Безопасность

- (Fixes: CVE-2021-4034)
- security fix CVE-2021-44228 and CVE-2021-45046
- 11.14 (Fixes CVE-2021-23214, CVE-2021-23222)
- 10.19 (Fixes CVE-2021-23214, CVE-2021-23222)
- 9.6.24 (Fixes CVE-2021-23214, CVE-2021-23222)
- Fixes CVE-2021-23214, CVE-2021-23222
- 12.9 (Fixes CVE-2021-23214, CVE-2021-23222)
- New version.
- Security fixes:
  + CVE-2021-35588 InnerClasses: VM permits wrong Throw ClassFormatError if InnerClasses attribute's inner_class_info_index is 0
  + CVE-2021-35550 Update the default enabled cipher suites preference
  + CVE-2021-35565 com.sun.net.HttpsServer spins on TLS session close
  + CVE-2021-35556 Richer Text Editors
  + CVE-2021-35559 Enhanced style for RTF kit
  + CVE-2021-35561 Better hashing support
  + CVE-2021-35564 Improve Keystore integrity
  + CVE-2021-35567 More Constrained Delegation
  + CVE-2021-35578 Improve TLS client handshaking
  + CVE-2021-35586 Better BMP support
  + CVE-2021-35603 Better session identification
- New version.
- Security fixes:
  + CVE-2021-41159 Improper client input validation for gateway connections allows to overwrite memory
  + CVE-2021-41160 Improper region checks in all clients allow out of bound write to memory
- Updated to 1.1.1l (fixes CVE-2021-3711, CVE-2021-3712).
- Updated to 2.3.16 (fixes CVE-2021-33515, CVE-2021-29157, CVE-2021-33515, CVE-2021-29157).
- Package watch file.
- New version.
- Security fix CVE-2020-25654 in 2.0.5.
- Updated the changelog to reflect CVE fix (Fixes: CVE-2013-1364).
- 1.20.1 (Fixes: CVE-2021-23017)
- updated rtmp module to 1.2.2
- updated spnego snapshot to a06f9efc
- 7.77.0
- Fixes:
  * CVE-2021-22897 schannel cipher selection surprise
  * CVE-2021-22898 TELNET stack contents disclosure
  * CVE-2021-22901 TLS session caching disaster
- 9.11.28 -> 9.11.31 (fixes: CVE-2021-25214, CVE-2021-25215, CVE-2021-25216).
- Dropped obsoleted patch.
- Updated to 2.83 (fixes: CVE-2021-3448).
- Update to latest security release of the Samba 4.12
- Security fixes:
  + CVE-2020-27840: Heap corruption via crafted DN strings
  + CVE-2021-20277: Out of bounds read in AD DC LDAP server
- Backport version 5.4.x to c9 branch (fixes CVE-2020-1747).
- P2P: Fix a corner case in peer addition based on PD Request
  (Fixes: CVE-2021-27803)
- applied patches from upstream git to fix security issue (Fixes: CVE-2020-5208)
  see https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp
- added upstream fix FTBFS with gcc-10
- Autobuild version bump to 366
- CVE-2021-27135 (Closes: #39725)
- New version.
- Fixes:
  + CVE-2020-17525 Remote unauthenticated denial-of-service in Subversion mod_authz_svn
- Update to latest security release (fixes: CVE-2021-3156) (closes: 39615)
- Added sudo-python package with Sudo Python Plugin API
- Added sudo-logsrvd package with High-performance log server
- Fixes:
  + CVE-2017-12847 Kill arbitrary processes by leveraging access to PID file.
- Don't install the PID file.
- 1.3.9 (Fixes: CVE-2020-15257)
- Applied security fix from upstream (Fixes: CVE-2020-29074).
- New version (1.14.14).
- Fixes:
  + CVE-2021-3114
  + CVE-2021-3115
- Backported upstream commits (fixes CVE-2020-9366).
