Security
Mar 11, 2024, 09:39 AM
unbound
Version: 1.19.2-alt1
Summary: Validating, recursive, and caching DNS resolver
Changelog:
- 1.19.2 (Fixes CVE-2024-1931)
Feb 19, 2024, 08:58 PM
dnsmasq
Version: 2.90-alt1
Summary: A lightweight caching nameserver
Changelog:
- Fixed different signedness comparison on 32bit systems. - Dropped obsoleted patches. - Patches from upstream git: + Add missing CHANGELOG entries for 2.90; + Fix spurious "resource limit exceeded" messages. - Updated to 2.90 (fixes: CVE-2023-50387,CVE 2023-50868).
Feb 18, 2024, 05:03 PM
libuv
Version: 1.48.0-alt1
Summary: Evented I/O for NodeJS
Changelog:
- new version 1.48.0 (with rpmrb script) - CVE-2024-24806
Feb 12, 2024, 05:23 PM
postgresql12-1C
Version: 12.17-alt0.c9f2.2
Summary: PostgreSQL client programs and libraries (edition for 1C 8.3.13 and later)
Changelog:
- Fixes CVE-2024-0985 - Update 1C patch
Feb 12, 2024, 05:20 PM
postgresql12
Version: 12.18-alt0.c9f2.1
Summary: PostgreSQL client programs and libraries
Changelog:
- 12.18 (Fixes CVE-2024-0985)
Feb 2, 2024, 05:31 PM
runc
Version: 1.1.12-alt1
Summary: CLI for running Open Containers
Changelog:
- New version 1.1.12 (Fixes: CVE-2024-21626). - Drop tmpfiles.d/runc.conf
Feb 1, 2024, 12:18 PM
shim
Version: 15.8-alt1
Summary: First-stage UEFI bootloader
Changelog:
- new version - update shim-15.8-alt-Bump-grub-SBAT-revocation-to-4 patch - Fixes: + CVE-2023-40546 mok: fix LogError() invocation + CVE-2023-40547 - avoid incorrectly trusting HTTP headers + CVE-2023-40548 Fix integer overflow on SBAT section size on 32-bit system + CVE-2023-40549 Authenticode: verify that the signature header is in bounds. + CVE-2023-40550 pe: Fix an out-of-bound read in verify_buffer_sbat() + CVE-2023-40551: pe-relocate: Fix bounds check for MZ binaries
Jan 31, 2024, 03:18 PM
curl
Version: 8.6.0-alt1
Summary: Gets a file from a FTP, GOPHER or HTTP server
Changelog:
- 8.5.0 -> 8.6.0 - Fixes: * CVE-2024-0853 : OCSP verification bypass with TLS session reuse
Jan 25, 2024, 09:13 AM
freeipa
Version: 4.8.9-alt4.c9f2.5
Summary: The Identity, Policy and Audit system
Changelog:
- Fixes CVE-2023-5455.
Jan 24, 2024, 09:02 AM
zabbix
Version: 5.0.40-alt1
Summary: A network monitor
Changelog:
- 5.0.40 (Fixes: CVE-2023-32726, CVE-2023-32727, CVE-2023-32728)
Jan 16, 2024, 02:04 PM
xorg-server
Version: 1.20.8-alt12
Summary: Xserver - X Window System display server
Changelog:
- cherry pick upstream fixes for CVE-2023-6816, CVE-2024-0229, CVE-2024-21885, CVE-2024-21886, CVE-2024-0409, CVE-2024-0408
Jan 16, 2024, 08:00 AM
openssh
Version: 7.9p1-alt4.p10.4
Summary: OpenSSH free Secure Shell (SSH) implementation
Changelog:
- Backported upstream security fix for Terrapin attack (fixes CVE-2023-48795).
