Репозитории ALT
Последнее обновление в Пт, 24 июля 2020, 14:09:54 +0000 | Пакетов: 24114
en ru
Исправления уязвимостей

libgcrypt-1.9.2-alt1.src.rpm  сборка 2021-01-29

Группа: Система/Библиотеки
О пакете: The GNU crypto library
Изменения:

- New version (1.9.1).
- Security fixes:
+ hash-common: fix heap overflow when writing more data after final (A CVE-id
has not yet been assigned).

cups-2.3.3-alt1.src.rpm  сборка 2021-01-28

Группа: Система/Серверы
О пакете: Common Unix Printing System - server package
Изменения:

- Updated to upstream version 2.3.3 (Fixes CVE-2019-8842, CVE-2020-3898).
- Built with gnutls support re-enabled.
Gnutls support may be required by cups-filters.

dotnet-bootstrap-2.1-2.1.24-alt1.src.rpm  сборка 2021-01-28

Группа: Разработка/Прочее
О пакете: .NET Core SDK binaries
Изменения:

- new version (2.1.24) with rpmgs script
- CVE-2020-1045: Microsoft ASP.NET Core Security Feature Bypass Vulnerability
- CVE-2020-1597: NET Core Remote Code Execution Vulnerability
- CVE-2020-1147: NET Core Remote Code Execution Vulnerability
- CVE-2020-1108: .NET Core Denial of Service Vulnerability
- CVE-2020-0602: ASP.NET Core Denial of Service Vulnerability
- CVE-2019-1302: ASP.NET Core Elevation Of Privilege Vulnerability
- CVE-2019-1301: Denial of Service Vulnerability in .NET Core
- CVE-2018-8269: Denial of Service Vulnerability in OData
- CVE-2019-1075: ASP.NET Core Spoofing Vulnerability
- CVE-2019-0820: .NET Core Tampering Vulnerability
- CVE-2019-0980: ASP.NET Core Denial of Service Vulnerability
- CVE-2019-0981: ASP.NET Core Denial of Service Vulnerability
- CVE-2019-0982: ASP.NET Core Denial of Service Vulnerability
- CVE-2019-0815: ASP.NET Core denial of service vulnerability

dotnet-bootstrap-3.1.11-alt1.src.rpm  сборка 2021-01-28

Группа: Разработка/Прочее
О пакете: .NET Core SDK binaries
Изменения:

- new version (3.1.11) with rpmgs script
- .NET Core 3.1.11 - January 12, 2021
- CVE-2021-1723: ASP.NET Core Denial of Service Vulnerability
- CVE-2020-1045: Microsoft ASP.NET Core Security Feature Bypass Vulnerability
- CVE-2020-1597: NET Core Remote Code Execution Vulnerability

cups-2.3.3-alt2.op2.src.rpm  сборка 2021-01-28

Группа: Система/Серверы
О пакете: Common Unix Printing System - server package
Изменения:

- Updated to upstream version 2.3.3 (Fixes CVE-2019-8842, CVE-2020-3898).
- Built with gnutls support re-enabled.
Gnutls support may be required by cups-filters.

dotnet-bootstrap-2.1-2.1.25-alt1.src.rpm  сборка 2021-01-28

Группа: Разработка/Прочее
О пакете: .NET Core SDK binaries
Изменения:

- new version (2.1.24) with rpmgs script
- CVE-2020-1045: Microsoft ASP.NET Core Security Feature Bypass Vulnerability
- CVE-2020-1597: NET Core Remote Code Execution Vulnerability
- CVE-2020-1147: NET Core Remote Code Execution Vulnerability
- CVE-2020-1108: .NET Core Denial of Service Vulnerability
- CVE-2020-0602: ASP.NET Core Denial of Service Vulnerability
- CVE-2019-1302: ASP.NET Core Elevation Of Privilege Vulnerability
- CVE-2019-1301: Denial of Service Vulnerability in .NET Core
- CVE-2018-8269: Denial of Service Vulnerability in OData
- CVE-2019-1075: ASP.NET Core Spoofing Vulnerability
- CVE-2019-0820: .NET Core Tampering Vulnerability
- CVE-2019-0980: ASP.NET Core Denial of Service Vulnerability
- CVE-2019-0981: ASP.NET Core Denial of Service Vulnerability
- CVE-2019-0982: ASP.NET Core Denial of Service Vulnerability
- CVE-2019-0815: ASP.NET Core denial of service vulnerability

dotnet-bootstrap-3.1-3.1.12-alt1.src.rpm  сборка 2021-01-28

Группа: Разработка/Прочее
О пакете: .NET Core SDK binaries
Изменения:

- new version (3.1.11) with rpmgs script
- .NET Core 3.1.11 - January 12, 2021
- CVE-2021-1723: ASP.NET Core Denial of Service Vulnerability
- CVE-2020-1045: Microsoft ASP.NET Core Security Feature Bypass Vulnerability
- CVE-2020-1597: NET Core Remote Code Execution Vulnerability

cups-2.3.3-alt3.op2.src.rpm  сборка 2021-01-28

Группа: Система/Серверы
О пакете: Common Unix Printing System - server package
Изменения:

- Updated to upstream version 2.3.3 (Fixes CVE-2019-8842, CVE-2020-3898).
- Built with gnutls support re-enabled.
Gnutls support may be required by cups-filters.

nagios-3.0.6-alt15.src.rpm  сборка 2021-01-27

Группа: Мониторинг
О пакете: Services and network monitoring system
Изменения:

- Fixes:
+ CVE-2017-12847 Kill arbitrary processes by leveraging access to PID file.
- Don't install the PID file.

thunderbird-78.7.0-alt1.src.rpm  сборка 2021-01-27

Группа: Сети/Почта
О пакете: Thunderbird is Mozilla's e-mail client
Изменения:

- New version (78.7.0).
- Security fixes:
+ CVE-2021-23953 Cross-origin information leakage via redirected PDF requests
+ CVE-2021-23954 Type confusion when using logical assignment operators in JavaScript switch statements
+ CVE-2020-15685 IMAP Response Injection when using STARTTLS
+ CVE-2020-26976 HTTPS pages could have been intercepted by a registered service worker when they should not have been
+ CVE-2021-23960 Use-after-poison for incorrectly redeclared JavaScript variables during GC
+ CVE-2021-23964 Memory safety bugs fixed in Thunderbird 78.7

sudo-1:1.9.5p2-alt1.src.rpm  сборка 2021-01-27

Группа: Система/Основа
О пакете: Allows command execution as another user
Изменения:

- Update to latest security release (fixes: CVE-2021-3156) (closes: 39615)
- Added sudo-python package with Sudo Python Plugin API
- Added sudo-logsrvd package with High-performance log server

nagios-3.0.6-alt15.src.rpm  сборка 2021-01-27

Группа: Мониторинг
О пакете: Services and network monitoring system
Изменения:

- Fixes:
+ CVE-2016-8641 Privilege escalation via symbolic links.
+ CVE-2016-9566 Gaining root privileges via a symlink attack on the log file.
+ CVE-2014-1878 Possible segfault in cmd.cgi.

thunderbird-78.7.1-alt1.src.rpm  сборка 2021-01-27

Группа: Сети/Почта
О пакете: Thunderbird is Mozilla's e-mail client
Изменения:

- New version (78.7.0).
- Security fixes:
+ CVE-2021-23953 Cross-origin information leakage via redirected PDF requests
+ CVE-2021-23954 Type confusion when using logical assignment operators in JavaScript switch statements
+ CVE-2020-15685 IMAP Response Injection when using STARTTLS
+ CVE-2020-26976 HTTPS pages could have been intercepted by a registered service worker when they should not have been
+ CVE-2021-23960 Use-after-poison for incorrectly redeclared JavaScript variables during GC
+ CVE-2021-23964 Memory safety bugs fixed in Thunderbird 78.7

thunderbird-78.8.0-alt1.src.rpm  сборка 2021-01-27

Группа: Сети/Почта
О пакете: Thunderbird is Mozilla's e-mail client
Изменения:

- New version (78.7.0).
- Security fixes:
+ CVE-2021-23953 Cross-origin information leakage via redirected PDF requests
+ CVE-2021-23954 Type confusion when using logical assignment operators in JavaScript switch statements
+ CVE-2020-15685 IMAP Response Injection when using STARTTLS
+ CVE-2020-26976 HTTPS pages could have been intercepted by a registered service worker when they should not have been
+ CVE-2021-23960 Use-after-poison for incorrectly redeclared JavaScript variables during GC
+ CVE-2021-23964 Memory safety bugs fixed in Thunderbird 78.7

sudo-1:1.9.6p1-alt1.src.rpm  сборка 2021-01-27

Группа: Система/Основа
О пакете: Allows command execution as another user
Изменения:

