Security
Dec 9, 2020, 02:46 PM
3proxy
Version: 0.6.1-alt2
Summary: Proxy server
Changelog:
- Applied security fix from upstream (Fixes: CVE-2019-14495).
Dec 18, 2020, 03:52 PM
a2ps
Version: 4.14-alt3
Summary: Any to PostScript filter
Changelog:
- Applied security patches from Debian and Gentoo (Fixes: CVE-2014-0466, CVE-2015-8107).
Oct 18, 2022, 12:14 AM
adcli
Version: 0.9.2-alt1
Summary: Active Directory enrollment
Changelog:
- Add support LDAP add/mod operation to set/change password: + fix unable to join to active directory after KB5008380/CVE-2021-42287 with option '--ldap-passwd'; + https://gitlab.freedesktop.org/realmd/adcli/-/issues/27 - Add support fall back to LDAPS if CLDAP ping was not successful + If the --use-ldaps option is used and there is no reply on the CLDAP 389/udp port adcli will try to send the request to the LDAPS port 636/tcp. - Fix write SID before secret to Samba's db looks like 'net changesecretpw' - Add passwd-user sub-command for (re)set a user password. - Add dont-expire-password option for computer.
Oct 29, 2020, 06:33 PM
antiword
Version: 0.37-alt4
Summary: Antiword an application to display Microsoft(R) Word files
Changelog:
- Applied patches from Debian (Fixes: CVE-2014-8123).
Apr 5, 2024, 10:54 AM
apache2
Version: 2.4.59-alt1
Summary: The most widely used Web server on the Internet
Changelog:
- 2.4.58 -> 2.4.59 (Fixes: CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
Oct 25, 2022, 05:31 PM
arj
Version: 3.10.22-alt9
Summary: An compressor and uncompressor for .arj format archive files
Changelog:
- Fixes patch CVE-2015-0557-security-traversal-dir (ALT #44143).
Oct 14, 2022, 03:47 PM
aspell
Version: 0.60.8-alt2
Summary: An Open Source interactive spelling checker program
Changelog:
- fixes CVE-2019-25051
Jul 5, 2021, 02:34 PM
audiofile
Version: 0.3.6-alt4
Summary: Library to handle various audio file formats
Changelog:
- applied debian patchset (fixed CVE-2018-13440, CVE-2018-17095) - made flac support optional (enabled by default) - made %check verbose - enabled documentation - fixed License tag
Apr 28, 2021, 02:38 PM
avahi
Version: 0.8-alt2
Summary: Local network service discovery
Changelog:
- avoid infinite-loop in avahi-daemon (closes: #39357) (fixes: CVE-2021-3468)
Nov 5, 2020, 12:41 PM
aview
Version: 1.3.0-alt3.rc1
Summary: High quality ascii-art image (pnm) browser and animation (fli/flc) player
Changelog:
- Switched to CVE-2008-4935 fix from Debian. - Added -Werror=implicit-function-declaration compiler flag.
Oct 28, 2020, 05:23 PM
bchunk
Version: 1.2.2-alt1
Summary: A CD image format converter from .bin/.cue to .iso/.cdr/.wav
Changelog:
- Updated to upstream version 1.2.2 (Fixes: CVE-2017-15953, CVE-2017-15954, CVE-2017-15955).
May 17, 2021, 08:27 PM
chess
Version: 6.2.8-alt1
Summary: The GNU chess program
Changelog:
- Updated to 6.2.8. - Updated book to 1.02. - Fixed CVE-2021-30184. - Packed watch and upstream public signing key to sourcerpm.
Aug 31, 2022, 02:17 AM
cifs-utils
Version: 6.15-alt1
Summary: Utilities for doing and managing mounts of the Linux CIFS filesystem
Changelog:
- Update to stable release 6.15 (Samba#15025, Samba#15026) - mount.cifs: fix length check for ip option parsing (fixes: CVE-2022-27239) - mount.cifs: fix verbose messages on option parsing (fixes: CVE-2022-29869)
Mar 9, 2023, 11:59 AM
clamav
Version: 0.103.8-alt1
Summary: Clam Antivirus scanner
Changelog:
- 0.103.8 (CVE-2023-20032, CVE-2023-20052)
Aug 8, 2023, 08:16 PM
connman
Version: 1.42-alt1
Summary: ConnMan is a daemon for managing internet connections.