Jan 12, 2024, 10:52 AM
libssh
Version: 0.10.6-alt1
Summary: C library to authenticate in a simple manner to one or more SSH servers
Changelog:
- new version (fixes: CVE-2023-6004 CVE-2023-48795 CVE-2023-6918) (closes: 49050)
Dec 25, 2023, 12:08 PM
raptor2
Version: 2.0.16-alt1
Summary: RDF Parser Toolkit for Redland
Changelog:
- new version (fixes: CVE-2017-18926 CVE-2020-25713) (closes: 48916)
Dec 6, 2023, 12:44 AM
fish
Nov 23, 2023, 07:38 PM
gnutls30
Version: 3.6.16-alt4
Summary: A TLS protocol implementation
Changelog:
- auth/rsa_psk: side-step potential side-channel (fixes: CVE-2023-5981).
Nov 15, 2023, 12:54 AM
firmware-intel-ucode
Version: 23-alt1.20231114
Summary: Microcode definitions for Intel processors
Changelog:
- New upstream microcode datafile 20231114: + Security updates for INTEL-SA-00950 (CVE-2023-23583). + Updated microcodes: sig 0x000606a6, pf_mask 0x87, 2023-09-01, rev 0xd0003b9, size 299008 sig 0x000606c1, pf_mask 0x10, 2023-09-08, rev 0x1000268, size 290816 sig 0x000706e5, pf_mask 0x80, 2023-09-03, rev 0x00c2, size 113664 sig 0x000806c1, pf_mask 0x80, 2023-09-07, rev 0x00b4, size 111616 sig 0x000806c2, pf_mask 0xc2, 2023-09-07, rev 0x0034, size 98304 sig 0x000806d1, pf_mask 0xc2, 2023-09-07, rev 0x004e, size 104448 sig 0x000806f4, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x000806f4, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184 sig 0x000806f5, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x000806f5, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184 sig 0x000806f6, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x000806f6, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184 sig 0x000806f7, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x000806f8, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x000806f8, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184 sig 0x00090672, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208 sig 0x00090675, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208 sig 0x000906a3, pf_mask 0x80, 2023-06-07, rev 0x0430, size 220160 sig 0x000906a4, pf_mask 0x80, 2023-06-07, rev 0x0430, size 220160 sig 0x000a0671, pf_mask 0x02, 2023-09-03, rev 0x005d, size 104448 sig 0x000b0671, pf_mask 0x32, 2023-08-29, rev 0x011d, size 210944 sig 0x000b06a2, pf_mask 0xe0, 2023-08-30, rev 0x411c, size 216064 sig 0x000b06a3, pf_mask 0xe0, 2023-08-30, rev 0x411c, size 216064 sig 0x000b06e0, pf_mask 0x11, 2023-06-26, rev 0x0012, size 136192 sig 0x000b06f2, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208 sig 0x000b06f5, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208 - source: update symlinks to reflect id of the latest release, 20231114.
Nov 13, 2023, 06:20 PM
python-module-urllib3
Version: 1.25.11-alt0.c9.1
Summary: Library with thread-safe connection pooling, file post support, sanity friendly etc
Changelog:
- New version (fixes: CVE-2020-26137 CVE-2020-7212). - Do not build documentation.
Nov 13, 2023, 05:14 PM
salt
Version: 3005.4-alt0.c9.1
Summary: Tool to manage your infrastructure
Changelog:
- New version. - Security fix for CVE-2023-34049.
Nov 9, 2023, 05:57 PM
nginx
Version: 1.24.0-alt5
Summary: Fast HTTP server
Changelog:
- added upstream change 9165:cdda286c0f1b to improve the per-iteration stream handling limit for HTTP2 protocol (in is related to CVE-2023-44487)
Nov 9, 2023, 09:11 AM
postgresql11
Version: 11.22-alt0.M90P.1
Summary: PostgreSQL client programs and libraries
Changelog:
- 11.22 (Fixes CVE-2023-5868, CVE-2023-5869, CVE-2023-5870)
Nov 8, 2023, 02:44 PM
golang
Version: 1.20.11-alt1
Summary: The Go Programming Language
Changelog:
- - New version (1.20.11) (Fixes: CVE-2023-45283, CVE-2023-45284).
