Security
Dec 9, 2020, 02:46 PM
3proxy
Version: 0.6.1-alt2
Summary: Proxy server
Changelog:
- Applied security fix from upstream (Fixes: CVE-2019-14495).
Dec 18, 2020, 03:52 PM
a2ps
Version: 4.14-alt3
Summary: Any to PostScript filter
Changelog:
- Applied security patches from Debian and Gentoo (Fixes: CVE-2014-0466, CVE-2015-8107).
Oct 1, 2020, 04:50 PM
accel-ppp
Version: 1.12.0-alt4
Summary: High performance PPTP/L2TP/PPPoE server
Changelog:
- Applied security fixes from upstream (Fixes: CVE-2020-15173).
Oct 18, 2022, 12:14 AM
adcli
Version: 0.9.2-alt1
Summary: Active Directory enrollment
Changelog:
- Add support LDAP add/mod operation to set/change password: + fix unable to join to active directory after KB5008380/CVE-2021-42287 with option '--ldap-passwd'; + https://gitlab.freedesktop.org/realmd/adcli/-/issues/27 - Add support fall back to LDAPS if CLDAP ping was not successful + If the --use-ldaps option is used and there is no reply on the CLDAP 389/udp port adcli will try to send the request to the LDAPS port 636/tcp. - Fix write SID before secret to Samba's db looks like 'net changesecretpw' - Add passwd-user sub-command for (re)set a user password. - Add dont-expire-password option for computer.
Jun 14, 2020, 04:05 PM
adns
Version: 1.5.2-alt1
Summary: GNU adns, an asynchronous DNS resolver
Changelog:
- 1.5.2 (Fixes: CVE-2017-9103 CVE-2017-9104 CVE-2017-9105 CVE-2017-9109, CVE-2017-9106, CVE-2017-9107, CVE-2017-9108)
Oct 29, 2020, 06:33 PM
antiword
Version: 0.37-alt4
Summary: Antiword an application to display Microsoft(R) Word files
Changelog:
- Applied patches from Debian (Fixes: CVE-2014-8123).
Oct 20, 2023, 02:46 PM
apache2-mod_http2
Version: 2.0.25-alt1
Summary: module implementing HTTP/2 for Apache 2
Changelog:
- 2.0.24 -> 2.0.25 (Fixes: CVE-2023-45802)
Jan 13, 2020, 09:45 PM
atril-gtk
Version: 1.22.3-alt2
Summary: Document viewer
Changelog:
- Patch from upstream: tiff: Handle failure from TIFFReadRGBAImageOriented (fixes: CVE-2019-11459). - dvi: Require texlive. - Update Russian translation (thx Olesya Gerasimenko).
Apr 28, 2021, 02:38 PM
avahi
Version: 0.8-alt2
Summary: Local network service discovery
Changelog:
- avoid infinite-loop in avahi-daemon (closes: #39357) (fixes: CVE-2021-3468)
Nov 5, 2020, 12:41 PM
aview
Version: 1.3.0-alt3.rc1
Summary: High quality ascii-art image (pnm) browser and animation (fli/flc) player
Changelog:
- Switched to CVE-2008-4935 fix from Debian. - Added -Werror=implicit-function-declaration compiler flag.
Oct 28, 2020, 05:23 PM
bchunk
Version: 1.2.2-alt1
Summary: A CD image format converter from .bin/.cue to .iso/.cdr/.wav
Changelog:
- Updated to upstream version 1.2.2 (Fixes: CVE-2017-15953, CVE-2017-15954, CVE-2017-15955).
Mar 17, 2022, 04:28 PM
bind
Version: 9.11.37-alt1
Summary: ISC BIND - DNS server
Changelog:
- 9.11.36 -> 9.11.37 (fixes: CVE-2021-25220).
Aug 12, 2021, 12:06 AM
c-ares
Version: 1.17.2-alt1
Summary: A library that performs asynchronous DNS operations
Changelog:
- 1.17.2 (Fixes: CVE-2021-3672)
Nov 19, 2020, 05:28 PM
cifs-utils
Version: 6.11-alt1
Summary: Utilities for doing and managing mounts of the Linux CIFS filesystem
Changelog:
- Updated to upstream version 6.11 (Fixes: CVE-2020-14342).
