Security

adobe-flash-player Jan 12, 2017, 05:06 AMJan 12, 2017, 05:06 AM
Version: 24-alt0.M70P.2
Summary: Adobe Flash Player
Changelog:
- new version
- security fixes:
  CVE-2017-2925, CVE-2017-2926, CVE-2017-2927, CVE-2017-2928,
  CVE-2017-2930, CVE-2017-2931, CVE-2017-2932, CVE-2017-2933,
  CVE-2017-2934, CVE-2017-2935, CVE-2017-2936, CVE-2017-2937,
  CVE-2017-2938
bind Oct 21, 2016, 06:15 PMOct 21, 2016, 06:15 PM
Version: 9.3.6-alt7.M60P.3
Summary: ISC BIND - DNS server
Changelog:
- Really applied upstream fix for CVE-2016-2776.
- Applied fix for CVE-2016-2848.
chrony Feb 8, 2010, 12:09 PMFeb 8, 2010, 12:09 PM
Version: 1.24-alt1
Summary: Chrony clock synchronization program
Changelog:
- 1.24. Contains security fixes for CVE-2010-0292, CVE-2010-0293, CVE-2010-0294.
cscope May 8, 2009, 04:38 AMMay 8, 2009, 04:38 AM
Version: 15.7a-alt1
Summary: Cscope is a text screen based source browsing tool
Changelog:
- [15.7a] (closes: #19952)
 + CVE-2009-0148
curl Jun 24, 2013, 02:41 PMJun 24, 2013, 02:41 PM
Version: 7.24.0-alt1.M60P.1
Summary: Gets a file from a FTP, GOPHER or HTTP server
Changelog:
- CVE-2013-2174 fixed (curl_easy_unescape() may parse data beyond the end of the input buffer)
cyrus-imapd Nov 1, 2011, 11:32 PMNov 1, 2011, 11:32 PM
Version: 2.4.12-alt0.M60P.1
Summary: A high-performance mail store with IMAP and POP3 support
Changelog:
- Backport to p6 branch (fixes CVE-2011-3372)
eggdrop May 18, 2009, 03:44 PMMay 18, 2009, 03:44 PM
Version: 1.6.19-alt2
Summary: Eggdrop is an IRC bot, written in C
Changelog:
- Security fix: eggdrop remote crash vulnerability (incomplete patch for
  CVE-2007-2807) (Closes: #20067)
fetchmail Jun 7, 2011, 03:08 PMJun 7, 2011, 03:08 PM
Version: 6.3.20-alt1
Summary: Full-featured POP/IMAP/ETRN mail retrieval daemon
Changelog:
- 6.3.20
  + fixes CVE-2011-1947: STARTTLS denial of service vulnerability
    (thanks ldv@ for heads-up)
freeradius Sep 14, 2012, 02:34 PMSep 14, 2012, 02:34 PM
Version: 2.1.10-alt3.M60P.1
Summary: High-performance and highly configurable free RADIUS server
Changelog:
- Security fix: CVE-2012-3547
- Fixed permissions for /etc/raddb/modules, /etc/raddb/sql/mysql,
  /etc/raddb/sql/postgresql dirs (640 -> 750)
glibc Feb 16, 2016, 11:06 PMFeb 16, 2016, 11:06 PM
Version: 2.11.3-alt8.M60P.5
Summary: The GNU libc libraries
Changelog:
- Fixed CVE-2015-7547.
gnome-subtitles Oct 23, 2010, 08:39 AMOct 23, 2010, 08:39 AM
Version: 1.0-alt1.git.75.gcf1c9d0
Summary: subtitle editor
Changelog:
- new version
- fix CVE-2010-3357 (closes: #24316)
ikiwiki Apr 13, 2011, 11:07 PMApr 13, 2011, 11:07 PM
Version: 3.20110328-alt1
Summary: A wiki compiler
Changelog:
- New version (fixes CVE-2011-1401).
ImageMagick Jun 11, 2016, 12:32 PMJun 11, 2016, 12:32 PM
Version: 6.6.9.7-alt0.M60P.1
Summary: An X application for displaying and manipulating images
Changelog:
- Thanks Alt Linux Active Users Club and personally yyy@
- Apply security patch from Debian:
  Disable support for reading input from a shell command, or writing
  output to a shell command. This was done by the pipe (|) prefix. It
  was possible to perform a command injection as discrived by
  CVE-2016-5118 since it use popen.
kernel-image-hpc-skif Oct 23, 2010, 02:36 AMOct 23, 2010, 02:36 AM
Version: 2.6.32-alt24
Summary: The Linux kernel (the core of the Linux operating system)
Changelog:
- 2.6.32.24
- CVE-2010-3904 fixed
lha Apr 16, 2007, 12:14 AMApr 16, 2007, 12:14 AM
Version: 1.14i-alt2
Summary: An archiving and compression utility for LHarc format archives
Changelog:
- ac20050924p1: security fixes for CVE-2006-4335, CVE-2006-4337,
  CVE-2006-4338 (DoS, system access)
- removed patch1, patch2, patch4, patch5 (didn't apply)
libcgroup Mar 3, 2011, 02:17 PMMar 3, 2011, 02:17 PM
Version: 0.37.1-alt1
Summary: Libraries for allow to control and monitor control groups
Changelog:
- 0.37.1
- Fix buffer overflow when processing list of controllers from command line (CVE-2011-1006)
libesmtp Oct 5, 2010, 10:43 AMOct 5, 2010, 10:43 AM
Version: 1.0.6-alt1
Summary: LibESMTP is a library to manage posting email using SMTP
Changelog:
- New version 1.0.6:
  + Fixed CVE-2010-1192, CVE-2010-1194 (certificate validation flaws)
- Build changes:
  + Disabled static build
  + Fixed install section
  + Plugins moved from devel subpackage to the main
libgdiplus Mar 14, 2011, 02:11 PMMar 14, 2011, 02:11 PM
Version: 2.6.7-alt2
Summary: An Open Source implementation of the GDI+ API.
Changelog:
- snapshot of 2.6 branch (20101015)
- fixed CVE-2010-1526 (ALT #24399)
libmodplug Sep 3, 2011, 06:21 PMSep 3, 2011, 06:21 PM
Version: 0.8.8.4-alt1
Summary: Modplug mod music file format library
Changelog:
- NMU: 0.8.8.4
- Security fixes:
  CVE-2011-2911 CVE-2011-2912 CVE-2011-2913 CVE-2011-2914 CVE-2011-2915
libpng Apr 5, 2012, 04:38 AMApr 5, 2012, 04:38 AM
Version: 1.2.49-alt1
Summary: A library of functions for manipulating PNG image format files
Changelog:
- Updated to 1.2.49 (fixes CVE-2011-3048).
Back to Top