Nov 7, 2023, 06:32 PM
libetpan
Version: 1.9.4-alt4
Summary: This mail library provide a portable, efficient middleware for different kinds of mail access
Changelog:
- Patches from upstream git: + Fix buffer overwrite for empty string in remove_trailing_eol (upstream issue #408); + Detect extra data after STARTTLS response and exit (upstrem issue #387) (fixes: CVE-2020-15953); + Missing boundary fix (upstream issue #384); + Fix potential null pointer deferenced (upstream issue #363); + Fix potential null pointer deferenced (upstream issue #361); + Fix potential null pointer deference (upstream issue #348).
Nov 3, 2023, 12:06 AM
kubernetes1.24
Version: 1.24.17-alt1
Summary: Container cluster management
Changelog:
- 1.24.17 (Fixes: CVE-2023-2728) - Rename the package to include major and minor versions - Make kubernetes-common and kubernetes-crio noarch packages - Allow write to config dir /etc/kubernetes for kube group - Allow write to home dir /var/lib/kubernetes for kube group
Oct 23, 2023, 08:05 AM
mariadb
Version: 10.6.15-alt1
Summary: A very fast and reliable SQL database engine
Changelog:
- 10.6.15 - Fixes: CVE-2022-47015
Oct 20, 2023, 02:46 PM
apache2-mod_http2
Version: 2.0.25-alt1
Summary: module implementing HTTP/2 for Apache 2
Changelog:
- 2.0.24 -> 2.0.25 (Fixes: CVE-2023-45802)
Oct 11, 2023, 11:05 AM
libnghttp2
Oct 11, 2023, 08:36 AM
libcue2
Version: 2.3.0-alt1
Summary: Cue sheet parser library
Changelog:
- new version 2.3.0 (with rpmrb script) - CVE-2023-43641
Oct 11, 2023, 08:00 AM
openssl1.1
Version: 1.1.1w-alt0.p9.1
Summary: OpenSSL - Secure Sockets Layer and cryptography shared libraries and tools
Changelog:
- Updated to 1.1.1w (fixes CVE-2023-3446, CVE-2023-3817, CVE-2023-4807).
Oct 4, 2023, 09:14 AM
libX11
Oct 4, 2023, 08:58 AM
libXpm
Sep 29, 2023, 05:46 PM
cups
Version: 2.4.7-alt1
Summary: Common Unix Printing System - server package
Changelog:
- 2.4.7 (Fixes: CVE-2023-4504) - updated Ubuntu-9100-ppd-cache-add-auto-presets.patch - removed unused and/or integrated to upstream patches: - FC-multilib.patch - FC-uri-compat.patch - FC-0001-scheduler-ipp.c-Allocate-device_uri-via-cupsdSetStri.patch - Ubuntu-0016-Debian-po4a-infrastructure-and-translations-for-manp.patch - Ubuntu-9110-create-local-printer-localhost-fix.patch - ALT-1.6.1-hardening.patch - ALT-1.4.6-config-libs.patch - ALT-config-nolibs.patch
Sep 28, 2023, 06:23 AM
xrdp
Version: 0.9.23.1-alt1
Summary: An open source remote desktop protocol (RDP) server
Changelog:
- New version. - Security fixes: + CVE-2023-42822: Unchecked access to font glyph info
Sep 14, 2023, 10:02 AM
libwebp
Version: 1.3.2-alt1
Summary: Library and tools for the WebP graphics format
Changelog:
- 1.3.2 (fixed CVE-2023-4863)
Sep 1, 2023, 06:50 PM
redis
Version: 6.2.13-alt1
Summary: Redis is an advanced key-value store
Changelog:
- 6.2.13 - Fixed License - Split cli tools to cli subpackage - Update systemd units - Update default sentinel config - Build with systemd support sd_notify - /var/run -> /run - Fixed logrotate config - Fixed permissions for configs - Move make test to check section - Enable tests - Security fixes: + CVE-2022-24834 Integer Overflow to Buffer Overflow, Heap-based Buffer Overflow + CVE-2022-35977 Integer Overflow or Wraparound + CVE-2022-36021 Inefficient Algorithmic Complexity + CVE-2023-22458 Integer Overflow or Wraparound + CVE-2023-25155 Integer Overflow or Wraparound + CVE-2023-28856 Reachable Assertion
Aug 17, 2023, 10:33 AM
ImageMagick
Version: 6.9.12.93-alt1
Summary: An X application for displaying and manipulating images
Changelog:
- New version 6.9.12.93 (Fixes: CVE-2022-44268)
Jul 27, 2023, 03:08 PM
krb5
Version: 1.17.2-alt5
Summary: The Kerberos network authentication system
Changelog:
- Backport fix for use-after-free in kadmin5 (Fixes: CVE-2023-36054).
