Sisyphus repository
Last update: 2017-10-19 09:06:56 +0400 | SRPMs: 15011 | Sign in or Sign up
en ru uk br
Security fixes

kernel-image-un-def-1:4.1.45-alt0.M70P.1.1  build 2017-10-18

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.1.45 (Fixes: CVE-2017-11600)

kernel-image-un-def-1:4.1.44-alt0.M70P.1.1  build 2017-10-17

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- Local root in alsa fixed (Fixes: CVE-2017-15265)

postgresql9.5-9.5.8-alt0.M70P.1  build 2017-08-09

Group: Databases
Summary: PostgreSQL client programs and libraries
Changes:

- 9.5.8
- fix CVE-2017-7547

postgresql9.3-9.3.18-alt0.M70P.1  build 2017-08-09

Group: Databases
Summary: PostgreSQL client programs and libraries
Changes:

- 9.3.18
- fix CVE-2017-7547

postgresql9.4-9.4.13-alt0.M70P.1  build 2017-08-09

Group: Databases
Summary: PostgreSQL client programs and libraries
Changes:

- 9.4.13
- fix CVE-2017-7547

postgresql9.6-1C-9.6.4-alt0.M70P.1  build 2017-08-09

Group: Databases
Summary: PostgreSQL client programs and libraries (edition for 1C 8.3.3 and later)
Changes:

- 9.6.4
- fix CVE-2017-7547

postgresql10-9.6.4-alt1  build 2017-08-09

Group: Databases
Summary: PostgreSQL client programs and libraries
Changes:

- 9.6.4
- fix CVE-2017-7547

postgresql9.6-9.6.4-alt0.M70P.1  build 2017-08-09

Group: Databases
Summary: PostgreSQL client programs and libraries
Changes:

- 9.6.4
- fix CVE-2017-7547

samba-4.5.12-alt1.M70P.1  build 2017-07-12

Group: System/Servers
Summary: The Samba4 CIFS and AD client and server suite
Changes:

- Update to summer security release
- Security fixes:
+ CVE-2017-11103 Orpheus' Lyre KDC-REP service name validation
(Samba binaries built against MIT Kerberos are not vulnerable.)

samba-DC-4.5.12-alt1.M70P.1  build 2017-07-12

Group: System/Servers
Summary: Samba Active Directory Domain Controller
Changes:

- Update to summer security release
- Security fixes:
+ CVE-2017-11103 Orpheus' Lyre KDC-REP service name validation

wireshark-2.2.7-alt1.M70P.1  build 2017-06-04

Group: Monitoring
Summary: The BugTraq Award Winning Network Traffic Analyzer
Changes:

- new version with these security fixes:
* wnpa-sec-2017-22 Bazaar dissector infinite loop CVE-2017-9352
* wnpa-sec-2017-23 DOF dissector read overflow CVE-2017-9348
* wnpa-sec-2017-24 DHCP dissector read overflow CVE-2017-9351
* wnpa-sec-2017-25 SoulSeek dissector infinite loop CVE-2017-9346
* wnpa-sec-2017-26 DNS dissector infinite loop CVE-2017-9345
* wnpa-sec-2017-27 DICOM dissector infinite loop CVE-2017-9349
* wnpa-sec-2017-28 openSAFETY dissector memory exhaustion CVE-2017-9350
* wnpa-sec-2017-29 BT L2CAP dissector divide by zero CVE-2017-9344
* wnpa-sec-2017-30 MSNIP dissector crash CVE-2017-9343
* wnpa-sec-2017-31 ROS dissector crash CVE-2017-9347
* wnpa-sec-2017-32 RGMP dissector crash CVE-2017-9354
* wnpa-sec-2017-30 MSNIP dissector crash CVE-2017-9343
* wnpa-sec-2017-31 ROS dissector crash CVE-2017-9347
* wnpa-sec-2017-32 RGMP dissector crash CVE-2017-9354
* wnpa-sec-2017-33 IPv6 dissector crash CVE-2017-9353

samba-4.5.10-alt1.M70P.1  build 2017-05-24

Group: System/Servers
Summary: The Samba4 CIFS and AD client and server suite
Changes:

- Update to second spring security release
- Fix longtime initialization bug in ldb proxy
- Security fixes:
+ CVE-2017-7494 Remote code execution from a writable share

samba-DC-4.5.10-alt1.M70P.1  build 2017-05-24

Group: System/Servers
Summary: Samba Active Directory Domain Controller
Changes:

- Update to second spring security release
- Fix longtime initialization bug in ldb proxy
- Security fixes:
+ CVE-2017-7494 Remote code execution from a writable share

firefox-esr-45.9.0-alt1  build 2017-04-20

Group: Networking/WWW
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Changes:

- New ESR version
- Security fixes:
+ CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9,
+ CVE-2017-5462: DRBG flaw in NSS
+ CVE-2017-5445: Uninitialized values used while parsing
+ CVE-2017-5469: Potential Buffer overflow in flex-generated code
+ CVE-2017-5437: Vulnerabilities in Libevent library
+ CVE-2017-5448: Out-of-bounds write in ClearKeyDecryptor
+ CVE-2017-5465: Out-of-bounds read in ConvolvePixel
+ CVE-2017-5447: Out-of-bounds read during glyph processing
+ CVE-2017-5446: Out-of-bounds read when HTTP/2 DATA frames are sent with
+ CVE-2017-5444: Buffer overflow while parsing application/http-index-format
+ CVE-2017-5443: Out-of-bounds write during BinHex decoding
+ CVE-2017-5464: Memory corruption with accessibility and DOM manipulation
+ CVE-2017-5442: Use-after-free during style changes
+ CVE-2017-5441: Use-after-free with selection during scroll events
+ CVE-2017-5440: Use-after-free in txExecutionState destructor during XSLT
+ CVE-2017-5439: Use-after-free in nsTArray Length() during XSLT processing
+ CVE-2017-5438: Use-after-free in nsAutoPtr during XSLT processing
+ CVE-2017-5460: Use-after-free in frame selection
+ CVE-2017-5432: Use-after-free in text input selection
+ CVE-2017-5434: Use-after-free during focus handling
+ CVE-2017-5459: Buffer overflow in WebGL
+ CVE-2017-5461: Out-of-bounds write in Base64 encoding in NSS
+ CVE-2017-5436: Out-of-bounds write with malicious font in Graphite 2
+ CVE-2017-5435: Use-after-free during transaction processing in the editor
+ CVE-2017-5433: Use-after-free in SMIL animation functions

firefox-45.9.0-alt1  build 2017-04-20

Group: Networking/WWW
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Changes:

- New ESR version
- Security fixes:
+ CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9,
+ CVE-2017-5462: DRBG flaw in NSS
+ CVE-2017-5445: Uninitialized values used while parsing
+ CVE-2017-5469: Potential Buffer overflow in flex-generated code
+ CVE-2017-5437: Vulnerabilities in Libevent library
+ CVE-2017-5448: Out-of-bounds write in ClearKeyDecryptor
+ CVE-2017-5465: Out-of-bounds read in ConvolvePixel
+ CVE-2017-5447: Out-of-bounds read during glyph processing
+ CVE-2017-5446: Out-of-bounds read when HTTP/2 DATA frames are sent with
+ CVE-2017-5444: Buffer overflow while parsing application/http-index-format
+ CVE-2017-5443: Out-of-bounds write during BinHex decoding
+ CVE-2017-5464: Memory corruption with accessibility and DOM manipulation
+ CVE-2017-5442: Use-after-free during style changes
+ CVE-2017-5441: Use-after-free with selection during scroll events
+ CVE-2017-5440: Use-after-free in txExecutionState destructor during XSLT
+ CVE-2017-5439: Use-after-free in nsTArray Length() during XSLT processing
+ CVE-2017-5438: Use-after-free in nsAutoPtr during XSLT processing
+ CVE-2017-5460: Use-after-free in frame selection
+ CVE-2017-5432: Use-after-free in text input selection
+ CVE-2017-5434: Use-after-free during focus handling
+ CVE-2017-5459: Buffer overflow in WebGL
+ CVE-2017-5461: Out-of-bounds write in Base64 encoding in NSS
+ CVE-2017-5436: Out-of-bounds write with malicious font in Graphite 2
+ CVE-2017-5435: Use-after-free during transaction processing in the editor
+ CVE-2017-5433: Use-after-free in SMIL animation functions