- Fixes: CVE-2020-25723
- Updated to 1.0.2u (fixes CVE-2019-1547, CVE-2019-1551, CVE-2019-1552,
  CVE-2019-1563)
- Backported upstream fix for GENERAL_NAME_cmp (fixes CVE-2020-1971).
- Fixed CVE-2019-20907 and CVE-2020-26116.
- p9 build
- 5.28.3
- fixes CVE-2020-10543,CVE-2020-10878,CVE-2020-12723
- Fix CVE-2020-26117
- 1.2.3
- securuty fixes: CVE-2016-7951, CVE-2016-7952
- 0.9.10
- securuty fixes: CVE-2016-7949, CVE-2016-7950
- New version
- Security fixes:
  + CVE-2020-11810: race condition allowes one client kills other
    client session via false client floating (Closes: 39122)
- 5.55;
- securuty fixes:
  + CVE-2020-27153 (closes #39291)
- Backported to p9 (fixes CVE-2019-11068, CVE-2019-13117 and CVE-2019-13118).
- Updated to glibc-2.27-155-gdaf88b1dd1 from 2.27 branch
  (fixes: CVE-2020-1752, CVE-2020-6096).
- Build with bzip2 compression method support
- Massive apply security patches from Fedora and openSUSE
- Fixes:
  + CVE-2014-8139 CRC32 verification heap-based buffer overread
  + CVE-2014-8140 out-of-bounds write issue in test_compr_eb()
  + CVE-2014-8141 getZip64Data() out-of-bounds read issues
  + CVE-2014-9913 buffer overflow in zipinfo
  + CVE-2014-9636 out-of-bounds read or write and crash
  + CVE-2015-7696 fix for heap overflow
  + CVE-2015-7697 fix infinite loop when extracting empty bzip2 data
  + CVE-2016-9844 buffer overflow in zipinfo in similar way like fix for CVE-2014-9913
  + CVE-2018-1000035 heap based buffer overflow when opening password protected files
  + CVE-2018-18384 buffer overflow, when a ZIP archive specially crafted
- 10.4.17
- backport fix for MDEV-24096, MDEV-24121, MDEV-24134
- Fixes for the following security vulnerabilities:
  + CVE-2020-14812
  + CVE-2020-14765
  + CVE-2020-14776
  + CVE-2020-14789
  + CVE-2020-15180
- Updated to upstream version 0.15.0 (Fixes: CVE-2020-26682).
- Fixed CVE-2020-13645.
- Fixed possible NULL dereference.
- Fixed CVE-2020-15999.
- 4.13 (Fixes: CVE-2020-15811, CVE-2020-15810, CVE-2020-24606)
- 5.1.0-3 (fix CVE-2020-14364)
- 243.9 (Fixes: CVE-2020-13776)
- kernelinstalldir path /usr/lib/kernel/install.d -> /lib/kernel/install.d
- install kernel-install script to /sbin
- move systemd-boot and bootctl utils to systemd-boot-efi package
- Applied security fixes from upstream (Fixes: CVE-2019-17498).
- Applied security fixes from upstream (Fixes: CVE-2019-10216, CVE-2019-14811,
  CVE-2019-14812, CVE-2019-14813, CVE-2019-14817, CVE-2019-14869).
- fixes: CVE-2020-14346, CVE-2020-14361, CVE-2020-1436
- fixes: CVE-2020-14363
- Updated Url tag.
- Updated to 3.6.15 (fixes: CVE-2020-24659).
- 3.5.1 (fixes: CVE-2020-14367)
- new version
- security (fixes: CVE-2018-21247, CVE-2019-20839, CVE-2019-20840,
	CVE-2020-14396, CVE-2020-14397, CVE-2020-14398, CVE-2020-14399,
	CVE-2020-14400, CVE-2020-14401, CVE-2020-14402, CVE-2020-14403,
	CVE-2020-14404, CVE-2020-14405)
- added upstream commits:
  + fixed another unsigned integer overflow (fixes CVE-2020-0198)
  + use correct integer type on PowerPC/RISC-based systems
- Updated to upstream version 0.9.62.4 (Fixes: CVE-2020-17367, CVE-2020-17368).