Jun 30, 2023, 05:36 PM
grafana
Version: 9.5.5-alt1
Summary: Metrics dashboard and graph editor
Changelog:
- 9.5.5 - Switch from separate server & cli to a unified grafana binary - Add wrapper scripts for grafana-cli and grafana-server - Fixes: + CVE-2023-0507 + CVE-2023-0594 + CVE-2023-1387 + CVE-2023-1410 + CVE-2023-2183 + CVE-2023-2801 + CVE-2023-22462 + CVE-2023-28119
Jun 20, 2023, 07:56 PM
ffmpeg
Version: 4.3.6-alt1
Summary: A command line toolbox to manipulate, convert and stream multimedia content
Changelog:
- 4.3.6 (Fixes: CVE-2022-3109, CVE-2020-21041)
Jun 20, 2023, 06:21 PM
cups-filters
Version: 1.28.8-alt2
Summary: OpenPrinting CUPS filters and backends
Changelog:
add upstream commit 93e60d3 (Fixes: CVE-2023-24805)
Jun 14, 2023, 09:32 AM
yajl
Jun 13, 2023, 05:08 PM
openldap
Jun 8, 2023, 09:04 PM
sysstat
Version: 12.7.2-alt2
Summary: Performance monitoring tools for Linux
Changelog:
- (Fixes: CVE-2023-33204).
May 27, 2023, 04:58 AM
etcd
Version: 3.5.9-alt1
Summary: A highly-available key value store for shared configuration
Changelog:
- 3.5.9 (Fixes: CVE-2023-32082).
Apr 17, 2023, 10:15 PM
git
Version: 2.33.8-alt1
Summary: Git core and tools
Changelog:
- 2.33.7 -> 2.33.8 (fixes: CVE-2023-25652, CVE-2023-25815, CVE-2023-29007).
Apr 4, 2023, 01:44 PM
gzip
Version: 1.10-alt1.p9.1
Summary: The GNU data compression program
Changelog:
- Fixed CVE-2022-1271 (ALT #44053).
Mar 29, 2023, 07:29 AM
libmemcached
Version: 1.1.4-alt1
Summary: Client library to the memcached
Changelog:
- 1.1.4 (Fixes CVE-2023-27478) - Change URL to new upstream project - Use CMAKE
Mar 9, 2023, 11:59 AM
clamav
Version: 0.103.8-alt1
Summary: Clam Antivirus scanner
Changelog:
- 0.103.8 (CVE-2023-20032, CVE-2023-20052)
Feb 15, 2023, 09:05 AM
php8.1
Version: 8.1.16-alt1
Summary: The PHP scripting language
Changelog:
- 8.1.15 -> 8.1.16 (Fixes: CVE-2023-0567, CVE-2023-0568, CVE-2023-0662)
Jan 28, 2023, 05:13 PM
python-module-lxml
Version: 4.4.2-alt1.c9.1
Summary: Powerful and Pythonic XML processing library combining libxml2/libxslt with the ElementTree API.
Changelog:
- Fixed CVE-2022-2309.