wireshark-2.2.6-alt1.M70P.1  build 2017-04-14

Group: Monitoring
Summary: The BugTraq Award Winning Network Traffic Analyzer
Changes:

- new version with these security fixes:
* wnpa-sec-2017-12 IMAP dissector crash CVE-2017-7703
* wnpa-sec-2017-13 WBMXL dissector infinite loop CVE-2017-7702
* wnpa-sec-2017-14 NetScaler file parser infinite loop CVE-2017-7700
* wnpa-sec-2017-15 RPCoRDMA dissector infinite loop CVE-2017-7705
* wnpa-sec-2017-16 BGP dissector infinite loop CVE-2017-7701
* wnpa-sec-2017-17 DOF dissector infinite loop CVE-2017-7704

krb5-1.13.7-alt0.M70P.1  build 2017-03-24

Group: System/Libraries
Summary: The Kerberos network authentication system
Changes:

- Update to supported security release (Fixes: CVE-2014-5355, CVE-2015-2694,
CVE-2015-2695, CVE-2015-2696, CVE-2015-2698, CVE-2015-2697, CVE-2015-8629,
CVE-2015-8630, CVE-2015-8631, CVE-2016-3119, CVE-2016-3120)
- Backport _keytab group for default keytab /etc/krb5.keytab

samba-DC-4.5.7-alt1.M70P.1  build 2017-03-23

Group: System/Servers
Summary: Samba Active Directory Domain Controller
Changes:

- Update to spring security release
- Fixed build --without docs (closes: 33118)
- Security fixes:
+ CVE-2017-2619 Symlink race allows access outside share definition

samba-4.5.7-alt1.M70P.1  build 2017-03-23

Group: System/Servers
Summary: The Samba4 CIFS and AD client and server suite
Changes:

- Update to spring security release
- Fixed build --without docs (closes: 33118)
- Security fixes:
+ CVE-2017-2619 Symlink race allows access outside share definition

adobe-flash-player-3:25-alt0.M70P.1  build 2017-03-20

Group: Networking/WWW
Summary: Adobe Flash Player
Changes:

- new version
- security fixes:
CVE-2017-2997, CVE-2017-2998, CVE-2017-2999, CVE-2017-3000,
CVE-2017-3001, CVE-2017-3002, CVE-2017-3003

adobe-flash-player-3:24-alt0.M70P.3  build 2017-02-17

Group: Networking/WWW
Summary: Adobe Flash Player
Changes:

- new version
- security fixes:
CVE-2017-2982, CVE-2017-2984, CVE-2017-2985, CVE-2017-2986,
CVE-2017-2987, CVE-2017-2988, CVE-2017-2990, CVE-2017-2991,
CVE-2017-2992, CVE-2017-2993, CVE-2017-2994, CVE-2017-2995,
CVE-2017-2996

adobe-flash-player-3:24-alt0.M70P.2  build 2017-01-11

Group: Networking/WWW
Summary: Adobe Flash Player
Changes:

