|
adobe-flash-player
Jan. 12, 2017, 5:06 a.m.
|
Jan. 12, 2017, 5:06 a.m. |
Version: 24-alt0.M70P.2
|
Summary: Adobe Flash Player
|
| Changelog: |
- new version
- security fixes:
CVE-2017-2925, CVE-2017-2926, CVE-2017-2927, CVE-2017-2928,
CVE-2017-2930, CVE-2017-2931, CVE-2017-2932, CVE-2017-2933,
CVE-2017-2934, CVE-2017-2935, CVE-2017-2936, CVE-2017-2937,
CVE-2017-2938 |
|
openssh
Nov. 8, 2016, 6:08 p.m.
|
Nov. 8, 2016, 6:08 p.m. |
Version: 6.7p1-alt1.M60P.4
|
Summary: OpenSSH free Secure Shell (SSH) implementation
|
| Changelog: |
- Backported upstream fixes for CVE-2015-5352, CVE-2015-6563,
CVE-2015-6564. |
|
bind
Oct. 21, 2016, 6:15 p.m.
|
Oct. 21, 2016, 6:15 p.m. |
Version: 9.3.6-alt7.M60P.3
|
Summary: ISC BIND - DNS server
|
| Changelog: |
- Really applied upstream fix for CVE-2016-2776.
- Applied fix for CVE-2016-2848. |
|
ImageMagick
June 11, 2016, 12:32 p.m.
|
June 11, 2016, 12:32 p.m. |
Version: 6.6.9.7-alt0.M60P.1
|
Summary: An X application for displaying and manipulating images
|
| Changelog: |
- Thanks Alt Linux Active Users Club and personally yyy@
- Apply security patch from Debian:
Disable support for reading input from a shell command, or writing
output to a shell command. This was done by the pipe (|) prefix. It
was possible to perform a command injection as discrived by
CVE-2016-5118 since it use popen. |
|
glibc
Feb. 16, 2016, 11:06 p.m.
|
Feb. 16, 2016, 11:06 p.m. |
Version: 2.11.3-alt8.M60P.5
|
Summary: The GNU libc libraries
|
| Changelog: |
- Fixed CVE-2015-7547. |
|
openssl10
April 23, 2015, 12:25 p.m.
|
April 23, 2015, 12:25 p.m. |
Version: 1.0.0p-alt0.M60P.1
|
Summary: OpenSSL - Secure Sockets Layer and cryptography shared libraries and tools
|
| Changelog: |
- Updated to 1.0.0p (fixes CVE-2014-3571, CVE-2015-0206,
CVE-2014-3569, CVE-2014-3572, CVE-2015-0204, CVE-2015-0205,
CVE-2014-8275, CVE-2014-3570). |
|
nss
Nov. 23, 2013, 3:41 p.m.
|
Nov. 23, 2013, 3:41 p.m. |
Version: 3.14.5-alt0.M60P.1
|
Summary: Netscape Network Security Services(NSS)
|
| Changelog: |
- New version 3.14.5
- Security fixes:
+ CVE-2013-5605 Handle invalid handshake packets |
|
curl
June 24, 2013, 2:41 p.m.
|
June 24, 2013, 2:41 p.m. |
Version: 7.24.0-alt1.M60P.1
|
Summary: Gets a file from a FTP, GOPHER or HTTP server
|
| Changelog: |
- CVE-2013-2174 fixed (curl_easy_unescape() may parse data beyond the end of the input buffer) |
|
strongswan
April 30, 2013, 4:18 p.m.
|
April 30, 2013, 4:18 p.m. |
Version: 4.6.4-alt1.M60T.1
|
Summary: StrongSWAN IPSEC implementation
|
| Changelog: |
- applied the upstream provided patch to fix CVE-2013-2944
(ECDSA signature vulnerability if openssl backend is loaded) |
|
perl
March 12, 2013, 11:27 a.m.
|
March 12, 2013, 11:27 a.m. |
Version: 5.12.5-alt2.M60T.1
|
Summary: Practical Extraction and Report Language
|
| Changelog: |
- Fixed CVE-2013-1667: memory exhaustion with arbitrary hash keys |
|
pidgin
Oct. 25, 2012, 2:25 p.m.
|
Oct. 25, 2012, 2:25 p.m. |
Version: 2.10.6-alt1.M60P.1
|
Summary: A GTK+ based multiprotocol instant messaging client
|
| Changelog: |
- 2.10.6
- p6 security update (fix CVE-2012-3374) |
|
freeradius
Sept. 14, 2012, 2:52 p.m.
|
Sept. 14, 2012, 2:52 p.m. |
Version: 2.1.10-alt3.M60T.1
|
Summary: High-performance and highly configurable free RADIUS server
|
| Changelog: |
- Security fix: CVE-2012-3547
- Fixed permissions for /etc/raddb/modules, /etc/raddb/sql/mysql,
/etc/raddb/sql/postgresql dirs (640 -> 750) |
|
samba
April 11, 2012, 9:20 a.m.
|
April 11, 2012, 9:20 a.m. |
Version: 3.6.4-alt1
|
Summary: Server and Client software to interoperate with Windows machines
|
| Changelog: |
- 3.6.4 (CVE-2012-1182) |
|
libpng
April 5, 2012, 4:38 a.m.
|
April 5, 2012, 4:38 a.m. |
Version: 1.2.49-alt1
|
Summary: A library of functions for manipulating PNG image format files
|
| Changelog: |
- Updated to 1.2.49 (fixes CVE-2011-3048). |
|
libtasn1
March 23, 2012, 7:18 p.m.
