Security
Nov 7, 2023, 06:32 PM
libetpan
Version: 1.9.4-alt4
Summary: This mail library provide a portable, efficient middleware for different kinds of mail access
Changelog:
- Patches from upstream git: + Fix buffer overwrite for empty string in remove_trailing_eol (upstream issue #408); + Detect extra data after STARTTLS response and exit (upstrem issue #387) (fixes: CVE-2020-15953); + Missing boundary fix (upstream issue #384); + Fix potential null pointer deferenced (upstream issue #363); + Fix potential null pointer deferenced (upstream issue #361); + Fix potential null pointer deference (upstream issue #348).
Oct 20, 2023, 02:46 PM
apache2-mod_http2
Version: 2.0.25-alt1
Summary: module implementing HTTP/2 for Apache 2
Changelog:
- 2.0.24 -> 2.0.25 (Fixes: CVE-2023-45802)
Jul 27, 2023, 03:08 PM
krb5
Version: 1.17.2-alt5
Summary: The Kerberos network authentication system
Changelog:
- Backport fix for use-after-free in kadmin5 (Fixes: CVE-2023-36054).
Jun 20, 2023, 06:21 PM
cups-filters
Version: 1.28.8-alt2
Summary: OpenPrinting CUPS filters and backends
Changelog:
add upstream commit 93e60d3 (Fixes: CVE-2023-24805)
May 30, 2023, 03:00 PM
openssl1.1
Version: 1.1.1u-alt1
Summary: OpenSSL - Secure Sockets Layer and cryptography shared libraries and tools
Changelog:
- Updated to 1.1.1u (fixes CVE-2023-2650).
May 27, 2023, 08:30 PM
glpi
Version: 9.5.13-alt1
Summary: IT and asset management software
Changelog:
- New version 9.5.13 - This release fixes several security issues that have been recently discovered. Update is recommended! - Security fixes: + CVE-2023-28632 : Account takeover by authenticated user + CVE-2023-28838 : SQL injection through dynamic reports + CVE-2023-28852 : Stored XSS through dashboard administration + CVE-2023-28636 : Stored XSS on external links + CVE-2023-28639 : Reflected XSS in search pages + CVE-2023-28634 : Privilege Escalation from technician to super-admin + CVE-2023-28633 : Blind Server-Side Request Forgery (SSRF) in RSS feeds
Apr 4, 2023, 01:44 PM
gzip
Version: 1.10-alt1.p9.1
Summary: The GNU data compression program
Changelog:
- Fixed CVE-2022-1271 (ALT #44053).
Mar 9, 2023, 11:59 AM
clamav
Version: 0.103.8-alt1
Summary: Clam Antivirus scanner
Changelog:
- 0.103.8 (CVE-2023-20032, CVE-2023-20052)
Feb 17, 2023, 03:59 PM
gnutls30
Version: 3.6.16-alt3
Summary: A TLS protocol implementation
Changelog:
- Patches from gnutls-3.7.9: + auth/rsa: side-step potential side-channel (fixes: CVE-2023-0361); + rsa: remove dead code.
Feb 1, 2023, 06:54 AM
libxml2
Version: 2.9.10-alt6.p9.1
Summary: The library for manipulating XML files
Changelog:
- Applied security fixes from upstream (Fixes: CVE-2022-40303, CVE-2022-40304).
Nov 28, 2022, 10:52 AM
tcpreplay
Version: 4.4.2-alt1
Summary: A tool to replay captured network traffic
Changelog:
- 4.4.2 (Fixes: CVE-2022-28487, CVE-2022-27942, CVE-2022-27940, CVE-2022-37047, CVE-2022-37049, CVE-2022-27939, CVE-2022-25484, CVE-2022-27941)
Nov 17, 2022, 05:00 PM
libexo
Version: 0.12.11-alt3
Summary: Extension library to Xfce
Changelog:
- exo-helper: Properly quote command parameters (fixes: CVE-2022-45062).
