vim May 26, 2022, 03:17 PM | May 26, 2022, 03:17 PM |
Version: 8.2.5019-alt1
|
Summary: VIsual editor iMproved
|
Changelog: |
- Updated to 8.2.5019 (fixes CVE-2022-1735, CVE-2022-1769, CVE-2022-1733,
CVE-2022-1674, CVE-2022-1629, CVE-2022-1621, CVE-2022-1620, CVE-2022-1619,
CVE-2022-1616) (ALT#42859). |
openvpn May 21, 2022, 07:21 AM | May 21, 2022, 07:21 AM |
Version: 2.5.6-alt1
|
Summary: a full-featured SSL VPN solution
|
Changelog: |
- New version (Closes: 42217)
- Security fixes:
+ CVE-2022-0547: possible authentication bypass if multiple
authentication plugins tries to do deferred authentication
- Fix build with new python3-module-docutils |
clamav May 20, 2022, 01:30 PM | May 20, 2022, 01:30 PM |
Version: 0.103.6-alt1
|
Summary: Clam Antivirus scanner
|
Changelog: |
- 0.103.6
+ CVE-2022-20770
+ CVE-2022-20796
+ CVE-2022-20771
+ CVE-2022-20785
+ CVE-2022-20792 |
xpdf May 15, 2022, 08:57 PM | May 15, 2022, 08:57 PM |
Version: 4.04-alt1
|
Summary: The PDF viewer and tools
|
Changelog: |
- Version bump
- Many bugfixes, including security, including:
Fixes: CVE-2022-24106, CVE-2022-27135 |
unrar May 15, 2022, 08:53 AM | May 15, 2022, 08:53 AM |
Version: 6.1.7-alt1
|
Summary: RAR unarchiver
|
Changelog: |
- Autobuild version bump to 6.1.7
- Fixes: CVE-2022-30333 |
libopenjpeg2.0 May 14, 2022, 12:52 AM | May 14, 2022, 12:52 AM |
Version: 2.5.0-alt1
|
Summary: JPEG 2000 codec library (API version 2.0)
|
Changelog: |
- 2.5.0 (fixed CVE-2013-4289, CVE-2013-4290, CVE-2019-6988,
CVE-2018-20846, CVE-2018-16376, CVE-2021-29338) |
runc May 12, 2022, 01:13 PM | May 12, 2022, 01:13 PM |
Version: 1.1.2-alt1
|
Summary: CLI for running Open Containers
|
Changelog: |
- New version (Fixes: CVE-2022-29162) |
curl May 11, 2022, 11:29 AM | May 11, 2022, 11:29 AM |
Version: 7.83.1-alt1
|
Summary: Gets a file from a FTP, GOPHER or HTTP server
|
Changelog: |
- 7.83.1
- Fixes:
* CVE-2022-30115: HSTS bypass via trailing dot
* CVE-2022-27782: TLS and SSH connection too eager reuse
* CVE-2022-27781: CERTINFO never-ending busy-loop
* CVE-2022-27780: percent-encoded path separator in URL host
* CVE-2022-27779: cookie for trailing dot TLD
* CVE-2022-27778: curl removes wrong file on error |
postgresql14-1C May 11, 2022, 10:39 AM | May 11, 2022, 10:39 AM |
Version: 14.3-alt1
|
Summary: PostgreSQL client programs and libraries (edition for 1C 8.3.13 and later)
|
Changelog: |
- 14.3 (Fixes CVE-2022-1552) |
postgresql13 May 11, 2022, 10:01 AM | May 11, 2022, 10:01 AM |
Version: 13.7-alt1
|
Summary: PostgreSQL client programs and libraries
|
Changelog: |
- 13.7 (Fixes CVE-2022-1552) |
postgresql12 May 11, 2022, 09:37 AM | May 11, 2022, 09:37 AM |
Version: 12.11-alt1
|
Summary: PostgreSQL client programs and libraries
|
Changelog: |
- 12.11 (Fixes CVE-2022-1552) |
postgresql11 May 11, 2022, 09:14 AM | May 11, 2022, 09:14 AM |
Version: 11.16-alt1
|
Summary: PostgreSQL client programs and libraries
|
Changelog: |
- 11.16 (Fixes CVE-2022-1552) |
postgresql10 May 11, 2022, 08:20 AM | May 11, 2022, 08:20 AM |
Version: 10.21-alt1
|
Summary: PostgreSQL client programs and libraries
|
Changelog: |
- 10.21 (Fixes CVE-2022-1552) |
postgresql14 May 11, 2022, 07:35 AM | May 11, 2022, 07:35 AM |
Version: 14.3-alt1
|
Summary: PostgreSQL client programs and libraries
|
Changelog: |
- 14.3 (Fixes CVE-2022-1552) |
libxml2 May 2, 2022, 10:20 PM | May 2, 2022, 10:20 PM |
Version: 2.9.14-alt1
|
Summary: The library for manipulating XML files
|
Changelog: |
- 2.9.14 (Fixes: CVE-2022-29824, CVE-2022-23308) |
epiphany Apr 22, 2022, 12:56 AM | Apr 22, 2022, 12:56 AM |
Version: 42.2-alt1
|
Summary: Epiphany is a GNOME web browser.
|
Changelog: |
- 42.2 (fixed CVE-2022-29536) |
libinput Apr 20, 2022, 10:24 AM | Apr 20, 2022, 10:24 AM |
Version: 1.20.1-alt1
|
Summary: Input devices library
|
Changelog: |
- 1.20.1 (fixed CVE-2022-1215) |
subversion Apr 15, 2022, 02:16 PM | Apr 15, 2022, 02:16 PM |
Version: 1.14.2-alt1
|
Summary: A version control system
|
Changelog: |
- New version.
