TAR Image: alt-education-10.0-rpi4-aarch64.tar.xz

Apr 22, 2024, 04:05 PM

flatpak

Version: 1.10.2-alt3  1.14.6-alt1
Summary: Application deployment framework for desktop apps
April 22, 2024 Yuri N. Sedunov:
- 1.14.6 (fixed CVE-2024-32462)
Apr 22, 2024, 04:05 PM

libflatpak

Version: 1.10.2-alt3  1.14.6-alt1
Summary: Libraries for flatpak
April 22, 2024 Yuri N. Sedunov:
- 1.14.6 (fixed CVE-2024-32462)
Apr 19, 2024, 08:04 PM

xfreerdp

Version: 2.4.1-alt1  2.11.6-alt1
Summary: Remote Desktop Protocol client
April 18, 2024 Andrey Cherepanov:
- New version
- Security fixes:
  + CVE-2024-32041 [Low[ OutOfBound Read in zgfx_decompress_segment
  + CVE-2024-32039 Integer overflow & OutOfBound Write in clear_decompress_residual_data
  + CVE-2024-32040 integer underflow in nsc_rle_decode
  + CVE-2024-32458 OutOfBound Read in planar_skip_plane_rle
  + CVE-2024-32459 OutOfBound Read in ncrush_decompress
  + CVE-2024-32460 OutOfBound Read in interleaved_decompress
Apr 19, 2024, 08:04 PM

freerdp-plugins-standard

Version: 2.4.1-alt1  2.11.6-alt1
Summary: Plugins for handling the standard RDP channels
April 18, 2024 Andrey Cherepanov:
- New version
- Security fixes:
  + CVE-2024-32041 [Low[ OutOfBound Read in zgfx_decompress_segment
  + CVE-2024-32039 Integer overflow & OutOfBound Write in clear_decompress_residual_data
  + CVE-2024-32040 integer underflow in nsc_rle_decode
  + CVE-2024-32458 OutOfBound Read in planar_skip_plane_rle
  + CVE-2024-32459 OutOfBound Read in ncrush_decompress
  + CVE-2024-32460 OutOfBound Read in interleaved_decompress
Apr 19, 2024, 08:04 PM

libfreerdp

Version: 2.4.1-alt1  2.11.6-alt1
Summary: Core libraries implementing the RDP protocol
April 18, 2024 Andrey Cherepanov:
- New version
- Security fixes:
  + CVE-2024-32041 [Low[ OutOfBound Read in zgfx_decompress_segment
  + CVE-2024-32039 Integer overflow & OutOfBound Write in clear_decompress_residual_data
  + CVE-2024-32040 integer underflow in nsc_rle_decode
  + CVE-2024-32458 OutOfBound Read in planar_skip_plane_rle
  + CVE-2024-32459 OutOfBound Read in ncrush_decompress
  + CVE-2024-32460 OutOfBound Read in interleaved_decompress
Apr 19, 2024, 08:04 PM

libwinpr

Version: 2.4.1-alt1  2.11.6-alt1
Summary: Windows Portable Runtime
April 18, 2024 Andrey Cherepanov:
- New version
- Security fixes:
  + CVE-2024-32041 [Low[ OutOfBound Read in zgfx_decompress_segment
  + CVE-2024-32039 Integer overflow & OutOfBound Write in clear_decompress_residual_data
  + CVE-2024-32040 integer underflow in nsc_rle_decode
  + CVE-2024-32458 OutOfBound Read in planar_skip_plane_rle
  + CVE-2024-32459 OutOfBound Read in ncrush_decompress
  + CVE-2024-32460 OutOfBound Read in interleaved_decompress
Apr 19, 2024, 08:04 PM

libfreerdp-server

Version: 2.4.1-alt1  2.11.6-alt1
Summary: Remote Desktop Viewer server library
April 18, 2024 Andrey Cherepanov:
- New version
- Security fixes:
  + CVE-2024-32041 [Low[ OutOfBound Read in zgfx_decompress_segment
  + CVE-2024-32039 Integer overflow & OutOfBound Write in clear_decompress_residual_data
  + CVE-2024-32040 integer underflow in nsc_rle_decode
  + CVE-2024-32458 OutOfBound Read in planar_skip_plane_rle
  + CVE-2024-32459 OutOfBound Read in ncrush_decompress
  + CVE-2024-32460 OutOfBound Read in interleaved_decompress
Apr 16, 2024, 11:32 AM