Oct 21, 2022, 03:30 PM
nginx
Version: 1.22.1-alt1
Summary: Fast HTTP server
Changelog:
- 1.22.1 (Fixes: CVE-2022-41741, CVE-2022-41742)
Oct 18, 2022, 12:14 AM
adcli
Version: 0.9.2-alt1
Summary: Active Directory enrollment
Changelog:
- Add support LDAP add/mod operation to set/change password: + fix unable to join to active directory after KB5008380/CVE-2021-42287 with option '--ldap-passwd'; + https://gitlab.freedesktop.org/realmd/adcli/-/issues/27 - Add support fall back to LDAPS if CLDAP ping was not successful + If the --use-ldaps option is used and there is no reply on the CLDAP 389/udp port adcli will try to send the request to the LDAPS port 636/tcp. - Fix write SID before secret to Samba's db looks like 'net changesecretpw' - Add passwd-user sub-command for (re)set a user password. - Add dont-expire-password option for computer.
Oct 7, 2022, 08:03 PM
dhcp
Version: 4.4.3.P1-alt1
Summary: Dynamic Host Configuration Protocol (DHCP) distribution
Changelog:
- Updated to 4.4.3-P1 (fixes: CVE-2022-2928,CVE-2022-2929).
May 21, 2022, 07:21 AM
openvpn
Version: 2.5.6-alt1
Summary: a full-featured SSL VPN solution
Changelog:
- New version (Closes: 42217) - Security fixes: + CVE-2022-0547: possible authentication bypass if multiple authentication plugins tries to do deferred authentication - Fix build with new python3-module-docutils
Apr 21, 2022, 12:43 PM
libinput
Mar 17, 2022, 04:28 PM
bind
Version: 9.11.37-alt1
Summary: ISC BIND - DNS server
Changelog:
- 9.11.36 -> 9.11.37 (fixes: CVE-2021-25220).
Mar 16, 2022, 02:54 AM
openssl10
Version: 1.0.2u-alt1.p9.2
Summary: OpenSSL - Secure Sockets Layer and cryptography shared libraries and tools
Changelog:
- Backported upstream security fix (fixes CVE-2022-0778).
Jan 26, 2022, 09:10 PM
polkit
Version: 0.115-alt2.2
Summary: PolicyKit Authorization Framework
Changelog:
- NMU (fixes: CVE-2021-4034). - Applied upstream fix for a trivially exploitable local root vulnerability, see cve-2021-4034/pwnkit.txt" target="_blank">https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txtJan 25, 2022, 08:08 PMphpipam
Version: 1.45.031-alt1Summary: PHP-based virtual machine control toolChangelog:- 1.4.5 Release (Fixes: CVE-2020-7988).Jan 18, 2022, 03:17 PMexpat
Version: 2.4.3-alt1Summary: An XML parser written in CChangelog:- Updated to 2.4.3 (with multiple security fixes). - Fixes: + CVE-2021-45960 issues with left shift by >= 29 places in function storeAtts that can lead to realloc misbehavior; + CVE-2021-46143 Integer overflow on variable m_groupSize in function doProlog; + CVE-2022-22822 Integer overflows near memory allocation in function addBinding; + CVE-2022-22823 Integer overflows near memory allocation in function build_model; + CVE-2022-22824 Integer overflows near memory allocation in function defineAttribute; + CVE-2022-22825 Integer overflows near memory allocation in function lookup; + CVE-2022-22826 Integer overflows near memory allocation in function nextScaffoldPart; + CVE-2022-22827 Integer overflows near memory allocation in function storeAtts.Dec 17, 2021, 03:26 PMpython3-module-django
