Security

Sep 29, 2023, 03:25 PM

libppd

Version: 2.0.0-alt1
Summary: Library for retro-fitting legacy printer drivers
Changelog:
- 2.0.0 (Fixes: CVE-2023-4504)
Sep 28, 2023, 06:23 AM

xrdp

Version: 0.9.23.1-alt1
Summary: An open source remote desktop protocol (RDP) server
Changelog:
- New version.
- Security fixes:
  + CVE-2023-42822: Unchecked access to font glyph info
Sep 28, 2023, 04:38 AM

netatalk

Version: 3.1.17-alt1
Summary: Open Source Apple Filing Protocol(AFP) File Server
Changelog:
- 3.1.17 (fixed CVE-2023-42464, CVE-2022-23121, CVE-2022-23123,
   CVE-2022-43634 and CVE-2022-45188)
- Add /etc/netatalk/afppasswd (Closes: #46445)
- Add /var/lib/netatalk (Closes: #46441)
- Add Requires: cracklib-words (Closes: #46446)
Sep 21, 2023, 07:27 PM

bind

Version: 9.16.44-alt1
Summary: ISC BIND - DNS server
Changelog:
- 9.16.42 -> 9.16.44 (fixes: CVE-2023-3341).
Sep 19, 2023, 04:01 PM

openssl3

Version: 3.1.3-alt1
Summary: OpenSSL - Secure Sockets Layer and cryptography shared libraries and tools
Changelog:
- Updated to 3.1.3 (fixes CVE-2023-4807).
Sep 17, 2023, 05:42 PM

curl

Version: 8.3.0-alt1
Summary: Gets a file from a FTP, GOPHER or HTTP server
Changelog:
- 8.2.1 -> 8.3.0
- Fixes:
   * CVE-2023-38039 HTTP headers eat all memory
- relaxed check on armh
Sep 14, 2023, 08:50 PM

php8.0

Version: 8.0.30-alt1
Summary: The PHP scripting language
Changelog:
- 8.0.29 -> 8.0.30 (Fixes: CVE-2023-3823, CVE-2023-3824)
- for sisyphus and p11: added conflicts with the installer-stage3 to avoid
  using php8.0 in distributios: The first stage of EOL plan
Sep 14, 2023, 10:02 AM

libwebp

Version: 1.3.2-alt1
Summary: Library and tools for the WebP graphics format
Changelog:
- 1.3.2 (fixed CVE-2023-4863)
Sep 11, 2023, 07:32 AM

vim

Version: 9.0.1893-alt1
Summary: VIsual editor iMproved
Changelog:
- Updated to v9.0.1893 (fixes CVE-2023-4781, CVE-2023-4752, CVE-2023-4750,
  CVE-2023-4733, CVE-2023-4738, CVE-2023-4736, CVE-2023-4735, CVE-2023-4734).
Aug 21, 2023, 03:50 PM

redis

Version: 7.0.12-alt1
Summary: Redis is an advanced key-value store
Changelog:
- 7.0.12
- Fixed License
- Split cli tools to cli subpackage
- Update systemd units
- Update default sentinel config
- Build with systemd support sd_notify
- /var/run -> /run
- Fixed logrotate config
- Fixed permissions for configs
- Move make test to check section
- Enable tests
- Security fixes:
  + CVE-2022-24834 Integer Overflow to Buffer Overflow, Heap-based Buffer Overflow
  + CVE-2022-31144 Out-of-bounds Write, Heap-based Buffer Overflow
  + CVE-2022-33105 Missing Release of Memory after Effective Lifetime
  + CVE-2022-35951 Integer Overflow or Wraparound
  + CVE-2022-35977 Integer Overflow or Wraparound
  + CVE-2022-36021 Inefficient Algorithmic Complexity
  + CVE-2023-22458 Integer Overflow or Wraparound
  + CVE-2023-25155 Integer Overflow or Wraparound
  + CVE-2023-28425 Improper Neutralization of Special Elements used in a Command (Command Injection)
  + CVE-2023-28856 Reachable Assertion
  + CVE-2023-31655 Insufficient Information
  + CVE-2023-36824 Heap overflow in COMMAND GETKEYS and ACL evaluation
Aug 18, 2023, 05:05 PM

