Сопровождающий Kirill Izmestev в ветке c10f1: Информация

- Update to RELEASE.2024-12-18T13-15-44Z (Fixes: CVE-2024-55949)
- Backport fix for vulnerabilities in GSS message token handling
  (Fixes: CVE-2024-37370, CVE-2024-37371).
- 6.2.17 (Fixes: CVE-2024-46981)
- 1.14.53
- NMU: Fix update_hostname module (Closes: 52029)
- new version 4.58.0 (Fixes: CVE-2022-23600)
- New version 4.9.5 (Fixes: CVE-2024-3727).
- New version 1.34.3 (Fixes: CVE-2024-1753, CVE-2024-24786 in protobuf module)
- New version 1.11.0.
- Switch default firewall to nftables.
- New version 1.11.0.
- Initial build for ALT (based on Alenka Glukhovskaya <alenka@altlinux.org> repository)
- 0.7.1 -> 0.7.3
- Replace vim-plugin-mediawiki-syntax package (ALT#52413).
- E2K: ftbfs workaround (ilyakurdyukov@)
- minor spec cleanup
- build 1.16.0-alt1 for p10
- Automatically updated to 3.0.1.
- 4.0.0 -> 4.1.0.
- 1.3.1 released
- Initial build for Sisyphus.
- Version 1.1.0.0
- Rename package to brotlicffi. brotli provide replaced with python3-module-brotli
- 1.3.3 released
- 3.9.5 released
- 4.0.3
- Build new version.
- Automatically updated to 6.0.4.
- Automatically updated to 0.5.1.
- Completely remove NTFS support due to several CVE: CVE-2023-52168, CVE-2023-52169
- v11.2.2+security-01
- Fix panic with golang 1.23.
- Address PuTTY ECDSA NIST P521 private key recovery (CVE-2024-31497).
- Autobuild version bump to 10.04.0 (Cloeses: 47283)
- update to new release by fcimport
- Security fix:
  + CVE-2020-15078 Ensure key state is authenticated before sending push reply
- New version
- 0.4.38
- 1.20.7
- 1.20.7
- 1.20.7
- 2.0.3.
- applied fix for CVE-2023-44446 (ZDI-CAN-22299) proposed in
  https://gstreamer.freedesktop.org/security/sa-2023-0010.html
- 1.20.7
- 1.20.7
- 1.20.7
- 1.20.7
- 1.20.7
- 1.20.7
- 1.20.7
- 1.26.1 -> 1.26.2 (Fixes: CVE-2024-7347)
- 1.3.2 (fixed CVE-2023-4863)
- NMU: new version 4.5.1 (with rpmrb script)
- fix linking with libwebp
- 2.4.61 -> 2.4.62
- The .NET 8.0.2 and .NET SDK 8.0.2 release
- CVE-2023-36038: .NET Denial of Service Vulnerability
- CVE-2023-36049: .NET Elevation of Privilege Vulnerability
- CVE-2023-36558: .NET Security Feature Bypass Vulnerability
- CVE-2024-0056: Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data provider Information Disclosure Vulnerability
- CVE-2024-0057: .NET Security Feature bypass Vulnerability
- CVE-2024-21319: .NET Denial of Service Vulnerability
- CVE-2024-21386: .NET Denial of Service Vulnerability
- CVE-2024-21404: .NET Denial of Service Vulnerability
- .NET 8.0.2 release
- CVE-2023-36038: .NET Denial of Service Vulnerability
- CVE-2023-36049: .NET Elevation of Privilege Vulnerability
- CVE-2023-36558: .NET Security Feature Bypass Vulnerability
- CVE-2024-0056: Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data provider Information Disclosure Vulnerability
- CVE-2024-0057: .NET Security Feature bypass Vulnerability
- CVE-2024-21319: .NET Denial of Service Vulnerability
- CVE-2024-21386: .NET Denial of Service Vulnerability
- CVE-2024-21404: .NET Denial of Service Vulnerability
- ASP.NET 8.0.2 release
- initial build for ALT Sisyphus
- add Requires: ca-certificates-nuget.org (ALT bug 49566)
- New version
- 1.7.20
- 27.1.1 (fixes: CVE-2024-41110)
- new release
- New version
- require /usr/bin/docker instead of docker-cli (closes: #51024)
- Initial build for p10 (Closes: #50849 #50850)
- Automatically updated to 1.94.
- Fixed build for p10 error: 'G_APPLICATION_DEFAULT_FLAGS' undeclared.
- v1.0.0 -> v1.0.1
- fix NTFS restore (only for kernels 5.15+)
- 3.1.4-1
- fix kernel build date detection (ALT #49262)
- 1.4.1
- Rebuild with php-devel 8.2.15-alt1
- Rebuild with php-devel = 8.2.15-alt1
- Add info about CVE to changelog.
- New version 3.1.1.1
- Security fixes:
 + CVE-2023-48710 : Restrict pages/exec.php to PHP files
 + CVE-2023-48709 : Fix CSV injection in Excel from an iTop CSV export file
 + CVE-2023-46734 : Fix potential XSS vulnerabilities in TWIG CodeExtension filters
 + CVE-2023-47123 : Fix XSS vulnerability in n:n relations "tagset" widget
 + CVE-2023-47622 : Fix XSS vulnerabilities in ajax operations
 + CVE-2023-47626 : Fix XSS vulnerabilities in authent token
 + CVE-2023-44396 : Fix XSS vulnerabilities in dashlet ajax operations
 + CVE-2023-43790 : Fix XSS vulnerabilities in friendlyname in object details
 + CVE-2023-38511 : Fix dashboard allowing to load multiple files and urls
 + CVE-2023-45808 : Fix object creation in non allowed org by forging http query in both Console and Portal
- 1.14.8 (Fixes: CVE-2023-34969) (closes: #46767)
- Update apt_repo and apt_rpm from community.general 8.1.0 (ALT #48091).
- New version (latest with Python 3.9 support).
- Update apt_repo and apt_rpm from community.general 8.1.0 (ALT #48091).
- Backport to p10 branch.
- Update to v1.61.1 (2022-12-23) (ALT#45130).
- New version 3.4.1.
- 1.0.15
- 1.17.6
- Autobuild version bump to 23.01
- Fix armh build
- fixed CVE-2023-40474
- Update to latest stable bugfix and security release (fixes: CVE-2023-42465):
 + The sudoers plugin has been modified to make it more resilient to ROWHAMMER
