Security

libssh Oct. 20, 2018, 10:21 p.m. Oct. 20, 2018, 10:21 p.m.
Version: 0.7.6-alt1.M70P.1
Summary: C library to authenticate in a simple manner to one or more SSH servers
Changelog:
- new version
- security fix: CVE-2018-10933
postgresql10 May 22, 2018, 9:36 a.m. May 22, 2018, 9:36 a.m.
Version: 10.4-alt0.M70P.1
Summary: PostgreSQL client programs and libraries
Changelog:
- 10.4
- Fix CVE-2018-1115
postgresql9.3 May 22, 2018, 9:18 a.m. May 22, 2018, 9:18 a.m.
Version: 9.3.23-alt0.M70P.1
Summary: PostgreSQL client programs and libraries
Changelog:
- 9.3.23
- Fix CVE-2018-1115
postgresql9.4 May 22, 2018, 9:02 a.m. May 22, 2018, 9:02 a.m.
Version: 9.4.18-alt0.M70P.1
Summary: PostgreSQL client programs and libraries
Changelog:
- 9.4.18
- Fix CVE-2018-1115
postgresql9.5 May 22, 2018, 8:45 a.m. May 22, 2018, 8:45 a.m.
Version: 9.5.13-alt0.M70P.1
Summary: PostgreSQL client programs and libraries
Changelog:
- 9.5.13
- Fix CVE-2018-1115
postgresql9.6 May 22, 2018, 8:27 a.m. May 22, 2018, 8:27 a.m.
Version: 9.6.9-alt0.M70P.1
Summary: PostgreSQL client programs and libraries
Changelog:
- 9.6.9
- Fix CVE-2018-1115
postgresql9.6-1C May 22, 2018, 8:09 a.m. May 22, 2018, 8:09 a.m.
Version: 9.6.9-alt0.M70P.1
Summary: PostgreSQL client programs and libraries (edition for 1C 8.3.3 and later)
Changelog:
- 9.6.9
- Fix CVE-2018-1115
kernel-image-un-def Jan. 24, 2018, 4:43 p.m. Jan. 24, 2018, 4:43 p.m.
Version: 4.1.49-alt0.M70P.1
Summary: The Linux kernel (the core of the Linux operating system)
Changelog:
- v4.1.49  (Fixes: CVE-2017-0861, CVE-2017-1000407, CVE-2017-7184)
glibc Oct. 23, 2017, 8:46 p.m. Oct. 23, 2017, 8:46 p.m.
Version: 2.17-alt8.M70P.2
Summary: The GNU libc libraries
Changelog:
- Backported upstream secutiry patches (fixes CVE-2017-15670 CVE-2017-15804).
samba-DC July 13, 2017, 6:56 a.m. July 13, 2017, 6:56 a.m.
Version: 4.5.12-alt1.M70P.1
Summary: Samba Active Directory Domain Controller
Changelog:
- Update to summer security release
- Security fixes:
  + CVE-2017-11103 Orpheus' Lyre KDC-REP service name validation
samba July 13, 2017, 5:47 a.m. July 13, 2017, 5:47 a.m.
Version: 4.5.12-alt1.M70P.1
Summary: The Samba4 CIFS and AD client and server suite
Changelog:
- Update to summer security release
- Security fixes:
  + CVE-2017-11103 Orpheus' Lyre KDC-REP service name validation
  (Samba binaries built against MIT Kerberos are not vulnerable.)
wireshark June 4, 2017, 3:44 p.m. June 4, 2017, 3:44 p.m.
