Security

- 12.9 (Fixes CVE-2021-3677, CVE-2021-23214, CVE-2021-23222)
- Fixes CVE-2021-3677, CVE-2021-23214, CVE-2021-23222
- 11.14 (Fixes CVE-2021-3677, CVE-2021-23214, CVE-2021-23222)
- 10.19 (Fixes CVE-2021-23214, CVE-2021-23222)
- 9.6.24 (Fixes CVE-2021-23214, CVE-2021-23222)
- updated to latest cyrus-imapd-2.5 branch (6c804c1337cb; fixes: CVE-2021-33582)
- 0.56.1 -> 0.56.7 (fixes: CVE-2021-3480).
- Applied upstream patches (fixes: CVE-2021-25214, CVE-2021-25215).
- New version (CVE-2019-18862 fixed in 3.8)
- Updated %description
- Updated License tags to SPDX syntax
- Require emacs-X11 for build only when mh subpackage is enabled (ALT #38371)
- Disabled standard streams tests for non x86 architectures
- Backport latest security release fixed CVE-2021-3156 to p8/c8/c8.1 branches
  without sudo python plugin due it not compatible with python3.5
- 10.1.48
- Fixes for the following security vulnerabilities:
  + CVE-2020-14812
  + CVE-2020-14765
  + CVE-2020-28912
- Updated to 1.0.2u (fixes CVE-2019-1547, CVE-2019-1551, CVE-2019-1552,
  CVE-2019-1563)
- Backported upstream fix for GENERAL_NAME_cmp (fixes CVE-2020-1971).
- 7.2.34 (Fixes: CVE-2020-7069, CVE-2020-7070)
- 3.5.1 (fixes: CVE-2020-14367)
- 1.5.2 (Fixes: CVE-2017-9103 CVE-2017-9104 CVE-2017-9105 CVE-2017-9109, 
	CVE-2017-9106, CVE-2017-9107, CVE-2017-9108)
- 2.4.43 (Fixes:  CVE-2020-1927, CVE-2020-1934)
- new version (Fixes: CVE-2019-14889)
- Update to latest security release of the Samba 4.9
- Security fixes:
  + CVE-2019-14902: Replication of ACLs set to inherit down a subtree on AD Directory not automatic
  + CVE-2019-14907: Crash after failed character conversion at log level 3 or above
  + CVE-2019-19344: Use after free during DNS zone scavenging in Samba AD DC
- Update to latest security release of the Samba 4.9
- Security fixes:
  + CVE-2019-14902: Replication of ACLs set to inherit down a subtree on AD Directory not automatic
  + CVE-2019-14907: Crash after failed character conversion at log level 3 or above
  + CVE-2019-19344: Use after free during DNS zone scavenging in Samba AD DC
- 2.24.0 -> 2.24.1 (fixes: CVE-2019-1348, CVE-2019-1387, CVE-2019-19604);
  this update also addresses a few Windows and/or NTFS issues
  (fixes: CVE-2019-1349, CVE-2019-1350, CVE-2019-1351, CVE-2019-1352,
  CVE-2019-1353, CVE-2019-1354).
- 6.9.4
- fixes:
	* CVE-2019-19012 Integer overflow related to reg->dmax in search_in_range()
	* CVE-2019-19203 heap-buffer-overflow in gb18030_mbc_enc_len()
	* CVE-2019-19204 heap-buffer-overflow in fetch_interval_quantifier()
- Applied security patches (fixes: CVE-2019-14867, CVE-2019-10195).
- Fixed hyperloglog corruption (Fixes: CVE-2019-10192) (Closes: #37533).
- 1.3.9.0 -> 1.3.9.1.
- Applied upstream fixes (fixes: CVE-2019-14824).
- Updated to 1.3.6-ga73dbfe3b.
- Fix mod_copy bug #4372 (Ensure that mod_copy checks for <Limits> for its SITE
  CPFR) (CVE-2019-12815) (closes #37056).
- Updated mod_sql_postgres patch.
- Updated -pcre patch.
- security (Fixes:
  CVE-2018-15518, CVE-2018-19869, CVE-2018-19870, CVE-2018-19871,
  CVE-2018-19872, CVE-2018-19873)
- Applied upstream security fix (fixes CVE-2019-11500).
- Applied upstream security fix (fixes CVE-2019-11500).
- Fix CVE (Fixes: CVE-2019-3840).
- Updated to 3.5.28.
- Fixes:
  + CVE-2018-1000024 Crash processing SSL-Bumped traffic containing ESI
  + CVE-2018-1000027 Crash handling responses to internally generated requests
  + CVE-2018-1172 Crash in ESI Response processing
  + CVE-2018-19132 Fix memory leak when parsing SNMP packet
  + CVE-2019-12525 Fix Digest auth parameter parsing
  + CVE-2019-12529 Replace uudecode with libnettle base64 decoder
  + CVE-2019-13345 Multiple XSS issues in cachemgr.cgi

