Packages from AltLinux

Security

Feb 7, 2023, 07:46 PM

openssl1.1

Version: 1.1.1t-alt1
Summary: OpenSSL - Secure Sockets Layer and cryptography shared libraries and tools
Changelog:
- Updated to 1.1.1t (fixes CVE-2023-0286, CVE-2023-0215, CVE-2022-4450,
  CVE-2022-4304).
Feb 1, 2023, 01:27 PM

apache2

Version: 2.4.55-alt1
Summary: The most widely used Web server on the Internet
Changelog:
- 2.4.55 (Fixes: CVE-2022-37436, CVE-2006-20001, CVE-2022-36760)
Feb 1, 2023, 06:54 AM

libxml2

Version: 2.9.10-alt6.p9.1
Summary: The library for manipulating XML files
Changelog:
- Applied security fixes from upstream (Fixes: CVE-2022-40303, CVE-2022-40304).
Dec 20, 2022, 07:34 PM

libetpan

Version: 1.9.4-alt3
Summary: This mail library provide a portable, efficient middleware for different kinds of mail access
Changelog:
- Fixed libssl knob.
- Fixed License tag.
- Added Vcs tag.
- Patch from upstream:
  + Fixed crash when st_info_list is NULL (fixes: CVE-2022-4121).
Nov 28, 2022, 10:52 AM

tcpreplay

Version: 4.4.2-alt1
Summary: A tool to replay captured network traffic
Changelog:
- 4.4.2 (Fixes: CVE-2022-28487, CVE-2022-27942, CVE-2022-27940, CVE-2022-37047, CVE-2022-37049,
     CVE-2022-27939, CVE-2022-25484, CVE-2022-27941)
Nov 17, 2022, 05:00 PM

libexo

Version: 0.12.11-alt3
Summary: Extension library to Xfce
Changelog:
- exo-helper: Properly quote command parameters (fixes: CVE-2022-45062).
Nov 16, 2022, 10:31 AM

krb5

Version: 1.17.2-alt4
Summary: The Kerberos network authentication system
Changelog:
- Backports from 1.19.4:
  + fix integer overflows in PAC parsing (Fixes: CVE-2022-42898);
  + fix some memory leaks.
Oct 21, 2022, 03:30 PM

nginx

Version: 1.22.1-alt1
Summary: Fast HTTP server
Changelog:
- 1.22.1 (Fixes: CVE-2022-41741, CVE-2022-41742)
Aug 2, 2022, 09:11 PM

gnutls30

Version: 3.6.16-alt2
Summary: A TLS protocol implementation
Changelog:
- Fix double free during gnutls_pkcs7_verify (fixes: CVE-2022-2509).
May 21, 2022, 07:21 AM

openvpn

Version: 2.5.6-alt1
Summary: a full-featured SSL VPN solution
Changelog:
- New version (Closes: 42217)
- Security fixes:
  + CVE-2022-0547: possible authentication bypass if multiple
    authentication plugins tries to do deferred authentication
- Fix build with new python3-module-docutils
May 20, 2022, 01:30 PM

clamav

Version: 0.103.6-alt1
Summary: Clam Antivirus scanner
Changelog:
- 0.103.6
  + CVE-2022-20770
  + CVE-2022-20796
  + CVE-2022-20771
  + CVE-2022-20785
  + CVE-2022-20792
Apr 21, 2022, 12:43 PM

libinput

Version: 1.18.2-alt1
Summary: Input devices library
Changelog:
- 1.18.2 (fixed CVE-2022-1215)
Mar 17, 2022, 04:28 PM

bind

Version: 9.11.37-alt1
Summary: ISC BIND - DNS server
Changelog:
- 9.11.36 -> 9.11.37 (fixes: CVE-2021-25220).
Mar 16, 2022, 02:54 AM

openssl10

Version: 1.0.2u-alt1.p9.2
Summary: OpenSSL - Secure Sockets Layer and cryptography shared libraries and tools
Changelog:
- Backported upstream security fix (fixes CVE-2022-0778).
Feb 21, 2022, 11:53 AM

