Sisyphus repository
Last update: 2018-10-20 15:08:00 +0400 | SRPMs: 18122 | Sign in or Sign up
en ru uk br
Security fixes

libssh-0.7.6-alt2  build 2018-10-17

Group: System/Libraries
Summary: C library to authenticate in a simple manner to one or more SSH servers
Changes:

- fix changelog
- security fixes: CVE-2018-10933

libssh-0.7.6-alt1  build 2018-10-17

Group: System/Libraries
Summary: C library to authenticate in a simple manner to one or more SSH servers
Changes:

- new version
- security fix: CVE-2018-10933

clamav-0.100.2-alt1  build 2018-10-17

Group: File tools
Summary: Clam Antivirus scanner
Changes:

- 0.100.2 (CVE-2018-15378, CVE-2018-14680, CVE-2018-14681, CVE-2018-14682)

kernel-image-un-def-1:4.14.76-alt0.M80P.1  build 2018-10-15

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.14.76 (Fixes: CVE-2018-15471)

kernel-image-std-def-1:4.9.133-alt0.M80P.1  build 2018-10-15

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.9.133 (Fixes: CVE-2018-10879, CVE-2018-15471)

wireshark-2.6.4-alt1  build 2018-10-13

Group: Monitoring
Summary: The BugTraq Award Winning Network Traffic Analyzer
Changes:

- 2.6.4 (fixes: CVE-2018-18227, CVE-2018-18225, CVE-2018-18225, CVE-2018-12086)
- disabled build gtk+ UI

kernel-image-std-def-1:4.9.131-alt0.M80P.1  build 2018-10-04

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.9.131 (Fixes: CVE-2018-10880, CVE-2018-7755)

firefox-62.0.3-alt1  build 2018-10-04

Group: Networking/WWW
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Changes:

- New release (62.0.3).
+ CVE-2018-12386: Type confusion in JavaScript
+ CVE-2018-12387: A vulnerability where the JavaScript JIT compiler
+ CVE-2018-12385: Crash in TransportSecurityInfo due to cached data
+ CVE-2018-12377: Use-after-free in refresh driver timers
+ CVE-2018-12378: Use-after-free in IndexedDB
+ CVE-2018-12379: Out-of-bounds write with malicious MAR file
+ CVE-2017-16541: Proxy bypass using automount and autofs
+ CVE-2018-12381: Dragging and dropping Outlook email message results in page navigation
+ CVE-2018-12382: Addressbar spoofing with javascript URI on Firefox for Android
+ CVE-2018-12383: Setting a master password post-Firefox 58 does not delete unencrypted previously stored passwords
+ CVE-2018-12375: Memory safety bugs fixed in Firefox 62
+ CVE-2018-12376: Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2

kernel-image-un-def-1:4.14.74-alt0.M80P.1  build 2018-10-04

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.14.74 (Fixes: CVE-2018-7755)

adobe-flash-player-ppapi-3:31-alt1  build 2018-10-02

Group: Networking/WWW
Summary: Adobe Flash Player
Changes:

- new version
- security fixes: CVE-2018-15967

firefox-esr-60.2.2-alt1  build 2018-10-02

Group: Networking/WWW
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Changes:

- New ESR version (60.2.2)
- Fixed:
+ CVE-2018-12386 Type confusion in JavaScript
+ CVE-2018-12387 JavaScript JIT compiler inlines Array.prototype.push with multiple arguments

kernel-image-std-def-1:4.9.130-alt0.M80P.1  build 2018-10-01

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.9.130 (Fixes: CVE-2018-14633)

kernel-image-un-def-1:4.14.73-alt0.M80P.1  build 2018-10-01

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.14.73 (Fixes: CVE-2018-14633)

kernel-image-std-pae-1:4.4.159-alt0.M80P.1  build 2018-10-01

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.4.159 (Fixes: CVE-2018-14633)

firefox-esr-60.2.1-alt1  build 2018-09-24

Group: Networking/WWW
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Changes:

- New ESR version (60.2.1).
- Fixed:
+ CVE-2018-12385 Crash in TransportSecurityInfo due to cached data
+ CVE-2018-12383 Setting a master password post-Firefox 58 does not delete unencrypted previously stored passwords

kernel-image-std-def-1:4.9.127-alt0.M80P.1  build 2018-09-17

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.9.127 (Fixes: CVE-2018-6554, CVE-2018-6555)

kernel-image-std-pae-1:4.4.156-alt0.M80P.1  build 2018-09-17

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.4.156 (Fixes: CVE-2018-6554, CVE-2018-6555)

kernel-image-un-def-1:4.14.70-alt0.M80P.1  build 2018-09-17

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.14.70 (Fixes: CVE-2018-6554, CVE-2018-6555)

opensc-0.19.0-alt1.rc1  build 2018-09-13

Group: System/Configuration/Hardware
Summary: OpenSC library - for accessing SmartCard devices using PC/SC Lite
Changes:

- New pre-release version 0.19.0-rc1.
- Fixed multiple security problems due to out of bound writes/reads
(Fixes: CVE-2018-16391, CVE-2018-16392, CVE-2018-16393, CVE-2018-16418,
CVE-2018-16419, CVE-2018-16420, CVE-2018-16421, CVE-2018-16422,
CVE-2018-16423, CVE-2018-16424, CVE-2018-16425, CVE-2018-16426,
CVE-2018-16427).

firefox-esr-60.2.0-alt1  build 2018-09-10

Group: Networking/WWW
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Changes:

- New ESR version (60.2.0).
- Fixed:
+ CVE-2018-12377 Use-after-free in refresh driver timers
+ CVE-2018-12378 Use-after-free in IndexedDB
+ CVE-2018-12379 Out-of-bounds write with malicious MAR file
+ CVE-2017-16541 Proxy bypass using automount and autofs
+ CVE-2018-12381 Dragging and dropping Outlook email message results in page navigation
+ CVE-2018-12376 Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2

curl-7.61.1-alt1.M80P.1  build 2018-09-09

Group: Networking/File transfer
Summary: Gets a file from a FTP, GOPHER or HTTP server
Changes:

- 7.61.1 (fixes: CVE-2018-14618)

ceph-12.2.8-alt1.M80P.1  build 2018-09-07

Group: System/Base
Summary: User space components of the Ceph file system
Changes:

- 12.2.8
- fixed uninstall ceph-common (%preun_service rbdmap)
- Fixes for the following security vulnerabilities:
+ CVE 2018-1128: auth: cephx authorizer subject to replay attack
+ CVE 2018-1129: auth: cephx signature check is weak
+ CVE 2018-10861: mon: auth checks not correct for pool ops

libsndfile-1.0.28-alt2  build 2018-09-07

Group: System/Libraries
Summary: A library to handle various audio file formats
Changes:

- fixes: CVE-2017-6892, CVE-2017-12562

wireshark-2.6.3-alt1  build 2018-09-03

Group: Monitoring
Summary: The BugTraq Award Winning Network Traffic Analyzer
Changes:

- 2.6.3 (fixes: CVE-2018-16056, CVE-2018-16057, CVE-2018-16058)

node-8.11.4-alt1  build 2018-08-29

Group: Development/Tools
Summary: Evented I/O for V8 Javascript
Changes:

- new version 8.11.4 (with rpmrb script)
- 2018-08-15, Version 8.11.4 'Carbon' (LTS), @rvagg
- CVE-2018-0732, CVE-2018-12115
- build with external libnghttp2
- fix build with ICU >= 61 (add -DU_USING_ICU_NAMESPACE=1)

ntp-4.2.8p12-alt1  build 2018-08-28

Group: System/Configuration/Other
Summary: The Network Time Protocol (NTP)
Changes:

- 4.2.8p12 (CVE-2018-12327)

openssh-7.2p2-alt2.M80P.2  build 2018-08-24

Group: Networking/Remote access
Summary: OpenSSH free Secure Shell (SSH) implementation
Changes:

- Correction of fix of user enumeration vulnerability (Fixes: CVE-2018-15473).

openssh-7.2p2-alt2.M80P.1  build 2018-08-24

Group: Networking/Remote access
Summary: OpenSSH free Secure Shell (SSH) implementation
Changes:

- Security fix for user enumeration vulnerability (Fixes: CVE-2018-15473).

kernel-image-std-pae-1:4.4.150-alt0.M80P.1  build 2018-08-21

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.4.150 (Fixes: CVE-2018-9363)

kernel-image-un-def-1:4.14.65-alt0.M80P.1  build 2018-08-21

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.14.65 (Fixes: CVE-2018-9363)

kernel-image-std-def-1:4.9.122-alt0.M80P.1  build 2018-08-21

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.9.122 (Fixes: CVE-2018-9363)

mariadb-10.1.35-alt1  build 2018-08-20

Group: Databases
Summary: A very fast and reliable SQL database engine
Changes:

- 10.1.35
- Fixes for the following security vulnerabilities:
+ CVE-2018-3064
+ CVE-2018-3063
+ CVE-2018-3058
+ CVE-2018-3066
- change mode of plugin dir in chroot (ALT #33259)

kernel-image-std-def-1:4.9.120-alt0.M80P.1  build 2018-08-16

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.9.120 (Fixes: CVE-2018-3620)

kernel-image-un-def-1:4.14.63-alt0.M80P.1  build 2018-08-16

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.14.63 (Fixes: CVE-2018-3620)

samba-4.7.9-alt1  build 2018-08-15

Group: System/Servers
Summary: The Samba4 CIFS and AD client and server suite
Changes:

- Update to summer security release
- Security fixes:
+ CVE-2018-1139 Weak authentication protocol allowed
+ CVE-2018-10858 Insufficient input validation on client directory
listing in libsmbclient
+ CVE-2018-10918 Denial of Service Attack on AD DC DRSUAPI server
+ CVE-2018-10919 Confidential attribute disclosure from the AD LDAP server

samba-DC-4.7.9-alt1.M80P.1  build 2018-08-15

Group: System/Servers
Summary: Samba Active Directory Domain Controller
Changes:

- Update to summer security release
- Security fixes:
+ CVE-2018-1139 Weak authentication protocol allowed
+ CVE-2018-10858 Insufficient input validation on client directory
listing in libsmbclient
+ CVE-2018-10918 Denial of Service Attack on AD DC DRSUAPI server
+ CVE-2018-10919 Confidential attribute disclosure from the AD LDAP server

postgresql9.6-9.6.10-alt0.M80P.1  build 2018-08-11

Group: Databases
Summary: PostgreSQL client programs and libraries
Changes:

- 9.6.10
- Fix CVE-2018-10915, CVE-2018-10925

postgresql9.3-9.3.24-alt0.M80P.1  build 2018-08-11

Group: Databases
Summary: PostgreSQL client programs and libraries
Changes:

- 9.3.24
- Fix CVE-2018-10915

postgresql9.5-9.5.14-alt0.M80P.1  build 2018-08-11

Group: Databases
Summary: PostgreSQL client programs and libraries
Changes:

- 9.5.14
- Fix CVE-2018-10915, CVE-2018-10925

postgresql9.6-1C-9.6.10-alt0.M80P.1  build 2018-08-11

Group: Databases
Summary: PostgreSQL client programs and libraries (edition for 1C 8.3.3 and later)
Changes:

- 9.6.10
- Fix CVE-2018-10915, CVE-2018-10925

postgresql10-10.5-alt0.M80P.1  build 2018-08-11

Group: Databases
Summary: PostgreSQL client programs and libraries
Changes:

- 10.5
- Fix CVE-2018-10915, CVE-2018-10925

postgresql9.4-9.4.19-alt0.M80P.1  build 2018-08-11

Group: Databases
Summary: PostgreSQL client programs and libraries
Changes:

- 9.4.19
- Fix CVE-2018-10915

adobe-flash-player-ppapi-3:30-alt1  build 2018-08-09

Group: Networking/WWW
Summary: Adobe Flash Player
Changes:

- new version (ALT#34555)
- security fixes:
CVE-2018-4944, CVE-2018-4945, CVE-2018-5000, CVE-2018-5001,
CVE-2018-5002, CVE-2018-5007, CVE-2018-5008

apache2-1:2.4.34-alt1  build 2018-07-31

Group: System/Servers
Summary: The most widely used Web server on the Internet
Changes:

- 2.4.34
- fixes:
* CVE-2018-1333 DoS for HTTP/2 connections by crafted requests
* CVE-2018-8011 mod_md, DoS via Coredumps on specially crafted requests

wireshark-2.6.2-alt1  build 2018-07-21

Group: Monitoring
Summary: The BugTraq Award Winning Network Traffic Analyzer
Changes:

- 2.6.2 (fixes: CVE-2018-14370, CVE-2018-14367, CVE-2018-14369, CVE-2018-14368, CVE-2018-14341, CVE-2018-14339, CVE-2018-14343, CVE-2018-14340, CVE-2018-14344, CVE-2018-14342)

dovecot-2.2.36-alt0.M80P.1  build 2018-07-20

Group: System/Servers
Summary: Dovecot secure IMAP/POP3 server
Changes:

- Backport new version to p8 branch (closes #35142)
- (Fixes: CVE-2017-15130, CVE-2017-14461, CVE-2017-15132)

curl-7.61.0-alt1.M80P.1  build 2018-07-17

Group: Networking/File transfer
Summary: Gets a file from a FTP, GOPHER or HTTP server
Changes:

- 7.61.0
- fixes:
* CVE-2018-0500 SMTP send heap buffer overflow

glusterfs3-3.12.12-alt1  build 2018-07-12

Group: System/Base
Summary: Cluster File System
Changes:

- new version 3.12.12 (with rpmrb script)
- CVE-2018-10841

kernel-image-std-def-1:4.9.112-alt0.M80P.1  build 2018-07-11

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.9.112 (Fixes: CVE-2018-10876, CVE-2018-10877, CVE-2018-10881, CVE-2018-10882,
CVE-2018-10883)

kernel-image-un-def-1:4.14.55-alt0.M80P.1  build 2018-07-11

Group: System/Kernel and hardware
Summary: The Linux kernel (the core of the Linux operating system)
Changes:

- v4.14.55 (Fixes: CVE-2018-10876, CVE-2018-10877, CVE-2018-10879, CVE-2018-10880,
CVE-2018-10881, CVE-2018-10882, CVE-2018-10883)

  1         3     4     5            Last »  

 
© 2009–2018 Igor Zubkov