Version: 2.2.25-alt1Summary: A high-level Python 3 Web framework that encourages rapid development and clean, pragmatic design.Changelog:- new version 2.2.25 - Fixes for the following security vulnerabilities: + CVE-2021-44420: Potential bypass of an upstream access control based on URL pathsNov 18, 2021, 08:37 PMphp7
Version: 7.3.33-alt1Summary: The PHP7 scripting languageChangelog:- 7.3.33 (Fixes: CVE-2021-21707)Nov 13, 2021, 02:04 AMmailman
Version: 2.1.37-alt1Summary: Mailing list manager with built in web accessChangelog:- 2.1.36 -> 2.1.37 (fixes bug in the fix for CVE-2021-43332).Oct 21, 2021, 04:06 PMfreerdp
Version: 2.4.1-alt1Summary: Remote Desktop Protocol functionalityChangelog:- New version. - Security fixes: + CVE-2021-41159 Improper client input validation for gateway connections allows to overwrite memory + CVE-2021-41160 Improper region checks in all clients allow out of bound write to memorySep 4, 2021, 11:19 PMcyrus-imapd
Version: 3.2.8-alt1Summary: A high-performance email, contacts and calendar serverChangelog:- 3.2.8 (fixes: CVE-2021-33582)Sep 2, 2021, 11:56 AMlibssh
Version: 0.9.6-alt1Summary: C library to authenticate in a simple manner to one or more SSH serversChangelog:- new version - security (fixes: CVE-2021-3634)Aug 31, 2021, 05:02 PMntfs-3g
Version: 2021.8.22-alt1Summary: third generation Linux NTFS driverChangelog:- 2021.8.22 (Fixes: CVE-2021-33285, CVE-2021-35269, CVE-2021-35268, CVE-2021-33289, CVE-2021-33286, CVE-2021-35266, CVE-2021-33287, CVE-2021-35267, CVE-2021-39251, CVE-2021-39252, CVE-2021-39253, CVE-2021-39254, CVE-2021-39255, CVE-2021-39256, CVE-2021-39257, CVE-2021-39258, CVE-2021-39259, CVE-2021-39260, CVE-2021-39261, CVE-2021-39262, CVE-2021-39263)Aug 12, 2021, 01:39 PMdovecot
Version: 2.3.16-alt1Summary: Dovecot secure IMAP/POP3 serverChangelog:- Updated to 2.3.16 (fixes CVE-2021-33515, CVE-2021-29157, CVE-2021-33515, CVE-2021-29157). - Package watch file.Aug 12, 2021, 12:06 AMc-ares
Version: 1.17.2-alt1Summary: A library that performs asynchronous DNS operationsChangelog:- 1.17.2 (Fixes: CVE-2021-3672)Aug 8, 2021, 04:14 AMffmpeg3.3
Version: 3.3.9-alt2.E2K.1Summary: A command line toolbox to manipulate, convert and stream multimedia contentChangelog:- E2K: apply mcst patches, including CVE-2018-6621 fixJul 6, 2021, 04:15 AMkernel-image-elbrus-4c
Version: 5.4.91-alt2.12.1Summary: The Linux kernel (the core of the Linux operating system)Changelog:- Version bump to 5.4.91-2.10 - Most fixes from upstream v5.4.128 (Fixes: CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26141 CVE-2020-26145) (Fixes: CVE-2020-26147 CVE-2021-3564 CVE-2021-23133 CVE-2021-23134) - Sync with sisyphus v5.4.129 - Disable docs build by default.Jul 6, 2021, 03:20 AMkernel-image-elbrus-1cp
Version: 5.4.91-alt2.12.1Summary: The Linux kernel (the core of the Linux operating system)Changelog:- Version bump to 5.4.91-2.10 - Most fixes from upstream v5.4.128 (Fixes: CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26141 CVE-2020-26145) (Fixes: CVE-2020-26147 CVE-2021-3564 CVE-2021-23133 CVE-2021-23134) - Sync with sisyphus v5.4.129 - Disable docs build by default.Jul 6, 2021, 12:52 AMkernel-image-elbrus-8c