- Update to latest security release (fixes: CVE-2021-3156) (closes: 39615)
- Added sudo-python package with Sudo Python Plugin API
- Added sudo-logsrvd package with High-performance log server

libofx-0.10.1-alt1.src.rpm  сборка 2021-01-27

Группа: Система/Библиотеки
О пакете: The OFX parser library
Изменения:

- New version.
- Mention previous CVE.

trousers-0.3.15-alt1.src.rpm  сборка 2021-01-26

Группа: Система/Основа
О пакете: Implementation of the TCG's Software Stack
Изменения:

- 0.3.15 released
- Corrected mutliple security issues in tcsd
(Fixes: CVE-2020-24332, CVE-2020-24330, CVE-2020-24331)

firefox-85.0-alt1.src.rpm  сборка 2021-01-26

Группа: Сети/WWW
О пакете: The Mozilla Firefox project is a redesign of Mozilla's browser
Изменения:

- New release (85.0).
- Security fixes:
+ CVE-2021-23953: Cross-origin information leakage via redirected PDF requests
+ CVE-2021-23954: Type confusion when using logical assignment operators in JavaScript switch statements
+ CVE-2021-23955: Clickjacking across tabs through misusing requestPointerLock
+ CVE-2021-23956: File picker dialog could have been used to disclose a complete directory
+ CVE-2021-23957: Iframe sandbox could have been bypassed on Android via the intent URL scheme
+ CVE-2021-23958: Screen sharing permission leaked across tabs
+ CVE-2021-23959: Cross-Site Scripting in error pages on Firefox for Android
+ CVE-2021-23960: Use-after-poison for incorrectly redeclared JavaScript variables during GC
+ CVE-2021-23961: More internal network hosts could have been probed by a malicious webpage
+ CVE-2021-23962: Use-after-poison in nsTreeBodyFrame::RowCountChanged
+ CVE-2021-23963: Permission prompt inaccessible after asking for additional permissions
+ CVE-2021-23964: Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7
+ CVE-2021-23965: Memory safety bugs fixed in Firefox 85

firefox-esr-78.7.0-alt1.src.rpm  сборка 2021-01-26

Группа: Сети/WWW
О пакете: The Mozilla Firefox project is a redesign of Mozilla's browser
Изменения:

- New version (78.7.0).
- Security fixes:
+ CVE-2021-23953 Cross-origin information leakage via redirected PDF requests
+ CVE-2021-23954 Type confusion when using logical assignment operators in JavaScript switch statements
+ CVE-2020-26976 HTTPS pages could have been intercepted by a registered service worker when they should not have been
+ CVE-2021-23960 Use-after-poison for incorrectly redeclared JavaScript variables during GC
+ CVE-2021-23964 Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7

firefox-85.0.1-alt1.src.rpm  сборка 2021-01-26

Группа: Сети/WWW
О пакете: The Mozilla Firefox project is a redesign of Mozilla's browser
Изменения:

- New release (85.0).
- Security fixes:
+ CVE-2021-23953: Cross-origin information leakage via redirected PDF requests
+ CVE-2021-23954: Type confusion when using logical assignment operators in JavaScript switch statements
+ CVE-2021-23955: Clickjacking across tabs through misusing requestPointerLock
+ CVE-2021-23956: File picker dialog could have been used to disclose a complete directory
+ CVE-2021-23957: Iframe sandbox could have been bypassed on Android via the intent URL scheme
+ CVE-2021-23958: Screen sharing permission leaked across tabs
+ CVE-2021-23959: Cross-Site Scripting in error pages on Firefox for Android
+ CVE-2021-23960: Use-after-poison for incorrectly redeclared JavaScript variables during GC
+ CVE-2021-23961: More internal network hosts could have been probed by a malicious webpage
+ CVE-2021-23962: Use-after-poison in nsTreeBodyFrame::RowCountChanged
+ CVE-2021-23963: Permission prompt inaccessible after asking for additional permissions
+ CVE-2021-23964: Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7
+ CVE-2021-23965: Memory safety bugs fixed in Firefox 85

firefox-esr-78.7.1-alt1.src.rpm  сборка 2021-01-26

Группа: Сети/WWW
О пакете: The Mozilla Firefox project is a redesign of Mozilla's browser
Изменения:

- New version (78.7.0).
- Security fixes:
+ CVE-2021-23953 Cross-origin information leakage via redirected PDF requests
+ CVE-2021-23954 Type confusion when using logical assignment operators in JavaScript switch statements
+ CVE-2020-26976 HTTPS pages could have been intercepted by a registered service worker when they should not have been
+ CVE-2021-23960 Use-after-poison for incorrectly redeclared JavaScript variables during GC
+ CVE-2021-23964 Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7

firefox-85.0.2-alt1.src.rpm  сборка 2021-01-26

Группа: Сети/WWW
О пакете: The Mozilla Firefox project is a redesign of Mozilla's browser
Изменения:

- New release (85.0).
- Security fixes:
+ CVE-2021-23953: Cross-origin information leakage via redirected PDF requests
+ CVE-2021-23954: Type confusion when using logical assignment operators in JavaScript switch statements
+ CVE-2021-23955: Clickjacking across tabs through misusing requestPointerLock
+ CVE-2021-23956: File picker dialog could have been used to disclose a complete directory
+ CVE-2021-23957: Iframe sandbox could have been bypassed on Android via the intent URL scheme
+ CVE-2021-23958: Screen sharing permission leaked across tabs
+ CVE-2021-23959: Cross-Site Scripting in error pages on Firefox for Android
+ CVE-2021-23960: Use-after-poison for incorrectly redeclared JavaScript variables during GC
+ CVE-2021-23961: More internal network hosts could have been probed by a malicious webpage
+ CVE-2021-23962: Use-after-poison in nsTreeBodyFrame::RowCountChanged
+ CVE-2021-23963: Permission prompt inaccessible after asking for additional permissions
+ CVE-2021-23964: Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7
+ CVE-2021-23965: Memory safety bugs fixed in Firefox 85

firefox-esr-78.7.1-alt2.src.rpm  сборка 2021-01-26

Группа: Сети/WWW
О пакете: The Mozilla Firefox project is a redesign of Mozilla's browser
Изменения:

- New version (78.7.0).
- Security fixes:
+ CVE-2021-23953 Cross-origin information leakage via redirected PDF requests
+ CVE-2021-23954 Type confusion when using logical assignment operators in JavaScript switch statements
+ CVE-2020-26976 HTTPS pages could have been intercepted by a registered service worker when they should not have been
+ CVE-2021-23960 Use-after-poison for incorrectly redeclared JavaScript variables during GC
+ CVE-2021-23964 Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7

firefox-86.0-alt1.src.rpm  сборка 2021-01-26

Группа: Сети/WWW
О пакете: The Mozilla Firefox project is a redesign of Mozilla's browser
Изменения:

- New release (85.0).
- Security fixes:
+ CVE-2021-23953: Cross-origin information leakage via redirected PDF requests
+ CVE-2021-23954: Type confusion when using logical assignment operators in JavaScript switch statements
+ CVE-2021-23955: Clickjacking across tabs through misusing requestPointerLock
+ CVE-2021-23956: File picker dialog could have been used to disclose a complete directory
+ CVE-2021-23957: Iframe sandbox could have been bypassed on Android via the intent URL scheme
+ CVE-2021-23958: Screen sharing permission leaked across tabs
+ CVE-2021-23959: Cross-Site Scripting in error pages on Firefox for Android
+ CVE-2021-23960: Use-after-poison for incorrectly redeclared JavaScript variables during GC
+ CVE-2021-23961: More internal network hosts could have been probed by a malicious webpage
+ CVE-2021-23962: Use-after-poison in nsTreeBodyFrame::RowCountChanged
+ CVE-2021-23963: Permission prompt inaccessible after asking for additional permissions
+ CVE-2021-23964: Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7
+ CVE-2021-23965: Memory safety bugs fixed in Firefox 85

firefox-esr-78.8.0-alt1.src.rpm  сборка 2021-01-26

Группа: Сети/WWW
О пакете: The Mozilla Firefox project is a redesign of Mozilla's browser
Изменения:

- New version (78.7.0).
- Security fixes:
+ CVE-2021-23953 Cross-origin information leakage via redirected PDF requests
+ CVE-2021-23954 Type confusion when using logical assignment operators in JavaScript switch statements
+ CVE-2020-26976 HTTPS pages could have been intercepted by a registered service worker when they should not have been
+ CVE-2021-23960 Use-after-poison for incorrectly redeclared JavaScript variables during GC
+ CVE-2021-23964 Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7

firefox-87.0-alt1.src.rpm  сборка 2021-01-26

Группа: Сети/WWW
О пакете: The Mozilla Firefox project is a redesign of Mozilla's browser
Изменения:

- New release (85.0).
- Security fixes:
+ CVE-2021-23953: Cross-origin information leakage via redirected PDF requests
+ CVE-2021-23954: Type confusion when using logical assignment operators in JavaScript switch statements
+ CVE-2021-23955: Clickjacking across tabs through misusing requestPointerLock
+ CVE-2021-23956: File picker dialog could have been used to disclose a complete directory
+ CVE-2021-23957: Iframe sandbox could have been bypassed on Android via the intent URL scheme
+ CVE-2021-23958: Screen sharing permission leaked across tabs
+ CVE-2021-23959: Cross-Site Scripting in error pages on Firefox for Android
+ CVE-2021-23960: Use-after-poison for incorrectly redeclared JavaScript variables during GC
+ CVE-2021-23961: More internal network hosts could have been probed by a malicious webpage
+ CVE-2021-23962: Use-after-poison in nsTreeBodyFrame::RowCountChanged
+ CVE-2021-23963: Permission prompt inaccessible after asking for additional permissions
+ CVE-2021-23964: Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7
+ CVE-2021-23965: Memory safety bugs fixed in Firefox 85

firefox-esr-78.9.0-alt1.src.rpm  сборка 2021-01-26

Группа: Сети/WWW
О пакете: The Mozilla Firefox project is a redesign of Mozilla's browser
Изменения:

- New version (78.7.0).
- Security fixes:
+ CVE-2021-23953 Cross-origin information leakage via redirected PDF requests
+ CVE-2021-23954 Type confusion when using logical assignment operators in JavaScript switch statements
+ CVE-2020-26976 HTTPS pages could have been intercepted by a registered service worker when they should not have been
+ CVE-2021-23960 Use-after-poison for incorrectly redeclared JavaScript variables during GC
+ CVE-2021-23964 Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7

chromium-88.0.4324.96-alt1.src.rpm  сборка 2021-01-24

Группа: Сети/WWW
О пакете: An open source web browser developed by Google
Изменения:

- New version (88.0.4324.96).
- Security fixes:
- CVE-2020-16044: Use after free in WebRTC.
- CVE-2021-21117: Insufficient policy enforcement in Cryptohome.
- CVE-2021-21118: Insufficient data validation in V8.
- CVE-2021-21119: Use after free in Media.
- CVE-2021-21120: Use after free in WebSQL.
- CVE-2021-21121: Use after free in Omnibox.
- CVE-2021-21122: Use after free in Blink.
- CVE-2021-21123: Insufficient data validation in File System API.
- CVE-2021-21124: Potential user after free in Speech Recognizer.
- CVE-2021-21125: Insufficient policy enforcement in File System API.
- CVE-2021-21126: Insufficient policy enforcement in extensions.
- CVE-2021-21127: Insufficient policy enforcement in extensions.
- CVE-2021-21128: Heap buffer overflow in Blink.
- CVE-2021-21129: Insufficient policy enforcement in File System API.
- CVE-2021-21130: Insufficient policy enforcement in File System API.
- CVE-2021-21131: Insufficient policy enforcement in File System API.
- CVE-2021-21132: Inappropriate implementation in DevTools.
- CVE-2021-21133: Insufficient policy enforcement in Downloads.
- CVE-2021-21134: Incorrect security UI in Page Info.
- CVE-2021-21135: Inappropriate implementation in Performance API.
- CVE-2021-21136: Insufficient policy enforcement in WebView.
- CVE-2021-21137: Inappropriate implementation in DevTools.
- CVE-2021-21138: Use after free in DevTools.
- CVE-2021-21139: Inappropriate implementation in iframe sandbox.
- CVE-2021-21140: Uninitialized Use in USB.
- CVE-2021-21141: Insufficient policy enforcement in File System API.

chromium-gost-88.0.4324.96-alt1.src.rpm  сборка 2021-01-24

Группа: Сети/WWW
О пакете: An open source web browser developed by Google
Изменения:

- New version (88.0.4324.96).
- Security fixes:
- CVE-2020-16044: Use after free in WebRTC.
- CVE-2021-21117: Insufficient policy enforcement in Cryptohome.
- CVE-2021-21118: Insufficient data validation in V8.
- CVE-2021-21119: Use after free in Media.
- CVE-2021-21120: Use after free in WebSQL.
- CVE-2021-21121: Use after free in Omnibox.
- CVE-2021-21122: Use after free in Blink.
- CVE-2021-21123: Insufficient data validation in File System API.
- CVE-2021-21124: Potential user after free in Speech Recognizer.
- CVE-2021-21125: Insufficient policy enforcement in File System API.
- CVE-2021-21126: Insufficient policy enforcement in extensions.
- CVE-2021-21127: Insufficient policy enforcement in extensions.
- CVE-2021-21128: Heap buffer overflow in Blink.
- CVE-2021-21129: Insufficient policy enforcement in File System API.
- CVE-2021-21130: Insufficient policy enforcement in File System API.
- CVE-2021-21131: Insufficient policy enforcement in File System API.
- CVE-2021-21132: Inappropriate implementation in DevTools.
- CVE-2021-21133: Insufficient policy enforcement in Downloads.
- CVE-2021-21134: Incorrect security UI in Page Info.
- CVE-2021-21135: Inappropriate implementation in Performance API.
- CVE-2021-21136: Insufficient policy enforcement in WebView.
- CVE-2021-21137: Inappropriate implementation in DevTools.
- CVE-2021-21138: Use after free in DevTools.
- CVE-2021-21139: Inappropriate implementation in iframe sandbox.
- CVE-2021-21140: Uninitialized Use in USB.
- CVE-2021-21141: Insufficient policy enforcement in File System API.

chromium-88.0.4324.150-alt1.src.rpm  сборка 2021-01-24

Группа: Сети/WWW
О пакете: An open source web browser developed by Google
Изменения:

- New version (88.0.4324.96).
- Security fixes:
- CVE-2020-16044: Use after free in WebRTC.
- CVE-2021-21117: Insufficient policy enforcement in Cryptohome.
- CVE-2021-21118: Insufficient data validation in V8.
- CVE-2021-21119: Use after free in Media.
- CVE-2021-21120: Use after free in WebSQL.
- CVE-2021-21121: Use after free in Omnibox.
- CVE-2021-21122: Use after free in Blink.
- CVE-2021-21123: Insufficient data validation in File System API.
- CVE-2021-21124: Potential user after free in Speech Recognizer.
- CVE-2021-21125: Insufficient policy enforcement in File System API.
- CVE-2021-21126: Insufficient policy enforcement in extensions.
- CVE-2021-21127: Insufficient policy enforcement in extensions.
- CVE-2021-21128: Heap buffer overflow in Blink.
- CVE-2021-21129: Insufficient policy enforcement in File System API.
- CVE-2021-21130: Insufficient policy enforcement in File System API.
- CVE-2021-21131: Insufficient policy enforcement in File System API.
- CVE-2021-21132: Inappropriate implementation in DevTools.
- CVE-2021-21133: Insufficient policy enforcement in Downloads.
- CVE-2021-21134: Incorrect security UI in Page Info.
- CVE-2021-21135: Inappropriate implementation in Performance API.
- CVE-2021-21136: Insufficient policy enforcement in WebView.
- CVE-2021-21137: Inappropriate implementation in DevTools.
- CVE-2021-21138: Use after free in DevTools.
- CVE-2021-21139: Inappropriate implementation in iframe sandbox.
- CVE-2021-21140: Uninitialized Use in USB.
- CVE-2021-21141: Insufficient policy enforcement in File System API.

chromium-89.0.4389.82-alt1.src.rpm  сборка 2021-01-24

Группа: Сети/WWW
О пакете: An open source web browser developed by Google
Изменения:

- New version (88.0.4324.96).
- Security fixes:
- CVE-2020-16044: Use after free in WebRTC.
- CVE-2021-21117: Insufficient policy enforcement in Cryptohome.
- CVE-2021-21118: Insufficient data validation in V8.
- CVE-2021-21119: Use after free in Media.
- CVE-2021-21120: Use after free in WebSQL.
- CVE-2021-21121: Use after free in Omnibox.
- CVE-2021-21122: Use after free in Blink.
- CVE-2021-21123: Insufficient data validation in File System API.
- CVE-2021-21124: Potential user after free in Speech Recognizer.
- CVE-2021-21125: Insufficient policy enforcement in File System API.
- CVE-2021-21126: Insufficient policy enforcement in extensions.
- CVE-2021-21127: Insufficient policy enforcement in extensions.
- CVE-2021-21128: Heap buffer overflow in Blink.
- CVE-2021-21129: Insufficient policy enforcement in File System API.
- CVE-2021-21130: Insufficient policy enforcement in File System API.
- CVE-2021-21131: Insufficient policy enforcement in File System API.
- CVE-2021-21132: Inappropriate implementation in DevTools.
- CVE-2021-21133: Insufficient policy enforcement in Downloads.
- CVE-2021-21134: Incorrect security UI in Page Info.
- CVE-2021-21135: Inappropriate implementation in Performance API.
- CVE-2021-21136: Insufficient policy enforcement in WebView.
- CVE-2021-21137: Inappropriate implementation in DevTools.
- CVE-2021-21138: Use after free in DevTools.
- CVE-2021-21139: Inappropriate implementation in iframe sandbox.
- CVE-2021-21140: Uninitialized Use in USB.
- CVE-2021-21141: Insufficient policy enforcement in File System API.