Mar 9, 2023, 11:59 AM
clamav
Version: 0.103.8-alt1
Summary: Clam Antivirus scanner
Changelog:
- 0.103.8 (CVE-2023-20032, CVE-2023-20052)
Apr 5, 2020, 02:03 PM
coturn
Version: 4.5.1.1-alt2
Summary: Coturn TURN Server
Changelog:
- Applied upstream fixes for CVE-2020-6062/TALOS-2020-0985. - Applied upstream fixes for CVE-2020-6061/TALOS-2020-0984.
Apr 2, 2019, 07:39 PM
cracklib
Jun 20, 2023, 06:21 PM
cups-filters
Version: 1.28.8-alt2
Summary: OpenPrinting CUPS filters and backends
Changelog:
add upstream commit 93e60d3 (Fixes: CVE-2023-24805)
Sep 4, 2021, 11:19 PM
cyrus-imapd
Version: 3.2.8-alt1
Summary: A high-performance email, contacts and calendar server
Changelog:
- 3.2.8 (fixes: CVE-2021-33582)
Oct 7, 2022, 08:03 PM
dhcp
Version: 4.4.3.P1-alt1
Summary: Dynamic Host Configuration Protocol (DHCP) distribution
Changelog:
- Updated to 4.4.3-P1 (fixes: CVE-2022-2928,CVE-2022-2929).
Oct 2, 2020, 11:54 AM
dia
Version: 0.97.4-alt0.7.1
Summary: A gtk+ based diagram creation program
Changelog:
- Applied security fix from upstream (Fixes: CVE-2019-19451).
Apr 9, 2021, 01:11 PM
dnsmasq
Version: 2.85-alt1
Summary: A lightweight caching nameserver
Changelog:
- Dropped obsoleted patch. - Updated to 2.83 (fixes: CVE-2021-3448).
Dec 17, 2020, 05:11 PM
dnstracer
Version: 1.9-alt1.qa1.M90P.1
Summary: A tool to trace DNS queries
Changelog:
- Applied security patch from Gentoo (Fixes: CVE-2017-9430).
Aug 12, 2021, 01:39 PM
dovecot
Version: 2.3.16-alt1
Summary: Dovecot secure IMAP/POP3 server
Changelog:
- Updated to 2.3.16 (fixes CVE-2021-33515, CVE-2021-29157, CVE-2021-33515, CVE-2021-29157). - Package watch file.
Jan 18, 2022, 03:17 PM
expat
Version: 2.4.3-alt1
Summary: An XML parser written in C
Changelog:
- Updated to 2.4.3 (with multiple security fixes). - Fixes: + CVE-2021-45960 issues with left shift by >= 29 places in function storeAtts that can lead to realloc misbehavior; + CVE-2021-46143 Integer overflow on variable m_groupSize in function doProlog; + CVE-2022-22822 Integer overflows near memory allocation in function addBinding; + CVE-2022-22823 Integer overflows near memory allocation in function build_model; + CVE-2022-22824 Integer overflows near memory allocation in function defineAttribute; + CVE-2022-22825 Integer overflows near memory allocation in function lookup; + CVE-2022-22826 Integer overflows near memory allocation in function nextScaffoldPart; + CVE-2022-22827 Integer overflows near memory allocation in function storeAtts.
Aug 8, 2021, 04:14 AM
ffmpeg3.3
Version: 3.3.9-alt2.E2K.1
Summary: A command line toolbox to manipulate, convert and stream multimedia content
Changelog:
- E2K: apply mcst patches, including CVE-2018-6621 fix
Aug 19, 2020, 11:57 AM
firejail
Version: 0.9.62.4-alt1
Summary: Linux namespaces sandbox program
Changelog:
- Updated to upstream version 0.9.62.4 (Fixes: CVE-2020-17367, CVE-2020-17368).
Oct 19, 2020, 03:38 PM
freecol
Version: 0.11.6-alt2
Summary: FreeCol is opensource Colonization clone.