Changelog:
- New version 1.42. (Fixes: CVE-2022-32292, CVE-2022-32293, CVE-2023-28488)
Nov 27, 2023, 11:11 AM
csync2
Version: 2.0-alt3
Summary: Csync2 is a cluster synchronization tool
Changelog:
- added commits from upstream git (Fixes: CVE-2019-15522, CVE-2019-15523)
Jun 20, 2023, 06:10 PM
cups-filters
Version: 1.28.11-alt2
Summary: OpenPrinting CUPS filters and backends
Changelog:
- add upstream commit 93e60d3 (Fixes: CVE-2023-24805)
Mar 27, 2024, 12:10 PM
curl
Version: 8.7.1-alt1
Summary: Gets a file from a FTP, GOPHER or HTTP server
Changelog:
- 8.6.0 -> 8.7.1 - Fixes: * CVE-2024-2398: HTTP/2 push headers memory-leak * CVE-2024-2004: Usage of disabled protocol
Feb 19, 2024, 08:58 PM
dnsmasq
Version: 2.90-alt1
Summary: A lightweight caching nameserver
Changelog:
- Fixed different signedness comparison on 32bit systems. - Dropped obsoleted patches. - Patches from upstream git: + Add missing CHANGELOG entries for 2.90; + Fix spurious "resource limit exceeded" messages. - Updated to 2.90 (fixes: CVE-2023-50387,CVE 2023-50868).
Dec 17, 2020, 04:07 PM
dnstracer
Version: 1.9-alt2
Summary: A tool to trace DNS queries
Changelog:
- Applied security patch from Gentoo (Fixes: CVE-2017-9430).
Feb 11, 2024, 04:47 AM
dropbear
Version: 2022.83-alt2
Summary: A smallish SSH server and client
Changelog:
- Backport the fix for the Terrapin attack (fixes CVE-2023-48795). - Undo static linking (ALT#49349).
Oct 29, 2022, 11:07 PM
expat
Version: 2.5.0-alt1
Summary: An XML parser written in C
Changelog:
- Updated to 2.5.0 (fixes: CVE-2022-43680 Fix heap use-after-free after overeager destruction of a shared DTD in function XML_ExternalEntityParserCreate in out-of-memory situations, DoS or potentially ACE).
Sep 18, 2021, 02:03 PM
fail2ban
Version: 0.11.2-alt2
Summary: Fail2Ban is an intrusion prevention framework
Changelog:
- fix build, apply patches from upstream - .service: use /run instead of /var/run - CVE-2021-32749
Jun 20, 2023, 07:31 PM
ffmpeg
Version: 4.4.4-alt1
Summary: A command line toolbox to manipulate, convert and stream multimedia content
Changelog:
- 4.4.3 -> 4.4.4 (Fixes: CVE-2022-3964, CVE-2022-3341, CVE-2022-3109)
Aug 8, 2021, 04:07 AM
ffmpeg3.3
Version: 3.3.9-alt2.E2K.1
Summary: A command line toolbox to manipulate, convert and stream multimedia content
Changelog:
- E2K: apply mcst patches, including CVE-2018-6621 fix
Apr 22, 2024, 10:15 AM
flatpak
Version: 1.14.6-alt1
Summary: Application deployment framework for desktop apps
Changelog:
- 1.14.6 (fixed CVE-2024-32462)
Oct 19, 2020, 03:38 PM
freecol
Version: 0.11.6-alt2
Summary: FreeCol is opensource Colonization clone.
Changelog:
- Applied security fix from Debian (Fixes: CVE-2018-1000825). - Updated license tag.
Apr 18, 2024, 06:09 PM
freerdp
Version: 2.11.6-alt1
Summary: Remote Desktop Protocol functionality
Changelog:
- New version - Security fixes: + CVE-2024-32041 [Low[ OutOfBound Read in zgfx_decompress_segment + CVE-2024-32039 Integer overflow & OutOfBound Write in clear_decompress_residual_data + CVE-2024-32040 integer underflow in nsc_rle_decode + CVE-2024-32458 OutOfBound Read in planar_skip_plane_rle + CVE-2024-32459 OutOfBound Read in ncrush_decompress + CVE-2024-32460 OutOfBound Read in interleaved_decompress
Jan 16, 2024, 03:40 PM
frr
Version: 9.0.2-alt1
Summary: FRRouting Routing daemon
Changelog:
- 9.0.2 (Fixes: CVE-2023-46752, CVE-2023-46753, CVE-2023-47234, CVE-2023-47235)
Oct 29, 2020, 12:47 PM
fuseiso
Version: 20070708-alt3
Summary: Mount ISO filesystem images as a non-root user
Changelog:
- Applied patches from Gentoo (Fixes: CVE-2015-8836, CVE-2015-8837).
