Security

dotnet-aspnetcore-3.1 Feb 12, 2022, 05:11 PMFeb 12, 2022, 05:11 PM
Version: 3.1.22-alt1
Summary: ASP.NET Core is a cross-platform .NET framework for building modern cloud-based web application
Changelog:
- .NET Core 3.1.22 - December 14, 2021
- CVE-2021-43877: ASP.NET Core Elevation of privilege Vulnerability
- CVE-2021-34532: ASP.NET Core Information Disclosure Vulnerability
dotnet-hostfxr-3.1 Feb 12, 2022, 05:05 PMFeb 12, 2022, 05:05 PM
Version: 3.1.22-alt1
Summary: Installer packages for the .NET Core runtime and libraries
Changelog:
- new version (3.1.22) with rpmgs script
- CVE-2021-34485: .NET Core Information Disclosure Vulnerability
- CVE-2021-26423: .NET Core Denial of Service Vulnerability
dotnet-corefx-3.1 Feb 12, 2022, 05:04 PMFeb 12, 2022, 05:04 PM
Version: 3.1.22-alt1
Summary: .NET Core foundational libraries, called CoreFX
Changelog:
- new version (3.1.22) with rpmgs script
- CVE-2021-34485: .NET Core Information Disclosure Vulnerability
- CVE-2021-26423: .NET Core Denial of Service Vulnerability
dotnet-aspnetcore-5.0 Feb 12, 2022, 04:50 PMFeb 12, 2022, 04:50 PM
Version: 5.0.14-alt1
Summary: ASP.NET is a cross-platform .NET framework for building modern cloud-based web application
Changelog:
- ASP.NET 5.0.14
- CVE-2021-43877 : ASP.NET Core Elevation of privilege Vulnerability
- CVE-2021-34532 : ASP.NET Core Information Disclosure Vulnerability
dotnet-runtime-5.0 Feb 12, 2022, 04:50 PMFeb 12, 2022, 04:50 PM
Version: 5.0.14-alt1
Summary: Microsoft .NET Runtime and Microsoft.NETCore.App
Changelog:
- new version (5.0.14) with rpmgs script
- CVE-2022-21986 : .NET Denial of Service Vulnerability
- CVE-2021-41355 : .NET Core Information Disclosure Vulnerability
- CVE-2021-34485 : .NET Core Information Disclosure Vulnerability
- CVE-2021-26423 : .NET Core Denial of Service Vulnerability
dotnet-coreclr-3.1 Feb 12, 2022, 04:47 PMFeb 12, 2022, 04:47 PM
Version: 3.1.22-alt1
Summary: .NET Core runtime, called CoreCLR, and the base library, called mscorlib
Changelog:
- new version (3.1.22) with rpmgs script
- CVE-2021-34485: .NET Core Information Disclosure Vulnerability
- CVE-2021-26423: .NET Core Denial of Service Vulnerability
dotnet-bootstrap-5.0 Feb 12, 2022, 02:29 PMFeb 12, 2022, 02:29 PM
Version: 5.0.14-alt1
Summary: .NET Core SDK binaries
Changelog:
- .NET 5.0.14 - February 8, 2022
- CVE-2022-21986 : .NET Denial of Service Vulnerability
- CVE-2021-43877 : ASP.NET Core Elevation of privilege Vulnerability
- CVE-2021-41355 : .NET Core Information Disclosure Vulnerability
- CVE-2021-34485 : .NET Core Information Disclosure Vulnerability
- CVE-2021-26423 : .NET Core Denial of Service Vulnerability
- CVE-2021-34532 : ASP.NET Core Information Disclosure Vulnerability
dotnet-bootstrap-3.1 Feb 12, 2022, 02:15 PMFeb 12, 2022, 02:15 PM
Version: 3.1.22-alt1
Summary: .NET Core SDK binaries
Changelog:
- .NET Core 3.1.22 - December 14, 2021
- CVE-2021-43877: ASP.NET Core Elevation of privilege Vulnerability
- CVE-2021-34485: .NET Core Information Disclosure Vulnerability
- CVE-2021-26423: .NET Core Denial of Service Vulnerability
- CVE-2021-34532: ASP.NET Core Information Disclosure Vulnerability
xrdp Feb 8, 2022, 10:17 AMFeb 8, 2022, 10:17 AM
Version: 0.9.18.1-alt1
Summary: An open source remote desktop protocol (RDP) server
Changelog:
- New version.