   attacks on authentication and policy matching.
 + The sudoers plugin now constructs the user time stamp file path name using
   the user-ID instead of the user name. This avoids a potential problem with
   user names that contain a path separator ('/') being interpreted as part of
   the path name. A similar issue in sudo-rs has been assigned CVE-2023-42456.
- Fixes in behavior:
 + The visudo utility will no longer create an empty file when the specified
   sudoers file does not exist and the user exits the editor without making any
   changes (GitHub#294).
 + Fixed a bug where output could go to the wrong terminal if "use_pty" is
   enabled (the default) and the standard input, output or error is redirected
   to a different terminal. Bug #1056.
 + A path separator ('/') in a user, group or host name is now replaced with an
   underbar character ('_') when expanding escapes in @include and @includedir
   directives as well as the "iolog_file" and "iolog_dir" sudoers Default
   settings.
- Fixes in user output:
 + Running "sudo -ll command" now produces verbose output that includes matching
   rule as well as the path to the sudoers file the matching rule came from.
 + Changes to terminal settings are now performed atomically, where possible.
   If the command is being run in a pseudo-terminal and the user's terminal is
   already in raw mode, sudo will not change the user's terminal settings. This
   prevents concurrent sudo processes from restoring the terminal settings to
   the wrong values (GitHub#312).
 + Better log message when rejecting a command if the "intercept" option is
   enabled and the "intercept_allow_setid" option is disabled. Previously,
   "command not allowed" would be logged and the user had no way of knowing
   what the actual problem was.
- Fixes in logging:
 + The sudoers source is now logged in the JSON event log. This makes it
   possible to tell which rule resulted in a match.
 + Sudo will now log the invoking user's environment as "submitenv" in the JSON
   logs. The command's environment ("runenv") is no longer logged for commands
   rejected by the sudoers file or an approval plugin.
 + The sudo_logsrvd server will now raise its open file descriptor limit to the
   maximum allowed value when it starts up. Each connection can require up to
   nine open file descriptors so the default soft limit may be too low.
- Fixed regressions:
 + Fixed the warning message for "sudo -l command" when the command is not
   permitted. There was a missing space between "list" and the actual command
   due to changes in sudo 1.9.14.
 + The "intercept_verify" sudoers option is now only applied when the
   "intercept" option is set in sudoers. Previously, it was also applied when
   "log_subcmds" was enabled. Sudo 1.9.14 contained an incorrect fix for this.
 + Reverted a change from sudo 1.9.4 that resulted in PAM session modules being
   called with the environment of the command to be run instead of the
   environment of the invoking user (GitHub#318).
- New upstream microcode datafile 20231114:
  + Security updates for INTEL-SA-00950 (CVE-2023-23583).
  + Updated microcodes:
    sig 0x000606a6, pf_mask 0x87, 2023-09-01, rev 0xd0003b9, size 299008
    sig 0x000606c1, pf_mask 0x10, 2023-09-08, rev 0x1000268, size 290816
    sig 0x000706e5, pf_mask 0x80, 2023-09-03, rev 0x00c2, size 113664
    sig 0x000806c1, pf_mask 0x80, 2023-09-07, rev 0x00b4, size 111616
    sig 0x000806c2, pf_mask 0xc2, 2023-09-07, rev 0x0034, size 98304
    sig 0x000806d1, pf_mask 0xc2, 2023-09-07, rev 0x004e, size 104448
    sig 0x000806f4, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416
    sig 0x000806f4, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184
    sig 0x000806f5, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416
    sig 0x000806f5, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184
    sig 0x000806f6, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416
    sig 0x000806f6, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184
    sig 0x000806f7, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416
    sig 0x000806f8, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416
    sig 0x000806f8, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184
    sig 0x00090672, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208
    sig 0x00090675, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208
    sig 0x000906a3, pf_mask 0x80, 2023-06-07, rev 0x0430, size 220160
    sig 0x000906a4, pf_mask 0x80, 2023-06-07, rev 0x0430, size 220160
    sig 0x000a0671, pf_mask 0x02, 2023-09-03, rev 0x005d, size 104448
    sig 0x000b0671, pf_mask 0x32, 2023-08-29, rev 0x011d, size 210944
    sig 0x000b06a2, pf_mask 0xe0, 2023-08-30, rev 0x411c, size 216064
    sig 0x000b06a3, pf_mask 0xe0, 2023-08-30, rev 0x411c, size 216064
    sig 0x000b06e0, pf_mask 0x11, 2023-06-26, rev 0x0012, size 136192
    sig 0x000b06f2, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208
    sig 0x000b06f5, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208
- source: update symlinks to reflect id of the latest release, 20231114.

