog:
- 1.3.9 (Fixes: CVE-2020-15257)
x11vnc Jan 21, 2021, 09:31 AMJan 21, 2021, 09:31 AM
Version: 0.9.16-alt2
Summary: VNC server for real X displays
Changelog:
- Applied security fix from upstream (Fixes: CVE-2020-29074).
golang Jan 20, 2021, 03:59 PMJan 20, 2021, 03:59 PM
Version: 1.14.14-alt1
Summary: The Go Programming Language
Changelog:
- New version (1.14.14).
- Fixes:
  + CVE-2021-3114
  + CVE-2021-3115
screen Jan 20, 2021, 02:38 PMJan 20, 2021, 02:38 PM
Version: 4.6.2-alt3.p9.1
Summary: A screen manager that supports multiple sessions on one terminal
Changelog:
- Backported upstream commits (fixes CVE-2020-9366).
qemu Dec 24, 2020, 07:48 PMDec 24, 2020, 07:48 PM
Version: 4.2.1-alt4
Summary: QEMU CPU Emulator
Changelog:
- Fixes: CVE-2020-25723
Back to Top