Jun 15, 2021, 07:09 PM
gem-rubygems-update
Version: 3.2.19-alt1
Summary: Library packaging and distribution for Ruby
Changelog:
- ^ 3.0.4 -> 3.2.19 - ! CVE-2020-36327, CVE-2021-24105
Apr 17, 2023, 10:15 PM
git
Version: 2.33.8-alt1
Summary: Git core and tools
Changelog:
- 2.33.7 -> 2.33.8 (fixes: CVE-2023-25652, CVE-2023-25815, CVE-2023-29007).
Nov 10, 2022, 05:19 PM
gmp
Version: 6.2.1-alt5
Summary: GNU MP arbitrary precision arithmetic library
Changelog:
- Backported upstream commit "mpz/inp_raw.c: Avoid bit size overflows" (thx Marco Bodrato) (fixes CVE-2021-43618).
Mar 29, 2024, 08:24 PM
gnutls30
Version: 3.6.16-alt5
Summary: A TLS protocol implementation
Changelog:
- Fix side-channel in the deterministic ECDSA (fixes: CVE-2024-28834). - tests: Add test for CVE-2024-28835. - rsa-psk: minimize branching after decryption (fixes: CVE-2024-0553). - x509: detect loop in certificate chain (fixes: CVE-2024-0567).
Dec 19, 2023, 02:07 AM
gst-plugins-bad1.0
Version: 1.20.6-alt3
Summary: A set of GStreamer plugins that need more quality
Changelog:
- fixed CVE-2023-44446
Apr 20, 2020, 12:10 PM
gst-plugins0.10-base
Version: 0.10.36-alt3
Summary: An essential set of GStreamer plugins (legacy version)
Changelog:
- Apply patches from Debian. - Fixes: + CVE-2017-5837 + CVE-2017-5844 + CVE-2019-9928 - Fix build with make 4.3.0 (patch obtained from https://bugs.gentoo.org/show_bug.cgi?id=706076). - Fix License tag according to SPDX.
Dec 18, 2020, 10:46 AM
icoutils
Version: 0.32.3-alt1
Summary: Utility for extracting and converting Microsoft icon and cursor files
Changelog:
- Updated to upstream version 0.32.3 (Fixes: CVE-2017-5208, CVE-2017-5331, CVE-2017-5332, CVE-2017-5333).
Aug 17, 2023, 10:33 AM
ImageMagick
Version: 6.9.12.93-alt1
Summary: An X application for displaying and manipulating images
Changelog:
- New version 6.9.12.93 (Fixes: CVE-2022-44268)
Oct 26, 2020, 05:14 PM
inspircd
Version: 2.0.29-alt1
Summary: InspIRCd is a modular Internet Relay Chat (IRC) server
Changelog:
- Updated to upstream version 2.0.29 (Fixes: CVE-2019-20917, CVE-2020-25269).
Dec 8, 2020, 05:39 PM
irssi
Version: 1.2.2-alt1
Summary: Modular text mode IRC client with Perl scripting
Changelog:
- Updated to upstream version 1.2.2 (Fixes: CVE-2019-13045, CVE-2019-15717).