Jan 10, 2023, 02:06 PM
libtasn1
Dec 22, 2022, 10:23 AM
libcairo
Version: 1.16.0-alt2
Summary: Multi-platform 2D graphics library
Changelog:
- cherry pick upstream fixes for CVE-2018-19876, CVE-2020-35492
Dec 9, 2022, 12:49 AM
podofo
Version: 0.9.8-alt1
Summary: PDF manipulation library and tools
Changelog:
- new version 0.9.8 (with rpmrb script) - CVE-2021-30469, CVE-2021-30470, CVE-2021-30471, CVE-2021-30472
Dec 6, 2022, 05:30 PM
libxml2
Version: 2.9.12-alt1.c9f2.1
Summary: The library for manipulating XML files
Changelog:
- Applied security fixes from upstream (Fixes: CVE-2022-23308, CVE-2022-29824, CVE-2022-40303, CVE-2022-40304).
Dec 5, 2022, 03:48 PM
libarchive
Version: 3.6.1-alt2
Summary: A library for handling streaming archive formats
Changelog:
- security (fixes: CVE-2022-36227)
Nov 28, 2022, 10:52 AM
tcpreplay
Version: 4.4.2-alt1
Summary: A tool to replay captured network traffic
Changelog:
- 4.4.2 (Fixes: CVE-2022-28487, CVE-2022-27942, CVE-2022-27940, CVE-2022-37047, CVE-2022-37049, CVE-2022-27939, CVE-2022-25484, CVE-2022-27941)
Nov 11, 2022, 10:34 AM
audiofile
Version: 0.3.6-alt3.c9f2.1
Summary: Library to handle various audio file formats
Changelog:
- applied debian patchset (fixed CVE-2018-13440, CVE-2018-17095)
Nov 10, 2022, 10:13 AM
libsoup
Version: 2.66.2-alt1.c9f2.1
Summary: HTTP client/server library for GNOME
Changelog:
- fixes CVE-2019-17266
Nov 8, 2022, 08:01 AM
ntfs-3g
Version: 2021.8.22-alt2
Summary: third generation Linux NTFS driver
Changelog:
Nov 5, 2022, 02:50 PM
libpixman
Nov 3, 2022, 04:58 PM
php7
Version: 7.4.33-alt1
Summary: The PHP7 scripting language
Changelog:
- 7.4.32 -> 7.4.33 (Fixes: CVE-2022-31630, CVE-2022-37454)
Nov 2, 2022, 09:12 AM
perl-DBI
Version: 1.643-alt3
Summary: Database independent interface for Perl
Changelog:
- rename patch lib-DBD-File.pm-fix-CVE-2014-10401.patch - fixes changelog
Oct 29, 2022, 11:07 PM
expat
Version: 2.5.0-alt1
Summary: An XML parser written in C
Changelog:
- Updated to 2.5.0 (fixes: CVE-2022-43680 Fix heap use-after-free after overeager destruction of a shared DTD in function XML_ExternalEntityParserCreate in out-of-memory situations, DoS or potentially ACE).
Oct 28, 2022, 02:27 PM
openslp
Version: 2.0.0-alt3
Summary: OpenSLP implementation of Service Location Protocol V2
Changelog:
- Applied security fixes (fixes CVE-2021-4217).
Oct 26, 2022, 04:03 PM
libvncserver
Version: 0.9.13-alt3
Summary: An easy API to write one's own VNC server
Changelog:
- security (fixes: CVE-2020-29260)
Oct 25, 2022, 05:31 PM
arj
Version: 3.10.22-alt9
Summary: An compressor and uncompressor for .arj format archive files
Changelog:
- Fixes patch CVE-2015-0557-security-traversal-dir (ALT #44143).
Oct 14, 2022, 03:47 PM
aspell
Version: 0.60.8-alt2
Summary: An Open Source interactive spelling checker program
Changelog:
- fixes CVE-2019-25051
Oct 12, 2022, 02:52 PM
lrzsz
Version: 0.12.20-alt2
Summary: Programs for communicating over Z-, Y- & X-modem protocols.