wireshark

Version: 3.6.2-alt1
Summary: The BugTraq Award Winning Network Traffic Analyzer
Changelog:
- 3.6.2 (Fixes: CVE-2022-0586, CVE-2022-0585, CVE-2022-0583, CVE-2022-0582, CVE-2022-0581)
Jan 26, 2022, 09:10 PM

polkit

Version: 0.115-alt2.2
Summary: PolicyKit Authorization Framework
Changelog:
- NMU (fixes: CVE-2021-4034).
- Applied upstream fix for a trivially exploitable local root vulnerability,
  see https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt
Jan 25, 2022, 08:08 PM

phpipam

Version: 1.45.031-alt1
Summary: PHP-based virtual machine control tool
Changelog:
- 1.4.5 Release (Fixes: CVE-2020-7988).
Jan 18, 2022, 03:17 PM

expat

Version: 2.4.3-alt1
Summary: An XML parser written in C
Changelog:
- Updated to 2.4.3 (with multiple security fixes).
- Fixes:
  + CVE-2021-45960 issues with left shift by >= 29 places in function storeAtts that
    can lead to realloc misbehavior;
  + CVE-2021-46143 Integer overflow on variable m_groupSize in function doProlog;
  + CVE-2022-22822 Integer overflows near memory allocation in function addBinding;
  + CVE-2022-22823 Integer overflows near memory allocation in function build_model;
  + CVE-2022-22824 Integer overflows near memory allocation in function defineAttribute;
  + CVE-2022-22825 Integer overflows near memory allocation in function lookup;
  + CVE-2022-22826 Integer overflows near memory allocation in function nextScaffoldPart;
  + CVE-2022-22827 Integer overflows near memory allocation in function storeAtts.
Dec 17, 2021, 03:26 PM

python3-module-django

Version: 2.2.25-alt1
Summary: A high-level Python 3 Web framework that encourages rapid development and clean, pragmatic design.
Changelog:
- new version 2.2.25
- Fixes for the following security vulnerabilities:
  + CVE-2021-44420: Potential bypass of an upstream access control based on URL paths
Nov 18, 2021, 08:37 PM

php7

Version: 7.3.33-alt1
Summary: The PHP7 scripting language
Changelog:
- 7.3.33 (Fixes: CVE-2021-21707)
Nov 13, 2021, 02:04 AM

mailman

Version: 2.1.37-alt1
Summary: Mailing list manager with built in web access
Changelog:
- 2.1.36 -> 2.1.37 (fixes bug in the fix for CVE-2021-43332).
Oct 21, 2021, 04:06 PM

freerdp

Version: 2.4.1-alt1
Summary: Remote Desktop Protocol functionality
Changelog:
- New version.
- Security fixes:
  + CVE-2021-41159 Improper client input validation for gateway connections allows to overwrite memory
  + CVE-2021-41160 Improper region checks in all clients allow out of bound write to memory
Sep 4, 2021, 11:19 PM

cyrus-imapd

Version: 3.2.8-alt1
Summary: A high-performance email, contacts and calendar server
Changelog:
- 3.2.8 (fixes: CVE-2021-33582)
Sep 2, 2021, 11:56 AM

libssh

Version: 0.9.6-alt1
Summary: C library to authenticate in a simple manner to one or more SSH servers
Changelog:
- new version
- security (fixes: CVE-2021-3634)
Aug 31, 2021, 05:02 PM

ntfs-3g

Version: 2021.8.22-alt1
Summary: third generation Linux NTFS driver
Changelog:
- 2021.8.22 (Fixes: CVE-2021-33285, CVE-2021-35269, CVE-2021-35268, CVE-2021-33289,
  CVE-2021-33286, CVE-2021-35266, CVE-2021-33287, CVE-2021-35267, CVE-2021-39251,
  CVE-2021-39252, CVE-2021-39253, CVE-2021-39254, CVE-2021-39255, CVE-2021-39256,
  CVE-2021-39257, CVE-2021-39258, CVE-2021-39259, CVE-2021-39260, CVE-2021-39261,
  CVE-2021-39262, CVE-2021-39263)
Aug 12, 2021, 01:39 PM