Version: 5.4.91-alt2.12.1Summary: The Linux kernel (the core of the Linux operating system)Changelog:- Version bump to 5.4.91-2.10 - Most fixes from upstream v5.4.128 (Fixes: CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26141 CVE-2020-26145) (Fixes: CVE-2020-26147 CVE-2021-3564 CVE-2021-23133 CVE-2021-23134) - Sync with sisyphus v5.4.129 - Disable docs build by default.Jul 6, 2021, 12:47 AMkernel-image-elbrus-def
Version: 5.4.91-alt2.12.1Summary: The Linux kernel (the core of the Linux operating system)Changelog:- Version bump to 5.4.91-2.10 - Most fixes from upstream v5.4.128 (Fixes: CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26141 CVE-2020-26145) (Fixes: CVE-2020-26147 CVE-2021-3564 CVE-2021-23133 CVE-2021-23134) - Sync with sisyphus v5.4.129 - Disable docs build by default.Jul 5, 2021, 06:46 PMkernel-image-elbrus-8c2
Version: 5.4.91-alt2.12.1Summary: The Linux kernel (the core of the Linux operating system)Changelog:- Version bump to 5.4.91-2.10 - Most fixes from upstream v5.4.128 (Fixes: CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26141 CVE-2020-26145) (Fixes: CVE-2020-26147 CVE-2021-3564 CVE-2021-23133 CVE-2021-23134) - Sync with sisyphus v5.4.129 - Disable docs build by default.Jul 1, 2021, 06:55 PMNetworkManager
Version: 1.18.11-alt1.gite2fdbc2b7482Summary: Install NetworkManager daemon and pluginsChangelog:- Backported patch from NM-1.32.2 (fixes: CVE-2020-13529): + dhcp/systemd: ignore FORCERENEW requests for DHCPV4 to workaround CVE-2020-13529. - Upstream git snapshot (nm-1-18 branch).Jun 27, 2021, 10:12 PMmediawiki-extensions-Widgets
Version: 1.3.0-alt1gitSummary: Widgets extension allows adding widgets to wiki by just creating pages in Widget namespaceChangelog:- new version (1.3.0) with rpmgs script - CVE-2020-9382, CVE-2020-35625Jun 27, 2021, 12:30 AMmediawiki
Version: 1.36.1-alt1Summary: A wiki engine, typical installation (with Apache2 and MySQL support)Changelog:- new version 1.36.1 (with rpmrb script) - (T280226, CVE-2021-35197): Prevent blocked users from purging pagesMay 14, 2021, 10:40 AMthunar
Version: 1.8.17-alt1Summary: Thunar File Manager for the Xfce Desktop EnvironmentChangelog:- Updated to 1.8.17 (fixes: CVE-2021-32563).Apr 28, 2021, 02:38 PMavahi
Version: 0.8-alt2Summary: Local network service discoveryChangelog:- avoid infinite-loop in avahi-daemon (closes: #39357) (fixes: CVE-2021-3468)Apr 22, 2021, 05:49 PMSPICE
Version: 0.15.0-alt1Summary: Implements the SPICE protocolChangelog:- 0.15.0 (Fixes: CVE-2020-14355)Apr 14, 2021, 10:01 PMxorg-server
Version: 1.20.8-alt8.E2K.1Summary: Xserver - X Window System display serverChangelog:- E2K: + added mcst patches, mostly as-is except: - 0003-Add-copy-optimizations.patch: partially obsolete - 0006-Add-bug-workaround.patch: obsolete for arch > e2kv2 - 0010-Restore-DRI1-support.{add,mod}.patch: need more reverts - 0040-Fix-CVE-2018-14665.patch: applied elsewhere upstream and specifically, including: - 0010-restore-DRI1-support-for-e1c.patch - mga2 related patch from mcst#5155 + warning-related ftbfs workaroundsApr 9, 2021, 01:11 PMdnsmasq