Branches
sisyphus
sisyphus_e2k
sisyphus_mipsel
sisyphus_riscv64
p10
p10_e2k
p9
p9_e2k
p9_mipsel
p8
noarch
i586
x86_64
c9f1
c7

postgresql12 Dec. 4, 2021, 8:01 p.m.	Dec. 4, 2021, 8:01 p.m.
Version: 12.9-alt0.M80P.1
Summary: PostgreSQL client programs and libraries
Changelog:
- 12.9 (Fixes CVE-2021-3677, CVE-2021-23214, CVE-2021-23222)

postgresql11-1C Dec. 4, 2021, 7:52 p.m.	Dec. 4, 2021, 7:52 p.m.
Version: 11.12-alt0.M80P.2
Summary: PostgreSQL client programs and libraries (edition for 1C 8.3.13 and later)
Changelog:
- Fixes CVE-2021-3677, CVE-2021-23214, CVE-2021-23222

postgresql11 Dec. 4, 2021, 7:42 p.m.	Dec. 4, 2021, 7:42 p.m.
Version: 11.14-alt0.M80P.1
Summary: PostgreSQL client programs and libraries
Changelog:
- 11.14 (Fixes CVE-2021-3677, CVE-2021-23214, CVE-2021-23222)

postgresql10 Dec. 4, 2021, 7:33 p.m.	Dec. 4, 2021, 7:33 p.m.
Version: 10.19-alt0.M80P.1
Summary: PostgreSQL client programs and libraries
Changelog:
- 10.19 (Fixes CVE-2021-23214, CVE-2021-23222)

postgresql9.6 Dec. 4, 2021, 7:25 p.m.	Dec. 4, 2021, 7:25 p.m.
Version: 9.6.24-alt0.M80P.1
Summary: PostgreSQL client programs and libraries
Changelog:
- 9.6.24 (Fixes CVE-2021-23214, CVE-2021-23222)

cyrus-imapd Sept. 5, 2021, 1:21 a.m.	Sept. 5, 2021, 1:21 a.m.
Version: 2.5.17-alt0.M80P.2
Summary: A high-performance mail store with IMAP and POP3 support
Changelog:
- updated to latest cyrus-imapd-2.5 branch (6c804c1337cb; fixes: CVE-2021-33582)

slapi-nis May 21, 2021, 6:58 p.m.	May 21, 2021, 6:58 p.m.
Version: 0.56.7-alt0.M80P.1
Summary: NIS Server and Schema Compatibility plugins for Directory Server
Changelog:
- 0.56.1 -> 0.56.7 (fixes: CVE-2021-3480).

bind April 29, 2021, 9:33 p.m.	April 29, 2021, 9:33 p.m.
Version: 9.10.8.P1-alt4
Summary: ISC BIND - DNS server
Changelog:
- Applied upstream patches (fixes: CVE-2021-25214, CVE-2021-25215).