dovecot

Version: 2.3.16-alt1
Summary: Dovecot secure IMAP/POP3 server
Changelog:
- Updated to 2.3.16 (fixes CVE-2021-33515, CVE-2021-29157, CVE-2021-33515, CVE-2021-29157).
- Package watch file.
Aug 12, 2021, 12:06 AM

c-ares

Version: 1.17.2-alt1
Summary: A library that performs asynchronous DNS operations
Changelog:
- 1.17.2 (Fixes: CVE-2021-3672)
Aug 8, 2021, 04:14 AM

ffmpeg3.3

Version: 3.3.9-alt2.E2K.1
Summary: A command line toolbox to manipulate, convert and stream multimedia content
Changelog:
- E2K: apply mcst patches, including CVE-2018-6621 fix
Jul 6, 2021, 04:15 AM

kernel-image-elbrus-4c

Version: 5.4.91-alt2.12.1
Summary: The Linux kernel (the core of the Linux operating system)
Changelog:
- Version bump to 5.4.91-2.10
- Most fixes from upstream v5.4.128
(Fixes: CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26141 CVE-2020-26145)
(Fixes: CVE-2020-26147 CVE-2021-3564 CVE-2021-23133 CVE-2021-23134)
- Sync with sisyphus v5.4.129
- Disable docs build by default.
Jul 6, 2021, 03:20 AM

kernel-image-elbrus-1cp

Version: 5.4.91-alt2.12.1
Summary: The Linux kernel (the core of the Linux operating system)
Changelog:
- Version bump to 5.4.91-2.10
- Most fixes from upstream v5.4.128
(Fixes: CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26141 CVE-2020-26145)
(Fixes: CVE-2020-26147 CVE-2021-3564 CVE-2021-23133 CVE-2021-23134)
- Sync with sisyphus v5.4.129
- Disable docs build by default.
Jul 6, 2021, 12:52 AM

kernel-image-elbrus-8c

Version: 5.4.91-alt2.12.1
Summary: The Linux kernel (the core of the Linux operating system)
Changelog:
- Version bump to 5.4.91-2.10
- Most fixes from upstream v5.4.128
(Fixes: CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26141 CVE-2020-26145)
(Fixes: CVE-2020-26147 CVE-2021-3564 CVE-2021-23133 CVE-2021-23134)
- Sync with sisyphus v5.4.129
- Disable docs build by default.
Jul 6, 2021, 12:47 AM

kernel-image-elbrus-def

Version: 5.4.91-alt2.12.1
Summary: The Linux kernel (the core of the Linux operating system)
Changelog:
- Version bump to 5.4.91-2.10
- Most fixes from upstream v5.4.128
(Fixes: CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26141 CVE-2020-26145)
(Fixes: CVE-2020-26147 CVE-2021-3564 CVE-2021-23133 CVE-2021-23134)
- Sync with sisyphus v5.4.129
- Disable docs build by default.
Jul 5, 2021, 06:46 PM

kernel-image-elbrus-8c2

Version: 5.4.91-alt2.12.1
Summary: The Linux kernel (the core of the Linux operating system)
Changelog:
- Version bump to 5.4.91-2.10
- Most fixes from upstream v5.4.128
(Fixes: CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26141 CVE-2020-26145)
(Fixes: CVE-2020-26147 CVE-2021-3564 CVE-2021-23133 CVE-2021-23134)
- Sync with sisyphus v5.4.129
- Disable docs build by default.
Jul 1, 2021, 06:55 PM

