Security

systemd Jan 31, 2022, 11:48 PMJan 31, 2022, 11:48 PM
Version: 247.11-alt1
Summary: System and Session Manager
Changelog:
- 247.11 (Fixes: CVE-2021-3997)
- set default net-naming-scheme=v245
polkit Jan 26, 2022, 05:55 PMJan 26, 2022, 05:55 PM
Version: 0.116-alt2.M90P.4
Summary: PolicyKit Authorization Framework
Changelog:
- (Fixes: CVE-2021-4034)
phpipam Jan 25, 2022, 08:08 PMJan 25, 2022, 08:08 PM
Version: 1.45.031-alt1
Summary: PHP-based virtual machine control tool
Changelog:
- 1.4.5 Release (Fixes: CVE-2020-7988).
expat Jan 18, 2022, 03:17 PMJan 18, 2022, 03:17 PM
Version: 2.4.3-alt1
Summary: An XML parser written in C
Changelog:
- Updated to 2.4.3 (with multiple security fixes).
- Fixes:
  + CVE-2021-45960 issues with left shift by >= 29 places in function storeAtts that
    can lead to realloc misbehavior;
  + CVE-2021-46143 Integer overflow on variable m_groupSize in function doProlog;
  + CVE-2022-22822 Integer overflows near memory allocation in function addBinding;
  + CVE-2022-22823 Integer overflows near memory allocation in function build_model;
  + CVE-2022-22824 Integer overflows near memory allocation in function defineAttribute;
  + CVE-2022-22825 Integer overflows near memory allocation in function lookup;
  + CVE-2022-22826 Integer overflows near memory allocation in function nextScaffoldPart;
  + CVE-2022-22827 Integer overflows near memory allocation in function storeAtts.
clamav Jan 18, 2022, 11:22 AMJan 18, 2022, 11:22 AM
Version: 0.103.5-alt1
Summary: Clam Antivirus scanner
Changelog:
- 0.103.5 (CVE-2022-20698)
mc Jan 9, 2022, 01:28 AMJan 9, 2022, 01:28 AM
Version: 4.8.27-alt1
Summary: An user-friendly file manager and visual shell
Changelog:
- 4.8.27 (CVE-2021-36370; ALT #40217)
apache2 Dec 21, 2021, 04:06 PMDec 21, 2021, 04:06 PM
Version: 2.4.52-alt1
Summary: The most widely used Web server on the Internet
Changelog:
- 2.4.52 (Fixes: CVE-2021-44790, CVE-2021-44224)
python3-module-django Dec 17, 2021, 03:26 PMDec 17, 2021, 03:26 PM
Version: 2.2.25-alt1
Summary: A high-level Python 3 Web framework that encourages rapid development and clean, pragmatic design.
Changelog:
- new version 2.2.25
- Fixes for the following security vulnerabilities:
  + CVE-2021-44420: Potential bypass of an upstream access control based on URL paths
mailman Nov 13, 2021, 02:04 AMNov 13, 2021, 02:04 AM
Version: 2.1.37-alt1
Summary: Mailing list manager with built in web access
Changelog:
- 2.1.36 -> 2.1.37 (fixes bug in the fix for CVE-2021-43332).
postgresql11 Nov 10, 2021, 01:05 PMNov 10, 2021, 01:05 PM
Version: 11.14-alt0.M90P.1
Summary: PostgreSQL client programs and libraries
Changelog:
- 11.14 (Fixes CVE-2021-23214, CVE-2021-23222)
postgresql10 Nov 10, 2021, 12:52 PMNov 10, 2021, 12:52 PM
Version: 10.19-alt0.M90P.1
Summary: PostgreSQL client programs and libraries
Changelog:
- 10.19 (Fixes CVE-2021-23214, CVE-2021-23222)
postgresql9.6 Nov 10, 2021, 12:41 PMNov 10, 2021, 12:41 PM
Version: 9.6.24-alt0.M90P.1
Summary: PostgreSQL client programs and libraries
Changelog:
- 9.6.24 (Fixes CVE-2021-23214, CVE-2021-23222)
postgresql12 Nov 10, 2021, 11:55 AMNov 10, 2021, 11:55 AM
Version: 12.9-alt0.M90P.1
Summary: PostgreSQL client programs and libraries
Changelog:
- 12.9 (Fixes CVE-2021-23214, CVE-2021-23222)
php7 Oct 28, 2021, 07:57 PMOct 28, 2021, 07:57 PM
Version: 7.3.32-alt1
Summary: The PHP7 scripting language
Changelog:
- 7.3.32 (Fixes: CVE-2021-21703)
bind Oct 28, 2021, 05:25 PMOct 28, 2021, 05:25 PM
Version: 9.11.36-alt1
Summary: ISC BIND - DNS server
Changelog:
- 9.11.32 -> 9.11.36 (fixes: CVE-2021-25219).
freerdp Oct 21, 2021, 04:06 PMOct 21, 2021, 04:06 PM
Version: 2.4.1-alt1
Summary: Remote Desktop Protocol functionality
Changelog:
- New version.