Version: 2.2.7-alt1.M70P.1
Summary: The BugTraq Award Winning Network Traffic Analyzer
Changelog:
- new version with these security fixes:
     * wnpa-sec-2017-22 Bazaar dissector infinite loop CVE-2017-9352
     * wnpa-sec-2017-23 DOF dissector read overflow CVE-2017-9348
     * wnpa-sec-2017-24 DHCP dissector read overflow CVE-2017-9351
     * wnpa-sec-2017-25 SoulSeek dissector infinite loop CVE-2017-9346
     * wnpa-sec-2017-26 DNS dissector infinite loop CVE-2017-9345
     * wnpa-sec-2017-27 DICOM dissector infinite loop CVE-2017-9349
     * wnpa-sec-2017-28 openSAFETY dissector memory exhaustion CVE-2017-9350
     * wnpa-sec-2017-29 BT L2CAP dissector divide by zero CVE-2017-9344
     * wnpa-sec-2017-30 MSNIP dissector crash CVE-2017-9343
     * wnpa-sec-2017-31 ROS dissector crash CVE-2017-9347
     * wnpa-sec-2017-32 RGMP dissector crash CVE-2017-9354
     * wnpa-sec-2017-30 MSNIP dissector crash CVE-2017-9343
     * wnpa-sec-2017-31 ROS dissector crash CVE-2017-9347
     * wnpa-sec-2017-32 RGMP dissector crash CVE-2017-9354
     * wnpa-sec-2017-33 IPv6 dissector crash CVE-2017-9353
krb5 April 9, 2017, 7:18 a.m. April 9, 2017, 7:18 a.m.
Version: 1.13.7-alt0.M70P.1
Summary: The Kerberos network authentication system
Changelog:
- Update to supported security release (Fixes: CVE-2014-5355, CVE-2015-2694,
  CVE-2015-2695, CVE-2015-2696, CVE-2015-2698, CVE-2015-2697, CVE-2015-8629,
  CVE-2015-8630, CVE-2015-8631, CVE-2016-3119, CVE-2016-3120)
- Backport _keytab group for default keytab /etc/krb5.keytab
adobe-flash-player March 20, 2017, 2:12 p.m. March 20, 2017, 2:12 p.m.
Version: 25-alt0.M70P.1
Summary: Adobe Flash Player
Changelog:
- new version
- security fixes:
  CVE-2017-2997, CVE-2017-2998, CVE-2017-2999, CVE-2017-3000,
  CVE-2017-3001, CVE-2017-3002, CVE-2017-3003
openssh Nov. 8, 2016, 5:51 p.m. Nov. 8, 2016, 5:51 p.m.
Version: 6.7p1-alt1.M70P.4
Summary: OpenSSH free Secure Shell (SSH) implementation
Changelog:
- Backported upstream fixes for CVE-2015-5352, CVE-2015-6563,
  CVE-2015-6564.
kernel-image-std-def Oct. 24, 2016, 11:44 a.m. Oct. 24, 2016, 11:44 a.m.
Version: 3.14.79-alt0.M70P.2
Summary: The Linux kernel (the core of the Linux operating system)
Changelog:
- CVE-2016-5195 fixed
dbus Oct. 10, 2016, 7:35 p.m. Oct. 10, 2016, 7:35 p.m.
Version: 1.6.30-alt1.M70P.1
Summary: D-BUS is a simple IPC framework based on messages.
Changelog:
- fixed CVE-2015-0245
bind Sept. 27, 2016, 6:28 p.m. Sept. 27, 2016, 6:28 p.m.
Version: 9.9.8-alt2.M70P.2
Summary: ISC BIND - DNS server
Changelog:
- Applied upstream fix for CVE-2016-2776.
openssl10 Sept. 22, 2016, 5:42 p.m. Sept. 22, 2016, 5:42 p.m.
Version: 1.0.1u-alt0.M70P.1
Summary: OpenSSL - Secure Sockets Layer and cryptography shared libraries and tools
Changelog:
- Updated to 1.0.1u (fixes CVE-2016-2177, CVE-2016-2178, CVE-2016-2179,
  CVE-2016-2180, CVE-2016-2181, CVE-2016-2182, CVE-2016-2183,
  CVE-2016-6302, CVE-2016-6303, CVE-2016-6304, CVE-2016-6306).
ImageMagick June 6, 2016, 2:36 p.m. June 6, 2016, 2:36 p.m.