Jan 4, 2024, 10:57 AM
itop
Version: 3.1.1.1-alt1
Summary: IT Operations Portal
Changelog:
- New version 3.1.1.1 - Security fixes: + CVE-2023-48710 : Restrict pages/exec.php to PHP files + CVE-2023-48709 : Fix CSV injection in Excel from an iTop CSV export file + CVE-2023-46734 : Fix potential XSS vulnerabilities in TWIG CodeExtension filters + CVE-2023-47123 : Fix XSS vulnerability in n:n relations "tagset" widget + CVE-2023-47622 : Fix XSS vulnerabilities in ajax operations + CVE-2023-47626 : Fix XSS vulnerabilities in authent token + CVE-2023-44396 : Fix XSS vulnerabilities in dashlet ajax operations + CVE-2023-43790 : Fix XSS vulnerabilities in friendlyname in object details + CVE-2023-38511 : Fix dashboard allowing to load multiple files and urls + CVE-2023-45808 : Fix object creation in non allowed org by forging http query in both Console and Portal
Nov 20, 2020, 12:52 PM
jbig2dec
Version: 0.19-alt1
Summary: A decoder implementation of the JBIG2 image compression format
Changelog:
- Updated to upstream version 0.19 (Fixes: CVE-2016-9601, CVE-2020-12268).
Oct 19, 2023, 05:11 PM
json-c
Version: 0.17-alt1
Summary: JSON implementation in C
Changelog:
- Updated to 0.17 (Fixes: CVE-2021-32292).
Feb 10, 2024, 12:17 AM
knot-resolver
Jan 15, 2024, 01:38 PM
krb5
Version: 1.19.4-alt3
Summary: The Kerberos network authentication system
Changelog:
- Backport fixes for bronze bit attack (fixes: CVE-2022-37967).
Jul 12, 2021, 10:37 AM
lasso
Version: 2.7.0-alt1
Summary: Liberty Alliance Single Sign On
Changelog:
- New version. - Upstream: + CVE-2021-28091: Fix signature checking on unsigned response with multiple assertions. + configure.ac: Disable java bindings.
Sep 22, 2019, 04:44 PM
libadplug
Version: 2.2.1-alt3
Summary: AdLib sound player library
Changelog:
- added fedora patches: + inline (fixes e2k ftbfs) + cve-2018-17825 (fixes: CVE-2018-17825) + (signed-char unneeded, worked around in previous build) - NB: there's 2.3.1 release over at guthub
Dec 5, 2022, 03:48 PM
libarchive
Version: 3.6.1-alt2
Summary: A library for handling streaming archive formats
Changelog:
- security (fixes: CVE-2022-36227)
Dec 22, 2022, 10:23 AM
libcairo
Version: 1.16.0-alt2
Summary: Multi-platform 2D graphics library
Changelog:
- cherry pick upstream fixes for CVE-2018-19876, CVE-2020-35492
Oct 11, 2023, 08:36 AM
libcue2
Version: 2.3.0-alt1
Summary: Cue sheet parser library
Changelog:
- new version 2.3.0 (with rpmrb script) - CVE-2023-43641
Nov 7, 2023, 06:32 PM
libetpan
Version: 1.9.4-alt4
Summary: This mail library provide a portable, efficient middleware for different kinds of mail access
Changelog:
- Patches from upstream git: + Fix buffer overwrite for empty string in remove_trailing_eol (upstream issue #408); + Detect extra data after STARTTLS response and exit (upstrem issue #387) (fixes: CVE-2020-15953); + Missing boundary fix (upstream issue #384); + Fix potential null pointer deferenced (upstream issue #363); + Fix potential null pointer deferenced (upstream issue #361); + Fix potential null pointer deference (upstream issue #348).
Jan 22, 2021, 10:20 AM
libevt
Version: 20140411-alt2
Summary: Library and tools to access the Windows Event Log (EVT) format
Changelog:
- Applied security fix from upstream (Fixes CVE-2018-8754).
Mar 27, 2024, 11:45 AM
libfcgi
Oct 30, 2021, 09:02 AM
libgfbgraph
Version: 0.2.5-alt1
Summary: A GObject library for Facebook Graph API
Changelog:
- 0.2.5 (fixed CVE-2021-39358)
Dec 8, 2020, 03:52 PM
libiec61850
Version: 1.4.2.1-alt1
Summary: Open source libraries for IEC 61850 and IEC 60870-5-104
Changelog:
- Updated to upstream version 1.4.2.1 (Fixes: CVE-2019-6135, CVE-2019-6136, CVE-2019-6138, CVE-2019-6719, CVE-2019-16510, CVE-2019-1010300, CVE-2020-7054).