Сопровождающий Kirill Izmestev в ветке c10f1: Информация

Последние изменения

#370929 отправлено Kirill Izmestev

#369501 отправлено Kirill Izmestev

#369751 отправлено Kirill Izmestev

#366266 отправлено Kirill Izmestev

#364755 отправлено Kirill Izmestev

#364948 отправлено Kirill Izmestev

#365485 отправлено Kirill Izmestev

#364739 отправлено Kirill Izmestev

#364444 отправлено Kirill Izmestev

#361824 отправлено Kirill Izmestev

#361748 отправлено Kirill Izmestev

#361989 отправлено Kirill Izmestev

#360957 отправлено Kirill Izmestev

#358872 отправлено Kirill Izmestev

#360434 отправлено Kirill Izmestev

#358500 отправлено Kirill Izmestev

#356983 отправлено Kirill Izmestev

#356920 отправлено Kirill Izmestev

#356306 отправлено Kirill Izmestev

#356683 отправлено Kirill Izmestev

#355208 отправлено Kirill Izmestev

#354632 отправлено Kirill Izmestev

#355127 отправлено Kirill Izmestev

#352255 отправлено Kirill Izmestev

#351554 отправлено Kirill Izmestev

#349965 отправлено Kirill Izmestev

#344879 отправлено Kirill Izmestev

#344501 отправлено Kirill Izmestev

#343640 отправлено Kirill Izmestev

#340648 отправлено Kirill Izmestev

#342058 отправлено Kirill Izmestev

#341415 отправлено Kirill Izmestev

#340756 отправлено Kirill Izmestev

#339481 отправлено Kirill Izmestev

#339465 отправлено Kirill Izmestev

#336637 отправлено Kirill Izmestev

#337459 отправлено Kirill Izmestev

#335410 отправлено Kirill Izmestev