Changelog:
- fixes CVE-2018-10195.
Oct 12, 2022, 07:45 AM
unzip
Oct 7, 2022, 08:03 PM
dhcp
Version: 4.4.3.P1-alt1
Summary: Dynamic Host Configuration Protocol (DHCP) distribution
Changelog:
- Updated to 4.4.3-P1 (fixes: CVE-2022-2928,CVE-2022-2929).
Sep 13, 2022, 04:57 AM
dovecot
Aug 31, 2022, 02:17 AM
cifs-utils
Version: 6.15-alt1
Summary: Utilities for doing and managing mounts of the Linux CIFS filesystem
Changelog:
- Update to stable release 6.15 (Samba#15025, Samba#15026) - mount.cifs: fix length check for ip option parsing (fixes: CVE-2022-27239) - mount.cifs: fix verbose messages on option parsing (fixes: CVE-2022-29869)
Jun 21, 2022, 05:26 PM
gmp
Version: 6.1.2-alt3.c9f2.1
Summary: GNU MP arbitrary precision arithmetic library
Changelog:
- Fixes: CVE-2021-43618.
Jun 9, 2022, 08:34 AM
feh
Jun 6, 2022, 04:31 PM
rsyslog
Version: 8.2204.1-alt1
Summary: Enhanced system logging and kernel message trapping daemon
Changelog:
- 8.2204.1 (Fixes: CVE-2022-24903)
Jun 1, 2022, 01:59 AM
ruby
Version: 2.7.6-alt0.1.c9f2
Summary: An Interpreted Object-Oriented Scripting Language
Changelog:
- !fix bugs: + CVE-2022-28738 + CVE-2022-28739
May 30, 2022, 05:22 PM
ardour
Version: 5.12-alt1.1.c9f2.1
Summary: Professional multi-track audio recording application
Changelog:
- Fixes: CVE-2020-22617
May 25, 2022, 05:14 PM
sogo
Version: 5.0.0-alt1.c9f2.1
Summary: SOGo is a very fast and scalable modern collaboration suite (groupware)
Changelog:
- Fixes: CVE-2021-33054
May 25, 2022, 04:55 PM
graphviz
May 12, 2022, 05:33 PM
openvpn
Version: 2.4.9-alt1.c9f2.2
Summary: a full-featured SSL VPN solution
Changelog:
- Security (Fixes: CVE-2022-0547)
May 5, 2022, 04:41 PM
lasso
Version: 2.6.0-alt2.c9f2.2
Summary: Liberty Alliance Single Sign On
Changelog:
- Security (Fixes: CVE-2021-28091).
Apr 25, 2022, 07:12 AM
java-1.8.0-openjdk
Version: 1.8.0.332.b09-alt0_0.1.eajpp8
Summary: OpenJDK Runtime Environment 8
Changelog:
- New version. - Seciruty fixes: + JDK-8270504, CVE-2022-21426: Better XPath expression handling + JDK-8275151, CVE-2022-21443: Improved Object Identification + JDK-8277672, CVE-2022-21434: Better invocation handler handling + JDK-8278008, CVE-2022-21476: Improve Santuario processing + JDK-8278972, CVE-2022-21496: Improve URL supports
Apr 22, 2022, 04:44 PM
klibc
Version: 2.0.8-alt2.c9f2.1
Summary: A minimal libc subset for use with initramfs
Changelog:
- Security update (Fixes: CVE-2021-31873, CVE-2021-31872, CVE-2021-31871, CVE-2021-31870).
Mar 28, 2022, 02:34 PM
polkit
Version: 0.116-alt2.M90P.5
Summary: PolicyKit Authorization Framework
Changelog:
- (Fixes: CVE-2021-4115)
Mar 17, 2022, 04:28 PM
bind
Version: 9.11.37-alt1
Summary: ISC BIND - DNS server
Changelog:
- 9.11.36 -> 9.11.37 (fixes: CVE-2021-25220).
