ISO Image: alt-education-10.1-aarch64.iso
Apr 16, 2024, 11:32 AM
libsox3
Summary: The SoX sound file format converter libraries
March 28, 2024 Andrey Kovalev:
- Added patches from debian and fix vulnerabilities (Fixes: CVE-2017-15371, CVE-2019-8355, CVE-2021-33844, CVE-2017-15370, CVE-2019-8356, CVE-2021-3643, CVE-2017-11332, CVE-2019-8357, CVE-2021-40426, CVE-2017-11359, CVE-2023-32627, CVE-2022-31650, CVE-2017-15372, CVE-2017-11358, CVE-2022-31651, CVE-2017-15642, CVE-2019-13590, CVE-2019-8354, CVE-2021-23159): + fixed hcom big endian + fixed resource leak comments + fixed resource leak hcom + added handle vorbis analysis headerout errors + added wavpack check errors + added xa validate channel count
Apr 16, 2024, 11:32 AM
libsox-fmt-vorbis
Summary: The SoX sound file format converter headers files and libraries
March 28, 2024 Andrey Kovalev:
- Added patches from debian and fix vulnerabilities (Fixes: CVE-2017-15371, CVE-2019-8355, CVE-2021-33844, CVE-2017-15370, CVE-2019-8356, CVE-2021-3643, CVE-2017-11332, CVE-2019-8357, CVE-2021-40426, CVE-2017-11359, CVE-2023-32627, CVE-2022-31650, CVE-2017-15372, CVE-2017-11358, CVE-2022-31651, CVE-2017-15642, CVE-2019-13590, CVE-2019-8354, CVE-2021-23159): + fixed hcom big endian + fixed resource leak comments + fixed resource leak hcom + added handle vorbis analysis headerout errors + added wavpack check errors + added xa validate channel count
Apr 16, 2024, 11:32 AM
libsox-fmt-alsa
Summary: The SoX sound file format converter headers files and libraries
March 28, 2024 Andrey Kovalev:
- Added patches from debian and fix vulnerabilities (Fixes: CVE-2017-15371, CVE-2019-8355, CVE-2021-33844, CVE-2017-15370, CVE-2019-8356, CVE-2021-3643, CVE-2017-11332, CVE-2019-8357, CVE-2021-40426, CVE-2017-11359, CVE-2023-32627, CVE-2022-31650, CVE-2017-15372, CVE-2017-11358, CVE-2022-31651, CVE-2017-15642, CVE-2019-13590, CVE-2019-8354, CVE-2021-23159): + fixed hcom big endian + fixed resource leak comments + fixed resource leak hcom + added handle vorbis analysis headerout errors + added wavpack check errors + added xa validate channel count
Apr 16, 2024, 11:32 AM
libsox-fmt-sndfile
Summary: The SoX sound file format converter headers files and libraries
March 28, 2024 Andrey Kovalev:
- Added patches from debian and fix vulnerabilities (Fixes: CVE-2017-15371, CVE-2019-8355, CVE-2021-33844, CVE-2017-15370, CVE-2019-8356, CVE-2021-3643, CVE-2017-11332, CVE-2019-8357, CVE-2021-40426, CVE-2017-11359, CVE-2023-32627, CVE-2022-31650, CVE-2017-15372, CVE-2017-11358, CVE-2022-31651, CVE-2017-15642, CVE-2019-13590, CVE-2019-8354, CVE-2021-23159): + fixed hcom big endian + fixed resource leak comments + fixed resource leak hcom + added handle vorbis analysis headerout errors + added wavpack check errors + added xa validate channel count
Apr 16, 2024, 11:32 AM
libsox-fmt-oss
Summary: The SoX sound file format converter headers files and libraries
March 28, 2024 Andrey Kovalev:
- Added patches from debian and fix vulnerabilities (Fixes: CVE-2017-15371, CVE-2019-8355, CVE-2021-33844, CVE-2017-15370, CVE-2019-8356, CVE-2021-3643, CVE-2017-11332, CVE-2019-8357, CVE-2021-40426, CVE-2017-11359, CVE-2023-32627, CVE-2022-31650, CVE-2017-15372, CVE-2017-11358, CVE-2022-31651, CVE-2017-15642, CVE-2019-13590, CVE-2019-8354, CVE-2021-23159): + fixed hcom big endian + fixed resource leak comments + fixed resource leak hcom + added handle vorbis analysis headerout errors + added wavpack check errors + added xa validate channel count