libsox3

Version: 14.4.2-alt4  14.4.2-alt7
Summary: The SoX sound file format converter libraries
March 28, 2024 Andrey Kovalev:
- Added patches from debian and fix vulnerabilities (Fixes: CVE-2017-15371,
CVE-2019-8355, CVE-2021-33844, CVE-2017-15370, CVE-2019-8356, CVE-2021-3643,
CVE-2017-11332, CVE-2019-8357, CVE-2021-40426, CVE-2017-11359, CVE-2023-32627,
CVE-2022-31650, CVE-2017-15372, CVE-2017-11358, CVE-2022-31651, CVE-2017-15642,
CVE-2019-13590, CVE-2019-8354, CVE-2021-23159):
    + fixed hcom big endian
    + fixed resource leak comments
    + fixed resource leak hcom
    + added handle vorbis analysis headerout errors
    + added wavpack check errors
    + added xa validate channel count
Apr 16, 2024, 11:32 AM

libsox-fmt-vorbis

Version: 14.4.2-alt4  14.4.2-alt7
Summary: The SoX sound file format converter headers files and libraries
March 28, 2024 Andrey Kovalev:
- Added patches from debian and fix vulnerabilities (Fixes: CVE-2017-15371,
CVE-2019-8355, CVE-2021-33844, CVE-2017-15370, CVE-2019-8356, CVE-2021-3643,
CVE-2017-11332, CVE-2019-8357, CVE-2021-40426, CVE-2017-11359, CVE-2023-32627,
CVE-2022-31650, CVE-2017-15372, CVE-2017-11358, CVE-2022-31651, CVE-2017-15642,
CVE-2019-13590, CVE-2019-8354, CVE-2021-23159):
    + fixed hcom big endian
    + fixed resource leak comments
    + fixed resource leak hcom
    + added handle vorbis analysis headerout errors
    + added wavpack check errors
    + added xa validate channel count
Apr 16, 2024, 11:32 AM

libsox-fmt-alsa

Version: 14.4.2-alt4  14.4.2-alt7
Summary: The SoX sound file format converter headers files and libraries
March 28, 2024 Andrey Kovalev:
- Added patches from debian and fix vulnerabilities (Fixes: CVE-2017-15371,
CVE-2019-8355, CVE-2021-33844, CVE-2017-15370, CVE-2019-8356, CVE-2021-3643,
CVE-2017-11332, CVE-2019-8357, CVE-2021-40426, CVE-2017-11359, CVE-2023-32627,
CVE-2022-31650, CVE-2017-15372, CVE-2017-11358, CVE-2022-31651, CVE-2017-15642,
CVE-2019-13590, CVE-2019-8354, CVE-2021-23159):
    + fixed hcom big endian
    + fixed resource leak comments
    + fixed resource leak hcom
    + added handle vorbis analysis headerout errors
    + added wavpack check errors
    + added xa validate channel count
Apr 16, 2024, 11:32 AM

libsox-fmt-sndfile

Version: 14.4.2-alt4  14.4.2-alt7
Summary: The SoX sound file format converter headers files and libraries
March 28, 2024 Andrey Kovalev:
- Added patches from debian and fix vulnerabilities (Fixes: CVE-2017-15371,
CVE-2019-8355, CVE-2021-33844, CVE-2017-15370, CVE-2019-8356, CVE-2021-3643,
CVE-2017-11332, CVE-2019-8357, CVE-2021-40426, CVE-2017-11359, CVE-2023-32627,
CVE-2022-31650, CVE-2017-15372, CVE-2017-11358, CVE-2022-31651, CVE-2017-15642,
CVE-2019-13590, CVE-2019-8354, CVE-2021-23159):
    + fixed hcom big endian
    + fixed resource leak comments
    + fixed resource leak hcom
    + added handle vorbis analysis headerout errors
    + added wavpack check errors
    + added xa validate channel count
Apr 16, 2024, 11:32 AM

libsox-fmt-oss

Version: 14.4.2-alt4  14.4.2-alt7
Summary: The SoX sound file format converter headers files and libraries
March 28, 2024 Andrey Kovalev:
- Added patches from debian and fix vulnerabilities (Fixes: CVE-2017-15371,
CVE-2019-8355, CVE-2021-33844, CVE-2017-15370, CVE-2019-8356, CVE-2021-3643,
CVE-2017-11332, CVE-2019-8357, CVE-2021-40426, CVE-2017-11359, CVE-2023-32627,
CVE-2022-31650, CVE-2017-15372, CVE-2017-11358, CVE-2022-31651, CVE-2017-15642,
CVE-2019-13590, CVE-2019-8354, CVE-2021-23159):
    + fixed hcom big endian
    + fixed resource leak comments
    + fixed resource leak hcom
    + added handle vorbis analysis headerout errors
    + added wavpack check errors
    + added xa validate channel count
Apr 16, 2024, 11:32 AM