Mar 29, 2023, 07:29 AM
libmemcached
Version: 1.1.4-alt1
Summary: Client library to the memcached
Changelog:
- 1.1.4 (Fixes CVE-2023-27478) - Change URL to new upstream project - Use CMAKE
Mar 29, 2023, 12:03 PM
libmicrohttpd
Version: 0.9.76-alt1
Summary: Library providing compact API and implementation of an HTTP/1.1 webserver
Changelog:
- 0.9.76 released (fixes: CVE-2023-27371)
Jan 21, 2021, 06:16 PM
libmspack
Version: 0.6-alt2
Summary: Compressors and decompressors for Microsoft compression formats
Changelog:
- Applied security fix from upstream (Fixes CVE-2018-18584).
Apr 5, 2024, 11:00 AM
libnghttp2
May 14, 2022, 12:52 AM
libopenjpeg2.0
Version: 2.5.0-alt1
Summary: JPEG 2000 codec library (API version 2.0)
Changelog:
- 2.5.0 (fixed CVE-2013-4289, CVE-2013-4290, CVE-2019-6988, CVE-2018-20846, CVE-2018-16376, CVE-2021-29338)
Nov 5, 2022, 12:13 PM
libpixman
Version: 0.40.0-alt2.1
Summary: Pixel manipulation library
Changelog:
- apply upstream commit a1f88e842e0216a5b4df1ab023caebe33c101395 to fix CVE-2022-44638
Aug 27, 2019, 05:59 PM
libpng16
Version: 1.6.37-alt1
Summary: A library of functions for manipulating PNG image format files
Changelog:
- 1.6.37 (fixes: CVE-2018-14048, CVE-2018-14550, CVE-2019-7317)
Sep 6, 2023, 05:02 PM
LibreOffice
Version: 6.3.0.3-alt6.E2K.8
Summary: LibreOffice Productivity Suite
Changelog:
- Apply workaround for mcst#8230 - Disable KF5 (ftbfs on p10_e2k + lcc 1.26) - CVE-2022-3140 kludge (cherry-picked from -alt6.E2K.5.1)
Nov 3, 2020, 03:36 PM
libsdp
Version: 1.1.108-alt1.0.17.ga6958ef
Summary: LD_PRELOAD-able library for using SDP
Changelog:
- Updated to upstream version 1.1.108-0.17.ga6958ef (Fixes: CVE-2010-4173).
Mar 30, 2023, 11:41 AM
libsixel
Version: 1.10.3-alt1
Summary: A SIXEL encoder/decoder implementation
Changelog:
- 1.10.3. - switch to meson. - Security fixes for CVE-2020-11721, CVE-2020-19668.
Jan 12, 2024, 10:52 AM
libssh
Version: 0.10.6-alt1
Summary: C library to authenticate in a simple manner to one or more SSH servers
Changelog:
- new version (fixes: CVE-2023-6004 CVE-2023-48795 CVE-2023-6918) (closes: 49050)
Jan 30, 2024, 08:37 AM
libssh2
Version: 1.11.0-alt2
Summary: A library implementing the SSH2 protocol
Changelog:
- Applied security fix from upstream (Fixes: CVE-2023-48795).
Dec 18, 2022, 03:00 AM
libtiff
Version: 4.4.0-alt2
Summary: Library of functions for manipulating TIFF format image files
Changelog:
- Applied SUSE patches (fixed tiff-CVE-2022-2056, CVE-2022-2057, CVE-2022-2058, CVE-2022-2519, CVE-2022-2520, CVE-2022-2521, CVE-2022-3597, CVE-2022-3598, CVE-2022-3599, CVE-2022-3626, CVE-2022-3627, CVE-2022-3970 and CVE-2022-34526) (closes #44499).
May 27, 2023, 03:54 AM
libtpms
Version: 0.9.6-alt1
Summary: Library providing Trusted Platform Module (TPM) functionality
Changelog:
- New version 0.9.6 (Fixes: CVE-2023-1017, CVE-2023-1018).
Sep 14, 2023, 10:02 AM
libwebp
Version: 1.3.2-alt1
Summary: Library and tools for the WebP graphics format
Changelog:
- 1.3.2 (fixed CVE-2023-4863)
Sep 27, 2017, 04:35 PM
libwmf
Version: 0.2.8.4-alt13
Summary: A library to convert wmf files
Changelog:
- Secutity (Fixes: CVE-2015-0848, CVE-2015-4588, CVE-2015-4695, CVE-2015-4696, CVE-2016-9011)
Oct 4, 2023, 09:14 AM
libX11
Jan 24, 2023, 04:58 PM
libxml2
Version: 2.9.12-alt1.p10.1
Summary: The library for manipulating XML files
Changelog:
- Applied security fixes from upstream (Fixes: CVE-2022-23308, CVE-2022-29824, CVE-2022-40303, CVE-2022-40304).