mailutils Feb. 28, 2021, 11:26 p.m.	Feb. 28, 2021, 11:26 p.m.
Version: 3.10-alt0.20200913.1
Summary: GNU Mailutils
Changelog:
- New version (CVE-2019-18862 fixed in 3.8) - Updated %description - Updated License tags to SPDX syntax - Require emacs-X11 for build only when mh subpackage is enabled (ALT #38371) - Disabled standard streams tests for non x86 architectures

sudo Jan. 27, 2021, 9:20 p.m.	Jan. 27, 2021, 9:20 p.m.
Version: 1.9.5p2-alt0.M80P.1
Summary: Allows command execution as another user
Changelog:
- Backport latest security release fixed CVE-2021-3156 to p8/c8/c8.1 branches without sudo python plugin due it not compatible with python3.5

mariadb Dec. 14, 2020, 8:13 p.m.	Dec. 14, 2020, 8:13 p.m.
Version: 10.1.48-alt1
Summary: A very fast and reliable SQL database engine
Changelog:
- 10.1.48 - Fixes for the following security vulnerabilities: + CVE-2020-14812 + CVE-2020-14765 + CVE-2020-28912

openssl10 Dec. 9, 2020, 12:34 a.m.	Dec. 9, 2020, 12:34 a.m.
Version: 1.0.2u-alt0.M80P.1
Summary: OpenSSL - Secure Sockets Layer and cryptography shared libraries and tools
Changelog:
- Updated to 1.0.2u (fixes CVE-2019-1547, CVE-2019-1551, CVE-2019-1552, CVE-2019-1563) - Backported upstream fix for GENERAL_NAME_cmp (fixes CVE-2020-1971).

php7 Oct. 7, 2020, 1:32 p.m.	Oct. 7, 2020, 1:32 p.m.
Version: 7.2.34-alt1
Summary: The PHP7 scripting language
Changelog:
- 7.2.34 (Fixes: CVE-2020-7069, CVE-2020-7070)

chrony Sept. 3, 2020, 10:07 p.m.	Sept. 3, 2020, 10:07 p.m.
Version: 3.5.1-alt1
Summary: Chrony clock synchronization program
Changelog:
- 3.5.1 (fixes: CVE-2020-14367)

libssh March 4, 2020, 5:29 p.m.	March 4, 2020, 5:29 p.m.
Version: 0.8.8-alt1
Summary: C library to authenticate in a simple manner to one or more SSH servers
Changelog:
- new version (Fixes: CVE-2019-14889)

freeipa Nov. 26, 2019, 11:04 p.m.	Nov. 26, 2019, 11:04 p.m.
Version: 4.3.3-alt20
Summary: The Identity, Policy and Audit system
Changelog:
- Applied security patches (fixes: CVE-2019-14867, CVE-2019-10195).

redis Nov. 26, 2019, 7:27 p.m.	Nov. 26, 2019, 7:27 p.m.
Version: 3.0.7-alt2
Summary: Redis is an advanced key-value store
Changelog:
- Fixed hyperloglog corruption (Fixes: CVE-2019-10192) (Closes: #37533).

libvirt Aug. 27, 2019, 2:05 p.m.	Aug. 27, 2019, 2:05 p.m.
Version: 3.10.0-alt3
Summary: Library providing a simple API virtualization
Changelog:
- Fix CVE (Fixes: CVE-2019-3840).

adns June 17, 2020, 2:35 p.m.	June 17, 2020, 2:35 p.m.
Version: 1.5.2-alt1
Summary: GNU adns, an asynchronous DNS resolver
Changelog:
- 1.5.2 (Fixes: CVE-2017-9103 CVE-2017-9104 CVE-2017-9105 CVE-2017-9109, CVE-2017-9106, CVE-2017-9107, CVE-2017-9108)

apache2 April 8, 2020, 8:40 a.m.	April 8, 2020, 8:40 a.m.
Version: 2.4.43-alt1
Summary: The most widely used Web server on the Internet
Changelog:
- 2.4.43 (Fixes: CVE-2020-1927, CVE-2020-1934)

samba-DC Jan. 27, 2020, 3:33 p.m.	Jan. 27, 2020, 3:33 p.m.
Version: 4.9.18-alt1
Summary: Samba Active Directory Domain Controller
Changelog:
- Update to latest security release of the Samba 4.9 - Security fixes: + CVE-2019-14902: Replication of ACLs set to inherit down a subtree on AD Directory not automatic + CVE-2019-14907: Crash after failed character conversion at log level 3 or above + CVE-2019-19344: Use after free during DNS zone scavenging in Samba AD DC