Changelog:
- Applied security fix from Debian (Fixes: CVE-2018-1000825). - Updated license tag.
Oct 21, 2021, 04:06 PM
freerdp
Version: 2.4.1-alt1
Summary: Remote Desktop Protocol functionality
Changelog:
- New version. - Security fixes: + CVE-2021-41159 Improper client input validation for gateway connections allows to overwrite memory + CVE-2021-41160 Improper region checks in all clients allow out of bound write to memory
Oct 29, 2020, 12:47 PM
fuseiso
Version: 20070708-alt3
Summary: Mount ISO filesystem images as a non-root user
Changelog:
- Applied patches from Gentoo (Fixes: CVE-2015-8836, CVE-2015-8837).
Oct 1, 2020, 01:00 PM
ghostscript
Version: 9.27-alt1.M90P.1
Summary: PostScript interpreter and renderer, most printer drivers
Changelog:
- Applied security fixes from upstream (Fixes: CVE-2019-10216, CVE-2019-14811, CVE-2019-14812, CVE-2019-14813, CVE-2019-14817, CVE-2019-14869).
Oct 28, 2020, 05:55 PM
gifsicle
Version: 1.92-alt1
Summary: command-line program for manipulating GIF images
Changelog:
- Updated to upstream version 1.92 (Fixes: CVE-2017-1000421).
Apr 20, 2020, 09:13 PM
git
Version: 2.25.4-alt1
Summary: Git core and tools
Changelog:
- 2.25.3 -> 2.25.4 (fixes: CVE-2020-11008).
May 27, 2023, 08:30 PM
glpi
Version: 9.5.13-alt1
Summary: IT and asset management software
Changelog:
- New version 9.5.13 - This release fixes several security issues that have been recently discovered. Update is recommended! - Security fixes: + CVE-2023-28632 : Account takeover by authenticated user + CVE-2023-28838 : SQL injection through dynamic reports + CVE-2023-28852 : Stored XSS through dashboard administration + CVE-2023-28636 : Stored XSS on external links + CVE-2023-28639 : Reflected XSS in search pages + CVE-2023-28634 : Privilege Escalation from technician to super-admin + CVE-2023-28633 : Blind Server-Side Request Forgery (SSRF) in RSS feeds
Feb 17, 2023, 03:59 PM
gnutls30
Version: 3.6.16-alt3
Summary: A TLS protocol implementation
Changelog:
- Patches from gnutls-3.7.9: + auth/rsa: side-step potential side-channel (fixes: CVE-2023-0361); + rsa: remove dead code.
Apr 4, 2023, 01:44 PM
gzip
Version: 1.10-alt1.p9.1
Summary: The GNU data compression program
Changelog:
- Fixed CVE-2022-1271 (ALT #44053).
Oct 23, 2020, 05:19 PM
hostapd
Version: 2.9-alt2
Summary: User space daemon for extended IEEE 802.11 management
Changelog:
- AP: Silently ignore management frame from unexpected source address (Fixes: CVE-2019-16275) (Closes: 39131)
Apr 1, 2019, 08:14 AM
icecast
Version: 2.4.4-alt1
Summary: Streaming Media Server
Changelog:
- Updated to upstream version 2.4.4 (Fixes: CVE-2018-18820).
Dec 18, 2020, 10:46 AM
icoutils
Version: 0.32.3-alt1
Summary: Utility for extracting and converting Microsoft icon and cursor files
Changelog:
- Updated to upstream version 0.32.3 (Fixes: CVE-2017-5208, CVE-2017-5331, CVE-2017-5332, CVE-2017-5333).
Oct 26, 2020, 05:14 PM
inspircd
Version: 2.0.29-alt1
Summary: InspIRCd is a modular Internet Relay Chat (IRC) server
Changelog:
- Updated to upstream version 2.0.29 (Fixes: CVE-2019-20917, CVE-2020-25269).
