systemd Jan 31, 2022, 11:48 PM | Jan 31, 2022, 11:48 PM |
Version: 247.11-alt1
|
Summary: System and Session Manager
|
Changelog: |
- 247.11 (Fixes: CVE-2021-3997)
- set default net-naming-scheme=v245 |
polkit Jan 26, 2022, 05:55 PM | Jan 26, 2022, 05:55 PM |
Version: 0.116-alt2.M90P.4
|
Summary: PolicyKit Authorization Framework
|
Changelog: |
- (Fixes: CVE-2021-4034) |
phpipam Jan 25, 2022, 08:08 PM | Jan 25, 2022, 08:08 PM |
Version: 1.45.031-alt1
|
Summary: PHP-based virtual machine control tool
|
Changelog: |
- 1.4.5 Release (Fixes: CVE-2020-7988). |
expat Jan 18, 2022, 03:17 PM | Jan 18, 2022, 03:17 PM |
Version: 2.4.3-alt1
|
Summary: An XML parser written in C
|
Changelog: |
- Updated to 2.4.3 (with multiple security fixes).
- Fixes:
+ CVE-2021-45960 issues with left shift by >= 29 places in function storeAtts that
can lead to realloc misbehavior;
+ CVE-2021-46143 Integer overflow on variable m_groupSize in function doProlog;
+ CVE-2022-22822 Integer overflows near memory allocation in function addBinding;
+ CVE-2022-22823 Integer overflows near memory allocation in function build_model;
+ CVE-2022-22824 Integer overflows near memory allocation in function defineAttribute;
+ CVE-2022-22825 Integer overflows near memory allocation in function lookup;
+ CVE-2022-22826 Integer overflows near memory allocation in function nextScaffoldPart;
+ CVE-2022-22827 Integer overflows near memory allocation in function storeAtts. |
clamav Jan 18, 2022, 11:22 AM | Jan 18, 2022, 11:22 AM |
Version: 0.103.5-alt1
|
Summary: Clam Antivirus scanner
|
Changelog: |
- 0.103.5 (CVE-2022-20698) |
mc Jan 9, 2022, 01:28 AM | Jan 9, 2022, 01:28 AM |
Version: 4.8.27-alt1
|
Summary: An user-friendly file manager and visual shell
|
Changelog: |
- 4.8.27 (CVE-2021-36370; ALT #40217) |
apache2 Dec 21, 2021, 04:06 PM | Dec 21, 2021, 04:06 PM |
Version: 2.4.52-alt1
|
Summary: The most widely used Web server on the Internet
|
Changelog: |
- 2.4.52 (Fixes: CVE-2021-44790, CVE-2021-44224) |
python3-module-django Dec 17, 2021, 03:26 PM | Dec 17, 2021, 03:26 PM |
Version: 2.2.25-alt1
|
Summary: A high-level Python 3 Web framework that encourages rapid development and clean, pragmatic design.
|
Changelog: |
- new version 2.2.25
- Fixes for the following security vulnerabilities:
+ CVE-2021-44420: Potential bypass of an upstream access control based on URL paths |
mailman Nov 13, 2021, 02:04 AM | Nov 13, 2021, 02:04 AM |
Version: 2.1.37-alt1
|
Summary: Mailing list manager with built in web access
|
Changelog: |
- 2.1.36 -> 2.1.37 (fixes bug in the fix for CVE-2021-43332). |
postgresql11 Nov 10, 2021, 01:05 PM | Nov 10, 2021, 01:05 PM |
Version: 11.14-alt0.M90P.1
|
Summary: PostgreSQL client programs and libraries
|
Changelog: |
- 11.14 (Fixes CVE-2021-23214, CVE-2021-23222) |
postgresql10 Nov 10, 2021, 12:52 PM | Nov 10, 2021, 12:52 PM |
Version: 10.19-alt0.M90P.1
|
Summary: PostgreSQL client programs and libraries
|
Changelog: |
- 10.19 (Fixes CVE-2021-23214, CVE-2021-23222) |
postgresql9.6 Nov 10, 2021, 12:41 PM | Nov 10, 2021, 12:41 PM |
Version: 9.6.24-alt0.M90P.1
|
Summary: PostgreSQL client programs and libraries
|
Changelog: |
- 9.6.24 (Fixes CVE-2021-23214, CVE-2021-23222) |
postgresql12 Nov 10, 2021, 11:55 AM | Nov 10, 2021, 11:55 AM |
Version: 12.9-alt0.M90P.1
|
Summary: PostgreSQL client programs and libraries
|
Changelog: |
- 12.9 (Fixes CVE-2021-23214, CVE-2021-23222) |
php7 Oct 28, 2021, 07:57 PM | Oct 28, 2021, 07:57 PM |
Version: 7.3.32-alt1
|
Summary: The PHP7 scripting language
|
Changelog: |
- 7.3.32 (Fixes: CVE-2021-21703) |
bind Oct 28, 2021, 05:25 PM | Oct 28, 2021, 05:25 PM |
Version: 9.11.36-alt1
|
Summary: ISC BIND - DNS server
|
Changelog: |
- 9.11.32 -> 9.11.36 (fixes: CVE-2021-25219). |
freerdp Oct 21, 2021, 04:06 PM | Oct 21, 2021, 04:06 PM |
Version: 2.4.1-alt1
|
Summary: Remote Desktop Protocol functionality
|
Changelog: |
- New version.