chromium-gost-88.0.4324.150-alt1.src.rpm  сборка 2021-01-24

Группа: Сети/WWW
О пакете: An open source web browser developed by Google
Изменения:

- New version (88.0.4324.96).
- Security fixes:
- CVE-2020-16044: Use after free in WebRTC.
- CVE-2021-21117: Insufficient policy enforcement in Cryptohome.
- CVE-2021-21118: Insufficient data validation in V8.
- CVE-2021-21119: Use after free in Media.
- CVE-2021-21120: Use after free in WebSQL.
- CVE-2021-21121: Use after free in Omnibox.
- CVE-2021-21122: Use after free in Blink.
- CVE-2021-21123: Insufficient data validation in File System API.
- CVE-2021-21124: Potential user after free in Speech Recognizer.
- CVE-2021-21125: Insufficient policy enforcement in File System API.
- CVE-2021-21126: Insufficient policy enforcement in extensions.
- CVE-2021-21127: Insufficient policy enforcement in extensions.
- CVE-2021-21128: Heap buffer overflow in Blink.
- CVE-2021-21129: Insufficient policy enforcement in File System API.
- CVE-2021-21130: Insufficient policy enforcement in File System API.
- CVE-2021-21131: Insufficient policy enforcement in File System API.
- CVE-2021-21132: Inappropriate implementation in DevTools.
- CVE-2021-21133: Insufficient policy enforcement in Downloads.
- CVE-2021-21134: Incorrect security UI in Page Info.
- CVE-2021-21135: Inappropriate implementation in Performance API.
- CVE-2021-21136: Insufficient policy enforcement in WebView.
- CVE-2021-21137: Inappropriate implementation in DevTools.
- CVE-2021-21138: Use after free in DevTools.
- CVE-2021-21139: Inappropriate implementation in iframe sandbox.
- CVE-2021-21140: Uninitialized Use in USB.
- CVE-2021-21141: Insufficient policy enforcement in File System API.

chromium-89.0.4389.114-alt1.src.rpm  сборка 2021-01-24

Группа: Сети/WWW
О пакете: An open source web browser developed by Google
Изменения:

- New version (88.0.4324.96).
- Security fixes:
- CVE-2020-16044: Use after free in WebRTC.
- CVE-2021-21117: Insufficient policy enforcement in Cryptohome.
- CVE-2021-21118: Insufficient data validation in V8.
- CVE-2021-21119: Use after free in Media.
- CVE-2021-21120: Use after free in WebSQL.
- CVE-2021-21121: Use after free in Omnibox.
- CVE-2021-21122: Use after free in Blink.
- CVE-2021-21123: Insufficient data validation in File System API.
- CVE-2021-21124: Potential user after free in Speech Recognizer.
- CVE-2021-21125: Insufficient policy enforcement in File System API.
- CVE-2021-21126: Insufficient policy enforcement in extensions.
- CVE-2021-21127: Insufficient policy enforcement in extensions.
- CVE-2021-21128: Heap buffer overflow in Blink.
- CVE-2021-21129: Insufficient policy enforcement in File System API.
- CVE-2021-21130: Insufficient policy enforcement in File System API.
- CVE-2021-21131: Insufficient policy enforcement in File System API.
- CVE-2021-21132: Inappropriate implementation in DevTools.
- CVE-2021-21133: Insufficient policy enforcement in Downloads.
- CVE-2021-21134: Incorrect security UI in Page Info.
- CVE-2021-21135: Inappropriate implementation in Performance API.
- CVE-2021-21136: Insufficient policy enforcement in WebView.
- CVE-2021-21137: Inappropriate implementation in DevTools.
- CVE-2021-21138: Use after free in DevTools.
- CVE-2021-21139: Inappropriate implementation in iframe sandbox.
- CVE-2021-21140: Uninitialized Use in USB.
- CVE-2021-21141: Insufficient policy enforcement in File System API.

