Security
ntfs-3g Aug 31, 2021, 05:02 PM | Aug 31, 2021, 05:02 PM |
Version: 2021.8.22-alt1 | |
Summary: third generation Linux NTFS driver | |
Changelog: | |
- 2021.8.22 (Fixes: CVE-2021-33285, CVE-2021-35269, CVE-2021-35268, CVE-2021-33289, CVE-2021-33286, CVE-2021-35266, CVE-2021-33287, CVE-2021-35267, CVE-2021-39251, CVE-2021-39252, CVE-2021-39253, CVE-2021-39254, CVE-2021-39255, CVE-2021-39256, CVE-2021-39257, CVE-2021-39258, CVE-2021-39259, CVE-2021-39260, CVE-2021-39261, CVE-2021-39262, CVE-2021-39263) |
openldap Aug 16, 2021, 03:47 PM | Aug 16, 2021, 03:47 PM |
Version: 2.4.59-alt1 | |
Summary: LDAP libraries and sample clients | |
Changelog: | |
- 2.4.59 - Fixes: + CVE-2021-27212 Fixed slapd validity checks for issuerAndThisUpdateCheck - Enable experimental support for LDAP over UDP (LDAP_CONNECTIONLESS) - Fix coverity issues - Build without MP_2 support |
dovecot Aug 12, 2021, 01:39 PM | Aug 12, 2021, 01:39 PM |
Version: 2.3.16-alt1 | |
Summary: Dovecot secure IMAP/POP3 server | |
Changelog: | |
- Updated to 2.3.16 (fixes CVE-2021-33515, CVE-2021-29157, CVE-2021-33515, CVE-2021-29157). - Package watch file. |
python Aug 4, 2021, 08:40 PM | Aug 4, 2021, 08:40 PM |
Version: 2.7.18-alt6 | |
Summary: An interpreted, interactive object-oriented programming language | |
Changelog: | |
- Adopted patches from Fedora project (fixed CVE-2020-27619, CVE-2021-3177 and CVE-2021-23336). |
libslirp Jul 19, 2021, 06:15 PM | Jul 19, 2021, 06:15 PM |
Version: 4.6.1-alt1 | |
Summary: A general purpose TCP-IP emulator | |
Changelog: | |
- new version 4.6.1 (Fixes: CVE-2021-3592, CVE-2021-3593, CVE-2021-3594, CVE-2021-3595) |
cacti Jul 17, 2021, 04:35 PM | Jul 17, 2021, 04:35 PM |
Version: 1.2.18-alt1 | |
Summary: The complete RRDTool-based graphing solution. | |
Changelog: | |
- 1.2.18 - Fixes: + CVE-2020-35701 SQL Injection was possible due to incorrect validation order + CVE-2020-14424 Lack of escaping on file input fields can lead to XSS exposure under midwinter theme |
lasso Jul 12, 2021, 10:37 AM | Jul 12, 2021, 10:37 AM |
Version: 2.7.0-alt1 | |
Summary: Liberty Alliance Single Sign On | |
Changelog: | |
- New version. - Upstream: + CVE-2021-28091: Fix signature checking on unsigned response with multiple assertions. + configure.ac: Disable java bindings. |
mariadb Jul 11, 2021, 09:36 PM | Jul 11, 2021, 09:36 PM |
Version: 10.4.20-alt1 | |
Summary: A very fast and reliable SQL database engine | |
Changelog: | |
- 10.4.20 (ALT #40403) - Fixes for the following security vulnerabilities: + CVE-2021-27928 + CVE-2021-2166 + CVE-2021-2154 |
glibc Jul 9, 2021, 07:46 AM | Jul 9, 2021, 07:46 AM |
Version: 2.32-alt4 | |
Summary: The GNU libc libraries | |
Changelog: | |
- Updated to glibc-2.32-50-g737efa27fc from 2.32 branch (fixes: CVE-2021-35942). |
audiofile Jul 5, 2021, 02:34 PM | Jul 5, 2021, 02:34 PM |
Version: 0.3.6-alt4 | |
Summary: Library to handle various audio file formats | |
Changelog: | |