Feb 27, 2021, 12:46 PM
ipmitool
Version: 1.8.18-alt4
Summary: ipmitool - Utility for IPMI control
Changelog:
- applied patches from upstream git to fix security issue (Fixes: CVE-2020-5208) see https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp - added upstream fix FTBFS with gcc-10
Dec 8, 2020, 05:39 PM
irssi
Version: 1.2.2-alt1
Summary: Modular text mode IRC client with Perl scripting
Changelog:
- Updated to upstream version 1.2.2 (Fixes: CVE-2019-13045, CVE-2019-15717).
Nov 20, 2020, 12:52 PM
jbig2dec
Version: 0.19-alt1
Summary: A decoder implementation of the JBIG2 image compression format
Changelog:
- Updated to upstream version 0.19 (Fixes: CVE-2016-9601, CVE-2020-12268).
Aug 26, 2019, 06:21 PM
jhead
Version: 3.03-alt2
Summary: Tool for handling EXIF data in JPEG image files
Changelog:
- Fixed some CVE's (Fixes: CVE-2019-1010301, CVE-2019-1010302).
Jul 4, 2020, 06:19 PM
json-c
Version: 0.13.1-alt2
Summary: JSON implementation in C
Changelog:
- Update to json-c-0.13 branch (ee9f67c81a3c2a44557f0cc16dc136c140293252) - Fixes: CVE-2020-12762
Jul 6, 2021, 03:20 AM
kernel-image-elbrus-1cp
Version: 5.4.91-alt2.12.1
Summary: The Linux kernel (the core of the Linux operating system)
Changelog:
- Version bump to 5.4.91-2.10 - Most fixes from upstream v5.4.128 (Fixes: CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26141 CVE-2020-26145) (Fixes: CVE-2020-26147 CVE-2021-3564 CVE-2021-23133 CVE-2021-23134) - Sync with sisyphus v5.4.129 - Disable docs build by default.
Jul 6, 2021, 04:15 AM
kernel-image-elbrus-4c
Version: 5.4.91-alt2.12.1
Summary: The Linux kernel (the core of the Linux operating system)
Changelog:
- Version bump to 5.4.91-2.10 - Most fixes from upstream v5.4.128 (Fixes: CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26141 CVE-2020-26145) (Fixes: CVE-2020-26147 CVE-2021-3564 CVE-2021-23133 CVE-2021-23134) - Sync with sisyphus v5.4.129 - Disable docs build by default.
Jul 6, 2021, 12:52 AM
kernel-image-elbrus-8c
Version: 5.4.91-alt2.12.1
Summary: The Linux kernel (the core of the Linux operating system)
Changelog:
- Version bump to 5.4.91-2.10 - Most fixes from upstream v5.4.128 (Fixes: CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26141 CVE-2020-26145) (Fixes: CVE-2020-26147 CVE-2021-3564 CVE-2021-23133 CVE-2021-23134) - Sync with sisyphus v5.4.129 - Disable docs build by default.
Jul 5, 2021, 06:46 PM
kernel-image-elbrus-8c2
Version: 5.4.91-alt2.12.1
Summary: The Linux kernel (the core of the Linux operating system)
Changelog:
- Version bump to 5.4.91-2.10 - Most fixes from upstream v5.4.128 (Fixes: CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26141 CVE-2020-26145) (Fixes: CVE-2020-26147 CVE-2021-3564 CVE-2021-23133 CVE-2021-23134) - Sync with sisyphus v5.4.129 - Disable docs build by default.
Jul 6, 2021, 12:47 AM
kernel-image-elbrus-def
Version: 5.4.91-alt2.12.1
Summary: The Linux kernel (the core of the Linux operating system)
Changelog:
- Version bump to 5.4.91-2.10 - Most fixes from upstream v5.4.128 (Fixes: CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26141 CVE-2020-26145) (Fixes: CVE-2020-26147 CVE-2021-3564 CVE-2021-23133 CVE-2021-23134) - Sync with sisyphus v5.4.129 - Disable docs build by default.
Jul 27, 2023, 03:08 PM
krb5
Version: 1.17.2-alt5
Summary: The Kerberos network authentication system
Changelog:
- Backport fix for use-after-free in kadmin5 (Fixes: CVE-2023-36054).
