|
dhcp
June 1, 2021, 6:29 p.m.
|
June 1, 2021, 6:29 p.m. |
Version: 4.4.2.P1-alt1
|
Summary: Dynamic Host Configuration Protocol (DHCP) distribution
|
| Changelog: |
- Updated to 4.4.2-P1 (fixes: CVE-2021-25217). |
|
gnutls30
May 31, 2021, 6:58 p.m.
|
May 31, 2021, 6:58 p.m. |
Version: 3.6.16-alt1
|
Summary: A TLS protocol implementation
|
| Changelog: |
- Updated to 3.6.16 (fixes: CVE-2021-20305).
- Dropped obsoleted patches. |
|
chess
May 17, 2021, 8:27 p.m.
|
May 17, 2021, 8:27 p.m. |
Version: 6.2.8-alt1
|
Summary: The GNU chess program
|
| Changelog: |
- Updated to 6.2.8.
- Updated book to 1.02.
- Fixed CVE-2021-30184.
- Packed watch and upstream public signing key to sourcerpm. |
|
libpano13
May 12, 2021, 10:57 a.m.
|
May 12, 2021, 10:57 a.m. |
Version: 2.9.20-alt1
|
Summary: libpano13 - library for panorama stitching programs. This is new generation and development version
|
| Changelog: |
- 2.9.20 (fixed CVE-2021-20307) |
|
tcpreplay
May 11, 2021, 4:46 p.m.
|
May 11, 2021, 4:46 p.m. |
Version: 4.3.4-alt1
|
Summary: A tool to replay captured network traffic
|
| Changelog: |
- 4.3.4 (Fixes: CVE-2020-24266, CVE-2020-24265) |
|
exim
May 5, 2021, 10:12 p.m.
|
May 5, 2021, 10:12 p.m. |
Version: 4.94.2-alt1
|
Summary: Exim MTA
|
| Changelog: |
- update to 4.94.2 (fix CVE-2020-28007 ... CVE-2020-28026 and CVE-2021-27216) |
|
avahi
April 28, 2021, 2:38 p.m.
|
April 28, 2021, 2:38 p.m. |
Version: 0.8-alt2
|
Summary: Local network service discovery
|
| Changelog: |
- avoid infinite-loop in avahi-daemon (closes: #39357) (fixes: CVE-2021-3468) |
|
SPICE
April 22, 2021, 5:49 p.m.
|
April 22, 2021, 5:49 p.m. |
Version: 0.15.0-alt1
|
Summary: Implements the SPICE protocol
|
| Changelog: |
- 0.15.0 (Fixes: CVE-2020-14355) |
|
python3-module-Pillow
April 8, 2021, 6:44 p.m.
|
April 8, 2021, 6:44 p.m. |
Version: 8.1.2-alt1
|
Summary: Python Imaging Library
|
| Changelog: |
- 8.1.2 released (fixes: CVE-2021-27921, CVE-2021-27922, CVE-2021-27923) |
|
wpa_supplicant
March 1, 2021, 1:53 p.m.
|
March 1, 2021, 1:53 p.m. |
Version: 2.9-alt4
|
Summary: wpa_supplicant is an implementation of the WPA Supplicant component
|
| Changelog: |
- P2P: Fix a corner case in peer addition based on PD Request
(Fixes: CVE-2021-27803) |
|
ipmitool
Feb. 27, 2021, 12:46 p.m.
|
Feb. 27, 2021, 12:46 p.m. |
Version: 1.8.18-alt4
|
Summary: ipmitool - Utility for IPMI control
|
| Changelog: |
- applied patches from upstream git to fix security issue (Fixes: CVE-2020-5208)
see https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp
- added upstream fix FTBFS with gcc-10 |
|
xterm
Feb. 24, 2021, 3:22 p.m.
|
Feb. 24, 2021, 3:22 p.m. |
Version: 366-alt1
|
Summary: A standard terminal emulator for the X Window System
|
| Changelog: |
- Autobuild version bump to 366
- CVE-2021-27135 (Closes: #39725) |
|
dotnet-bootstrap-2.1
Feb. 17, 2021, 2:52 p.m.
|
Feb. 17, 2021, 2:52 p.m. |
Version: 2.1.25-alt1
|
Summary: .NET Core SDK binaries
|
| Changelog: |
- new version (2.1.25) with rpmgs script
- CVE-2021-1721: .NET Core Denial of Service Vulnerability
- CVE-2021-24112: .NET 5 and .NET Core Remote Code Execution Vulnerability |
|
subversion
Feb. 14, 2021, 9:22 p.m.
|
Feb. 14, 2021, 9:22 p.m. |
Version: 1.14.1-alt1
|
Summary: A version control system
|
| Changelog: |
- New version.