- applied debian patchset (fixed CVE-2018-13440, CVE-2018-17095) - made flac support optional (enabled by default) - made %check verbose - enabled documentation - fixed License tag |
neomutt Jul 4, 2021, 09:50 PM | Jul 4, 2021, 09:50 PM |
Version: 20210205-alt2 | |
Summary: A version of Mutt with added features | |
Changelog: | |
- Fix CVE-2021-32055. |
mediawiki-extensions-Widgets Jun 27, 2021, 10:12 PM | Jun 27, 2021, 10:12 PM |
Version: 1.3.0-alt1git | |
Summary: Widgets extension allows adding widgets to wiki by just creating pages in Widget namespace | |
Changelog: | |
- new version (1.3.0) with rpmgs script - CVE-2020-9382, CVE-2020-35625 |
squid Jun 24, 2021, 06:56 PM | Jun 24, 2021, 06:56 PM |
Version: 4.15-alt1 | |
Summary: The Squid proxy caching server | |
Changelog: | |
- 4.15 - Fixes: + CVE-2020-25097 HTTP Request Smuggling. + CVE-2021-28651 Denial of Service in URN processing. + CVE-2021-28652 Denial of Service issue in Cache Manager. + CVE-2021-28662 Denial of Service in HTTP Response Processing. + CVE-2021-31806 Improper input validation in HTTP Range header. + CVE-2021-31807 Incorrect memory management may lead to DoS. + CVE-2021-31808 An integer overflow may lead to a DoS. + CVE-2021-33620 Denial of Service in HTTP Response processing. - update langpack to 20210511 |
libxml2 Jun 24, 2021, 05:22 PM | Jun 24, 2021, 05:22 PM |
Version: 2.9.12-alt1 | |
Summary: The library for manipulating XML files | |
Changelog: | |
- 2.9.12 (Fixes: CVE-2021-3516, CVE-2021-3517, CVE-2021-3518, CVE-2021-3537, CVE-2021-3541) |
firmware-intel-ucode Jun 14, 2021, 04:40 PM | Jun 14, 2021, 04:40 PM |
Version: 16-alt1.20210608 | |
Summary: Microcode definitions for Intel processors | |
Changelog: | |
- Sync with Debian 3.20210608.1: + New upstream microcode datafile 20210608: + Implements mitigations for CVE-2020-24511 CVE-2020-24512 (INTEL-SA-00464), information leakage through shared resources, and timing discrepancy sidechannels + Implements mitigations for CVE-2020-24513 (INTEL-SA-00465), Domain-bypass transient execution vulnerability in some Intel Atom Processors, affects Intel SGX. + Implements mitigations for CVE-2021-24489 (INTEL-SA-00442), Intel VT-d privilege escalation + Fixes critical errata on several processors + New Microcodes: sig 0x00050655, pf_mask 0xb7, 2018-11-16, rev 0x3000010, size 47104 sig 0x000606a5, pf_mask 0x87, 2021-03-08, rev 0xc0002f0, size 283648 sig 0x000606a6, pf_mask 0x87, 2021-04-25, rev 0xd0002a0, size 283648 sig 0x00080664, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048 sig 0x00080665, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048 sig 0x000806c1, pf_mask 0x80, 2021-03-31, rev 0x0088, size 109568 sig 0x000806c2, pf_mask 0xc2, 2021-04-07, rev 0x0016, size 94208 sig 0x000806d1, pf_mask 0xc2, 2021-04-23, rev 0x002c, size 99328 sig 0x00090661, pf_mask 0x01, 2021-02-04, rev 0x0011, size 19456 sig 0x000906c0, pf_mask 0x01, 2021-03-23, rev 0x001d, size 19456 sig 0x000a0671, pf_mask 0x02, 2021-04-11, rev 0x0040, size 100352 + Updated Microcodes: sig 0x000306f2, pf_mask 0x6f, 2021-01-27, rev 0x0046, size 34816 sig 0x000306f4, pf_mask 0x80, 2021-02-05, rev 0x0019, size 19456 sig 0x000406e3, pf_mask 0xc0, 2021-01-25, rev 0x00ea, size 105472 sig 0x000406f1, pf_mask 0xef, 2021-02-06, rev 0xb00003e, size 31744 sig 0x00050653, pf_mask 0x97, 2021-03-08, rev 0x100015b, size 34816 sig 0x00050654, pf_mask 0xb7, 2021-03-08, rev 0x2006b06, size 36864 sig 0x00050656, pf_mask 0xbf, 2021-03-08, rev 0x4003102, size 30720 sig 0x00050657, pf_mask 0xbf, 2021-03-08, rev 0x5003102, size 30720 sig 0x0005065b, pf_mask 0xbf, 2021-04-23, rev 0x7002302, size 27648 sig 0x00050663, pf_mask 0x10, 2021-02-04, rev 0x700001b, size 24576 sig 0x00050664, pf_mask 0x10, 2021-02-04, rev 0xf000019, size 24576 sig 0x00050665, pf_mask 0x10, 2021-02-04, rev 0xe000012, size 19456 sig 0x000506c9, pf_mask 0x03, 2020-10-23, rev 0x0044, size 17408 sig 0x000506ca, pf_mask 0x03, 2020-10-23, rev 0x0020, size 15360 sig 0x000506e3, pf_mask 0x36, 2021-01-25, rev 0x00ea, size 105472 sig 0x000506f1, pf_mask 0x01, 2020-10-23, rev 0x0034, size 11264 sig 0x000706a1, pf_mask 0x01, 2020-10-23, rev 0x0036, size 74752 sig 0x000706a8, pf_mask 0x01, 2020-10-23, rev 0x001a, size 75776 sig 0x000706e5, pf_mask 0x80, 2020-11-01, rev 0x00a6, size 110592 sig 0x000806a1, pf_mask 0x10, 2020-11-06, rev 0x002a, size 32768 sig 0x000806e9, pf_mask 0x10, 2021-01-05, rev 0x00ea, size 104448 sig 0x000806e9, pf_mask 0xc0, 2021-01-05, rev 0x00ea, size 104448 sig 0x000806ea, pf_mask 0xc0, 2021-01-06, rev 0x00ea, size 103424 sig 0x000806eb, pf_mask 0xd0, 2021-01-05, rev 0x00ea, size 104448 sig 0x000806ec, pf_mask 0x94, 2021-01-05, rev 0x00ea, size 104448 sig 0x000906e9, pf_mask 0x2a, 2021-01-05, rev 0x00ea, size 104448 sig 0x000906ea, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 102400 sig 0x000906eb, pf_mask 0x02, 2021-01-05, rev 0x00ea, size 104448 sig 0x000906ec, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 103424 sig 0x000906ed, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 103424 sig 0x000a0652, pf_mask 0x20, 2021-02-07, rev 0x00ea, size 93184 sig 0x000a0653, pf_mask 0x22, 2021-03-08, rev 0x00ea, size 94208 sig 0x000a0655, pf_mask 0x22, 2021-03-08, rev 0x00ec, size 94208 sig 0x000a0660, pf_mask 0x80, 2020-12-08, rev 0x00e8, size 94208 sig 0x000a0661, pf_mask 0x80, 2021-02-07, rev 0x00ea, size 93184 |
dhcp Jun 1, 2021, 06:29 PM | Jun 1, 2021, 06:29 PM |
Version: 4.4.2.P1-alt1 | |
Summary: Dynamic Host Configuration Protocol (DHCP) distribution | |
Changelog: | |
- Updated to 4.4.2-P1 (fixes: CVE-2021-25217). |
gnutls30 May 31, 2021, 06:58 PM | May 31, 2021, 06:58 PM |
Version: 3.6.16-alt1 | |
Summary: A TLS protocol implementation | |
Changelog: | |
- Updated to 3.6.16 (fixes: CVE-2021-20305). - Dropped obsoleted patches. |
chess May 17, 2021, 08:27 PM | May 17, 2021, 08:27 PM |
Version: 6.2.8-alt1 | |
Summary: The GNU chess program | |
Changelog: | |
- Updated to 6.2.8. - Updated book to 1.02. - Fixed CVE-2021-30184. - Packed watch and upstream public signing key to sourcerpm. |