Sep 22, 2019, 04:44 PM
libadplug
Version: 2.2.1-alt3
Summary: AdLib sound player library
Changelog:
- added fedora patches: + inline (fixes e2k ftbfs) + cve-2018-17825 (fixes: CVE-2018-17825) + (signed-char unneeded, worked around in previous build) - NB: there's 2.3.1 release over at guthub
Nov 10, 2020, 06:40 PM
libass
Version: 0.15.0-alt1
Summary: Portable library for SSA/ASS subtitles rendering
Changelog:
- Updated to upstream version 0.15.0 (Fixes: CVE-2020-26682).
Nov 7, 2023, 06:32 PM
libetpan
Version: 1.9.4-alt4
Summary: This mail library provide a portable, efficient middleware for different kinds of mail access
Changelog:
- Patches from upstream git: + Fix buffer overwrite for empty string in remove_trailing_eol (upstream issue #408); + Detect extra data after STARTTLS response and exit (upstrem issue #387) (fixes: CVE-2020-15953); + Missing boundary fix (upstream issue #384); + Fix potential null pointer deferenced (upstream issue #363); + Fix potential null pointer deferenced (upstream issue #361); + Fix potential null pointer deference (upstream issue #348).
Jan 22, 2021, 10:20 AM
libevt
Version: 20140411-alt2
Summary: Library and tools to access the Windows Event Log (EVT) format
Changelog:
- Applied security fix from upstream (Fixes CVE-2018-8754).
Jan 19, 2021, 01:26 AM
libexif
Version: 0.6.22-alt3
Summary: libexif is a library for parsing, editing, and saving EXIF data
Changelog:
- added upstream commit: + fixed a incorrect overflow check that could be optimized away (fixes CVE-2020-0452)
Nov 17, 2022, 05:00 PM
libexo
Version: 0.12.11-alt3
Summary: Extension library to Xfce
Changelog:
- exo-helper: Properly quote command parameters (fixes: CVE-2022-45062).
Oct 29, 2020, 02:32 PM
libfreetype
Version: 2.10.1-alt1.1.p9.1
Summary: A free and portable font rendering engine
Changelog:
- Fixed CVE-2020-15999.
Oct 19, 2020, 06:28 PM
libid3tag
Version: 0.15.1b-alt9
Summary: ID3 Tag manipulation library
Changelog:
- Applied patches from Debian and Gentoo (Fixes: CVE-2004-2779).
Dec 8, 2020, 03:52 PM
libiec61850
Version: 1.4.2.1-alt1
Summary: Open source libraries for IEC 61850 and IEC 60870-5-104
Changelog:
- Updated to upstream version 1.4.2.1 (Fixes: CVE-2019-6135, CVE-2019-6136, CVE-2019-6138, CVE-2019-6719, CVE-2019-16510, CVE-2019-1010300, CVE-2020-7054).
Apr 21, 2022, 12:43 PM
libinput
Jun 25, 2020, 10:04 AM
libjpeg8
Version: 2.0.5-alt1
Summary: The MMX/SSE accelerated JPEG compression/decompression library
Changelog:
- New version (2.0.5) with rpmgs script. - Updated license tag. - Fixes: + CVE-2020-13790.
Jan 21, 2021, 06:16 PM
libmspack
Version: 0.6-alt2
Summary: Compressors and decompressors for Microsoft compression formats
Changelog:
- Applied security fix from upstream (Fixes CVE-2018-18584).
Jun 20, 2020, 11:33 AM
libnghttp2
Version: 1.41.0-alt1
Summary: HTTP/2.0 C Library
Changelog:
- 1.40.1 (Closes: #38626) - Security fix: CVE-2020-11080
Apr 3, 2019, 12:26 PM
libopenjpeg2.0
Version: 2.3.1-alt1
Summary: JPEG 2000 codec library (API version 2.0)
Changelog:
- 2.3.1 (fixed CVE-2017-14041, CVE-2018-6616, CVE-2018-5785, CVE-2018-14423)
Aug 27, 2019, 05:59 PM
libpng16
Version: 1.6.37-alt1
Summary: A library of functions for manipulating PNG image format files
Changelog:
- 1.6.37 (fixes: CVE-2018-14048, CVE-2018-14550, CVE-2019-7317)
Nov 3, 2020, 03:36 PM
libsdp
Version: 1.1.108-alt1.0.17.ga6958ef
Summary: LD_PRELOAD-able library for using SDP
Changelog:
- Updated to upstream version 1.1.108-0.17.ga6958ef (Fixes: CVE-2010-4173).