Oct 4, 2023, 08:58 AM
libXpm
Nov 17, 2020, 09:15 AM
libXrender
Version: 0.9.10-alt1
Summary: X Render Library
Changelog:
- 0.9.10 - securuty fixes: CVE-2016-7949, CVE-2016-7950
Nov 17, 2020, 09:24 AM
libXtst
Version: 1.2.3-alt1
Summary: The Xtst Library
Changelog:
- 1.2.3 - securuty fixes: CVE-2016-7951, CVE-2016-7952
Sep 20, 2021, 10:54 PM
libytnef
Version: 2.0-alt1
Summary: TNEF Stream Parser Library
Changelog:
- 2.0 (fixed CVE-2021-3403, CVE-2021-3404)
Dec 8, 2020, 11:09 AM
lout
Version: 3.40-alt4
Summary: The Lout document formatting language
Changelog:
- Applied security patch from Fedora (Fixes: CVE-2019-19917, CVE-2019-19918)
Oct 12, 2022, 02:52 PM
lrzsz
Version: 0.12.20-alt2
Summary: Programs for communicating over Z-, Y- & X-modem protocols.
Changelog:
- fixes CVE-2018-10195.
Feb 9, 2024, 06:29 PM
lxc
Version: 4.0.12-alt3
Summary: Linux Containers
Changelog:
- Add sysctl config with "fs.inotify.max_user_instances = 1024" (ALT#46072). - Disable build init.lxc.static. - Add subgids and subuids for root. - Backport patches form upstream stable-4.0 branch (Fixes: CVE-2022-47952).
Dec 1, 2021, 07:44 PM
mailman
Version: 2.1.38-alt1
Summary: Mailing list manager with built in web access
Changelog:
- 2.1.37 -> 2.1.38 (fixes for CVE-2021-44227).
Jun 27, 2021, 10:12 PM
mediawiki-extensions-Widgets
Version: 1.3.0-alt1git
Summary: Widgets extension allows adding widgets to wiki by just creating pages in Widget namespace
Changelog:
- new version (1.3.0) with rpmgs script - CVE-2020-9382, CVE-2020-35625
Dec 17, 2020, 12:24 PM
mgetty
Version: 1.2.1-alt1
Summary: A getty replacement for use with data and fax modems
Changelog:
- Updated to upstream version 1.2.1 (Fixes: CVE-2018-16741, CVE-2018-16742, CVE-2018-16743, CVE-2018-16744, CVE-2018-16745, CVE-2019-1010189, CVE-2019-1010190).
Nov 5, 2020, 11:33 AM
mimetex
Version: 1.76-alt1
Summary: Mimetex ets you easily embed LaTeX math in your html pages
Changelog:
- Updated to version 1.76 from Debian (Fixes: CVE-2009-1382, CVE-2009-2459).
Oct 11, 2023, 04:19 PM
moodle
Version: 4.3.0-alt1
Summary: The world's open source learning platform
Changelog:
- New version. - Use PHP 8.2. - Security fixes: CVE-2023-40316, CVE-2023-40317, CVE-2023-40318, CVE-2023-40319, CVE-2023-40320, CVE-2022-39369, CVE-2023-40322, CVE-2023-40323, CVE-2023-40324, CVE-2023-40325 - Requires exif PHP module. - Set PHP parameter max_input_vars=5000.
Dec 9, 2020, 01:25 PM
mupdf
Version: 1.18.0-alt1
Summary: A lightweight PDF viewer and toolkit
Changelog:
- Updated to upstream version 1.18.0 (Fixes: CVE-2017-5991, CVE-2018-10289, CVE-2018-16647, CVE-2018-16648, CVE-2019-14975, CVE-2020-26519).