- Fixes:
+ CVE-2020-17525 Remote unauthenticated denial-of-service in Subversion mod_authz_svn |
|
java-1.8.0-openjdk
Feb. 3, 2021, 9:29 p.m.
|
Feb. 3, 2021, 9:29 p.m. |
Version: 1.8.0.282.b08-alt1_0jpp8
|
Summary: OpenJDK Runtime Environment 8
|
| Changelog: |
- New version (ALT #39635)
- Require ca-trust-java instead of ca-trust (ALT #35690)
- Package nss.cfg
- Security fixes since 1.8.0.212.b04-alt2_0jpp8:
+ JDK-8247619 Improve Direct Buffering of Characters
+ CVE-2020-14779 Enhance support of Proxy class.
+ CVE-2020-14781 Enhanced LDAP contexts.
+ CVE-2020-14782 Enhance certificate processing.
+ CVE-2020-14792 Better range handling.
+ CVE-2020-14796 Improved URI Support.
+ CVE-2020-14797 Better Path Validation.
+ CVE-2020-14798 Enhanced buffer support.
+ CVE-2020-14803 Improved Buffer supports.
+ CVE-2020-14779 Enhance support of Proxy class
+ CVE-2020-14781 Enhanced LDAP contexts
+ CVE-2020-14782 Enhance certificate processing
+ CVE-2020-14792 Better range handling
+ CVE-2020-14796 Improved URI Support
+ CVE-2020-14797 Better Path Validation
+ CVE-2020-14798 Enhanced buffer support
+ CVE-2020-14803 Improved Buffer supports
+ CVE-2020-14579 NullPointerException in DerValue.equals(DerValue)
+ CVE-2020-14578 NegativeArraySizeException in sun.security.util.DerInputStream.getUnalignedBitString()
+ CVE-2020-14556 Better ForkJoinPool behavior
+ CVE-2020-14577 Enhance certificate verification
+ CVE-2020-14581 Better matrix operations
+ CVE-2020-14583 Better Buffer support
+ CVE-2020-14593 Less Affine Transformations
+ CVE-2020-14621 Better XML namespace handling
+ CVE-2020-2754 Forward references to Nashorn
+ CVE-2020-2755 Improve Nashorn matching
+ CVE-2020-2756 Better mapping of serial ENUMs
+ CVE-2020-2757 Less Blocking Array Queues
+ CVE-2020-2773 Better signatures in XML
+ CVE-2020-2781 Improve TLS session handling
+ CVE-2020-2800 Better Headings for HTTP Servers
+ CVE-2020-2803 Enhance buffering of byte buffers
+ CVE-2020-2805 Enhance typing of methods
+ CVE-2020-2830 Better Scanner conversions
+ CVE-2019-2933 Windows file handling redux.
+ CVE-2019-2945 Better socket support.
+ CVE-2019-2949 Better Kerberos ccache handling.
+ CVE-2019-2958 Build Better Processes.
+ CVE-2019-2964 Better support for patterns.
+ CVE-2019-2962 Better Glyph Images.
+ CVE-2019-2973 Better pattern compilation.
+ CVE-2019-2975 Unexpected exception in jjs.
+ CVE-2019-2978 Improved handling of jar files.
+ CVE-2019-2981 Better Path supports.
+ CVE-2019-2983 Better serial attributes.
+ CVE-2019-2987 Better rendering of native glyphs.
+ CVE-2019-2988 Better Graphics2D drawing.
+ CVE-2019-2989 Improve TLS connection support.
+ CVE-2019-2992 Enhance font glyph mapping.
+ CVE-2019-2999 Commentary on Javadoc comments.
+ CVE-2019-2894 Enhance ECDSA operations.
+ CVE-2019-2745 Improved ECC Implementation.
+ CVE-2019-2762 Exceptional throw cases.
+ CVE-2019-2766 Improve file protocol handling.
+ CVE-2019-2769 Better copies of CopiesList.
+ CVE-2019-2786 More limited privilege usage.
+ CVE-2019-7317 Improve PNG support options.
+ CVE-2019-2816 Normalize normalization.