- Security fixes:
+ CVE-2021-28544 Subversion servers reveal copyfrom paths that should be hidden according to configured path-based authorization (authz) rules.
+ CVE-2022-24070 mod_dav_svn is prone to a use-after-free vulnerability when looking up path-based authorization rules, which can result in denial of service (crash of HTTPD worker handling the request). |
python3-module-django Apr 12, 2022, 08:26 AM | Apr 12, 2022, 08:26 AM |
Version: 3.2.13-alt1
|
Summary: A high-level Python 3 Web framework that encourages rapid development and clean, pragmatic design.
|
Changelog: |
- 3.2.12 -> 3.2.13
- Fixes:
* CVE-2022-28346: Potential SQL injection in QuerySet.annotate(), aggregate(), and extra()
* CVE-2022-28347: Potential SQL injection via QuerySet.explain(**options) on PostgreSQL |
gzip Apr 8, 2022, 04:54 AM | Apr 8, 2022, 04:54 AM |
Version: 1.12-alt1
|
Summary: The GNU data compression program
|
Changelog: |
- gzip: v1.10-31-g34db0a2 -> v1.12-3-g83c65d1 (fixes: CVE-2022-1271). |
zlib Mar 28, 2022, 02:05 AM | Mar 28, 2022, 02:05 AM |
Version: 1.2.12-alt1
|
Summary: The zlib compression and decompression library
|
Changelog: |
- v1.2.11 -> v1.2.12 (fixes: CVE-2018-25032). |
apache2 Mar 20, 2022, 02:55 PM | Mar 20, 2022, 02:55 PM |
Version: 2.4.53-alt1
|
Summary: The most widely used Web server on the Internet
|
Changelog: |
- 2.4.53 (Fixes: CVE-2022-23943, CVE-2022-22721, CVE-2022-22720, CVE-2022-22719) |
bind Mar 17, 2022, 04:28 PM | Mar 17, 2022, 04:28 PM |
Version: 9.11.37-alt1
|
Summary: ISC BIND - DNS server
|
Changelog: |
- 9.11.36 -> 9.11.37 (fixes: CVE-2021-25220). |
krb5 Mar 15, 2022, 01:17 PM | Mar 15, 2022, 01:17 PM |
Version: 1.19.3-alt1
|
Summary: The Kerberos network authentication system
|
Changelog: |
- 1.19.2 (Fixes: CVE-2021-37750) |
python Mar 12, 2022, 04:28 PM | Mar 12, 2022, 04:28 PM |
Version: 2.7.18-alt9
|
Summary: An interpreted, interactive object-oriented programming language
|
Changelog: |
- Security update (fixed: CVE-2021-4189 and CVE-2022-0391);
- Fixed FTBFS against libexpat >= 2.4.5. |
expat Mar 9, 2022, 10:54 AM | Mar 9, 2022, 10:54 AM |
Version: 2.4.7-alt1
|
Summary: An XML parser written in C
|
Changelog: |
- Updated to 2.4.7 (relax fix to CVE-2022-25236). |
polkit Feb 28, 2022, 04:00 PM | Feb 28, 2022, 04:00 PM |
Version: 0.120-alt1.qa2
|
Summary: PolicyKit Authorization Framework
|
Changelog: |
- upplied upstream fix for CVE-2021-4115 (GHSL-2021-077) |
tcpreplay Feb 23, 2022, 09:56 AM | Feb 23, 2022, 09:56 AM |
Version: 4.4.1-alt1
|
Summary: A tool to replay captured network traffic
|
Changelog: |
- 4.4.1 (Fixes: CVE-2021-45387, CVE-2021-45386) |
zsh Feb 12, 2022, 10:06 PM | Feb 12, 2022, 10:06 PM |
Version: 5.8.1-alt1
|
Summary: A shell with lots of features
|
Changelog: |
- 5.8 -> 5.8.1.
- Fixes:
+ CVE-2021-45444 |
suricata Feb 1, 2022, 01:25 AM | Feb 1, 2022, 01:25 AM |
Version: 6.0.4-alt1
|
Summary: Intrusion Detection System
|
Changelog: |
- 6.0.4 (Fixes: CVE-2021-35063, CVE-2021-37592)
- Build without prelude.
- Build with eBPF support.
- Build with Hyperscan support for x86_64 arch. |