Jan 18, 2024, 11:08 PM
MySQL
Version: 8.0.36-alt1
Summary: A very fast and reliable SQL database engine
Changelog:
- new version + (fixes: CVE-2024-20960, CVE-2024-20961, CVE-2024-20962, CVE-2024-20963) + (fixes: CVE-2024-20964, CVE-2024-20965, CVE-2024-20966, CVE-2024-20967) + (fixes: CVE-2024-20968, CVE-2024-20969, CVE-2024-20970, CVE-2024-20971) + (fixes: CVE-2024-20972, CVE-2024-20973, CVE-2024-20974, CVE-2024-20975) + (fixes: CVE-2024-20976, CVE-2024-20977, CVE-2024-20978, CVE-2024-20981) + (fixes: CVE-2024-20982, CVE-2024-20983, CVE-2024-20984, CVE-2024-20985) - update mysql-shell 8.0.35 -> 8.0.36
Sep 28, 2023, 04:47 AM
netatalk
Version: 3.1.17-alt1
Summary: Open Source Apple Filing Protocol(AFP) File Server
Changelog:
- 3.1.17 (fixed CVE-2023-42464, CVE-2022-23121, CVE-2022-23123, CVE-2022-43634 and CVE-2022-45188) - Add /etc/netatalk/afppasswd (Closes: #46445) - Add /var/lib/netatalk (Closes: #46441) - Add Requires: cracklib-words (Closes: #46446)
Dec 4, 2023, 05:48 PM
nextcloud
Version: 27.1.4-alt1
Summary: Cloud platform
Changelog:
- New version (fixes: CVE-2023-48306, CVE-2023-48305, CVE-2023-48304, CVE-2023-48303, CVE-2023-48302, CVE-2023-48301, CVE-2023-48239, CVE-2023-45148).
Nov 8, 2022, 08:01 AM
ntfs-3g
Version: 2021.8.22-alt2
Summary: third generation Linux NTFS driver
Changelog:
Jun 19, 2023, 04:15 PM
openldap
Version: 2.4.59-alt1.p10.2
Summary: LDAP libraries and sample clients
Changelog:
- fixes CVE-2022-29155.
Oct 28, 2022, 02:27 PM
openslp
Version: 2.0.0-alt3
Summary: OpenSLP implementation of Service Location Protocol V2
Changelog:
- Applied security fixes (fixes CVE-2021-4217).
Jan 16, 2024, 08:00 AM
openssh
Version: 7.9p1-alt4.p10.4
Summary: OpenSSH free Secure Shell (SSH) implementation
Changelog:
- Backported upstream security fix for Terrapin attack (fixes CVE-2023-48795).
Sep 29, 2023, 08:00 AM
openssl1.1
Version: 1.1.1w-alt0.p10.1
Summary: OpenSSL - Secure Sockets Layer and cryptography shared libraries and tools
Changelog:
- Updated to v1.1.1w (fixes CVE-2023-3817, CVE-2023-3446, CVE-2023-4807).
May 21, 2022, 07:21 AM
openvpn
Version: 2.5.6-alt1
Summary: a full-featured SSL VPN solution
Changelog:
- New version (Closes: 42217) - Security fixes: + CVE-2022-0547: possible authentication bypass if multiple authentication plugins tries to do deferred authentication - Fix build with new python3-module-docutils
Apr 10, 2024, 03:27 PM
openvswitch
Version: 2.17.9-alt1
Summary: An open source, production quality, multilayer virtual switch
Changelog:
- 2.17.9 (Fixes: CVE-2023-3966, CVE-2023-5366)
Oct 21, 2022, 03:23 PM
perl-DBI
Nov 3, 2022, 04:58 PM
php7
Version: 7.4.33-alt1
Summary: The PHP7 scripting language
Changelog:
- 7.4.32 -> 7.4.33 (Fixes: CVE-2022-31630, CVE-2022-37454)
Sep 14, 2023, 08:50 PM
php8.0
Version: 8.0.30-alt1
Summary: The PHP scripting language
Changelog:
- 8.0.29 -> 8.0.30 (Fixes: CVE-2023-3823, CVE-2023-3824) - for sisyphus and p11: added conflicts with the installer-stage3 to avoid using php8.0 in distributios: The first stage of EOL plan
Apr 12, 2024, 07:36 PM
php8.1
Version: 8.1.28-alt1
Summary: The PHP scripting language
Changelog:
- 8.1.27 -> 8.1.28 (Fixes: CVE-2024-1874, CVE-2024-2756, CVE-2024-3096)