guacamole-server

Version: 1.5.3-alt1
Summary: Server-side native components that form the Guacamole proxy
Changelog:
- New version 1.5.3 (Fixes: CVE-2023-30575, CVE-2023-30576).
Aug 16, 2023, 01:37 PM

krb5

Version: 1.21.2-alt1
Summary: The Kerberos network authentication system
Changelog:
- 1.21.2 (Fixes: CVE-2023-39975)
Aug 12, 2023, 07:49 AM

mediawiki

Version: 1.40.0-alt1
Summary: A wiki engine, typical installation (php8.1 with Apache2 and MySQL support)
Changelog:
- new version 1.40.0 (with rpmrb script)
- disable AutoReq
- (T335612, CVE-2023-36674) SECURITY: Move badFile lookup to Linker.
- (T335203, CVE-2023-29197) Upgrade guzzlehttp/psr7 to >= 1.9.1/2.4.5.
- (T335612, CVE-2023-36674) Manualthumb bypasses badFile lookup.
- (T332889, CVE-2023-36675) XSS in BlockLogFormatter due to unsafe message use.
Jul 29, 2023, 03:38 AM

burp

Version: 2.5.4-alt4
Summary: Burp is a network-based backup and restore program
Changelog:
- Support for OpenSSL 3 (to access Blowfish encryption).
- Apply fixes to bundled yajl (CVE-2023-33460, CVE-2022-24795, CVE-2017-16516).
Jul 25, 2023, 11:12 PM

glpi

Version: 10.0.9-alt1
Summary: IT and asset management software
Changelog:
- New version 10.0.9
- This release fixes several security issues that has been recently discovered. Update is recommended!
- Security fixes:
 + CVE-2023-37278 : SQL injection in dashboard administration
- Deleted glpi-php7
Jul 13, 2023, 05:12 PM

less

Version: 633-alt1
Summary: A text file browser similar to more, but better
Changelog:
- New version (633).
- Security fixes:
  + CVE-2022-46663: less -R filtering bypass.
Jul 13, 2023, 04:48 PM

cacti

Version: 1.2.24-alt1
Summary: The complete RRDTool-based graphing solution.
Changelog:
- 1.2.24
- Fixes:
  + CVE-2022-46169 Unauthenticated Command Injection
- switched to php8.0 by default
Jul 4, 2023, 10:50 AM

libjpeg8

Version: 3.0.0-alt1
Summary: The MMX/SSE accelerated JPEG compression/decompression library
Changelog:
- New version (3.0.0).
- Fixes:
  + CVE-2023-2804 Various segfaults and buffer overruns
Jun 19, 2023, 12:13 PM

xorg-server

Version: 1.20.14-alt8.E2K.1
Summary: Xserver - X Window System display server
Changelog:
- E2K:
  + added mcst patches, mostly as-is except:
    - 0003-Add-copy-optimizations.patch: partially obsolete
    - 0006-Add-bug-workaround.patch: obsolete for arch > e2kv2
    - 0010-Restore-DRI1-support.{add,mod}.patch: need more reverts
    - 0040-Fix-CVE-2018-14665.patch: applied elsewhere upstream
    and specifically, including:
    - 0010-restore-DRI1-support-for-e1c.patch
    - mga2 related patch from mcst#5155
  + warning-related ftbfs workarounds
  + bool-related ftbfs workaround (ilyakurdyukov@)
Jun 14, 2023, 09:32 AM

yajl

Version: 2.1.0-alt3
Summary: Yet Another JSON Library
Changelog:
- fixes CVE-2023-33460.
May 27, 2023, 03:54 AM

libtpms

Version: 0.9.6-alt1
Summary: Library providing Trusted Platform Module (TPM) functionality
Changelog:
- New version 0.9.6 (Fixes: CVE-2023-1017, CVE-2023-1018).
May 25, 2023, 06:17 PM

itop

Version: 3.0.3-alt1
Summary: IT Operations Portal
Changelog:
- New version 3.0.3
- Security fixes:
 + CVE-2021-46743 : Firebase PHP-JWT key/algorithm type confusion
 + CVE-2022-31403 : XSS vulnerability via /itop/pages/ajax.render.php
 + CVE-2022-31402 : XSS vulnerability via /itop/webservices/export-v2.php
- Added itop-php8.0
- Deleted itop-php7
May 23, 2023, 12:02 PM