- Security fixes:
  + CVE-2022-23613: Privilege escalation on xrdp-sesman
flatpak-builder Jan 19, 2022, 01:46 PMJan 19, 2022, 01:46 PM
Version: 1.2.2-alt1
Summary: Tool to build flatpaks from source
Changelog:
- 1.2.2 (fixed CVE-2022-21682)
expat Jan 18, 2022, 03:17 PMJan 18, 2022, 03:17 PM
Version: 2.4.3-alt1
Summary: An XML parser written in C
Changelog:
- Updated to 2.4.3 (with multiple security fixes).
- Fixes:
  + CVE-2021-45960 issues with left shift by >= 29 places in function storeAtts that
    can lead to realloc misbehavior;
  + CVE-2021-46143 Integer overflow on variable m_groupSize in function doProlog;
  + CVE-2022-22822 Integer overflows near memory allocation in function addBinding;
  + CVE-2022-22823 Integer overflows near memory allocation in function build_model;
  + CVE-2022-22824 Integer overflows near memory allocation in function defineAttribute;
  + CVE-2022-22825 Integer overflows near memory allocation in function lookup;
  + CVE-2022-22826 Integer overflows near memory allocation in function nextScaffoldPart;
  + CVE-2022-22827 Integer overflows near memory allocation in function storeAtts.
clamav Jan 18, 2022, 11:22 AMJan 18, 2022, 11:22 AM
Version: 0.103.5-alt1
Summary: Clam Antivirus scanner
Changelog:
- 0.103.5 (CVE-2022-20698)
log4j Dec 19, 2021, 02:37 PMDec 19, 2021, 02:37 PM
Version: 2.17.0-alt1_1jpp11
Summary: Java logging package
Changelog:
- new version (fixes CVE-2021-45105)
mediawiki Dec 19, 2021, 05:36 AMDec 19, 2021, 05:36 AM
Version: 1.37.1-alt1
Summary: A wiki engine, typical installation (with Apache2 and MySQL support)
Changelog:
- new version 1.37.1 (with rpmrb script)
- (T292763, CVE-2021-44854) (T271037, CVE-2021-44856)
- (T297322, CVE-2021-44857) (T297322, CVE-2021-44858)
- (T297574, CVE-2021-45038) (T293589, CVE-2021-44855) (T294686)
libldb Dec 13, 2021, 03:26 AMDec 13, 2021, 03:26 AM
Version: 2.3.2-alt2
Summary: A schema-less, ldap like, API and database
Changelog:
- Update to latest regression fixes for samba-4.14.10:
  + CVE-2021-3670 ldb: Confirm the request has not yet timed out
lldpd Dec 2, 2021, 01:02 AMDec 2, 2021, 01:02 AM
Version: 1.0.13-alt1
Summary: Link Layer Discovery Protocol Daemon
Changelog:
- new version 1.0.13 (Fixes: CVE-2021-43612)
- migrate /var/run -> /run
mailman Dec 1, 2021, 07:44 PMDec 1, 2021, 07:44 PM
Version: 2.1.38-alt1
Summary: Mailing list manager with built in web access
Changelog:
- 2.1.37 -> 2.1.38 (fixes for CVE-2021-44227).