NetworkManager

Version: 1.18.11-alt1.gite2fdbc2b7482
Summary: Install NetworkManager daemon and plugins
Changelog:
- Backported patch from NM-1.32.2 (fixes: CVE-2020-13529):
  + dhcp/systemd: ignore FORCERENEW requests for DHCPV4 to workaround
    CVE-2020-13529.
- Upstream git snapshot (nm-1-18 branch).
Jun 27, 2021, 10:12 PM

mediawiki-extensions-Widgets

Version: 1.3.0-alt1git
Summary: Widgets extension allows adding widgets to wiki by just creating pages in Widget namespace
Changelog:
- new version (1.3.0) with rpmgs script
- CVE-2020-9382, CVE-2020-35625
Jun 27, 2021, 12:30 AM

mediawiki

Version: 1.36.1-alt1
Summary: A wiki engine, typical installation (with Apache2 and MySQL support)
Changelog:
- new version 1.36.1 (with rpmrb script)
- (T280226, CVE-2021-35197): Prevent blocked users from purging pages
Jun 1, 2021, 06:29 PM

dhcp

Version: 4.4.2.P1-alt1
Summary: Dynamic Host Configuration Protocol (DHCP) distribution
Changelog:
- Updated to 4.4.2-P1 (fixes: CVE-2021-25217).
May 14, 2021, 10:40 AM

thunar

Version: 1.8.17-alt1
Summary: Thunar File Manager for the Xfce Desktop Environment
Changelog:
- Updated to 1.8.17 (fixes: CVE-2021-32563).
Apr 28, 2021, 02:38 PM

avahi

Version: 0.8-alt2
Summary: Local network service discovery
Changelog:
- avoid infinite-loop in avahi-daemon (closes: #39357) (fixes: CVE-2021-3468)
Apr 22, 2021, 05:49 PM

SPICE

Version: 0.15.0-alt1
Summary: Implements the SPICE protocol
Changelog:
- 0.15.0 (Fixes: CVE-2020-14355)
Apr 14, 2021, 10:01 PM

xorg-server

Version: 1.20.8-alt8.E2K.1
Summary: Xserver - X Window System display server
Changelog:
- E2K:
  + added mcst patches, mostly as-is except:
    - 0003-Add-copy-optimizations.patch: partially obsolete
    - 0006-Add-bug-workaround.patch: obsolete for arch > e2kv2
    - 0010-Restore-DRI1-support.{add,mod}.patch: need more reverts
    - 0040-Fix-CVE-2018-14665.patch: applied elsewhere upstream
    and specifically, including:
    - 0010-restore-DRI1-support-for-e1c.patch
    - mga2 related patch from mcst#5155
  + warning-related ftbfs workarounds
Apr 9, 2021, 01:11 PM

dnsmasq

Version: 2.85-alt1
Summary: A lightweight caching nameserver
Changelog:
- Dropped obsoleted patch.
- Updated to 2.83 (fixes: CVE-2021-3448).
Mar 25, 2021, 11:14 PM

spamassassin

Version: 3.4.5-alt1
Summary: Spam filter for email written in perl
Changelog:
- 3.4.5 (fixes: CVE-2020-1946)
- remove dkim patch (fixed by upstream).
Mar 1, 2021, 01:53 PM

wpa_supplicant

Version: 2.9-alt4
Summary: wpa_supplicant is an implementation of the WPA Supplicant component
Changelog:
- P2P: Fix a corner case in peer addition based on PD Request
  (Fixes: CVE-2021-27803)
Feb 27, 2021, 12:46 PM

ipmitool

Version: 1.8.18-alt4
Summary: ipmitool - Utility for IPMI control
Changelog:
- applied patches from upstream git to fix security issue (Fixes: CVE-2020-5208)
  see https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp
- added upstream fix FTBFS with gcc-10
Feb 24, 2021, 03:22 PM

xterm

Version: 366-alt1
Summary: A standard terminal emulator for the X Window System
Changelog:
- Autobuild version bump to 366
- CVE-2021-27135 (Closes: #39725)
Feb 14, 2021, 09:22 PM

subversion

Version: 1.14.1-alt1
Summary: A version control system
Changelog:
- New version.
- Fixes:
  + CVE-2020-17525 Remote unauthenticated denial-of-service in Subversion mod_authz_svn
Jan 30, 2021, 01:56 PM

xpdf

Version: 4.03-alt1
Summary: The PDF viewer and tools
Changelog:
- Version bump
- Many bugfixes, including security, including, but not limited to:
  Fixes: CVE-2020-25725, CVE-2020-35376
Jan 27, 2021, 04:30 PM