- security (fixes: CVE-2020-16116)
- 11.9 (Fixes CVE-2020-14349, CVE-2020-14350)
- 9.5.23 (Fixes CVE-2020-14350)
- new version 1.4.8 (with rpmrb script)
- CVE-2020-16145
- new version 4.3.1 (Fixes: CVE-2020-10756)
- new version 3.1.6 (with rpmrb script) (ALT bug 38744)
- .NET Core 3.1.6 - July 14, 2020
- CVE-2020-1108: .NET Core Denial of Service Vulnerability
- CVE-2020-1147: NET Core Remote Code Execution Vulnerability
- 0.102.4
  + CVE-2020-3350
  + CVE-2020-3327
  + CVE-2020-3481
- 4.2.4 (Fixes: CVE-2020-13904, CVE-2020-13904)
- new version (fixes CVE-2020-15572)
- Update to json-c-0.13 branch (ee9f67c81a3c2a44557f0cc16dc136c140293252)
- Fixes: CVE-2020-12762
- 3.0.11
- fixes:
  * CVE-2020-13428 - a remote user could create a specifically
    crafted file that could trigger a buffer overflow in VLC's H26X packetizer
- New version (2.0.5) with rpmgs script.
- Updated license tag.
- Fixes:
  + CVE-2020-13790.
- 1.40.1 (Closes: #38626)
- Security fix: CVE-2020-11080
- 1.5.2 (Fixes: CVE-2017-9103 CVE-2017-9104 CVE-2017-9105 CVE-2017-9109, 
	CVE-2017-9106, CVE-2017-9107, CVE-2017-9108)
- 2.8.12
- Fixes:
  + CVE-2020-1733
  + CVE-2020-1735
  + CVE-2020-1737
  + CVE-2020-1739
  + CVE-2020-1740
  + CVE-2020-1746
- edk2-stable202002 (Fixes: CVE-2019-14575, CVE-2019-14559, CVE-2019-14587, CVE-2019-14558, CVE-2019-14586, CVE-2019-14563)
- edk2-stable202002 (Fixes: CVE-2019-14575, CVE-2019-14559, CVE-2019-14587, CVE-2019-14558, CVE-2019-14586, CVE-2019-14563)
- 0.34.4 -> 0.34.6 (fixes: CVE-2020-10737).
- don't store unasked fish:/ passwords (Fixes: CVE-2020-12755)
- Applied upstream fixes for CVE-2020-6062/TALOS-2020-0985.
- Applied upstream fixes for CVE-2020-6061/TALOS-2020-0984.
- New version.
- Fixes:
  + CVE-2019-6502 (#1586)
  + CVE-2019-15946 (a3fc769)
  + CVE-2019-15945 (412a614)
  + CVE-2019-19480 (6ce6152284c47ba9b1d4fe8ff9d2e6a3f5ee02c7)
  + CVE-2019-19481 (b75c002cfb1fd61cd20ec938ff4937d7b1a94278)
  + CVE-2019-19479 (c3f23b836e5a1766c36617fe1da30d22f7b63de2)
- Fix License tag according to SPDX.
- 2.25.3 -> 2.25.4 (fixes: CVE-2020-11008).
- new version 5.7.0 (with rpmrb script) (ALT bug 38347)
- CVE-2019-18874
- Fixed: CVE-2020-8597
- v4.19.102  (Fixes: CVE-2019-11477, CVE-2019-11478, CVE-2019-11479)
- Patch from upstream:
    tiff: Handle failure from TIFFReadRGBAImageOriented
      (fixes: CVE-2019-11459).
- dvi: Require texlive.
- Update Russian translation (thx Olesya Gerasimenko).