- Security fixes:
  + CVE-2021-41159 Improper client input validation for gateway connections allows to overwrite memory
  + CVE-2021-41160 Improper region checks in all clients allow out of bound write to memory
glpi Oct 12, 2021, 05:41 PMOct 12, 2021, 05:41 PM
Version: 9.5.6-alt1
Summary: IT and asset management software
Changelog:
- New version 9.5.6
- This is a security release, upgrading is recommended
- Security fixes:
 + CVE-2021-39211 : Disclosure of GLPI and server informations in telemetry endpoint
 + CVE-2021-39210 : Autologin cookie accessible by scripts
 + CVE-2021-39209 : Bypassable CSRF protection on ajax endpoints
 + CVE-2021-39213 : Bypassable IP restriction on GLPI API using custom header injection
cyrus-imapd Sep 4, 2021, 11:19 PMSep 4, 2021, 11:19 PM
Version: 3.2.8-alt1
Summary: A high-performance email, contacts and calendar server
Changelog:
- 3.2.8 (fixes: CVE-2021-33582)
libssh Sep 2, 2021, 11:56 AMSep 2, 2021, 11:56 AM
Version: 0.9.6-alt1
Summary: C library to authenticate in a simple manner to one or more SSH servers
Changelog:
- new version
- security (fixes: CVE-2021-3634)
ntfs-3g Aug 31, 2021, 05:02 PMAug 31, 2021, 05:02 PM
Version: 2021.8.22-alt1
Summary: third generation Linux NTFS driver
Changelog:
- 2021.8.22 (Fixes: CVE-2021-33285, CVE-2021-35269, CVE-2021-35268, CVE-2021-33289,
  CVE-2021-33286, CVE-2021-35266, CVE-2021-33287, CVE-2021-35267, CVE-2021-39251,
  CVE-2021-39252, CVE-2021-39253, CVE-2021-39254, CVE-2021-39255, CVE-2021-39256,
  CVE-2021-39257, CVE-2021-39258, CVE-2021-39259, CVE-2021-39260, CVE-2021-39261,
  CVE-2021-39262, CVE-2021-39263)
openssl1.1 Aug 24, 2021, 05:24 PMAug 24, 2021, 05:24 PM
Version: 1.1.1l-alt1
Summary: OpenSSL - Secure Sockets Layer and cryptography shared libraries and tools
Changelog:
- Updated to 1.1.1l (fixes CVE-2021-3711, CVE-2021-3712).
dovecot Aug 12, 2021, 01:39 PMAug 12, 2021, 01:39 PM
Version: 2.3.16-alt1
Summary: Dovecot secure IMAP/POP3 server
Changelog:
- Updated to 2.3.16 (fixes CVE-2021-33515, CVE-2021-29157, CVE-2021-33515, CVE-2021-29157).
- Package watch file.
c-ares Aug 12, 2021, 12:06 AMAug 12, 2021, 12:06 AM
Version: 1.17.2-alt1
Summary: A library that performs asynchronous DNS operations
Changelog:
- 1.17.2 (Fixes: CVE-2021-3672)
golang Aug 9, 2021, 01:03 PMAug 9, 2021, 01:03 PM
Version: 1.15.15-alt1
Summary: The Go Programming Language
Changelog:
- New version (1.15.15).
- Fixes:
  + CVE-2021-36221
wireshark Jul 26, 2021, 12:34 PMJul 26, 2021, 12:34 PM
Version: 3.4.7-alt1
Summary: The BugTraq Award Winning Network Traffic Analyzer
Changelog:
- 3.4.7 (Fixes: CVE-2021-22235)
krb5 Jul 25, 2021, 09:45 AMJul 25, 2021, 09:45 AM
Version: 1.17.2-alt2
Summary: The Kerberos network authentication system
Changelog:
- Backport fixes from 1.18.4 (Fixes: CVE-2021-36222)
mariadb Jul 11, 2021, 09:36 PMJul 11, 2021, 09:36 PM
Version: 10.4.20-alt1
Summary: A very fast and reliable SQL database engine
Changelog:
- 10.4.20 (ALT #40403)
- Fixes for the following security vulnerabilities:
  + CVE-2021-27928
  + CVE-2021-2166
  + CVE-2021-2154
neomutt Jul 4, 2021, 09:50 PMJul 4, 2021, 09:50 PM
Version: 20210205-alt2
Summary: A version of Mutt with added features
Changelog:
- Fix CVE-2021-32055.
NetworkManager Jul 1, 2021, 06:55 PMJul 1, 2021, 06:55 PM
Version: 1.18.11-alt1.gite2fdbc2b7482
Summary: Install NetworkManager daemon and plugins
Changelog:
- Backported patch from NM-1.32.2 (fixes: CVE-2020-13529):
  + dhcp/systemd: ignore FORCERENEW requests for DHCPV4 to workaround
    CVE-2020-13529.
- Upstream git snapshot (nm-1-18 branch).
mediawiki-extensions-Widgets Jun 27, 2021, 10:12 PMJun 27, 2021, 10:12 PM
Version: 1.3.0-alt1git
Summary: Widgets extension allows adding widgets to wiki by just creating pages in Widget namespace
Changelog:
- new version (1.3.0) with rpmgs script
- CVE-2020-9382, CVE-2020-35625
Back to Top