libsox-fmt-flac

Version: 14.4.2-alt4  14.4.2-alt7
Summary: The SoX sound file format converter headers files and libraries
March 28, 2024 Andrey Kovalev:
- Added patches from debian and fix vulnerabilities (Fixes: CVE-2017-15371,
CVE-2019-8355, CVE-2021-33844, CVE-2017-15370, CVE-2019-8356, CVE-2021-3643,
CVE-2017-11332, CVE-2019-8357, CVE-2021-40426, CVE-2017-11359, CVE-2023-32627,
CVE-2022-31650, CVE-2017-15372, CVE-2017-11358, CVE-2022-31651, CVE-2017-15642,
CVE-2019-13590, CVE-2019-8354, CVE-2021-23159):
    + fixed hcom big endian
    + fixed resource leak comments
    + fixed resource leak hcom
    + added handle vorbis analysis headerout errors
    + added wavpack check errors
    + added xa validate channel count
Apr 16, 2024, 11:32 AM

sox-base

Version: 14.4.2-alt4  14.4.2-alt7
Summary: A general purpose sound file conversion tool
March 28, 2024 Andrey Kovalev:
- Added patches from debian and fix vulnerabilities (Fixes: CVE-2017-15371,
CVE-2019-8355, CVE-2021-33844, CVE-2017-15370, CVE-2019-8356, CVE-2021-3643,
CVE-2017-11332, CVE-2019-8357, CVE-2021-40426, CVE-2017-11359, CVE-2023-32627,
CVE-2022-31650, CVE-2017-15372, CVE-2017-11358, CVE-2022-31651, CVE-2017-15642,
CVE-2019-13590, CVE-2019-8354, CVE-2021-23159):
    + fixed hcom big endian
    + fixed resource leak comments
    + fixed resource leak hcom
    + added handle vorbis analysis headerout errors
    + added wavpack check errors
    + added xa validate channel count
Apr 16, 2024, 11:32 AM

libsox-fmt-mp3

Version: 14.4.2-alt4  14.4.2-alt7
Summary: The SoX sound file format converter headers files and libraries
March 28, 2024 Andrey Kovalev:
- Added patches from debian and fix vulnerabilities (Fixes: CVE-2017-15371,
CVE-2019-8355, CVE-2021-33844, CVE-2017-15370, CVE-2019-8356, CVE-2021-3643,
CVE-2017-11332, CVE-2019-8357, CVE-2021-40426, CVE-2017-11359, CVE-2023-32627,
CVE-2022-31650, CVE-2017-15372, CVE-2017-11358, CVE-2022-31651, CVE-2017-15642,
CVE-2019-13590, CVE-2019-8354, CVE-2021-23159):
    + fixed hcom big endian
    + fixed resource leak comments
    + fixed resource leak hcom
    + added handle vorbis analysis headerout errors
    + added wavpack check errors
    + added xa validate channel count
Apr 11, 2024, 04:23 PM

xorg-xwayland

Version: 21.1.2-alt1  23.1.1-alt5
Summary: Wayland X server
April 4, 2024 Valery Inozemtsev:
- cherry pick upstream fixes for CVE-2024-31080, CVE-2024-31081, CVE-2024-31083
Apr 11, 2024, 04:23 PM

xorg-server

Version: 1.20.13-alt1  1.20.14-alt12
Summary: Xserver - X Window System display server
April 4, 2024 Valery Inozemtsev:
- cherry pick upstream fixes for CVE-2024-31080, CVE-2024-31081, CVE-2024-31082, CVE-2024-31083
Apr 11, 2024, 04:23 PM

xorg-server-common

Version: 1.20.13-alt1  1.20.14-alt12
Summary: The X server common files
April 4, 2024 Valery Inozemtsev:
- cherry pick upstream fixes for CVE-2024-31080, CVE-2024-31081, CVE-2024-31082, CVE-2024-31083
Apr 11, 2024, 04:23 PM

xorg-xephyr

Version: 1.20.13-alt1  1.20.14-alt12
Summary: A kdrive-based X server
April 4, 2024 Valery Inozemtsev:
- cherry pick upstream fixes for CVE-2024-31080, CVE-2024-31081, CVE-2024-31082, CVE-2024-31083
Apr 8, 2024, 05:58 PM