Version: 2.85-alt1Summary: A lightweight caching nameserverChangelog:- Dropped obsoleted patch. - Updated to 2.83 (fixes: CVE-2021-3448).Mar 25, 2021, 11:14 PMspamassassin
Version: 3.4.5-alt1Summary: Spam filter for email written in perlChangelog:- 3.4.5 (fixes: CVE-2020-1946) - remove dkim patch (fixed by upstream).Mar 1, 2021, 01:53 PMwpa_supplicant
Version: 2.9-alt4Summary: wpa_supplicant is an implementation of the WPA Supplicant componentChangelog:- P2P: Fix a corner case in peer addition based on PD Request (Fixes: CVE-2021-27803)Feb 27, 2021, 12:46 PMipmitool
Version: 1.8.18-alt4Summary: ipmitool - Utility for IPMI controlChangelog:- applied patches from upstream git to fix security issue (Fixes: CVE-2020-5208) see https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp - added upstream fix FTBFS with gcc-10Feb 24, 2021, 03:22 PMxterm
Version: 366-alt1Summary: A standard terminal emulator for the X Window SystemChangelog:- Autobuild version bump to 366 - CVE-2021-27135 (Closes: #39725)Feb 14, 2021, 09:22 PMsubversion
Version: 1.14.1-alt1Summary: A version control systemChangelog:- New version. - Fixes: + CVE-2020-17525 Remote unauthenticated denial-of-service in Subversion mod_authz_svnJan 30, 2021, 01:56 PMxpdf
Version: 4.03-alt1Summary: The PDF viewer and toolsChangelog:- Version bump - Many bugfixes, including security, including, but not limited to: Fixes: CVE-2020-25725, CVE-2020-35376Jan 27, 2021, 04:30 PMnagios
Version: 3.0.6-alt15Summary: Services and network monitoring systemChangelog:- Fixes: + CVE-2017-12847 Kill arbitrary processes by leveraging access to PID file. - Don't install the PID file.Jan 22, 2021, 10:54 AMshellinabox
Version: 2.20-alt2Summary: AJAX based terminal emulator exporting a console to the browserChangelog:- Applied security fix from upstream (Fixes CVE-2018-16789).Jan 22, 2021, 10:20 AMlibevt
Version: 20140411-alt2Summary: Library and tools to access the Windows Event Log (EVT) formatChangelog:- Applied security fix from upstream (Fixes CVE-2018-8754).Jan 21, 2021, 06:16 PMlibmspack
Version: 0.6-alt2Summary: Compressors and decompressors for Microsoft compression formatsChangelog:- Applied security fix from upstream (Fixes CVE-2018-18584).Jan 21, 2021, 03:40 PMspice-vdagent
Version: 0.21.0-alt1Summary: Agent for Spice guestsChangelog:- new version 0.21.0 (Fixes CVE-2020-25650, CVE-2020-25651, CVE-2020-25652, CVE-2020-25653).Jan 21, 2021, 09:31 AMx11vnc
Version: 0.9.16-alt2Summary: VNC server for real X displaysChangelog:- Applied security fix from upstream (Fixes: CVE-2020-29074).Jan 20, 2021, 02:38 PMscreen
Version: 4.6.2-alt3.p9.1Summary: A screen manager that supports multiple sessions on one terminalChangelog:- Backported upstream commits (fixes CVE-2020-9366).Jan 19, 2021, 01:26 AMlibexif