python3-module-requests

Version: 2.31.0-alt1
Summary: HTTP library, written in Python, for human beings
Changelog:
- 2.29.0 -> 2.31.0 (fixes: CVE-2023-32681).
Apr 25, 2023, 11:28 PM

libxml2

Version: 2.10.4-alt1
Summary: The library for manipulating XML files
Changelog:
- 2.10.4 (Fixes: CVE-2023-29469, CVE-2023-28484)
Apr 17, 2023, 10:15 PM

git

Version: 2.33.8-alt1
Summary: Git core and tools
Changelog:
- 2.33.7 -> 2.33.8 (fixes: CVE-2023-25652, CVE-2023-25815, CVE-2023-29007).
Apr 13, 2023, 03:26 PM

ghostscript

Version: 10.01.1-alt1
Summary: PostScript interpreter and renderer, most printer drivers
Changelog:
- Autobuild version bump to 10.01.1
- (Fixes: CVE-2023-28879)
Apr 8, 2023, 03:00 AM

ctags

Version: 5.8-alt6
Summary: A C programming language indexing and/or cross-reference tool
Changelog:
- Fixed arbitrary command execution via a tag file with
  a crafted filename (fixes CVE-2022-4515).
Mar 30, 2023, 11:41 AM

libsixel

Version: 1.10.3-alt1
Summary: A SIXEL encoder/decoder implementation
Changelog:
- 1.10.3.
- switch to meson.
- Security fixes for CVE-2020-11721, CVE-2020-19668.
Mar 29, 2023, 07:29 AM

libmemcached

Version: 1.1.4-alt1
Summary: Client library to the memcached
Changelog:
- 1.1.4 (Fixes CVE-2023-27478)
- Change URL to new upstream project
- Use CMAKE
Mar 28, 2023, 03:21 PM

dnsmasq

Version: 2.89-alt2
Summary: A lightweight caching nameserver
Changelog:
- Added patches from upstream git:
  + Avoid undefined behaviour with the ctype(3) functions
  + Fix --rev-server option
  + Fix possible SEGV when no servers defined
  + Set the default maximum DNS UDP packet size to 1232
    (fixes: CVE-2023-28450)
  + Fix DHCPv6 "use multicast" response which previously failed
Mar 20, 2023, 06:36 PM

flatpak

Version: 1.14.4-alt1
Summary: Application deployment framework for desktop apps
Changelog:
- 1.14.4 (fixed CVE-2023-28100, CVE-2023-28101)
Mar 9, 2023, 11:59 AM

clamav

Version: 0.103.8-alt1
Summary: Clam Antivirus scanner
Changelog:
- 0.103.8 (CVE-2023-20032, CVE-2023-20052)
Feb 18, 2023, 05:05 PM

tpm2-tss

Version: 4.0.1-alt1
Summary: TPM2.0 Software Stack
Changelog:
- 4.0.1 (Fixes: CVE-2023-22745)
Feb 15, 2023, 01:10 AM

libbpf

Version: 0.8.1-alt2
Summary: Stand-alone build of libbpf from the Linux kernel
Changelog:
- (Fixes: CVE-2022-3534, CVE-2022-3606).
Feb 7, 2023, 07:29 PM

tmux

Version: 3.3a-alt2
Summary: Terminal multiplexer
Changelog:
- (Fixes: CVE-2022-47016).
Jan 18, 2023, 11:34 AM

libXpm

Version: 3.5.15-alt1
Summary: X Pixmap Library
Changelog:
- 3.5.15 (fixes: CVE-2022-46285, CVE-2022-44617, CVE-2022-4883)
Dec 22, 2022, 10:23 AM

libcairo

Version: 1.16.0-alt2
Summary: Multi-platform 2D graphics library
Changelog:
- cherry pick upstream fixes for CVE-2018-19876, CVE-2020-35492
Dec 20, 2022, 07:34 PM

libetpan

Version: 1.9.4-alt3
Summary: This mail library provide a portable, efficient middleware for different kinds of mail access
Changelog:
- Fixed libssl knob.
- Fixed License tag.
- Added Vcs tag.
- Patch from upstream:
  + Fixed crash when st_info_list is NULL (fixes: CVE-2022-4121).
Dec 9, 2022, 12:49 AM