Version: 6.8.4.10-alt3.M70P.2
Summary: An X application for displaying and manipulating images
Changelog:
- Apply security patch from Debian:
  Disable support for reading input from a shell command, or writing
  output to a shell command. This was done by the pipe (|) prefix. It
  was possible to perform a command injection as discrived by
  CVE-2016-5118 since it use popen.
NetworkManager April 14, 2016, 7:02 p.m. April 14, 2016, 7:02 p.m.
Version: 0.9.8.10-alt1.M70P.2.git20150519
Summary: Network Link Manager and User Applications
Changelog:
- keyfile: fix temporary file races (CVE-2016-0764).
- Upstream git snapshot (nm-0-9-8 branch).
dhcpcd Jan. 18, 2016, 9:27 p.m. Jan. 18, 2016, 9:27 p.m.
Version: 5.6.8-alt2.M70P.1
Summary: DHCP Client
Changelog:
- Ensure that length of the DHCP option's data less then buffer size.
- Fix CVE-2014-6060.
cyrus-imapd Jan. 2, 2016, 1:42 p.m. Jan. 2, 2016, 1:42 p.m.
Version: 2.4.18-alt1.M70P.1
Summary: A high-performance mail store with IMAP and POP3 support
Changelog:
- updated to git 20151026 of "cyrus-imapd-2.4" branch
  (CVE-2015-8077, CVE-2015-8078)
screen Sept. 15, 2015, 7:03 p.m. Sept. 15, 2015, 7:03 p.m.
Version: 4.0.3-alt10.M70P.1
Summary: A screen manager that supports multiple sessions on one terminal
Changelog:
- Backported to p7 branch (CVE-2015-6806).
qemu May 15, 2015, 8:50 p.m. May 15, 2015, 8:50 p.m.
Version: 1.4.0-alt1.1.M70P.1
Summary: QEMU CPU Emulator
Changelog:
- Backported patch from Sisyphus (CVE-2015-3456):
  + fdc: force the fifo access to be in bounds of the allocated buffer.
rsyslog Oct. 9, 2014, 11:07 p.m. Oct. 9, 2014, 11:07 p.m.
Version: 7.6.7-alt0.M70P.1
Summary: Enhanced system logging and kernel message trapping daemon
Changelog:
- 7.6.7
- fixed CVE-2014-3634, CVE-2014-3683
python-module-django-horizon Sept. 8, 2014, 3:14 p.m. Sept. 8, 2014, 3:14 p.m.
Version: 2014.1.2-alt2
Summary: Django application for talking to Openstack
Changelog:
- Tests disabled temporary
- 0101-Add-ru-locale-horizon.patch updated
- 0102-CVE-2014-3594.patch added
- AutoReq: yes, nopython for theme subpackage
kernel-image-el-def June 20, 2014, 8:52 a.m. June 20, 2014, 8:52 a.m.
Version: 2.6.32-alt25
Summary: The Linux kernel (the core of the Linux operating system)
Changelog:
- 2.6.32-431.20.3.el6:
  + CVE-2013-6378
  + CVE-2014-0196
  + CVE-2014-0203
  + CVE-2014-1737
  + CVE-2014-1738
  + CVE-2014-1874
  + CVE-2014-2039
  + CVE-2014-3153
kernel-src-kvm May 13, 2014, 2:21 a.m. May 13, 2014, 2:21 a.m.
Version: 3.10.21-alt8
Summary: KVM modules sources for Linux kernel
Changelog:
- updates from linux-3.10.40:
  + KVM: ioapic: fix assignment of ioapic->rtc_status.pending_eoi (CVE-2014-0155)
gnupg2 Oct. 5, 2013, 2:37 p.m. Oct. 5, 2013, 2:37 p.m.
Version: 2.0.22-alt1
Summary: The GNU Privacy Guard suite
Changelog:
- Updated to 2.0.22 (fixes CVE-2013-4402).
Back to Top