Feb 3, 2022, 04:52 PM
connman
Version: 1.41-alt1
Summary: ConnMan is a daemon for managing internet connections.
Changelog:
- new version 1.41 (Fixes: CVE-2022-23096, CVE-2022-23097, CVE-2022-23098)
Jan 9, 2022, 01:28 AM
mc
Version: 4.8.27-alt1
Summary: An user-friendly file manager and visual shell
Changelog:
- 4.8.27 (CVE-2021-36370; ALT #40217)
Dec 23, 2021, 09:24 AM
libICE
Version: 1.0.9-alt1.c9f2.1
Summary: X Inter Client Exchange Library
Changelog:
- Security (Fixes: CVE-2017-2626)
Dec 22, 2021, 11:12 AM
dbus
Version: 1.12.16-alt2.c9f2.1
Summary: D-BUS is a simple IPC framework based on messages.
Changelog:
- Security (Fixes: CVE-2020-12049)
Dec 15, 2021, 11:35 PM
log4j
Version: 2.9.1-alt2.c9.1_4jpp8
Summary: Java logging package
Changelog:
- security fix CVE-2021-44228 and CVE-2021-45046
Nov 22, 2021, 02:25 PM
openexr
Version: 2.3.0-alt1.c9f2.1
Summary: A high-dynamic-range image file library
Changelog:
- Security (Fixes: CVE-2020-16587, CVE-2021-20296, CVE-2021-3598, CVE-2021-3605)
Nov 16, 2021, 08:06 AM
exiv2
Version: 0.27.3-alt2
Summary: Command line tool to access EXIF data in image files
Changelog:
- applied set of fc/upstream patches (fixed CVE-2021-29457, CVE-2021-29473, CVE-2021-31292, CVE-2021-3482)
Nov 11, 2021, 04:45 PM
screen
Version: 4.6.2-alt3.p9.2
Summary: A screen manager that supports multiple sessions on one terminal
Changelog:
- Applied SUSE combchar.diff to prevent DoS via crafted UTF-8 character sequence (fixes CVE-2021-26937).
Nov 10, 2021, 12:41 PM
postgresql9.6
Version: 9.6.24-alt0.M90P.1
Summary: PostgreSQL client programs and libraries
Changelog:
- 9.6.24 (Fixes CVE-2021-23214, CVE-2021-23222)
Oct 18, 2021, 07:48 PM
libjpeg-turbo
Version: 2.0.2-alt1.c9f2.1
Summary: A SIMD-accelerated library for manipulating JPEG image format files
Changelog:
- Fixed CVE-2020-17541: stack-based buffer overflow in the "transform" component.
Oct 6, 2021, 04:29 PM
qemu
Version: 5.2.0-alt6.c9.1
Summary: QEMU CPU Emulator
Changelog:
- Fixes: CVE-2021-3544, CVE-2021-3545, CVE-2021-3546.
Sep 18, 2021, 02:03 PM
fail2ban
Version: 0.11.2-alt2
Summary: Fail2Ban is an intrusion prevention framework
Changelog:
- fix build, apply patches from upstream - .service: use /run instead of /var/run - CVE-2021-32749
Aug 17, 2021, 05:48 PM
ldns
Version: 1.7.1-alt2.git.e99accb9
Summary: Lowlevel DNS(SEC) library with API
Changelog:
- Changelog update (Fixes: CVE-2017-1000231, CVE-2017-1000232).
Jul 20, 2021, 06:10 PM
systemd
Jul 9, 2021, 07:46 AM
glibc
Version: 2.27-alt14
Summary: The GNU libc libraries
Changelog:
- Updated to glibc-2.27-174-g73886db621 from 2.27 branch (fixes: CVE-2016-10228, CVE-2020-1751, CVE-2020-10029, CVE-2020-27618, CVE-2020-29562, CVE-2021-27645, CVE-2021-35942).