Apr 16, 2024, 11:32 AM
libsox-fmt-flac
Summary: The SoX sound file format converter headers files and libraries
March 28, 2024 Andrey Kovalev:
- Added patches from debian and fix vulnerabilities (Fixes: CVE-2017-15371, CVE-2019-8355, CVE-2021-33844, CVE-2017-15370, CVE-2019-8356, CVE-2021-3643, CVE-2017-11332, CVE-2019-8357, CVE-2021-40426, CVE-2017-11359, CVE-2023-32627, CVE-2022-31650, CVE-2017-15372, CVE-2017-11358, CVE-2022-31651, CVE-2017-15642, CVE-2019-13590, CVE-2019-8354, CVE-2021-23159): + fixed hcom big endian + fixed resource leak comments + fixed resource leak hcom + added handle vorbis analysis headerout errors + added wavpack check errors + added xa validate channel count
Apr 16, 2024, 11:32 AM
sox-base
Summary: A general purpose sound file conversion tool
March 28, 2024 Andrey Kovalev:
- Added patches from debian and fix vulnerabilities (Fixes: CVE-2017-15371, CVE-2019-8355, CVE-2021-33844, CVE-2017-15370, CVE-2019-8356, CVE-2021-3643, CVE-2017-11332, CVE-2019-8357, CVE-2021-40426, CVE-2017-11359, CVE-2023-32627, CVE-2022-31650, CVE-2017-15372, CVE-2017-11358, CVE-2022-31651, CVE-2017-15642, CVE-2019-13590, CVE-2019-8354, CVE-2021-23159): + fixed hcom big endian + fixed resource leak comments + fixed resource leak hcom + added handle vorbis analysis headerout errors + added wavpack check errors + added xa validate channel count
Apr 16, 2024, 11:32 AM
libsox-fmt-mp3
Summary: The SoX sound file format converter headers files and libraries
March 28, 2024 Andrey Kovalev:
- Added patches from debian and fix vulnerabilities (Fixes: CVE-2017-15371, CVE-2019-8355, CVE-2021-33844, CVE-2017-15370, CVE-2019-8356, CVE-2021-3643, CVE-2017-11332, CVE-2019-8357, CVE-2021-40426, CVE-2017-11359, CVE-2023-32627, CVE-2022-31650, CVE-2017-15372, CVE-2017-11358, CVE-2022-31651, CVE-2017-15642, CVE-2019-13590, CVE-2019-8354, CVE-2021-23159): + fixed hcom big endian + fixed resource leak comments + fixed resource leak hcom + added handle vorbis analysis headerout errors + added wavpack check errors + added xa validate channel count
Apr 15, 2024, 04:03 PM
qemu-aux
Summary: QEMU auxiliary package
April 8, 2024 Alexey Shabalin:
- 8.2.2. - Fixes: CVE-2023-42467, CVE-2023-1544, CVE-2023-3255, CVE-2023-3019, CVE-2021-3527, CVE-2023-6693, CVE-2023-0330, CVE-2023-6683. - backkport patches (Fixes: CVE-2024-26327, CVE-2024-26328). - LoongArch KVM support from https://github.com/loongson/qemu.git, branch kvm-loongarch, commit 432f4cf89493f2a1ac144018224e7d1b4fbc31a4. - qemu-user: fixed running 32-bit x86 binaries on hosts with a page size > 4KB (such as LoongArch, ppc64*) - spec: + LoongArch: work around old glibc-kernheaders (thanks iv@) + LoongArch: pmem is not supported [yet] - update vitastor block driver to vitastor-v1.3.1.
Apr 15, 2024, 04:03 PM
qemu-guest-agent
Summary: QEMU guest agent
April 8, 2024 Alexey Shabalin:
- 8.2.2. - Fixes: CVE-2023-42467, CVE-2023-1544, CVE-2023-3255, CVE-2023-3019, CVE-2021-3527, CVE-2023-6693, CVE-2023-0330, CVE-2023-6683. - backkport patches (Fixes: CVE-2024-26327, CVE-2024-26328). - LoongArch KVM support from https://github.com/loongson/qemu.git, branch kvm-loongarch, commit 432f4cf89493f2a1ac144018224e7d1b4fbc31a4. - qemu-user: fixed running 32-bit x86 binaries on hosts with a page size > 4KB (such as LoongArch, ppc64*) - spec: + LoongArch: work around old glibc-kernheaders (thanks iv@) + LoongArch: pmem is not supported [yet] - update vitastor block driver to vitastor-v1.3.1.