containerd Dec 1, 2021, 04:49 PMDec 1, 2021, 04:49 PM
Version: 1.4.12-alt1
Summary: A daemon to control runC
Changelog:
- 1.4.12 (Fixes: CVE-2021-41190)
freeswitch Nov 26, 2021, 01:39 PMNov 26, 2021, 01:39 PM
Version: 1.10.7-alt1
Summary: FreeSWITCH open source telephony platform
Changelog:
- 1.10.6 -> 1.10.7 (Fixes: CVE-2021-41158, CVE-2021-41145, CVE-2021-41157,
  CVE-2021-41105, CVE-2021-37624, CVE-2021-36513)
screen Nov 11, 2021, 03:28 PMNov 11, 2021, 03:28 PM
Version: 4.8.0-alt2
Summary: A screen manager that supports multiple sessions on one terminal
Changelog:
- Applied SUSE combchar.diff to prevent DoS via crafted UTF-8 character
  sequence (fixes CVE-2021-26937).
postgresql9.6 Nov 10, 2021, 10:33 AMNov 10, 2021, 10:33 AM
Version: 9.6.24-alt1
Summary: PostgreSQL client programs and libraries
Changelog:
- 9.6.24 (Fixes CVE-2021-23214, CVE-2021-23222)
rust Nov 3, 2021, 05:06 PMNov 3, 2021, 05:06 PM
Version: 1.56.1-alt1
Summary: The Rust Programming Language
Changelog:
- New version (1.56.1).
- Security fixes:
  + CVE-2021-42574: rustc 1.56.0 and bidirectional-override codepoints in source code
libgfbgraph Oct 30, 2021, 09:02 AMOct 30, 2021, 09:02 AM
Version: 0.2.5-alt1
Summary: A GObject library for Facebook Graph API
Changelog:
- 0.2.5 (fixed CVE-2021-39358)
libytnef Sep 20, 2021, 10:54 PMSep 20, 2021, 10:54 PM
Version: 2.0-alt1
Summary: TNEF Stream Parser Library
Changelog:
- 2.0 (fixed CVE-2021-3403, CVE-2021-3404)
fail2ban Sep 18, 2021, 02:03 PMSep 18, 2021, 02:03 PM
Version: 0.11.2-alt2
Summary: Fail2Ban is an intrusion prevention framework
Changelog:
- fix build, apply patches from upstream
- .service: use /run instead of /var/run
- CVE-2021-32749
cifs-utils Sep 12, 2021, 06:42 AMSep 12, 2021, 06:42 AM
Version: 6.13-alt3
Summary: Utilities for doing and managing mounts of the Linux CIFS filesystem
Changelog:
- Fix kerberos mount regression in commit e461afd (Arch).
  This is the fix for CVE-2021-20208 (Closes: 40887)
ghostscript Sep 11, 2021, 06:59 PMSep 11, 2021, 06:59 PM
Version: 9.54.0-alt3
Summary: PostScript interpreter and renderer, most printer drivers
Changelog:
- (Fixes: CVE-2021-3781)
cyrus-imapd Sep 4, 2021, 11:19 PMSep 4, 2021, 11:19 PM
Version: 3.2.8-alt1
Summary: A high-performance email, contacts and calendar server
Changelog:
- 3.2.8 (fixes: CVE-2021-33582)
libssh Sep 2, 2021, 11:56 AMSep 2, 2021, 11:56 AM
Version: 0.9.6-alt1
Summary: C library to authenticate in a simple manner to one or more SSH servers
Changelog:
- new version
- security (fixes: CVE-2021-3634)
ntfs-3g Aug 31, 2021, 05:02 PMAug 31, 2021, 05:02 PM
Version: 2021.8.22-alt1
Summary: third generation Linux NTFS driver
Changelog:
- 2021.8.22 (Fixes: CVE-2021-33285, CVE-2021-35269, CVE-2021-35268, CVE-2021-33289,
  CVE-2021-33286, CVE-2021-35266, CVE-2021-33287, CVE-2021-35267, CVE-2021-39251,
  CVE-2021-39252, CVE-2021-39253, CVE-2021-39254, CVE-2021-39255, CVE-2021-39256,
  CVE-2021-39257, CVE-2021-39258, CVE-2021-39259, CVE-2021-39260, CVE-2021-39261,
  CVE-2021-39262, CVE-2021-39263)
Back to Top