nagios

Version: 3.0.6-alt15
Summary: Services and network monitoring system
Changelog:
- Fixes:
  + CVE-2017-12847 Kill arbitrary processes by leveraging access to PID file.
- Don't install the PID file.
Jan 22, 2021, 10:54 AM

shellinabox

Version: 2.20-alt2
Summary: AJAX based terminal emulator exporting a console to the browser
Changelog:
- Applied security fix from upstream (Fixes CVE-2018-16789).
Jan 22, 2021, 10:20 AM

libevt

Version: 20140411-alt2
Summary: Library and tools to access the Windows Event Log (EVT) format
Changelog:
- Applied security fix from upstream (Fixes CVE-2018-8754).
Jan 21, 2021, 06:16 PM

libmspack

Version: 0.6-alt2
Summary: Compressors and decompressors for Microsoft compression formats
Changelog:
- Applied security fix from upstream (Fixes CVE-2018-18584).
Jan 21, 2021, 03:40 PM

spice-vdagent

Version: 0.21.0-alt1
Summary: Agent for Spice guests
Changelog:
- new version 0.21.0 (Fixes CVE-2020-25650, CVE-2020-25651, CVE-2020-25652, CVE-2020-25653).
Jan 21, 2021, 09:31 AM

x11vnc

Version: 0.9.16-alt2
Summary: VNC server for real X displays
Changelog:
- Applied security fix from upstream (Fixes: CVE-2020-29074).
Jan 20, 2021, 02:38 PM

screen

Version: 4.6.2-alt3.p9.1
Summary: A screen manager that supports multiple sessions on one terminal
Changelog:
- Backported upstream commits (fixes CVE-2020-9366).
Jan 19, 2021, 01:26 AM

libexif

Version: 0.6.22-alt3
Summary: libexif is a library for parsing, editing, and saving EXIF data
Changelog:
- added upstream commit:
  + fixed a incorrect overflow check that could be optimized away
    (fixes CVE-2020-0452)
Dec 28, 2020, 01:04 AM

roundcube

Version: 1.4.10-alt1
Summary: Browser-based multilingual IMAP client with an application-like user interface
Changelog:
- new version 1.4.10 (with rpmrb script)
- CVE-2020-35730
Dec 18, 2020, 03:52 PM

a2ps

Version: 4.14-alt3
Summary: Any to PostScript filter
Changelog:
- Applied security patches from Debian and Gentoo (Fixes: CVE-2014-0466, CVE-2015-8107).
Dec 18, 2020, 10:46 AM

icoutils

Version: 0.32.3-alt1
Summary: Utility for extracting and converting Microsoft icon and cursor files
Changelog:
- Updated to upstream version 0.32.3 (Fixes: CVE-2017-5208,
  CVE-2017-5331, CVE-2017-5332, CVE-2017-5333).
Dec 17, 2020, 05:11 PM

dnstracer

Version: 1.9-alt1.qa1.M90P.1
Summary: A tool to trace DNS queries
Changelog:
- Applied security patch from Gentoo (Fixes: CVE-2017-9430).
Dec 17, 2020, 12:24 PM

mgetty

Version: 1.2.1-alt1
Summary: A getty replacement for use with data and fax modems
Changelog:
- Updated to upstream version 1.2.1 (Fixes: CVE-2018-16741, CVE-2018-16742,
  CVE-2018-16743, CVE-2018-16744, CVE-2018-16745, CVE-2019-1010189, CVE-2019-1010190).
Dec 9, 2020, 04:07 PM

mosquitto

Version: 1.6.9-alt1
Summary: Mosquitto is an open source implementation of a server for version 3.1 and 3.1.1 of the MQTT protocol
Changelog:
- Updated to upstream version 1.6.9 (Fixes: CVE-2019-11778, CVE-2019-11779).
Dec 9, 2020, 02:46 PM