- 3.4.3 (fixes: CVE-2018-11805, CVE-2019-12420)
- updated %License to SPDX syntax
- new version
- security (Fixes: CVE-2019-14889)
- 6.9.4
- fixes:
	* CVE-2019-19012 Integer overflow related to reg->dmax in search_in_range()
	* CVE-2019-19203 heap-buffer-overflow in gb18030_mbc_enc_len()
	* CVE-2019-19204 heap-buffer-overflow in fetch_interval_quantifier()
- 4.4 (fixes: CVE-2015-4645, CVE-2015-4646)
- added fedora patches:
  + inline (fixes e2k ftbfs)
  + cve-2018-17825 (fixes: CVE-2018-17825)
  + (signed-char unneeded, worked around in previous build)
- NB: there's 2.3.1 release over at guthub
- 1.9.4 (Fixes CVE-2019-15903)
- Backported patch from shadow-4.6:
  + newgidmap: enforce setgroups=deny if self-mapping a group
    (fixes CVE-2018-7169).
- Don't use deprecated PreReq.
- security fixes: CVE-2019-14744
- 2.2.4
- Fixes for the following security vulnerabilities:
  + CVE-2019-14232 Adjusted regex to avoid backtracking issues when truncating HTML
  + CVE-2019-14233 Prevented excessive HTMLParser recursion in strip_tags() when handling incomplete HTML entities
  + CVE-2019-14234 Protected JSONField/HStoreField key and index lookups against SQL injection
  + CVE-2019-14235 Fixed potential memory exhaustion in django.utils.encoding.uri_to_iri()
- 1.11.23
- Fixes for the following security vulnerabilities:
  + CVE-2019-14232 Adjusted regex to avoid backtracking issues when truncating HTML
  + CVE-2019-14233 Prevented excessive HTMLParser recursion in strip_tags() when handling incomplete HTML entities
  + CVE-2019-14234 Protected JSONField/HStoreField key and index lookups against SQL injection
  + CVE-2019-14235 Fixed potential memory exhaustion in django.utils.encoding.uri_to_iri()
- updated to 1.40.2-2-g4fd68eb2 (fixed CVE-2019-12447,
  CVE-2019-12448, CVE-2019-12449, CVE-2019-12795)
- fixed CVE-2019-11478, CVE-2019-11477, CVE-2019-11833, CVE-2019-3882, CVE-2019-3819, CVE-2019-7222, CVE-2019-3701, CVE-2018-19985
- 0.14.2 (fixes: CVE-2019-3813)
- build with gstreamer support
- Updated to v4.0.10-57-gf9fc01c3 (ALT #36575, #34677).
- Applied SUSE patches:
  + tiff-4.0.3-seek.patch;
  + tiff-4.0.3-compress-warning.patch;
  + tiff-CVE-2018-12900.patch.
- Built with support of:
  + libjbig;
  + libwebp;
  + libzstd.
- Fixes:
  + CVE-2012-4564 Zero size buffer exploit in ppm2tiff;
  + CVE-2013-1960 Heap-based buffer overflow in the t2p_process_jpeg_strip();
  + CVE-2013-4232 Use-after-free vulnerability in the t2p_readwrite_pdf_image();
  + CVE-2013-4243 Heap-based buffer overflow in the readgifimage();
  + CVE-2013-4244 DoS or possible RCE via crafted GIF image;
  + CVE-2014-8127 Out-of-bounds read with malformed TIFF image in multiple tool;
  + CVE-2014-8129 Out-of-bounds read/write with malformed TIFF image in tiff2pdf;
  + CVE-2014-8130 Divide-by-zero error in _TIFFmalloc();
  + CVE-2014-9330 Integer overflow in tif_packbits.c in bmp2tif;
  + CVE-2015-8870 Integer overflow in tools/bmp2tiff.c (DoS or information leak);
  + CVE-2018-5360 Heap-based buffer overflow in the ReadTIFFImage().
- Updated to 3.4.1 (fixes: CVE-2018-16869).
- 2.3.1 (fixed CVE-2017-14041, CVE-2018-6616, CVE-2018-5785, CVE-2018-14423)
- 2.9.7 (fixed CVE-2016-6318)