podofo

Version: 0.9.8-alt1
Summary: PDF manipulation library and tools
Changelog:
- new version 0.9.8 (with rpmrb script)
- CVE-2021-30469, CVE-2021-30470, CVE-2021-30471, CVE-2021-30472
Dec 5, 2022, 03:48 PM

libarchive

Version: 3.6.1-alt2
Summary: A library for handling streaming archive formats
Changelog:
- security (fixes: CVE-2022-36227)
Nov 5, 2022, 12:13 PM

libpixman

Version: 0.40.0-alt2.1
Summary: Pixel manipulation library
Changelog:
- apply upstream commit a1f88e842e0216a5b4df1ab023caebe33c101395
  to fix CVE-2022-44638
Nov 3, 2022, 04:58 PM

php7

Version: 7.4.33-alt1
Summary: The PHP7 scripting language
Changelog:
- 7.4.32 -> 7.4.33 (Fixes: CVE-2022-31630, CVE-2022-37454)
Nov 2, 2022, 09:12 AM

perl-DBI

Version: 1.643-alt3
Summary: Database independent interface for Perl
Changelog:
- rename patch lib-DBD-File.pm-fix-CVE-2014-10401.patch
- fixes changelog
Oct 29, 2022, 11:07 PM

expat

Version: 2.5.0-alt1
Summary: An XML parser written in C
Changelog:
- Updated to 2.5.0 (fixes: CVE-2022-43680 Fix heap use-after-free after
  overeager destruction of a shared DTD in function XML_ExternalEntityParserCreate
  in out-of-memory situations, DoS or potentially ACE).
Oct 26, 2022, 04:03 PM

libvncserver

Version: 0.9.13-alt3
Summary: An easy API to write one's own VNC server
Changelog:
- security (fixes: CVE-2020-29260)
Oct 25, 2022, 05:31 PM

arj

Version: 3.10.22-alt9
Summary: An compressor and uncompressor for .arj format archive files
Changelog:
- Fixes patch CVE-2015-0557-security-traversal-dir (ALT #44143).
Oct 18, 2022, 12:14 AM

adcli

Version: 0.9.2-alt1
Summary: Active Directory enrollment
Changelog:
- Add support LDAP add/mod operation to set/change password:
 + fix unable to join to active directory after KB5008380/CVE-2021-42287 with
   option '--ldap-passwd';
 + https://gitlab.freedesktop.org/realmd/adcli/-/issues/27
- Add support fall back to LDAPS if CLDAP ping was not successful
 + If the --use-ldaps option is used and there is no reply on the CLDAP 389/udp
   port adcli will try to send the request to the LDAPS port 636/tcp.
- Fix write SID before secret to Samba's db looks like 'net changesecretpw'
- Add passwd-user sub-command for (re)set a user password.
- Add dont-expire-password option for computer.
Oct 14, 2022, 03:47 PM

aspell

Version: 0.60.8-alt2
Summary: An Open Source interactive spelling checker program
Changelog:
- fixes CVE-2019-25051
Oct 12, 2022, 02:52 PM

lrzsz

Version: 0.12.20-alt2
Summary: Programs for communicating over Z-, Y- & X-modem protocols.
Changelog:
- fixes CVE-2018-10195.
Oct 12, 2022, 07:45 AM

unzip

Version: 6.0-alt5
Summary: An utility for unpacking zip archives
Changelog:
- fixes CVE-2021-4217
Oct 7, 2022, 08:03 PM

dhcp

Version: 4.4.3.P1-alt1
Summary: Dynamic Host Configuration Protocol (DHCP) distribution
Changelog:
- Updated to 4.4.3-P1 (fixes: CVE-2022-2928,CVE-2022-2929).
Sep 20, 2022, 11:00 AM

enlightenment

Version: 0.25.4-alt1
Summary: The Enlightenment window manager
Changelog:
- 0.25.4 (fixed CVE-2022-37706)
Jun 20, 2022, 02:55 PM