Sep 2, 2021, 11:56 AM
libssh
Version: 0.9.6-alt1
Summary: C library to authenticate in a simple manner to one or more SSH servers
Changelog:
- new version - security (fixes: CVE-2021-3634)
Oct 2, 2020, 12:41 PM
libssh2
Version: 1.9.0-alt2
Summary: A library implementing the SSH2 protocol
Changelog:
- Applied security fixes from upstream (Fixes: CVE-2019-17498).
Oct 30, 2020, 01:04 PM
libtar
Version: 1.2.20-alt2.git.6d0ab4c
Summary: C library for manipulating POSIX tar files
Changelog:
- Applied patches from Debian (Fixes: CVE-2013-4420).
Apr 10, 2019, 02:02 AM
libtiff
Version: 4.0.10.0.57.f9fc01c3-alt1
Summary: Library of functions for manipulating TIFF format image files
Changelog:
- Updated to v4.0.10-57-gf9fc01c3 (ALT #36575, #34677). - Applied SUSE patches: + tiff-4.0.3-seek.patch; + tiff-4.0.3-compress-warning.patch; + tiff-CVE-2018-12900.patch. - Built with support of: + libjbig; + libwebp; + libzstd. - Fixes: + CVE-2012-4564 Zero size buffer exploit in ppm2tiff; + CVE-2013-1960 Heap-based buffer overflow in the t2p_process_jpeg_strip(); + CVE-2013-4232 Use-after-free vulnerability in the t2p_readwrite_pdf_image(); + CVE-2013-4243 Heap-based buffer overflow in the readgifimage(); + CVE-2013-4244 DoS or possible RCE via crafted GIF image; + CVE-2014-8127 Out-of-bounds read with malformed TIFF image in multiple tool; + CVE-2014-8129 Out-of-bounds read/write with malformed TIFF image in tiff2pdf; + CVE-2014-8130 Divide-by-zero error in _TIFFmalloc(); + CVE-2014-9330 Integer overflow in tif_packbits.c in bmp2tif; + CVE-2015-8870 Integer overflow in tools/bmp2tiff.c (DoS or information leak); + CVE-2018-5360 Heap-based buffer overflow in the ReadTIFFImage().
Dec 8, 2020, 02:29 PM
libtomcrypt
Version: 1.18.2-alt3
Summary: A comprehensive, portable cryptographic toolkit
Changelog:
- Applied security fix from upstream (Fixes: CVE-2019-17362).
Aug 26, 2020, 11:12 AM
libvncserver
Version: 0.9.13-alt1
Summary: An easy API to write one's own VNC server
Changelog:
- new version - security (fixes: CVE-2018-21247, CVE-2019-20839, CVE-2019-20840, CVE-2020-14396, CVE-2020-14397, CVE-2020-14398, CVE-2020-14399, CVE-2020-14400, CVE-2020-14401, CVE-2020-14402, CVE-2020-14403, CVE-2020-14404, CVE-2020-14405)
Jan 29, 2019, 09:47 AM
libvorbis
Version: 1.3.6-alt2
Summary: The Vorbis General Audio Compression Codec
Changelog:
- Backported upstream fixes (fixes: CVE-2017-14160, CVE-2018-10392, CVE-2018-10393). - Fixed probabilistic behaviour of %check.