|
March 23, 2012, 7:18 p.m. |
Version: 2.12-alt1
|
Summary: The ASN.1 library used in GNUTLS
|
| Changelog: |
- Updated to 2.12 (fixes CVE-2012-1569). |
|
cyrus-imapd
Nov. 1, 2011, 11:32 p.m.
|
Nov. 1, 2011, 11:32 p.m. |
Version: 2.4.12-alt0.M60P.1
|
Summary: A high-performance mail store with IMAP and POP3 support
|
| Changelog: |
- Backport to p6 branch (fixes CVE-2011-3372) |
|
radvd
Oct. 7, 2011, 4:16 p.m.
|
Oct. 7, 2011, 4:16 p.m. |
Version: 1.8.2-alt1
|
Summary: A Router Advertisement daemon
|
| Changelog: |
- 1.8.2. Security fixes:
+ CVE-2011-3601
+ CVE-2011-3602
+ CVE-2011-3603
+ CVE-2011-3604
+ CVE-2011-3605 |
|
libmodplug
Sept. 3, 2011, 6:21 p.m.
|
Sept. 3, 2011, 6:21 p.m. |
Version: 0.8.8.4-alt1
|
Summary: Modplug mod music file format library
|
| Changelog: |
- NMU: 0.8.8.4
- Security fixes:
CVE-2011-2911 CVE-2011-2912 CVE-2011-2913 CVE-2011-2914 CVE-2011-2915 |
|
tor
June 25, 2011, 4:20 a.m.
|
June 25, 2011, 4:20 a.m. |
Version: 0.2.1.30-alt1
|
Summary: Anonymizing overlay network for TCP (The onion router)
|
| Changelog: |
- Blindly updated 0.2.1.30 (fixes numerous bugs including CVE-2011-0427).
- Updated build dependencies. |
|
xen
June 16, 2011, 12:41 p.m.
|
June 16, 2011, 12:41 p.m. |
Version: 4.1.1-alt1
|
Summary: Xen is a virtual machine monitor
|
| Changelog: |
- 4.1.1 including CVE-2011-1898 fix |
|
fetchmail
June 7, 2011, 3:08 p.m.
|
June 7, 2011, 3:08 p.m. |
Version: 6.3.20-alt1
|
Summary: Full-featured POP/IMAP/ETRN mail retrieval daemon
|
| Changelog: |
- 6.3.20
+ fixes CVE-2011-1947: STARTTLS denial of service vulnerability
(thanks ldv@ for heads-up) |
|
request-tracker
April 26, 2011, 9:12 a.m.
|
April 26, 2011, 9:12 a.m. |
Version: 3.8.10-alt1
|
Summary: Request Tracker (RT) is an enterprise-grade issue tracking system
|
| Changelog: |
- 3.8.10. Security fixes:
+ CVE-2011-1689
+ CVE-2011-1688
+ CVE-2011-1687
+ CVE-2011-1686
+ CVE-2011-1685
- Enhance findreq skiplist. |
|
ikiwiki
April 13, 2011, 11:07 p.m.
|
April 13, 2011, 11:07 p.m. |
Version: 3.20110328-alt1
|
Summary: A wiki compiler
|
| Changelog: |
- New version (fixes CVE-2011-1401). |
|
libgdiplus
March 14, 2011, 2:11 p.m.
|
March 14, 2011, 2:11 p.m. |
Version: 2.6.7-alt2
|
Summary: An Open Source implementation of the GDI+ API.
|
| Changelog: |
- snapshot of 2.6 branch (20101015)
- fixed CVE-2010-1526 (ALT #24399) |
|
ncpfs
March 9, 2011, 3:38 a.m.
|
March 9, 2011, 3:38 a.m. |
Version: 2.2.6-alt9
|
Summary: Utilities for the ncpfs filesystem, a NetWare client for Linux
|
| Changelog: |
- Imported fix of race conditions in ncpmount/ncpumount operations
from Fedora (fixes CVE-2009-3297). |
|
libcgroup
March 3, 2011, 2:17 p.m.
|
March 3, 2011, 2:17 p.m. |
Version: 0.37.1-alt1
|
Summary: Libraries for allow to control and monitor control groups
|
| Changelog: |
- 0.37.1
- Fix buffer overflow when processing list of controllers from command line (CVE-2011-1006) |
|
perl-CGI
Jan. 19, 2011, 10:52 p.m.
|
Jan. 19, 2011, 10:52 p.m. |
Version: 3.49-alt2
|
Summary: Simple CGI class for Perl
|
| Changelog: |
- fixes for CVE-2010-4410 and CVE-2010-4411 (v5.12.3-RC2-1-gb7fa2ac) |
|
libsmi
Oct. 25, 2010, 6:15 p.m.
|
Oct. 25, 2010, 6:15 p.m. |
Version: 0.4.8-alt2
|
Summary: A library to access SMI MIB information
|
| Changelog: |
- some backports
- security fix: CVE-2010-2891 (ALT #24394) |
|
gnome-subtitles
Oct. 23, 2010, 8:39 a.m.
|
Oct. 23, 2010, 8:39 a.m. |
Version: 1.0-alt1.git.75.gcf1c9d0
|
Summary: subtitle editor
|
| Changelog: |
- new version
- fix CVE-2010-3357 (closes: #24316) |
|
kernel-image-hpc-skif
Oct. 23, 2010, 2:36 a.m.
|
Oct. 23, 2010, 2:36 a.m. |
Version: 2.6.32-alt24
|
Summary: The Linux kernel (the core of the Linux operating system)
|
| Changelog: |
- 2.6.32.24
- CVE-2010-3904 fixed |