dropbear

Version: 2022.82-alt1
Summary: A smallish SSH server and client
Changelog:
- Update to DROPBEAR_2022.82 (2022-04-01). (Fixes: CVE-2018-15599,
  CVE-2018-5399, CVE-2018-20685, CVE-2019-12953, CVE-2020-15833,
  CVE-2020-36254).
- Disable DSS keys.
- Allow password auth.
- Undo authkey_fp patch (as it does not apply to the new codebase).
- Use bundled libtom{crypt,math} maintained by the authors of Dropbear.
- Doc and client packages are merged into main package.
- Add systemd services.
- Correct sftp-server path (to openssh-server binary).
May 15, 2022, 08:57 PM

xpdf

Version: 4.04-alt1
Summary: The PDF viewer and tools
Changelog:
- Version bump
- Many bugfixes, including security, including:
  Fixes: CVE-2022-24106, CVE-2022-27135
May 15, 2022, 08:53 AM

unrar

Version: 6.1.7-alt1
Summary: RAR unarchiver
Changelog:
- Autobuild version bump to 6.1.7
- Fixes: CVE-2022-30333
May 14, 2022, 12:52 AM

libopenjpeg2.0

Version: 2.5.0-alt1
Summary: JPEG 2000 codec library (API version 2.0)
Changelog:
- 2.5.0 (fixed CVE-2013-4289, CVE-2013-4290, CVE-2019-6988, 
  CVE-2018-20846, CVE-2018-16376, CVE-2021-29338)
Apr 15, 2022, 02:16 PM

subversion

Version: 1.14.2-alt1
Summary: A version control system
Changelog:
- New version.
- Security fixes:
  + CVE-2021-28544 Subversion servers reveal copyfrom paths that should be hidden according to configured path-based authorization (authz) rules.
  + CVE-2022-24070 mod_dav_svn is prone to a use-after-free vulnerability when looking up path-based authorization rules, which can result in denial of service (crash of HTTPD worker handling the request).
Mar 8, 2022, 12:02 AM

polkit

Version: 0.115-alt2.2
Summary: PolicyKit Authorization Framework
Changelog:
- NMU (fixes: CVE-2021-4034).
- Applied upstream fix for a trivially exploitable local root vulnerability,
  see https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt
Feb 3, 2022, 04:52 PM

connman

Version: 1.41-alt1
Summary: ConnMan is a daemon for managing internet connections.
Changelog:
- new version 1.41 (Fixes: CVE-2022-23096, CVE-2022-23097, CVE-2022-23098)
Dec 14, 2021, 03:13 PM

mailman

Version: 2.1.39-alt1
Summary: Mailing list manager with built in web access
Changelog:
- 2.1.38 -> 2.1.39 (fixes for CVE-2021-42097 and CVE-2021-44227).
Nov 11, 2021, 03:28 PM

screen

Version: 4.8.0-alt2
Summary: A screen manager that supports multiple sessions on one terminal
Changelog:
- Applied SUSE combchar.diff to prevent DoS via crafted UTF-8 character
  sequence (fixes CVE-2021-26937).
Oct 30, 2021, 09:02 AM

libgfbgraph

Version: 0.2.5-alt1
Summary: A GObject library for Facebook Graph API
Changelog:
- 0.2.5 (fixed CVE-2021-39358)
Sep 23, 2021, 02:36 PM

libiec61850

Version: 1.5.0-alt1
Summary: Open source libraries for IEC 61850 and IEC 60870-5-104
Changelog:
- New version (Fixes: CVE-2020-15158).
Sep 18, 2021, 02:03 PM

fail2ban

Version: 0.11.2-alt2
Summary: Fail2Ban is an intrusion prevention framework
Changelog:
- fix build, apply patches from upstream
- .service: use /run instead of /var/run
- CVE-2021-32749
Sep 4, 2021, 11:19 PM

cyrus-imapd

Version: 3.2.8-alt1
Summary: A high-performance email, contacts and calendar server
Changelog:
- 3.2.8 (fixes: CVE-2021-33582)
Aug 8, 2021, 04:07 AM

ffmpeg3.3

Version: 3.3.9-alt2.E2K.1
Summary: A command line toolbox to manipulate, convert and stream multimedia content
Changelog:
- E2K: apply mcst patches, including CVE-2018-6621 fix
Jun 27, 2021, 10:12 PM