- Security fixes:
+ CVE-2021-41159 Improper client input validation for gateway connections allows to overwrite memory
+ CVE-2021-41160 Improper region checks in all clients allow out of bound write to memory |
glpi Oct 12, 2021, 05:41 PM | Oct 12, 2021, 05:41 PM |
Version: 9.5.6-alt1
|
Summary: IT and asset management software
|
Changelog: |
- New version 9.5.6
- This is a security release, upgrading is recommended
- Security fixes:
+ CVE-2021-39211 : Disclosure of GLPI and server informations in telemetry endpoint
+ CVE-2021-39210 : Autologin cookie accessible by scripts
+ CVE-2021-39209 : Bypassable CSRF protection on ajax endpoints
+ CVE-2021-39213 : Bypassable IP restriction on GLPI API using custom header injection |
cyrus-imapd Sep 4, 2021, 11:19 PM | Sep 4, 2021, 11:19 PM |
Version: 3.2.8-alt1
|
Summary: A high-performance email, contacts and calendar server
|
Changelog: |
- 3.2.8 (fixes: CVE-2021-33582) |
libssh Sep 2, 2021, 11:56 AM | Sep 2, 2021, 11:56 AM |
Version: 0.9.6-alt1
|
Summary: C library to authenticate in a simple manner to one or more SSH servers
|
Changelog: |
- new version
- security (fixes: CVE-2021-3634) |
ntfs-3g Aug 31, 2021, 05:02 PM | Aug 31, 2021, 05:02 PM |
Version: 2021.8.22-alt1
|
Summary: third generation Linux NTFS driver
|
Changelog: |
- 2021.8.22 (Fixes: CVE-2021-33285, CVE-2021-35269, CVE-2021-35268, CVE-2021-33289,
CVE-2021-33286, CVE-2021-35266, CVE-2021-33287, CVE-2021-35267, CVE-2021-39251,
CVE-2021-39252, CVE-2021-39253, CVE-2021-39254, CVE-2021-39255, CVE-2021-39256,
CVE-2021-39257, CVE-2021-39258, CVE-2021-39259, CVE-2021-39260, CVE-2021-39261,
CVE-2021-39262, CVE-2021-39263) |
openssl1.1 Aug 24, 2021, 05:24 PM | Aug 24, 2021, 05:24 PM |
Version: 1.1.1l-alt1
|
Summary: OpenSSL - Secure Sockets Layer and cryptography shared libraries and tools
|
Changelog: |
- Updated to 1.1.1l (fixes CVE-2021-3711, CVE-2021-3712). |
dovecot Aug 12, 2021, 01:39 PM | Aug 12, 2021, 01:39 PM |
Version: 2.3.16-alt1
|
Summary: Dovecot secure IMAP/POP3 server
|
Changelog: |
- Updated to 2.3.16 (fixes CVE-2021-33515, CVE-2021-29157, CVE-2021-33515, CVE-2021-29157).
- Package watch file. |
c-ares Aug 12, 2021, 12:06 AM | Aug 12, 2021, 12:06 AM |
Version: 1.17.2-alt1
|
Summary: A library that performs asynchronous DNS operations
|
Changelog: |
- 1.17.2 (Fixes: CVE-2021-3672) |
golang Aug 9, 2021, 01:03 PM | Aug 9, 2021, 01:03 PM |
Version: 1.15.15-alt1
|
Summary: The Go Programming Language
|
Changelog: |
- New version (1.15.15).
- Fixes:
+ CVE-2021-36221 |
wireshark Jul 26, 2021, 12:34 PM | Jul 26, 2021, 12:34 PM |
Version: 3.4.7-alt1
|
Summary: The BugTraq Award Winning Network Traffic Analyzer
|
Changelog: |
- 3.4.7 (Fixes: CVE-2021-22235) |
krb5 Jul 25, 2021, 09:45 AM | Jul 25, 2021, 09:45 AM |
Version: 1.17.2-alt2
|
Summary: The Kerberos network authentication system
|
Changelog: |
- Backport fixes from 1.18.4 (Fixes: CVE-2021-36222) |
mariadb Jul 11, 2021, 09:36 PM | Jul 11, 2021, 09:36 PM |
Version: 10.4.20-alt1
|
Summary: A very fast and reliable SQL database engine
|
Changelog: |
- 10.4.20 (ALT #40403)
- Fixes for the following security vulnerabilities:
+ CVE-2021-27928
+ CVE-2021-2166
+ CVE-2021-2154 |
neomutt Jul 4, 2021, 09:50 PM | Jul 4, 2021, 09:50 PM |
Version: 20210205-alt2
|
Summary: A version of Mutt with added features
|
Changelog: |
- Fix CVE-2021-32055. |
NetworkManager Jul 1, 2021, 06:55 PM | Jul 1, 2021, 06:55 PM |
Version: 1.18.11-alt1.gite2fdbc2b7482
|
Summary: Install NetworkManager daemon and plugins
|
Changelog: |
- Backported patch from NM-1.32.2 (fixes: CVE-2020-13529):
+ dhcp/systemd: ignore FORCERENEW requests for DHCPV4 to workaround
CVE-2020-13529.
- Upstream git snapshot (nm-1-18 branch). |
mediawiki-extensions-Widgets Jun 27, 2021, 10:12 PM | Jun 27, 2021, 10:12 PM |
Version: 1.3.0-alt1git
|
Summary: Widgets extension allows adding widgets to wiki by just creating pages in Widget namespace
|
Changelog: |
- new version (1.3.0) with rpmgs script
- CVE-2020-9382, CVE-2020-35625 |