3proxy

Version: 0.6.1-alt2
Summary: Proxy server
Changelog:
- Applied security fix from upstream (Fixes: CVE-2019-14495).
Dec 9, 2020, 01:25 PM

mupdf

Version: 1.18.0-alt1
Summary: A lightweight PDF viewer and toolkit
Changelog:
- Updated to upstream version 1.18.0 (Fixes: CVE-2017-5991, CVE-2018-10289,
  CVE-2018-16647, CVE-2018-16648, CVE-2019-14975, CVE-2020-26519).
Dec 8, 2020, 05:39 PM

irssi

Version: 1.2.2-alt1
Summary: Modular text mode IRC client with Perl scripting
Changelog:
- Updated to upstream version 1.2.2 (Fixes: CVE-2019-13045, CVE-2019-15717).
Dec 8, 2020, 03:52 PM

libiec61850

Version: 1.4.2.1-alt1
Summary: Open source libraries for IEC 61850 and IEC 60870-5-104
Changelog:
- Updated to upstream version 1.4.2.1 (Fixes: CVE-2019-6135, CVE-2019-6136,
  CVE-2019-6138, CVE-2019-6719, CVE-2019-16510, CVE-2019-1010300, CVE-2020-7054).
Dec 8, 2020, 02:29 PM

libtomcrypt

Version: 1.18.2-alt3
Summary: A comprehensive, portable cryptographic toolkit
Changelog:
- Applied security fix from upstream (Fixes: CVE-2019-17362).
Dec 8, 2020, 11:09 AM

lout

Version: 3.40-alt4
Summary: The Lout document formatting language
Changelog:
- Applied security patch from Fedora (Fixes: CVE-2019-19917, CVE-2019-19918)
Nov 29, 2020, 04:10 PM

ruby

Version: 2.4.4-alt1.E2K.1
Summary: An Interpreted Object-Oriented Scripting Language
Changelog:
- Version bump for CVE-2017-17742, CVE-2018-6914, CVE-2018-8777,
  CVE-2018-8778, CVE-2018-8779, CVE-2018-8780 fixes.
- Enable -O3 optimization anm apply vm.c workaround for lcc bug.
- Move to E2K naming scheme.
- Switch to e2k e2kv4 e2kv5 e2kv6 e2k4c e2k8c e2k1cp e2k8c2 e2k12c e2k16c e2k2c3.
Nov 20, 2020, 03:19 PM

sqliteodbc

Version: 0.9996-alt3
Summary: ODBC driver for SQLite
Changelog:
- Updated rpm post script (Fixes: CVE-2020-12050).
Nov 20, 2020, 12:52 PM

jbig2dec

Version: 0.19-alt1
Summary: A decoder implementation of the JBIG2 image compression format
Changelog:
- Updated to upstream version 0.19 (Fixes: CVE-2016-9601, CVE-2020-12268).
Nov 19, 2020, 05:28 PM

cifs-utils

Version: 6.11-alt1
Summary: Utilities for doing and managing mounts of the Linux CIFS filesystem
Changelog:
- Updated to upstream version 6.11 (Fixes: CVE-2020-14342).
Nov 18, 2020, 05:53 AM

perl

Version: 5.28.3-alt1
Summary: Practical Extraction and Report Language
Changelog:
- p9 build
- 5.28.3
- fixes CVE-2020-10543,CVE-2020-10878,CVE-2020-12723
Nov 17, 2020, 09:24 AM

libXtst

Version: 1.2.3-alt1
Summary: The Xtst Library
Changelog:
- 1.2.3
- securuty fixes: CVE-2016-7951, CVE-2016-7952
Nov 17, 2020, 09:15 AM

libXrender

Version: 0.9.10-alt1
Summary: X Render Library
Changelog:
- 0.9.10
- securuty fixes: CVE-2016-7949, CVE-2016-7950
Nov 16, 2020, 02:34 PM

python

Version: 2.7.18-alt0.M90P.1
Summary: An interpreted, interactive object-oriented programming language
Changelog:
- Updated to 2.7.18 (fixes CVE-2019-9636).
- 'Trusted mode' added (thnx boyarsh@).
- License tag fixed (thnx boyarsh@).
Nov 16, 2020, 11:02 AM