Version: 0.6.22-alt3Summary: libexif is a library for parsing, editing, and saving EXIF dataChangelog:- added upstream commit: + fixed a incorrect overflow check that could be optimized away (fixes CVE-2020-0452)Dec 28, 2020, 01:04 AMroundcube
Version: 1.4.10-alt1Summary: Browser-based multilingual IMAP client with an application-like user interfaceChangelog:- new version 1.4.10 (with rpmrb script) - CVE-2020-35730Dec 18, 2020, 03:52 PMa2ps
Version: 4.14-alt3Summary: Any to PostScript filterChangelog:- Applied security patches from Debian and Gentoo (Fixes: CVE-2014-0466, CVE-2015-8107).Dec 18, 2020, 10:46 AMicoutils
Version: 0.32.3-alt1Summary: Utility for extracting and converting Microsoft icon and cursor filesChangelog:- Updated to upstream version 0.32.3 (Fixes: CVE-2017-5208, CVE-2017-5331, CVE-2017-5332, CVE-2017-5333).Dec 17, 2020, 05:11 PMdnstracer
Version: 1.9-alt1.qa1.M90P.1Summary: A tool to trace DNS queriesChangelog:- Applied security patch from Gentoo (Fixes: CVE-2017-9430).Dec 17, 2020, 12:24 PMmgetty
Version: 1.2.1-alt1Summary: A getty replacement for use with data and fax modemsChangelog:- Updated to upstream version 1.2.1 (Fixes: CVE-2018-16741, CVE-2018-16742, CVE-2018-16743, CVE-2018-16744, CVE-2018-16745, CVE-2019-1010189, CVE-2019-1010190).Dec 9, 2020, 04:07 PMmosquitto
Version: 1.6.9-alt1Summary: Mosquitto is an open source implementation of a server for version 3.1 and 3.1.1 of the MQTT protocolChangelog:- Updated to upstream version 1.6.9 (Fixes: CVE-2019-11778, CVE-2019-11779).Dec 9, 2020, 02:46 PM3proxy
Version: 0.6.1-alt2Summary: Proxy serverChangelog:- Applied security fix from upstream (Fixes: CVE-2019-14495).Dec 9, 2020, 01:25 PMmupdf
Version: 1.18.0-alt1Summary: A lightweight PDF viewer and toolkitChangelog:- Updated to upstream version 1.18.0 (Fixes: CVE-2017-5991, CVE-2018-10289, CVE-2018-16647, CVE-2018-16648, CVE-2019-14975, CVE-2020-26519).Dec 8, 2020, 05:39 PMirssi
Version: 1.2.2-alt1Summary: Modular text mode IRC client with Perl scriptingChangelog:- Updated to upstream version 1.2.2 (Fixes: CVE-2019-13045, CVE-2019-15717).Dec 8, 2020, 03:52 PMlibiec61850
Version: 1.4.2.1-alt1Summary: Open source libraries for IEC 61850 and IEC 60870-5-104Changelog:- Updated to upstream version 1.4.2.1 (Fixes: CVE-2019-6135, CVE-2019-6136, CVE-2019-6138, CVE-2019-6719, CVE-2019-16510, CVE-2019-1010300, CVE-2020-7054).Dec 8, 2020, 02:29 PMlibtomcrypt
Version: 1.18.2-alt3Summary: A comprehensive, portable cryptographic toolkitChangelog:- Applied security fix from upstream (Fixes: CVE-2019-17362).Dec 8, 2020, 11:09 AMlout
Version: 3.40-alt4Summary: The Lout document formatting languageChangelog:- Applied security patch from Fedora (Fixes: CVE-2019-19917, CVE-2019-19918)Nov 29, 2020, 04:10 PMruby
Version: 2.4.4-alt1.E2K.1Summary: An Interpreted Object-Oriented Scripting LanguageChangelog:- Version bump for CVE-2017-17742, CVE-2018-6914, CVE-2018-8777, CVE-2018-8778, CVE-2018-8779, CVE-2018-8780 fixes. - Enable -O3 optimization anm apply vm.c workaround for lcc bug. - Move to E2K naming scheme. - Switch to e2k e2kv4 e2kv5 e2kv6 e2k4c e2k8c e2k1cp e2k8c2 e2k12c e2k16c e2k2c3.Nov 20, 2020, 03:19 PMsqliteodbc