Sep 27, 2017, 04:35 PM
libwmf
Version: 0.2.8.4-alt13
Summary: A library to convert wmf files
Changelog:
- Secutity (Fixes: CVE-2015-0848, CVE-2015-4588, CVE-2015-4695, CVE-2015-4696, CVE-2016-9011)
Feb 1, 2023, 06:54 AM
libxml2
Version: 2.9.10-alt6.p9.1
Summary: The library for manipulating XML files
Changelog:
- Applied security fixes from upstream (Fixes: CVE-2022-40303, CVE-2022-40304).
Nov 17, 2020, 09:15 AM
libXrender
Version: 0.9.10-alt1
Summary: X Render Library
Changelog:
- 0.9.10 - securuty fixes: CVE-2016-7949, CVE-2016-7950
Nov 16, 2020, 11:02 AM
libxslt
Version: 1.1.34-alt1.p9.1
Summary: Library providing XSLT support
Changelog:
- Backported to p9 (fixes CVE-2019-11068, CVE-2019-13117 and CVE-2019-13118).
Nov 17, 2020, 09:24 AM
libXtst
Version: 1.2.3-alt1
Summary: The Xtst Library
Changelog:
- 1.2.3 - securuty fixes: CVE-2016-7951, CVE-2016-7952
Feb 24, 2019, 10:06 AM
libyaml-cpp0
Version: 0.6.2-alt2
Summary: A YAML parser and emitter for C++
Changelog:
- Applied patches from Fedora (Fixes: CVE-2017-5950)
Jul 23, 2018, 02:42 PM
libytnef
Version: 1.9.3-alt1
Summary: TNEF Stream Parser Library
Changelog:
- 1.9.3 (fixed CVE-2017-9470, CVE-2017-9471, CVE-2017-9474, CVE-2017-9058, CVE-2017-12142, CVE-2017-12141, CVE-2017-12144)
Dec 8, 2020, 11:09 AM
lout
Version: 3.40-alt4
Summary: The Lout document formatting language
Changelog:
- Applied security patch from Fedora (Fixes: CVE-2019-19917, CVE-2019-19918)
Nov 13, 2021, 02:04 AM
mailman
Version: 2.1.37-alt1
Summary: Mailing list manager with built in web access
Changelog:
- 2.1.36 -> 2.1.37 (fixes bug in the fix for CVE-2021-43332).
Nov 12, 2020, 08:55 PM
mariadb
Version: 10.4.17-alt1
Summary: A very fast and reliable SQL database engine
Changelog:
- 10.4.17 - backport fix for MDEV-24096, MDEV-24121, MDEV-24134 - Fixes for the following security vulnerabilities: + CVE-2020-14812 + CVE-2020-14765 + CVE-2020-14776 + CVE-2020-14789 + CVE-2020-15180
Jun 27, 2021, 12:30 AM
mediawiki
Version: 1.36.1-alt1
Summary: A wiki engine, typical installation (with Apache2 and MySQL support)
Changelog:
- new version 1.36.1 (with rpmrb script) - (T280226, CVE-2021-35197): Prevent blocked users from purging pages
Jun 27, 2021, 10:12 PM
mediawiki-extensions-Widgets
Version: 1.3.0-alt1git
Summary: Widgets extension allows adding widgets to wiki by just creating pages in Widget namespace
Changelog:
- new version (1.3.0) with rpmgs script - CVE-2020-9382, CVE-2020-35625
Dec 17, 2020, 12:24 PM
mgetty
Version: 1.2.1-alt1
Summary: A getty replacement for use with data and fax modems
Changelog:
- Updated to upstream version 1.2.1 (Fixes: CVE-2018-16741, CVE-2018-16742, CVE-2018-16743, CVE-2018-16744, CVE-2018-16745, CVE-2019-1010189, CVE-2019-1010190).
Nov 5, 2020, 11:33 AM
mimetex
Version: 1.76-alt1
Summary: Mimetex ets you easily embed LaTeX math in your html pages
Changelog:
- Updated to version 1.76 from Debian (Fixes: CVE-2009-1382, CVE-2009-2459).
Dec 9, 2020, 04:07 PM
mosquitto
Version: 1.6.9-alt1
Summary: Mosquitto is an open source implementation of a server for version 3.1 and 3.1.1 of the MQTT protocol
Changelog:
- Updated to upstream version 1.6.9 (Fixes: CVE-2019-11778, CVE-2019-11779).