libxslt

Version: 1.1.34-alt1.p9.1
Summary: Library providing XSLT support
Changelog:
- Backported to p9 (fixes CVE-2019-11068, CVE-2019-13117 and CVE-2019-13118).
Nov 13, 2020, 01:07 AM

unzip

Version: 6.0-alt4
Summary: An utility for unpacking zip archives
Changelog:
- Build with bzip2 compression method support
- Massive apply security patches from Fedora and openSUSE
- Fixes:
  + CVE-2014-8139 CRC32 verification heap-based buffer overread
  + CVE-2014-8140 out-of-bounds write issue in test_compr_eb()
  + CVE-2014-8141 getZip64Data() out-of-bounds read issues
  + CVE-2014-9913 buffer overflow in zipinfo
  + CVE-2014-9636 out-of-bounds read or write and crash
  + CVE-2015-7696 fix for heap overflow
  + CVE-2015-7697 fix infinite loop when extracting empty bzip2 data
  + CVE-2016-9844 buffer overflow in zipinfo in similar way like fix for CVE-2014-9913
  + CVE-2018-1000035 heap based buffer overflow when opening password protected files
  + CVE-2018-18384 buffer overflow, when a ZIP archive specially crafted
Nov 12, 2020, 08:55 PM

mariadb

Version: 10.4.17-alt1
Summary: A very fast and reliable SQL database engine
Changelog:
- 10.4.17
- backport fix for MDEV-24096, MDEV-24121, MDEV-24134
- Fixes for the following security vulnerabilities:
  + CVE-2020-14812
  + CVE-2020-14765
  + CVE-2020-14776
  + CVE-2020-14789
  + CVE-2020-15180
Nov 10, 2020, 06:40 PM

libass

Version: 0.15.0-alt1
Summary: Portable library for SSA/ASS subtitles rendering
Changelog:
- Updated to upstream version 0.15.0 (Fixes: CVE-2020-26682).
Nov 5, 2020, 12:41 PM

aview

Version: 1.3.0-alt3.rc1
Summary: High quality ascii-art image (pnm) browser and animation (fli/flc) player
Changelog:
- Switched to CVE-2008-4935 fix from Debian.
- Added -Werror=implicit-function-declaration compiler flag.
Nov 5, 2020, 11:33 AM

mimetex

Version: 1.76-alt1
Summary: Mimetex ets you easily embed LaTeX math in your html pages
Changelog:
- Updated to version 1.76 from Debian (Fixes: CVE-2009-1382, CVE-2009-2459).
Nov 3, 2020, 03:36 PM

libsdp

Version: 1.1.108-alt1.0.17.ga6958ef
Summary: LD_PRELOAD-able library for using SDP
Changelog:
- Updated to upstream version 1.1.108-0.17.ga6958ef (Fixes: CVE-2010-4173).
Nov 2, 2020, 05:47 PM

unace

Version: 1.2b-alt5
Summary: ACE unarchiver
Changelog:
- Cleaned up sources by importing sources from Debian.
- Forced using system build flags.
- Updated fix for CVE-2015-2063.
Oct 30, 2020, 01:04 PM

libtar

Version: 1.2.20-alt2.git.6d0ab4c
Summary: C library for manipulating POSIX tar files
Changelog:
- Applied patches from Debian (Fixes: CVE-2013-4420).
Oct 29, 2020, 06:33 PM

antiword

Version: 0.37-alt4
Summary: Antiword an application to display Microsoft(R) Word files
Changelog:
- Applied patches from Debian (Fixes: CVE-2014-8123).
Oct 29, 2020, 04:51 PM

nbd

Version: 3.20-alt1
Summary: Network Block Device user space tools
Changelog:
- Updated to upstream version 3.20 (Fixes: CVE-2013-6410, CVE-2013-7441, CVE-2015-0847).
Oct 29, 2020, 02:32 PM

libfreetype

Version: 2.10.1-alt1.1.p9.1
Summary: A free and portable font rendering engine
Changelog:
- Fixed CVE-2020-15999.
Oct 29, 2020, 12:47 PM