Version: 0.9996-alt3Summary: ODBC driver for SQLiteChangelog:- Updated rpm post script (Fixes: CVE-2020-12050).Nov 20, 2020, 12:52 PMjbig2dec
Version: 0.19-alt1Summary: A decoder implementation of the JBIG2 image compression formatChangelog:- Updated to upstream version 0.19 (Fixes: CVE-2016-9601, CVE-2020-12268).Nov 19, 2020, 05:28 PMcifs-utils
Version: 6.11-alt1Summary: Utilities for doing and managing mounts of the Linux CIFS filesystemChangelog:- Updated to upstream version 6.11 (Fixes: CVE-2020-14342).Nov 18, 2020, 05:53 AMperl
Version: 5.28.3-alt1Summary: Practical Extraction and Report LanguageChangelog:- p9 build - 5.28.3 - fixes CVE-2020-10543,CVE-2020-10878,CVE-2020-12723Nov 17, 2020, 09:24 AMlibXtst
Version: 1.2.3-alt1Summary: The Xtst LibraryChangelog:- 1.2.3 - securuty fixes: CVE-2016-7951, CVE-2016-7952Nov 17, 2020, 09:15 AMlibXrender
Version: 0.9.10-alt1Summary: X Render LibraryChangelog:- 0.9.10 - securuty fixes: CVE-2016-7949, CVE-2016-7950Nov 16, 2020, 02:34 PMpython
Version: 2.7.18-alt0.M90P.1Summary: An interpreted, interactive object-oriented programming languageChangelog:- Updated to 2.7.18 (fixes CVE-2019-9636). - 'Trusted mode' added (thnx boyarsh@). - License tag fixed (thnx boyarsh@).Nov 16, 2020, 11:02 AMlibxslt
Version: 1.1.34-alt1.p9.1Summary: Library providing XSLT supportChangelog:- Backported to p9 (fixes CVE-2019-11068, CVE-2019-13117 and CVE-2019-13118).Nov 13, 2020, 01:07 AMunzip
Version: 6.0-alt4Summary: An utility for unpacking zip archivesChangelog:- Build with bzip2 compression method support - Massive apply security patches from Fedora and openSUSE - Fixes: + CVE-2014-8139 CRC32 verification heap-based buffer overread + CVE-2014-8140 out-of-bounds write issue in test_compr_eb() + CVE-2014-8141 getZip64Data() out-of-bounds read issues + CVE-2014-9913 buffer overflow in zipinfo + CVE-2014-9636 out-of-bounds read or write and crash + CVE-2015-7696 fix for heap overflow + CVE-2015-7697 fix infinite loop when extracting empty bzip2 data + CVE-2016-9844 buffer overflow in zipinfo in similar way like fix for CVE-2014-9913 + CVE-2018-1000035 heap based buffer overflow when opening password protected files + CVE-2018-18384 buffer overflow, when a ZIP archive specially craftedNov 12, 2020, 08:55 PMmariadb
Version: 10.4.17-alt1Summary: A very fast and reliable SQL database engineChangelog:- 10.4.17 - backport fix for MDEV-24096, MDEV-24121, MDEV-24134 - Fixes for the following security vulnerabilities: + CVE-2020-14812 + CVE-2020-14765 + CVE-2020-14776 + CVE-2020-14789 + CVE-2020-15180Nov 10, 2020, 06:40 PMlibass
Version: 0.15.0-alt1Summary: Portable library for SSA/ASS subtitles renderingChangelog:- Updated to upstream version 0.15.0 (Fixes: CVE-2020-26682).Nov 5, 2020, 12:41 PMaview
Version: 1.3.0-alt3.rc1Summary: High quality ascii-art image (pnm) browser and animation (fli/flc) playerChangelog:- Switched to CVE-2008-4935 fix from Debian. - Added -Werror=implicit-function-declaration compiler flag.Nov 5, 2020, 11:33 AMmimetex