Dec 9, 2020, 01:25 PM
mupdf
Version: 1.18.0-alt1
Summary: A lightweight PDF viewer and toolkit
Changelog:
- Updated to upstream version 1.18.0 (Fixes: CVE-2017-5991, CVE-2018-10289, CVE-2018-16647, CVE-2018-16648, CVE-2019-14975, CVE-2020-26519).
Jan 27, 2021, 04:30 PM
nagios
Version: 3.0.6-alt15
Summary: Services and network monitoring system
Changelog:
- Fixes: + CVE-2017-12847 Kill arbitrary processes by leveraging access to PID file. - Don't install the PID file.
Oct 29, 2020, 04:51 PM
nbd
Version: 3.20-alt1
Summary: Network Block Device user space tools
Changelog:
- Updated to upstream version 3.20 (Fixes: CVE-2013-6410, CVE-2013-7441, CVE-2015-0847).
Jul 1, 2021, 06:55 PM
NetworkManager
Version: 1.18.11-alt1.gite2fdbc2b7482
Summary: Install NetworkManager daemon and plugins
Changelog:
- Backported patch from NM-1.32.2 (fixes: CVE-2020-13529): + dhcp/systemd: ignore FORCERENEW requests for DHCPV4 to workaround CVE-2020-13529. - Upstream git snapshot (nm-1-18 branch).
Aug 2, 2018, 02:18 AM
NetworkManager-vpnc
Version: 1.2.6-alt1
Summary: NetworkManager VPN plugin for vpnc
Changelog:
- Disable libnm-glib-* support. - Fix build without libnm-glib-*. - Updated to 1.2.6 (fixes CVE-2018-10900).
Oct 21, 2022, 03:30 PM
nginx
Version: 1.22.1-alt1
Summary: Fast HTTP server
Changelog:
- 1.22.1 (Fixes: CVE-2022-41741, CVE-2022-41742)
Aug 31, 2021, 05:02 PM
ntfs-3g
Version: 2021.8.22-alt1
Summary: third generation Linux NTFS driver
Changelog:
- 2021.8.22 (Fixes: CVE-2021-33285, CVE-2021-35269, CVE-2021-35268, CVE-2021-33289, CVE-2021-33286, CVE-2021-35266, CVE-2021-33287, CVE-2021-35267, CVE-2021-39251, CVE-2021-39252, CVE-2021-39253, CVE-2021-39254, CVE-2021-39255, CVE-2021-39256, CVE-2021-39257, CVE-2021-39258, CVE-2021-39259, CVE-2021-39260, CVE-2021-39261, CVE-2021-39262, CVE-2021-39263)
Dec 2, 2019, 12:28 PM
oniguruma
Version: 6.9.4-alt1
Summary: Regular expressions library
Changelog:
- 6.9.4 - fixes: * CVE-2019-19012 Integer overflow related to reg->dmax in search_in_range() * CVE-2019-19203 heap-buffer-overflow in gb18030_mbc_enc_len() * CVE-2019-19204 heap-buffer-overflow in fetch_interval_quantifier()
Feb 28, 2019, 12:29 AM
openslp
Version: 2.0.0-alt2
Summary: OpenSLP implementation of Service Location Protocol V2
Changelog:
- Fixed libslp namespace (closes: #35692). - Enabled SLPv2 Security. - Enabled testing. - Applied security fixes (fixes: CVE-2012-4428, CVE-2016-4912, CVE-2016-7567, CVE-2017-17833).
May 30, 2023, 03:00 PM
openssl1.1
Version: 1.1.1u-alt1
Summary: OpenSSL - Secure Sockets Layer and cryptography shared libraries and tools
Changelog:
- Updated to 1.1.1u (fixes CVE-2023-2650).
Mar 16, 2022, 02:54 AM
openssl10
Version: 1.0.2u-alt1.p9.2
Summary: OpenSSL - Secure Sockets Layer and cryptography shared libraries and tools
Changelog:
- Backported upstream security fix (fixes CVE-2022-0778).