fuseiso

Version: 20070708-alt3
Summary: Mount ISO filesystem images as a non-root user
Changelog:
- Applied patches from Gentoo (Fixes: CVE-2015-8836, CVE-2015-8837).
Oct 28, 2020, 05:55 PM

gifsicle

Version: 1.92-alt1
Summary: command-line program for manipulating GIF images
Changelog:
- Updated to upstream version 1.92 (Fixes: CVE-2017-1000421).
Oct 28, 2020, 05:23 PM

bchunk

Version: 1.2.2-alt1
Summary: A CD image format converter from .bin/.cue to .iso/.cdr/.wav
Changelog:
- Updated to upstream version 1.2.2 (Fixes: CVE-2017-15953, CVE-2017-15954, CVE-2017-15955).
Oct 27, 2020, 12:48 PM

snmptt

Version: 1.4.2-alt1
Summary: An SNMP trap handler written in Perl
Changelog:
- Updated to upstream version 1.4.2 (Fixes: CVE-2020-24361).
Oct 26, 2020, 05:14 PM

inspircd

Version: 2.0.29-alt1
Summary: InspIRCd is a modular Internet Relay Chat (IRC) server
Changelog:
- Updated to upstream version 2.0.29 (Fixes: CVE-2019-20917, CVE-2020-25269).
Oct 24, 2020, 02:49 AM

squid

Version: 4.13-alt1
Summary: The Squid proxy caching server
Changelog:
- 4.13 (Fixes: CVE-2020-15811, CVE-2020-15810, CVE-2020-24606)
Oct 23, 2020, 05:19 PM

hostapd

Version: 2.9-alt2
Summary: User space daemon for extended IEEE 802.11 management
Changelog:
- AP: Silently ignore management frame from unexpected source address
  (Fixes: CVE-2019-16275) (Closes: 39131)
Oct 22, 2020, 03:07 PM

xli

Version: 1.17.0-alt9
Summary: X11 Image Loading Utility
Changelog:
- Applied patches from Debian (Fixes: CVE-2005-3178).
Oct 22, 2020, 10:43 AM

pstotext

Version: 1.9-alt3
Summary: PostScript to text converter
Changelog:
- Applied patches from Debian and Gentoo (Fixes: CVE-2005-2536, CVE-2006-5869).
- Build now respects %optflags.
Oct 21, 2020, 02:39 PM

t1lib

Version: 5.1.2-alt6
Summary: Type 1 font rasterizer
Changelog:
- Applied security fixes from Gentoo (Fixes: CVE-2010-2642, CVE-2011-0433,
  CVE-2011-0764, CVE-2011-1552, CVE-2011-1553, CVE-2011-1554, CVE-2011-5244).
Oct 20, 2020, 02:22 PM

w3m

Version: 0.5.3-alt3.git20200502
Summary: w3m is a pager with Web browsing capability
Changelog:
- Updated to snapshot from upstream (Fixes: CVE-2016-9422, CVE-2016-9423,
  CVE-2016-9424, CVE-2016-9425, CVE-2016-9426, CVE-2016-9428, CVE-2016-9429,
  CVE-2016-9430, CVE-2016-9431, CVE-2016-9432, CVE-2016-9433, CVE-2016-9434,
  CVE-2016-9435, CVE-2016-9436, CVE-2016-9437, CVE-2016-9438, CVE-2016-9439,
  CVE-2016-9440, CVE-2016-9441, CVE-2016-9442, CVE-2016-9443, CVE-2016-9622,
  CVE-2016-9623, CVE-2016-9624, CVE-2016-9625, CVE-2016-9626, CVE-2016-9627,
  CVE-2016-9628, CVE-2016-9629, CVE-2016-9630, CVE-2016-9631, CVE-2016-9632,
  CVE-2016-9633, CVE-2018-6196, CVE-2018-6197, CVE-2018-6198).
Oct 19, 2020, 06:28 PM

libid3tag

Version: 0.15.1b-alt9
Summary: ID3 Tag manipulation library
Changelog:
- Applied patches from Debian and Gentoo (Fixes: CVE-2004-2779).
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v23.05.7
Back to top