Apr 11, 2024, 04:23 PM
xorg-xwayland
Summary: Wayland X server
April 4, 2024 Valery Inozemtsev:
- cherry pick upstream fixes for CVE-2024-31080, CVE-2024-31081, CVE-2024-31083
Apr 11, 2024, 04:23 PM
xorg-server
Summary: Xserver - X Window System display server
April 4, 2024 Valery Inozemtsev:
- cherry pick upstream fixes for CVE-2024-31080, CVE-2024-31081, CVE-2024-31082, CVE-2024-31083
Apr 11, 2024, 04:23 PM
xorg-server-common
Summary: The X server common files
April 4, 2024 Valery Inozemtsev:
- cherry pick upstream fixes for CVE-2024-31080, CVE-2024-31081, CVE-2024-31082, CVE-2024-31083
Apr 11, 2024, 04:23 PM
xorg-xvfb
Summary: A virtual framebuffer X Windows System server for X.Org
April 4, 2024 Valery Inozemtsev:
- cherry pick upstream fixes for CVE-2024-31080, CVE-2024-31081, CVE-2024-31082, CVE-2024-31083
Apr 8, 2024, 05:58 PM
thunderbird
Summary: Thunderbird is Mozilla's e-mail client
April 3, 2024 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2024-0743 Crash in NSS TLS method + CVE-2024-2605 Windows Error Reporter could be used as a Sandbox escape vector + CVE-2024-2607 JIT code failed to save return registers on Armv7-A + CVE-2024-2608 Integer overflow could have led to out of bounds write + CVE-2024-2616 Improve handling of out-of-memory conditions in ICU + CVE-2023-5388 NSS susceptible to timing attack against RSA decryption + CVE-2024-2610 Improper handling of html and body tags enabled CSP nonce leakage + CVE-2024-2611 Clickjacking vulnerability could have led to a user accidentally granting permissions + CVE-2024-2612 Self referencing object could have potentially led to a use-after-free + CVE-2024-2614 Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9
Apr 6, 2024, 01:36 AM
libnghttp2
Apr 6, 2024, 01:36 AM
apache2-datadirs
Summary: data dirs for Apache
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 6, 2024, 01:36 AM
apache2-cgi-bin-printenv
Summary: cgi-bin/printenv for Apache
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 6, 2024, 01:36 AM
apache2-cgi-bin-test-cgi
Summary: cgi-bin/test-cgi for Apache
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 6, 2024, 01:36 AM
apache2-html
Summary: html for Apache
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 6, 2024, 01:36 AM
apache2-icons
Summary: icons for Apache
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 6, 2024, 01:36 AM
apache2-cgi-bin
Summary: cgi-bin for Apache
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 6, 2024, 01:36 AM
apache2-htcacheclean-control
Summary: Control rules for htcacheclean
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 6, 2024, 01:36 AM
apache2-base
Summary: The most widely used Web server on the Internet (base)
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 6, 2024, 01:36 AM
apache2
Summary: The most widely used Web server on the Internet
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 6, 2024, 01:36 AM
apache2-mod_cache_disk
Summary: Module supported content cache storage for the Apache HTTP server
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 6, 2024, 01:36 AM
apache2-htpasswd
Summary: Manage user files for basic authentication
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 6, 2024, 01:36 AM
apache2-httpd-worker
Summary: High speed threaded model for Apache HTTPD 2.1
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 6, 2024, 01:36 AM
apache2-mods
Summary: Modules for apache2 installations
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 6, 2024, 01:36 AM
apache2-ab
Summary: Apache HTTP server benchmarking tool
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 6, 2024, 01:36 AM
apache2-httpd-prefork
Summary: Traditional model for Apache HTTPD 2.1
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 6, 2024, 01:36 AM
apache2-mod_ssl
Summary: SSL/TLS module for the Apache HTTP server
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 6, 2024, 01:36 AM
apache2-htcacheclean
Summary: Clean up the cache disk for Apache
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 2, 2024, 04:53 PM
libgnutls30
Summary: Transport Layer Security library
March 29, 2024 Mikhail Efremov:
- Fix side-channel in the deterministic ECDSA (fixes: CVE-2024-28834). - tests: Add test for CVE-2024-28835. - rsa-psk: minimize branching after decryption (fixes: CVE-2024-0553). - x509: detect loop in certificate chain (fixes: CVE-2024-0567).
Apr 2, 2024, 04:53 PM
gnutls-utils
Summary: TLS protocol utilities
March 29, 2024 Mikhail Efremov:
- Fix side-channel in the deterministic ECDSA (fixes: CVE-2024-28834). - tests: Add test for CVE-2024-28835. - rsa-psk: minimize branching after decryption (fixes: CVE-2024-0553). - x509: detect loop in certificate chain (fixes: CVE-2024-0567).