thunderbird

Version: 91.3.2-alt1  115.9.0-alt1
Summary: Thunderbird is Mozilla's e-mail client
April 3, 2024 Pavel Vasenkov:
- New version.
- Security fixes:
  + CVE-2024-0743 Crash in NSS TLS method
  + CVE-2024-2605 Windows Error Reporter could be used as a Sandbox escape vector
  + CVE-2024-2607 JIT code failed to save return registers on Armv7-A
  + CVE-2024-2608 Integer overflow could have led to out of bounds write
  + CVE-2024-2616 Improve handling of out-of-memory conditions in ICU
  + CVE-2023-5388 NSS susceptible to timing attack against RSA decryption
  + CVE-2024-2610 Improper handling of html and body tags enabled CSP nonce leakage
  + CVE-2024-2611 Clickjacking vulnerability could have led to a user accidentally granting permissions
  + CVE-2024-2612 Self referencing object could have potentially led to a use-after-free
  + CVE-2024-2614 Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9
Apr 6, 2024, 01:36 AM

libnghttp2

Version: 1.41.0-alt1  1.61.0-alt1
Summary: HTTP/2.0 C Library
April 5, 2024 Anton Farygin:
- 1.60.0 -> 1.61.0 (Fixes: CVE-2024-28182)
Apr 6, 2024, 01:36 AM

apache2-datadirs

Version: 2.4.51-alt2  2.4.59-alt1
Summary: data dirs for Apache
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 6, 2024, 01:36 AM

apache2-cgi-bin-printenv

Version: 2.4.51-alt2  2.4.59-alt1
Summary: cgi-bin/printenv for Apache
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 6, 2024, 01:36 AM

apache2-cgi-bin-test-cgi

Version: 2.4.51-alt2  2.4.59-alt1
Summary: cgi-bin/test-cgi for Apache
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 6, 2024, 01:36 AM

apache2-html

Version: 2.4.51-alt2  2.4.59-alt1
Summary: html for Apache
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 6, 2024, 01:36 AM

apache2-icons

Version: 2.4.51-alt2  2.4.59-alt1
Summary: icons for Apache
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 6, 2024, 01:36 AM

apache2-cgi-bin

Version: 2.4.51-alt2  2.4.59-alt1
Summary: cgi-bin for Apache
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 6, 2024, 01:36 AM

apache2-htcacheclean-control

Version: 2.4.51-alt2  2.4.59-alt1
Summary: Control rules for htcacheclean
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 6, 2024, 01:36 AM

apache2-base

Version: 2.4.51-alt2  2.4.59-alt1
Summary: The most widely used Web server on the Internet (base)
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 6, 2024, 01:36 AM

apache2

Version: 2.4.51-alt2  2.4.59-alt1
Summary: The most widely used Web server on the Internet
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 6, 2024, 01:36 AM

apache2-mod_cache_disk

Version: 2.4.51-alt2  2.4.59-alt1
Summary: Module supported content cache storage for the Apache HTTP server
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 6, 2024, 01:36 AM

apache2-htpasswd

Version: 2.4.51-alt2  2.4.59-alt1
Summary: Manage user files for basic authentication
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 6, 2024, 01:36 AM

apache2-httpd-worker

Version: 2.4.51-alt2  2.4.59-alt1
Summary: High speed threaded model for Apache HTTPD 2.1
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 6, 2024, 01:36 AM

apache2-mods

Version: 2.4.51-alt2  2.4.59-alt1
Summary: Modules for apache2 installations
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 6, 2024, 01:36 AM

apache2-ab

Version: 2.4.51-alt2  2.4.59-alt1
Summary: Apache HTTP server benchmarking tool
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 6, 2024, 01:36 AM

apache2-htcacheclean

Version: 2.4.51-alt2  2.4.59-alt1
Summary: Clean up the cache disk for Apache
April 5, 2024 Anton Farygin:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Apr 2, 2024, 04:53 PM

libgnutls30

Version: 3.6.16-alt1  3.6.16-alt5
Summary: Transport Layer Security library
March 29, 2024 Mikhail Efremov:
- Fix side-channel in the deterministic ECDSA (fixes: CVE-2024-28834).
- tests: Add test for CVE-2024-28835.
- rsa-psk: minimize branching after decryption (fixes: CVE-2024-0553).
- x509: detect loop in certificate chain (fixes: CVE-2024-0567).
Mar 30, 2024, 07:23 PM

