Security
Apr 1, 2019, 08:14 AM
icecast
Version: 2.4.4-alt1
Summary: Streaming Media Server
Changelog:
- Updated to upstream version 2.4.4 (Fixes: CVE-2018-18820).
Mar 31, 2019, 03:43 PM
tinc
Version: 1.0.35-alt1
Summary: Virtual Private Network (VPN) daemon that uses tunnelling and encryption to create a secure private network between hosts on the Internet.
Changelog:
- New version * Prevent oracle attacks (CVE-2018-16737, CVE-2018-16738) * Prevent a MITM from forcing a NULL cipher for UDP (CVE-2018-16758) - Disabling VDE support
Mar 27, 2019, 04:32 PM
ruby-loofah
Version: 2.2.3-alt1
Summary: HTML/XML manipulation and sanitization based on Nokogiri
Changelog:
- 2.2.3 (CVE-2018-16468); - fix version in gamespec for packaging (closes: #36441).
Feb 28, 2019, 12:29 AM
openslp
Version: 2.0.0-alt2
Summary: OpenSLP implementation of Service Location Protocol V2
Changelog:
- Fixed libslp namespace (closes: #35692). - Enabled SLPv2 Security. - Enabled testing. - Applied security fixes (fixes: CVE-2012-4428, CVE-2016-4912, CVE-2016-7567, CVE-2017-17833).
Feb 24, 2019, 10:06 AM
libyaml-cpp0
Version: 0.6.2-alt2
Summary: A YAML parser and emitter for C++
Changelog:
- Applied patches from Fedora (Fixes: CVE-2017-5950)
Jan 29, 2019, 09:47 AM
libvorbis
Version: 1.3.6-alt2
Summary: The Vorbis General Audio Compression Codec
Changelog:
- Backported upstream fixes (fixes: CVE-2017-14160, CVE-2018-10392, CVE-2018-10393). - Fixed probabilistic behaviour of %check.
Aug 30, 2018, 02:38 PM
ipsec-tools
Version: 0.8.2-alt2
Summary: IPsec-Tools package use the IPsec functionality in the linux-2.5+ kernels.
Changelog:
- build with openssl-1.1 - add patches from Debian - fixed CVE-2016-10396
Aug 30, 2018, 01:20 PM
xinetd
Version: 2.3.15-alt4
Summary: xinetd is a powerful replacement for inetd
Changelog:
- Applied upstream fix for TCPMUX services (fixes: CVE-2013-4342). - Stripped executable bit from xinetd.service (closes: #34566). - Disabled tcp_wrappers support.
Aug 2, 2018, 02:18 AM
NetworkManager-vpnc
Version: 1.2.6-alt1
Summary: NetworkManager VPN plugin for vpnc
Changelog:
- Disable libnm-glib-* support. - Fix build without libnm-glib-*. - Updated to 1.2.6 (fixes CVE-2018-10900).
Jul 23, 2018, 02:42 PM
libytnef
Version: 1.9.3-alt1
Summary: TNEF Stream Parser Library
Changelog:
- 1.9.3 (fixed CVE-2017-9470, CVE-2017-9471, CVE-2017-9474, CVE-2017-9058, CVE-2017-12142, CVE-2017-12141, CVE-2017-12144)
Mar 27, 2018, 03:46 AM
procmail
Version: 3.22-alt10
Summary: The procmail mail processing program
Changelog:
- Applied various fixes from Debian 3.22-26 package, including fixes for memory corruption bugs in formail (fixes: CVE-2017-16844).
Feb 15, 2018, 09:58 PM
rsync
Version: 3.1.3-alt1
Summary: A program for synchronizing files over a network
Changelog:
- v3.1.2 -> v3.1.3 (fixes CVE-2018-5764). - Fixed running with an unknown current directory (by Florian Weimer; fixes upstream bug 6422). - Added --noatime option (based on patch from Nicolas George; fixes upstream bug 7249).
Sep 27, 2017, 04:35 PM
libwmf
Version: 0.2.8.4-alt13
Summary: A library to convert wmf files
Changelog:
- Secutity (Fixes: CVE-2015-0848, CVE-2015-4588, CVE-2015-4695, CVE-2015-4696, CVE-2016-9011)
Jul 1, 2016, 01:40 PM
rssh
Version: 2.3.4-alt2
Summary: Restricted shell for scp or sftp
Changelog:
- really update sources to 2.3.4 fixes (CVE-2012-3478 and CVE-2012-2252) - add patch for rsync3 compat
Jan 5, 2016, 02:39 PM
keepassx
Version: 0.4.4-alt1
Summary: KeePassX Password Safe - light-weight cross-platform password manager
Changelog:
- New version: security fixes - Fix CVE-2015-8378: Canceling XML export operation creates export as ".xml"
May 15, 2015, 03:52 PM
kde4-webkitpart
Version: 1.3.4-alt2
Summary: WebKit render engine for Konqueror
Changelog:
- security fix: CVE-2014-8600
Jan 27, 2015, 03:50 AM
pxz
Version: 4.999.9beta-alt3
Summary: Parallel LZMA compressor using liblzma
Changelog:
- CVE-2015-1200 fix (patch from debian bug #775306)
May 13, 2014, 02:21 AM
kernel-src-kvm
Version: 3.10.21-alt8
Summary: KVM modules sources for Linux kernel
Changelog:
- updates from linux-3.10.40: + KVM: ioapic: fix assignment of ioapic->rtc_status.pending_eoi (CVE-2014-0155)