mediawiki-extensions-Widgets

Version: 1.3.0-alt1git
Summary: Widgets extension allows adding widgets to wiki by just creating pages in Widget namespace
Changelog:
- new version (1.3.0) with rpmgs script
- CVE-2020-9382, CVE-2020-35625
Apr 28, 2021, 02:38 PM

avahi

Version: 0.8-alt2
Summary: Local network service discovery
Changelog:
- avoid infinite-loop in avahi-daemon (closes: #39357) (fixes: CVE-2021-3468)
Jan 22, 2021, 10:54 AM

shellinabox

Version: 2.20-alt2
Summary: AJAX based terminal emulator exporting a console to the browser
Changelog:
- Applied security fix from upstream (Fixes CVE-2018-16789).
Jan 22, 2021, 10:20 AM

libevt

Version: 20140411-alt2
Summary: Library and tools to access the Windows Event Log (EVT) format
Changelog:
- Applied security fix from upstream (Fixes CVE-2018-8754).
Dec 18, 2020, 03:52 PM

a2ps

Version: 4.14-alt3
Summary: Any to PostScript filter
Changelog:
- Applied security patches from Debian and Gentoo (Fixes: CVE-2014-0466, CVE-2015-8107).
Dec 18, 2020, 10:46 AM

icoutils

Version: 0.32.3-alt1
Summary: Utility for extracting and converting Microsoft icon and cursor files
Changelog:
- Updated to upstream version 0.32.3 (Fixes: CVE-2017-5208,
  CVE-2017-5331, CVE-2017-5332, CVE-2017-5333).
Dec 17, 2020, 04:07 PM

dnstracer

Version: 1.9-alt2
Summary: A tool to trace DNS queries
Changelog:
- Applied security patch from Gentoo (Fixes: CVE-2017-9430).
Dec 17, 2020, 12:24 PM

mgetty

Version: 1.2.1-alt1
Summary: A getty replacement for use with data and fax modems
Changelog:
- Updated to upstream version 1.2.1 (Fixes: CVE-2018-16741, CVE-2018-16742,
  CVE-2018-16743, CVE-2018-16744, CVE-2018-16745, CVE-2019-1010189, CVE-2019-1010190).
Dec 9, 2020, 02:46 PM

3proxy

Version: 0.6.1-alt2
Summary: Proxy server
Changelog:
- Applied security fix from upstream (Fixes: CVE-2019-14495).
Dec 9, 2020, 01:25 PM

mupdf

Version: 1.18.0-alt1
Summary: A lightweight PDF viewer and toolkit
Changelog:
- Updated to upstream version 1.18.0 (Fixes: CVE-2017-5991, CVE-2018-10289,
  CVE-2018-16647, CVE-2018-16648, CVE-2019-14975, CVE-2020-26519).
Dec 8, 2020, 05:39 PM

irssi

Version: 1.2.2-alt1
Summary: Modular text mode IRC client with Perl scripting
Changelog:
- Updated to upstream version 1.2.2 (Fixes: CVE-2019-13045, CVE-2019-15717).
Dec 8, 2020, 11:09 AM

lout

Version: 3.40-alt4
Summary: The Lout document formatting language
Changelog:
- Applied security patch from Fedora (Fixes: CVE-2019-19917, CVE-2019-19918)
Nov 20, 2020, 12:52 PM

jbig2dec

Version: 0.19-alt1
Summary: A decoder implementation of the JBIG2 image compression format
Changelog:
- Updated to upstream version 0.19 (Fixes: CVE-2016-9601, CVE-2020-12268).
Nov 17, 2020, 09:24 AM

libXtst

Version: 1.2.3-alt1
Summary: The Xtst Library
Changelog:
- 1.2.3
- securuty fixes: CVE-2016-7951, CVE-2016-7952
Nov 17, 2020, 09:15 AM

libXrender

Version: 0.9.10-alt1
Summary: X Render Library
Changelog:
- 0.9.10
- securuty fixes: CVE-2016-7949, CVE-2016-7950
Nov 5, 2020, 12:41 PM

aview

Version: 1.3.0-alt3.rc1
Summary: High quality ascii-art image (pnm) browser and animation (fli/flc) player
Changelog:
- Switched to CVE-2008-4935 fix from Debian.
- Added -Werror=implicit-function-declaration compiler flag.
Nov 5, 2020, 11:33 AM