libcurl

Version: 7.79.1-alt1  8.7.1-alt1
Summary: The shared library for file transfer
March 27, 2024 Anton Farygin:
- 8.6.0 -> 8.7.1
- Fixes:
   * CVE-2024-2398: HTTP/2 push headers memory-leak
   * CVE-2024-2004: Usage of disabled protocol
Mar 30, 2024, 07:23 PM

curl

Version: 7.79.1-alt1  8.7.1-alt1
Summary: Gets a file from a FTP, GOPHER or HTTP server
March 27, 2024 Anton Farygin:
- 8.6.0 -> 8.7.1
- Fixes:
   * CVE-2024-2398: HTTP/2 push headers memory-leak
   * CVE-2024-2004: Usage of disabled protocol
Mar 25, 2024, 10:23 AM

python3-module-jinja2

Version: 3.0.1-alt1  3.0.1-alt1.p10.1
Summary: The new and improved version of a small but fast template engine
Feb. 26, 2024 Andrey Cherepanov:
- Fixed CVE-2024-22195.
Mar 20, 2024, 04:32 PM

thunderbird

Version: 91.3.2-alt1  115.8.1-alt1
Summary: Thunderbird is Mozilla's e-mail client
March 12, 2024 Pavel Vasenkov:
- New version.
- Security fixes:
  + CVE-2024-1936 Leaking of encrypted email subjects to other conversations
Mar 15, 2024, 10:40 AM

curl

Version: 7.79.1-alt1  8.6.0-alt1
Summary: Gets a file from a FTP, GOPHER or HTTP server
Jan. 31, 2024 Anton Farygin:
- 8.5.0 -> 8.6.0
- Fixes:
   * CVE-2024-0853 : OCSP verification bypass with TLS session reuse
Mar 15, 2024, 10:40 AM

libcurl

Version: 7.79.1-alt1  8.6.0-alt1
Summary: The shared library for file transfer
Jan. 31, 2024 Anton Farygin:
- 8.5.0 -> 8.6.0
- Fixes:
   * CVE-2024-0853 : OCSP verification bypass with TLS session reuse
Mar 12, 2024, 11:04 PM

libswscale5

Version: 4.4-alt7  4.4.4-alt1
Summary: FFmpeg image scaling and colorspace and pixel format conversion library
June 20, 2023 Anton Farygin:
- 4.4.3 -> 4.4.4 (Fixes: CVE-2022-3964, CVE-2022-3341, CVE-2022-3109)
Mar 12, 2024, 11:04 PM

libavdevice58

Version: 4.4-alt7  4.4.4-alt1
Summary: FFmpeg device handling library
June 20, 2023 Anton Farygin:
- 4.4.3 -> 4.4.4 (Fixes: CVE-2022-3964, CVE-2022-3341, CVE-2022-3109)
Mar 12, 2024, 11:04 PM

libavformat58

Version: 4.4-alt7  4.4.4-alt1
Summary: FFmpeg audio, video and subtitle streams (de)multiplexing library
June 20, 2023 Anton Farygin:
- 4.4.3 -> 4.4.4 (Fixes: CVE-2022-3964, CVE-2022-3341, CVE-2022-3109)
Mar 12, 2024, 11:04 PM

libavcodec58

Version: 4.4-alt7  4.4.4-alt1
Summary: provides implementation of a wider range of codecs
June 20, 2023 Anton Farygin:
- 4.4.3 -> 4.4.4 (Fixes: CVE-2022-3964, CVE-2022-3341, CVE-2022-3109)
Mar 12, 2024, 11:04 PM

ffmpeg

Version: 4.4-alt7  4.4.4-alt1
Summary: A command line toolbox to manipulate, convert and stream multimedia content
June 20, 2023 Anton Farygin:
- 4.4.3 -> 4.4.4 (Fixes: CVE-2022-3964, CVE-2022-3341, CVE-2022-3109)
Mar 12, 2024, 11:04 PM

libswresample3

Version: 4.4-alt7  4.4.4-alt1
Summary: FFmpeg audio resampling, rematrixing and sample format conversion library
June 20, 2023 Anton Farygin:
- 4.4.3 -> 4.4.4 (Fixes: CVE-2022-3964, CVE-2022-3341, CVE-2022-3109)
Mar 12, 2024, 11:04 PM

ffprobe

Version: 4.4-alt7  4.4.4-alt1
Summary: A simple analysis tool to inspect multimedia content
June 20, 2023 Anton Farygin:
- 4.4.3 -> 4.4.4 (Fixes: CVE-2022-3964, CVE-2022-3341, CVE-2022-3109)
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.4.2
Back to top