samba Jan. 27, 2020, 2:50 p.m.	Jan. 27, 2020, 2:50 p.m.
Version: 4.9.18-alt1
Summary: The Samba4 CIFS and AD client and server suite
Changelog:
- Update to latest security release of the Samba 4.9 - Security fixes: + CVE-2019-14902: Replication of ACLs set to inherit down a subtree on AD Directory not automatic + CVE-2019-14907: Crash after failed character conversion at log level 3 or above + CVE-2019-19344: Use after free during DNS zone scavenging in Samba AD DC

git Dec. 10, 2019, 11:55 p.m.	Dec. 10, 2019, 11:55 p.m.
Version: 2.24.1-alt1
Summary: Git core and tools
Changelog:
- 2.24.0 -> 2.24.1 (fixes: CVE-2019-1348, CVE-2019-1387, CVE-2019-19604); this update also addresses a few Windows and/or NTFS issues (fixes: CVE-2019-1349, CVE-2019-1350, CVE-2019-1351, CVE-2019-1352, CVE-2019-1353, CVE-2019-1354).

oniguruma Dec. 4, 2019, 1:55 p.m.	Dec. 4, 2019, 1:55 p.m.
Version: 6.9.4-alt1
Summary: Regular expressions library
Changelog:
- 6.9.4 - fixes: * CVE-2019-19012 Integer overflow related to reg->dmax in search_in_range() * CVE-2019-19203 heap-buffer-overflow in gb18030_mbc_enc_len() * CVE-2019-19204 heap-buffer-overflow in fetch_interval_quantifier()

389-ds-base Nov. 14, 2019, 10:25 p.m.	Nov. 14, 2019, 10:25 p.m.
Version: 1.3.9.1-alt1.gitb6ba77876
Summary: 389 Directory Server (base)
Changelog:
- 1.3.9.0 -> 1.3.9.1. - Applied upstream fixes (fixes: CVE-2019-14824).

proftpd Sept. 9, 2019, 8:14 p.m.	Sept. 9, 2019, 8:14 p.m.
Version: 1.3.6-alt0.1.ga73dbfe3b
Summary: ProFTPd -- Professional FTP Server
Changelog:
- Updated to 1.3.6-ga73dbfe3b. - Fix mod_copy bug #4372 (Ensure that mod_copy checks for <Limits> for its SITE CPFR) (CVE-2019-12815) (closes #37056). - Updated mod_sql_postgres patch. - Updated -pcre patch.

qt4 Sept. 7, 2019, 1:12 a.m.	Sept. 7, 2019, 1:12 a.m.
Version: 4.8.7-alt7.1
Summary: Shared library for the Qt4 GUI toolkit
Changelog:
- security (Fixes: CVE-2018-15518, CVE-2018-19869, CVE-2018-19870, CVE-2018-19871, CVE-2018-19872, CVE-2018-19873)

dovecot-pigeonhole Aug. 29, 2019, 1:14 p.m.	Aug. 29, 2019, 1:14 p.m.
Version: 0.5.5-alt1.M80P.1
Summary: Sieve language and the ManageSieve protocol for the Dovecot Secure IMAP Server
Changelog:
- Applied upstream security fix (fixes CVE-2019-11500).

Repository: p8

Security

dovecot Aug. 29, 2019, 1:11 p.m.	Aug. 29, 2019, 1:11 p.m.
Version: 2.3.5-alt1.M80P.1
Summary: Dovecot secure IMAP/POP3 server
Changelog:
- Applied upstream security fix (fixes CVE-2019-11500).

squid Aug. 23, 2019, 5:31 a.m.	Aug. 23, 2019, 5:31 a.m.
Version: 3.5.28-alt1
Summary: The Squid proxy caching server
Changelog:
- Updated to 3.5.28. - Fixes: + CVE-2018-1000024 Crash processing SSL-Bumped traffic containing ESI + CVE-2018-1000027 Crash handling responses to internally generated requests + CVE-2018-1172 Crash in ESI Response processing + CVE-2018-19132 Fix memory leak when parsing SNMP packet + CVE-2019-12525 Fix Digest auth parameter parsing + CVE-2019-12529 Replace uudecode with libnettle base64 decoder + CVE-2019-13345 Multiple XSS issues in cachemgr.cgi