libpano13 May 12, 2021, 10:57 AM | May 12, 2021, 10:57 AM |
Version: 2.9.20-alt1 | |
Summary: libpano13 - library for panorama stitching programs. This is new generation and development version | |
Changelog: | |
- 2.9.20 (fixed CVE-2021-20307) |
exim May 5, 2021, 10:12 PM | May 5, 2021, 10:12 PM |
Version: 4.94.2-alt1 | |
Summary: Exim MTA | |
Changelog: | |
- update to 4.94.2 (fix CVE-2020-28007 ... CVE-2020-28026 and CVE-2021-27216) |
avahi Apr 28, 2021, 02:38 PM | Apr 28, 2021, 02:38 PM |
Version: 0.8-alt2 | |
Summary: Local network service discovery | |
Changelog: | |
- avoid infinite-loop in avahi-daemon (closes: #39357) (fixes: CVE-2021-3468) |
SPICE Apr 22, 2021, 05:49 PM | Apr 22, 2021, 05:49 PM |
Version: 0.15.0-alt1 | |
Summary: Implements the SPICE protocol | |
Changelog: | |
- 0.15.0 (Fixes: CVE-2020-14355) |
python3-module-Pillow Apr 8, 2021, 06:44 PM | Apr 8, 2021, 06:44 PM |
Version: 8.1.2-alt1 | |
Summary: Python Imaging Library | |
Changelog: | |
- 8.1.2 released (fixes: CVE-2021-27921, CVE-2021-27922, CVE-2021-27923) |
ipmitool Feb 27, 2021, 12:46 PM | Feb 27, 2021, 12:46 PM |
Version: 1.8.18-alt4 | |
Summary: ipmitool - Utility for IPMI control | |
Changelog: | |
- applied patches from upstream git to fix security issue (Fixes: CVE-2020-5208) see https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp - added upstream fix FTBFS with gcc-10 |
xterm Feb 24, 2021, 03:22 PM | Feb 24, 2021, 03:22 PM |
Version: 366-alt1 | |
Summary: A standard terminal emulator for the X Window System | |
Changelog: | |
- Autobuild version bump to 366 - CVE-2021-27135 (Closes: #39725) |
dotnet-bootstrap-2.1 Feb 17, 2021, 02:52 PM | Feb 17, 2021, 02:52 PM |
Version: 2.1.25-alt1 | |
Summary: .NET Core SDK binaries | |
Changelog: | |
- new version (2.1.25) with rpmgs script - CVE-2021-1721: .NET Core Denial of Service Vulnerability - CVE-2021-24112: .NET 5 and .NET Core Remote Code Execution Vulnerability |
subversion Feb 14, 2021, 09:22 PM | Feb 14, 2021, 09:22 PM |
Version: 1.14.1-alt1 | |
Summary: A version control system | |
Changelog: | |
- New version. - Fixes: + CVE-2020-17525 Remote unauthenticated denial-of-service in Subversion mod_authz_svn |
trousers Jan 26, 2021, 12:56 PM | Jan 26, 2021, 12:56 PM |
Version: 0.3.15-alt1 | |
Summary: Implementation of the TCG's Software Stack | |
Changelog: | |
- 0.3.15 released - Corrected mutliple security issues in tcsd (Fixes: CVE-2020-24332, CVE-2020-24330, CVE-2020-24331) |
shellinabox Jan 22, 2021, 10:54 AM | Jan 22, 2021, 10:54 AM |
Version: 2.20-alt2 | |
Summary: AJAX based terminal emulator exporting a console to the browser | |
Changelog: | |
- Applied security fix from upstream (Fixes CVE-2018-16789). |
libevt Jan 22, 2021, 10:20 AM | Jan 22, 2021, 10:20 AM |
Version: 20140411-alt2 | |
Summary: Library and tools to access the Windows Event Log (EVT) format | |
Changelog: | |
- Applied security fix from upstream (Fixes CVE-2018-8754). |