+ CVE-2019-2842 Extended AES support. |
|
trousers
Jan. 26, 2021, 12:56 p.m.
|
Jan. 26, 2021, 12:56 p.m. |
Version: 0.3.15-alt1
|
Summary: Implementation of the TCG's Software Stack
|
| Changelog: |
- 0.3.15 released
- Corrected mutliple security issues in tcsd
(Fixes: CVE-2020-24332, CVE-2020-24330, CVE-2020-24331) |
|
shellinabox
Jan. 22, 2021, 10:54 a.m.
|
Jan. 22, 2021, 10:54 a.m. |
Version: 2.20-alt2
|
Summary: AJAX based terminal emulator exporting a console to the browser
|
| Changelog: |
- Applied security fix from upstream (Fixes CVE-2018-16789). |
|
libevt
Jan. 22, 2021, 10:20 a.m.
|
Jan. 22, 2021, 10:20 a.m. |
Version: 20140411-alt2
|
Summary: Library and tools to access the Windows Event Log (EVT) format
|
| Changelog: |
- Applied security fix from upstream (Fixes CVE-2018-8754). |
|
libmspack
Jan. 21, 2021, 6:16 p.m.
|
Jan. 21, 2021, 6:16 p.m. |
Version: 0.6-alt2
|
Summary: Compressors and decompressors for Microsoft compression formats
|
| Changelog: |
- Applied security fix from upstream (Fixes CVE-2018-18584). |
|
spice-vdagent
Jan. 21, 2021, 3:40 p.m.
|
Jan. 21, 2021, 3:40 p.m. |
Version: 0.21.0-alt1
|
Summary: Agent for Spice guests
|
| Changelog: |
- new version 0.21.0 (Fixes CVE-2020-25650, CVE-2020-25651, CVE-2020-25652, CVE-2020-25653). |
|
fleet
Jan. 21, 2021, 2:37 p.m.
|
Jan. 21, 2021, 2:37 p.m. |
Version: 3.6.0-alt1
|
Summary: The premier osquery fleet manager.
|
| Changelog: |
- Updated to upstream version 3.6.0 (Fixes: CVE-2020-26276). |
|
rclone
Jan. 21, 2021, 11:53 a.m.
|
Jan. 21, 2021, 11:53 a.m. |
Version: 1.53.4-alt1
|
Summary: rsync for cloud storage
|
| Changelog: |
- New version 1.53.4 (Fixes: CVE-2020-28924). |
|
x11vnc
Jan. 21, 2021, 9:31 a.m.
|
Jan. 21, 2021, 9:31 a.m. |
Version: 0.9.16-alt2
|
Summary: VNC server for real X displays
|
| Changelog: |
- Applied security fix from upstream (Fixes: CVE-2020-29074). |
|
libexif
Jan. 19, 2021, 1:26 a.m.
|
Jan. 19, 2021, 1:26 a.m. |
Version: 0.6.22-alt3
|
Summary: libexif is a library for parsing, editing, and saving EXIF data
|
| Changelog: |
- added upstream commit:
+ fixed a incorrect overflow check that could be optimized away
(fixes CVE-2020-0452) |
|
edk2-tools
Dec. 25, 2020, 10:38 p.m.
|
Dec. 25, 2020, 10:38 p.m. |
Version: 20201127-alt1
|
Summary: EFI Development Kit II Tools
|
| Changelog: |
- edk2-stable202011 (Fixes: CVE-2019-14584, CVE-2019-11098) |
|
a2ps
Dec. 18, 2020, 3:52 p.m.
|
Dec. 18, 2020, 3:52 p.m. |
Version: 4.14-alt3
|
Summary: Any to PostScript filter
|
| Changelog: |
- Applied security patches from Debian and Gentoo (Fixes: CVE-2014-0466, CVE-2015-8107). |
|
icoutils
Dec. 18, 2020, 10:46 a.m.
|
Dec. 18, 2020, 10:46 a.m. |
Version: 0.32.3-alt1
|
Summary: Utility for extracting and converting Microsoft icon and cursor files
|
| Changelog: |
- Updated to upstream version 0.32.3 (Fixes: CVE-2017-5208,
CVE-2017-5331, CVE-2017-5332, CVE-2017-5333). |
|
dnstracer
Dec. 17, 2020, 4:07 p.m.
|
Dec. 17, 2020, 4:07 p.m. |
Version: 1.9-alt2
|
Summary: A tool to trace DNS queries
|
| Changelog: |
- Applied security patch from Gentoo (Fixes: CVE-2017-9430). |
|
mgetty
Dec. 17, 2020, 12:24 p.m.
|
Dec. 17, 2020, 12:24 p.m. |
Version: 1.2.1-alt1
|
Summary: A getty replacement for use with data and fax modems
|
| Changelog: |
- Updated to upstream version 1.2.1 (Fixes: CVE-2018-16741, CVE-2018-16742,
CVE-2018-16743, CVE-2018-16744, CVE-2018-16745, CVE-2019-1010189, CVE-2019-1010190). |
|
3proxy
Dec. 9, 2020, 2:46 p.m.
|
Dec. 9, 2020, 2:46 p.m. |
Version: 0.6.1-alt2
|
Summary: Proxy server
|
| Changelog: |
- Applied security fix from upstream (Fixes: CVE-2019-14495). |