Mar 30, 2024, 07:23 PM
libcurl
Summary: The shared library for file transfer
March 27, 2024 Anton Farygin:
- 8.6.0 -> 8.7.1 - Fixes: * CVE-2024-2398: HTTP/2 push headers memory-leak * CVE-2024-2004: Usage of disabled protocol
Mar 30, 2024, 07:23 PM
curl
Summary: Gets a file from a FTP, GOPHER or HTTP server
March 27, 2024 Anton Farygin:
- 8.6.0 -> 8.7.1 - Fixes: * CVE-2024-2398: HTTP/2 push headers memory-leak * CVE-2024-2004: Usage of disabled protocol
Mar 26, 2024, 09:53 AM
libvirt-libs
Summary: Client side libraries
March 21, 2024 Alexander Kuznetsov:
- Check for negative array lengths before allocation (Fixes: CVE-2024-2494)
Mar 26, 2024, 09:53 AM
libvirt-client
Summary: Client side utilities of the libvirt library
March 21, 2024 Alexander Kuznetsov:
- Check for negative array lengths before allocation (Fixes: CVE-2024-2494)
Mar 25, 2024, 10:23 AM
python3-module-jinja2
Summary: The new and improved version of a small but fast template engine
Feb. 26, 2024 Andrey Cherepanov:
- Fixed CVE-2024-22195.
Mar 20, 2024, 04:32 PM
thunderbird
Summary: Thunderbird is Mozilla's e-mail client
March 12, 2024 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2024-1936 Leaking of encrypted email subjects to other conversations
Mar 18, 2024, 12:54 PM
openssh-clients-gostcrypto
Summary: OpenSSH Secure Shell protocol clients
March 13, 2024 Gleb Fotengauer-Malinovskiy:
- Updated -gostcrypto version to fix security issues (CVE-2019-6111, CVE-2019-6109, CVE-2023-38408 CVE-2023-48795).
Mar 15, 2024, 10:40 AM
curl
Summary: Gets a file from a FTP, GOPHER or HTTP server
Jan. 31, 2024 Anton Farygin:
- 8.5.0 -> 8.6.0 - Fixes: * CVE-2024-0853 : OCSP verification bypass with TLS session reuse
Mar 15, 2024, 10:40 AM
libcurl
Summary: The shared library for file transfer
Jan. 31, 2024 Anton Farygin:
- 8.5.0 -> 8.6.0 - Fixes: * CVE-2024-0853 : OCSP verification bypass with TLS session reuse
Mar 12, 2024, 11:04 PM
libswscale5
Summary: FFmpeg image scaling and colorspace and pixel format conversion library
June 20, 2023 Anton Farygin:
- 4.4.3 -> 4.4.4 (Fixes: CVE-2022-3964, CVE-2022-3341, CVE-2022-3109)
Mar 12, 2024, 11:04 PM
libavdevice58
Summary: FFmpeg device handling library
June 20, 2023 Anton Farygin:
- 4.4.3 -> 4.4.4 (Fixes: CVE-2022-3964, CVE-2022-3341, CVE-2022-3109)
Mar 12, 2024, 11:04 PM
libavformat58
Summary: FFmpeg audio, video and subtitle streams (de)multiplexing library
June 20, 2023 Anton Farygin:
- 4.4.3 -> 4.4.4 (Fixes: CVE-2022-3964, CVE-2022-3341, CVE-2022-3109)
Mar 12, 2024, 11:04 PM
libavcodec58
Summary: provides implementation of a wider range of codecs
June 20, 2023 Anton Farygin:
- 4.4.3 -> 4.4.4 (Fixes: CVE-2022-3964, CVE-2022-3341, CVE-2022-3109)
Mar 12, 2024, 11:04 PM
ffmpeg
Summary: A command line toolbox to manipulate, convert and stream multimedia content
June 20, 2023 Anton Farygin:
- 4.4.3 -> 4.4.4 (Fixes: CVE-2022-3964, CVE-2022-3341, CVE-2022-3109)
Mar 12, 2024, 11:04 PM
libswresample3
Summary: FFmpeg audio resampling, rematrixing and sample format conversion library
June 20, 2023 Anton Farygin:
- 4.4.3 -> 4.4.4 (Fixes: CVE-2022-3964, CVE-2022-3341, CVE-2022-3109)