mimetex

Version: 1.76-alt1
Summary: Mimetex ets you easily embed LaTeX math in your html pages
Changelog:
- Updated to version 1.76 from Debian (Fixes: CVE-2009-1382, CVE-2009-2459).
Nov 2, 2020, 05:47 PM

unace

Version: 1.2b-alt5
Summary: ACE unarchiver
Changelog:
- Cleaned up sources by importing sources from Debian.
- Forced using system build flags.
- Updated fix for CVE-2015-2063.
Oct 30, 2020, 01:04 PM

libtar

Version: 1.2.20-alt2.git.6d0ab4c
Summary: C library for manipulating POSIX tar files
Changelog:
- Applied patches from Debian (Fixes: CVE-2013-4420).
Oct 29, 2020, 06:33 PM

antiword

Version: 0.37-alt4
Summary: Antiword an application to display Microsoft(R) Word files
Changelog:
- Applied patches from Debian (Fixes: CVE-2014-8123).
Oct 29, 2020, 12:47 PM

fuseiso

Version: 20070708-alt3
Summary: Mount ISO filesystem images as a non-root user
Changelog:
- Applied patches from Gentoo (Fixes: CVE-2015-8836, CVE-2015-8837).
Oct 28, 2020, 05:23 PM

bchunk

Version: 1.2.2-alt1
Summary: A CD image format converter from .bin/.cue to .iso/.cdr/.wav
Changelog:
- Updated to upstream version 1.2.2 (Fixes: CVE-2017-15953, CVE-2017-15954, CVE-2017-15955).
Oct 27, 2020, 12:48 PM

snmptt

Version: 1.4.2-alt1
Summary: An SNMP trap handler written in Perl
Changelog:
- Updated to upstream version 1.4.2 (Fixes: CVE-2020-24361).
Oct 26, 2020, 05:14 PM

inspircd

Version: 2.0.29-alt1
Summary: InspIRCd is a modular Internet Relay Chat (IRC) server
Changelog:
- Updated to upstream version 2.0.29 (Fixes: CVE-2019-20917, CVE-2020-25269).
Oct 22, 2020, 03:07 PM

xli

Version: 1.17.0-alt9
Summary: X11 Image Loading Utility
Changelog:
- Applied patches from Debian (Fixes: CVE-2005-3178).
Oct 22, 2020, 10:43 AM

pstotext

Version: 1.9-alt3
Summary: PostScript to text converter
Changelog:
- Applied patches from Debian and Gentoo (Fixes: CVE-2005-2536, CVE-2006-5869).
- Build now respects %optflags.
Oct 19, 2020, 03:38 PM

freecol

Version: 0.11.6-alt2
Summary: FreeCol is opensource Colonization clone.
Changelog:
- Applied security fix from Debian (Fixes: CVE-2018-1000825).
- Updated license tag.
Aug 22, 2019, 02:33 PM

rzip

Version: 2.1-alt3
Summary: A large-file compression program
Changelog:
- Applied security fix from Gentoo (Fixes: CVE-2017-8364)
Aug 22, 2019, 10:39 AM

spark

Version: 2.6.0-alt2
Summary: A simple expressive web framework for java
Changelog:
- Applied security fixes from upstream (Fixes: CVE-2018-9159)
Sep 27, 2017, 04:35 PM

libwmf

Version: 0.2.8.4-alt13
Summary: A library to convert wmf files
Changelog:
- Secutity (Fixes: CVE-2015-0848, CVE-2015-4588, CVE-2015-4695,
  CVE-2015-4696, CVE-2016-9011)
Sep 22, 2017, 06:17 PM

pxz

Version: 4.999.9beta-alt3
Summary: Parallel LZMA compressor using liblzma
Changelog:
- CVE-2015-1200 fix (patch from debian bug #775306)
Jul 1, 2016, 01:40 PM

rssh

Version: 2.3.4-alt2
Summary: Restricted shell for scp or sftp
Changelog:
- really update sources to 2.3.4 fixes (CVE-2012-3478 and CVE-2012-2252)
- add patch for rsync3 compat
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v23.09.13
Back to top