- new version
- security fixes:
CVE-2017-2925, CVE-2017-2926, CVE-2017-2927, CVE-2017-2928,
CVE-2017-2930, CVE-2017-2931, CVE-2017-2932, CVE-2017-2933,
CVE-2017-2934, CVE-2017-2935, CVE-2017-2936, CVE-2017-2937,
CVE-2017-2938

samba-4.5.3-alt1.M70P.1  build 2016-12-19

Group: System/Servers
Summary: The Samba4 CIFS and AD client and server suite
Changes:

- Update for release with security fixes:
- CVE-2016-2123 (ndr_pull_dnsp_name contains an integer wrap problem)
- CVE-2016-2125 (client code always requests a forwardable ticket)
- CVE-2016-2126 (crash winbindd using a legitimate Kerberos ticket)

samba-DC-4.5.3-alt1.M70P.1  build 2016-12-19

Group: System/Servers
Summary: Samba Active Directory Domain Controller
Changes:

- Update for release with security fixes:
- CVE-2016-2123 (ndr_pull_dnsp_name contains an integer wrap problem)
- CVE-2016-2125 (client code always requests a forwardable ticket)
- CVE-2016-2126 (crash winbindd using a legitimate Kerberos ticket)

adobe-flash-player-3:24-alt0.M70P.1  build 2016-12-15

Group: Networking/WWW
Summary: Adobe Flash Player
Changes:

- new version
- security fixes:
CVE-2016-7867, CVE-2016-7868, CVE-2016-7869, CVE-2016-7870,
CVE-2016-7871, CVE-2016-7872, CVE-2016-7873, CVE-2016-7874,
CVE-2016-7875, CVE-2016-7876, CVE-2016-7877, CVE-2016-7878,
CVE-2016-7879, CVE-2016-7880, CVE-2016-7881, CVE-2016-7890,
CVE-2016-7892

wireshark-2.2.2-alt1  build 2016-11-21

Group: Monitoring
Summary: The BugTraq Award Winning Network Traffic Analyzer
Changes:

- new version, in which following vulnerabilities have been fixed:
* CVE-2016-9372 Profinet I/O long loop.
* CVE-2016-9373 DCERPC crash.
* CVE-2016-9374 AllJoyn crash.
* CVE-2016-9375 DTN infinite loop.
* CVE-2016-9376 OpenFlow crash.

adobe-flash-player-3:11-alt68  build 2016-11-09

Group: Networking/WWW
Summary: Adobe Flash Player
Changes:

- new version
- security fixes:
CVE-2016-7857, CVE-2016-7858, CVE-2016-7859, CVE-2016-7860,
CVE-2016-7861, CVE-2016-7862, CVE-2016-7863, CVE-2016-7864,
CVE-2016-7865

openssh-6.7p1-alt1.M70P.4  build 2016-11-08

Group: Networking/Remote access
Summary: OpenSSH free Secure Shell (SSH) implementation
Changes:

- Backported upstream fixes for CVE-2015-5352, CVE-2015-6563,
CVE-2015-6564.

adobe-flash-player-3:11-alt67  build 2016-10-27

Group: Networking/WWW
Summary: Adobe Flash Player
Changes:

- new version
- security fixes: CVE-2016-7855

kernel-image-std-def-1:3.14.79-alt0.M70P.2  build 2016-10-24

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- CVE-2016-5195 fixed

kernel-image-ovz-el-2.6.32-alt144  build 2016-10-21

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- Added fix for CVE-2016-5195.

openssh-6.7p1-alt1.M70P.3  build 2016-10-20

Group: Networking/Remote access
Summary: OpenSSH free Secure Shell (SSH) implementation
Changes:

- Backported upstream fixes for CVE-2015-8325, CVE-2016-6210,
CVE-2016-8858.

adobe-flash-player-3:11-alt66  build 2016-10-12

Group: Networking/WWW
Summary: Adobe Flash Player
Changes:

- new version
- security fixes:
CVE-2016-4273, CVE-2016-4286, CVE-2016-6981, CVE-2016-6982,
CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986,
CVE-2016-6987, CVE-2016-6989, CVE-2016-6990, CVE-2016-6992

dbus-1.6.30-alt1.M70P.1  build 2016-10-10

Group: System/Servers
Summary: D-BUS is a simple IPC framework based on messages.
Changes:

- fixed CVE-2015-0245

bind-9.9.8-alt2.M70P.2  build 2016-09-27

Group: System/Servers
Summary: ISC BIND - DNS server
Changes:

- Applied upstream fix for CVE-2016-2776.

openssl10-1.0.1u-alt0.M70P.1  build 2016-09-22

Group: System/Base
Summary: OpenSSL - Secure Sockets Layer and cryptography shared libraries and tools
Changes:

- Updated to 1.0.1u (fixes CVE-2016-2177, CVE-2016-2178, CVE-2016-2179,
CVE-2016-2180, CVE-2016-2181, CVE-2016-2182, CVE-2016-2183,
CVE-2016-6302, CVE-2016-6303, CVE-2016-6304, CVE-2016-6306).

adobe-flash-player-3:11-alt65  build 2016-09-19

Group: Networking/WWW
Summary: Adobe Flash Player
Changes:

- new version
CVE-2016-4271, CVE-2016-4272, CVE-2016-4274, CVE-2016-4275,
CVE-2016-4276, CVE-2016-4277, CVE-2016-4278, CVE-2016-4279,
CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283,
CVE-2016-4284, CVE-2016-4285, CVE-2016-4287, CVE-2016-6921,
CVE-2016-6922, CVE-2016-6923, CVE-2016-6924, CVE-2016-6925,
CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930,
CVE-2016-6931, CVE-2016-6932

adobe-flash-player-3:11-alt64  build 2016-07-20

Group: Networking/WWW
Summary: Adobe Flash Player
Changes:

- new version
- security fixes:
CVE-2016-4172, CVE-2016-4173, CVE-2016-4174, CVE-2016-4175,
CVE-2016-4176, CVE-2016-4177, CVE-2016-4178, CVE-2016-4179,
CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183,
CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187,
CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217,
CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221,
CVE-2016-4222, CVE-2016-4223, CVE-2016-4224, CVE-2016-4225,
CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229,
CVE-2016-4230, CVE-2016-4231, CVE-2016-4232, CVE-2016-4233,
CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237,
CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241,
CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245,
CVE-2016-4246, CVE-2016-4247, CVE-2016-4248, CVE-2016-4249

samba-4.4.5-alt1  build 2016-07-10

Group: System/Servers
Summary: The Samba4 CIFS and AD client and server suite
Changes:

- Update for security release with CVE-2016-2119

iperf3-3.1.3-alt1  build 2016-07-09

Group: Monitoring
Summary: A TCP, UDP, and SCTP network bandwidth measurement tool
Changes:

- New version (CVE-2016-4303)

samba-DC-4.4.5-alt1  build 2016-07-08

Group: System/Servers
Summary: Samba Active Directory Domain Controller
Changes:

- Update for security release with CVE-2016-2119

ntp-4.2.8-alt6  build 2016-07-05

Group: System/Configuration/Other
Summary: The Network Time Protocol (NTP)
Changes:

- 4.2.8p8 (CVE-2016-4957 and other CVEs)

adobe-flash-player-3:11-alt63  build 2016-06-27

Group: Networking/WWW
Summary: Adobe Flash Player
Changes:

- new version
- security fixes:
CVE-2016-4122, CVE-2016-4123, CVE-2016-4124, CVE-2016-4125,
CVE-2016-4127, CVE-2016-4128, CVE-2016-4129, CVE-2016-4130,
CVE-2016-4131, CVE-2016-4132, CVE-2016-4133, CVE-2016-4134,
CVE-2016-4135, CVE-2016-4136, CVE-2016-4137, CVE-2016-4138,
CVE-2016-4139, CVE-2016-4140, CVE-2016-4141, CVE-2016-4142,
CVE-2016-4143, CVE-2016-4144, CVE-2016-4145, CVE-2016-4146,
CVE-2016-4147, CVE-2016-4148, CVE-2016-4149, CVE-2016-4150,
CVE-2016-4151, CVE-2016-4152, CVE-2016-4153, CVE-2016-4154,
CVE-2016-4155, CVE-2016-4156, CVE-2016-4166, CVE-2016-4171

wget-1.18-alt1  build 2016-06-10

Group: Networking/WWW
Summary: An utility for retrieving files using the HTTP, HTTPS or FTP protocols
Changes:

- 1.18 (fixes CVE-2016-4971: untrusted filenames when following
HTTP to FTP redirects)

ImageMagick-6.8.4.10-alt3.M70P.2  build 2016-06-06

Group: Graphics
Summary: An X application for displaying and manipulating images
Changes:

- Apply security patch from Debian:
Disable support for reading input from a shell command, or writing
output to a shell command. This was done by the pipe (|) prefix. It
was possible to perform a command injection as discrived by
CVE-2016-5118 since it use popen.

ImageMagick-6.8.4.10-alt3.M70P.1  build 2016-05-18

Group: Graphics
Summary: An X application for displaying and manipulating images
Changes:

- Apply security patches from Debian:
ImageTragick: The coders EPHEMERAL, URL, HTTPS, MVG, MSL, TEXT,
SHOW, WIN, and PLT are disabled via policy.xml file, since they are
vulnerable to code injection. This mitigates CVE-2016-3714,
CVE-2016-3715, CVE-2016-3716, CVE-2016-3717, and CVE-2016-3718.
Since ImageMagick reverts to its internal SVG renderer (which uses
MVG coder) if Inkscape or RSVG is not used, the option --with-rsvg
is included. Closes: 823542. In addition, some other actions were
taken with respect to these vulnerabilities:
- Drop the PLT/Gnuplot decoder, which was vulnerable to command
injection.
- Some sanitization for input filenames in http/https delegates is
added.
- Indirect filename are now authorized by policy.
- Indirect reads with label:@ are prevented.
- Less secure coders (such as MVG, TEXT, and MSL) require explicit
reference in the filename (e.g. mvg:my-graph.mvg).

adobe-flash-player-3:11-alt62  build 2016-05-13

Group: Networking/WWW
Summary: Adobe Flash Player
Changes:

- new version
- security fixes:
CVE-2016-1096, CVE-2016-1097, CVE-2016-1098, CVE-2016-1099,
CVE-2016-1100, CVE-2016-1101, CVE-2016-1102, CVE-2016-1103,
CVE-2016-1104, CVE-2016-1105, CVE-2016-1106, CVE-2016-1107,
CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108,
CVE-2016-4109, CVE-2016-4110, CVE-2016-4111, CVE-2016-4112,
CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4116,
CVE-2016-4117

openssl10-1.0.1t-alt0.M70P.1  build 2016-05-03

Group: System/Base
Summary: OpenSSL - Secure Sockets Layer and cryptography shared libraries and tools
Changes:

- Updated to 1.0.1t (fixes CVE-2016-2105 CVE-2016-2106 CVE-2016-2107
CVE-2016-2109 CVE-2016-2176).

samba-DC-4.4.2-alt2  build 2016-04-28

Group: System/Servers
Summary: Samba Active Directory Domain Controller
Changes:

- Fix CVE-2016-2110/NTLMSSP regression (https://bugzilla.samba.org/show_bug.cgi?id=11849)

samba-4.4.2-alt2  build 2016-04-28

Group: System/Servers
Summary: The Samba4 CIFS and AD client and server suite
Changes:

- Fix CVE-2016-2110/NTLMSSP regression (https://bugzilla.samba.org/show_bug.cgi?id=11849)

  1         3     4     5            Last »  

 
© 2009–2017 Igor Zubkov