Version: 1.76-alt1Summary: Mimetex ets you easily embed LaTeX math in your html pagesChangelog:- Updated to version 1.76 from Debian (Fixes: CVE-2009-1382, CVE-2009-2459).Nov 3, 2020, 03:36 PMlibsdp
Version: 1.1.108-alt1.0.17.ga6958efSummary: LD_PRELOAD-able library for using SDPChangelog:- Updated to upstream version 1.1.108-0.17.ga6958ef (Fixes: CVE-2010-4173).Nov 2, 2020, 05:47 PMunace
Version: 1.2b-alt5Summary: ACE unarchiverChangelog:- Cleaned up sources by importing sources from Debian. - Forced using system build flags. - Updated fix for CVE-2015-2063.Oct 30, 2020, 01:04 PMlibtar
Version: 1.2.20-alt2.git.6d0ab4cSummary: C library for manipulating POSIX tar filesChangelog:- Applied patches from Debian (Fixes: CVE-2013-4420).Oct 29, 2020, 06:33 PMantiword
Version: 0.37-alt4Summary: Antiword an application to display Microsoft(R) Word filesChangelog:- Applied patches from Debian (Fixes: CVE-2014-8123).Oct 29, 2020, 04:51 PMnbd
Version: 3.20-alt1Summary: Network Block Device user space toolsChangelog:- Updated to upstream version 3.20 (Fixes: CVE-2013-6410, CVE-2013-7441, CVE-2015-0847).Oct 29, 2020, 02:32 PMlibfreetype
Version: 2.10.1-alt1.1.p9.1Summary: A free and portable font rendering engineChangelog:- Fixed CVE-2020-15999.Oct 29, 2020, 12:47 PMfuseiso
Version: 20070708-alt3Summary: Mount ISO filesystem images as a non-root userChangelog:- Applied patches from Gentoo (Fixes: CVE-2015-8836, CVE-2015-8837).Oct 28, 2020, 05:55 PMgifsicle
Version: 1.92-alt1Summary: command-line program for manipulating GIF imagesChangelog:- Updated to upstream version 1.92 (Fixes: CVE-2017-1000421).Oct 28, 2020, 05:23 PMbchunk
Version: 1.2.2-alt1Summary: A CD image format converter from .bin/.cue to .iso/.cdr/.wavChangelog:- Updated to upstream version 1.2.2 (Fixes: CVE-2017-15953, CVE-2017-15954, CVE-2017-15955).Oct 27, 2020, 12:48 PMsnmptt
Version: 1.4.2-alt1Summary: An SNMP trap handler written in PerlChangelog:- Updated to upstream version 1.4.2 (Fixes: CVE-2020-24361).Oct 26, 2020, 05:14 PMinspircd
Version: 2.0.29-alt1Summary: InspIRCd is a modular Internet Relay Chat (IRC) serverChangelog:- Updated to upstream version 2.0.29 (Fixes: CVE-2019-20917, CVE-2020-25269).Oct 24, 2020, 02:49 AMsquid
Version: 4.13-alt1Summary: The Squid proxy caching serverChangelog:- 4.13 (Fixes: CVE-2020-15811, CVE-2020-15810, CVE-2020-24606)Oct 23, 2020, 05:19 PMhostapd
Version: 2.9-alt2Summary: User space daemon for extended IEEE 802.11 managementChangelog:- AP: Silently ignore management frame from unexpected source address (Fixes: CVE-2019-16275) (Closes: 39131)Oct 22, 2020, 03:07 PMxli
Version: 1.17.0-alt9Summary: X11 Image Loading UtilityChangelog:- Applied patches from Debian (Fixes: CVE-2005-3178).Oct 22, 2020, 10:43 AMpstotext
Version: 1.9-alt3Summary: PostScript to text converterChangelog:- Applied patches from Debian and Gentoo (Fixes: CVE-2005-2536, CVE-2006-5869). - Build now respects %optflags.