containerd-1.4.3-alt1.src.rpm  сборка 2021-01-22

Группа: Разработка/Прочее
О пакете: A daemon to control runC
Изменения:

- 1.4.3 (Fixes: CVE-2020-15257)

imapfilter-2.7.5-alt1.src.rpm  сборка 2021-01-22

Группа: Система/Настройка/Сеть
О пакете: mail filtering utility
Изменения:

- 2.7.5 (Fixes CVE-2016-10937).

shellinabox-2.20-alt2.src.rpm  сборка 2021-01-22

Группа: Сети/Удалённый доступ
О пакете: AJAX based terminal emulator exporting a console to the browser
Изменения:

- Applied security fix from upstream (Fixes CVE-2018-16789).

dnsmasq-2.83-alt1.src.rpm  сборка 2021-01-22

Группа: Система/Серверы
О пакете: A lightweight caching nameserver
Изменения:

- Use useradd -N instead of -n.
- Updated to 2.83 (fixes: CVE-2020-25681, CVE-2020-25682, CVE-2020-25683,
CVE-2020-25684, CVE-2020-25685, CVE-2020-25686, CVE-2020-25687).

containerd-1.4.3-alt2.src.rpm  сборка 2021-01-22

Группа: Разработка/Прочее
О пакете: A daemon to control runC
Изменения:

- 1.4.3 (Fixes: CVE-2020-15257)

imapfilter-2.7.5-alt2.src.rpm  сборка 2021-01-22

Группа: Система/Настройка/Сеть
О пакете: mail filtering utility
Изменения:

- 2.7.5 (Fixes CVE-2016-10937).

dnsmasq-2.85-alt1.src.rpm  сборка 2021-01-22

Группа: Система/Серверы
О пакете: A lightweight caching nameserver
Изменения:

- Use useradd -N instead of -n.
- Updated to 2.83 (fixes: CVE-2020-25681, CVE-2020-25682, CVE-2020-25683,
CVE-2020-25684, CVE-2020-25685, CVE-2020-25686, CVE-2020-25687).

containerd-1.4.4-alt1.src.rpm  сборка 2021-01-22

Группа: Разработка/Прочее
О пакете: A daemon to control runC
Изменения:

- 1.4.3 (Fixes: CVE-2020-15257)

libmspack-0.6-alt2.src.rpm  сборка 2021-01-21

Группа: Разработка/C
О пакете: Compressors and decompressors for Microsoft compression formats
Изменения:

- Applied security fix from upstream (Fixes CVE-2018-18584).

libevt-20140411-alt2.src.rpm  сборка 2021-01-21

Группа: Работа с файлами
О пакете: Library and tools to access the Windows Event Log (EVT) format
Изменения:

- Applied security fix from upstream (Fixes CVE-2018-8754).

rclone-1.53.4-alt1.src.rpm  сборка 2021-01-21

Группа: Сети/Передача файлов
О пакете: rsync for cloud storage
Изменения:

- New version 1.53.4 (Fixes: CVE-2020-28924).

fleet-3.6.0-alt1.src.rpm  сборка 2021-01-21

Группа: Другие
О пакете: The premier osquery fleet manager.
Изменения:

- Updated to upstream version 3.6.0 (Fixes: CVE-2020-26276).

spice-vdagent-1:0.21.0-alt1.src.rpm  сборка 2021-01-21

Группа: Сети/Удалённый доступ
О пакете: Agent for Spice guests
Изменения:

- new version 0.21.0 (Fixes CVE-2020-25650, CVE-2020-25651, CVE-2020-25652, CVE-2020-25653).

libjasper-2.0.24-alt1.src.rpm  сборка 2021-01-21

Группа: Система/Библиотеки
О пакете: Implementation of the codec specified in the JPEG-2000 Part-1 standard
Изменения:

- new version 2.0.24 (with rpmrb script)
- CVE-2020-27828, heap-overflow in cp_create() in jpc_enc.c

blueman-2.1.4-alt1.src.rpm  сборка 2021-01-21

Группа: Разработка/Python 3
О пакете: Blueman is a GTK+ Bluetooth Manager
Изменения:

- new version 2.1.4 (Fixes CVE-2020-15238).

libjasper-2.0.25-alt1.src.rpm  сборка 2021-01-21

Группа: Система/Библиотеки
О пакете: Implementation of the codec specified in the JPEG-2000 Part-1 standard
Изменения:

- new version 2.0.24 (with rpmrb script)
- CVE-2020-27828, heap-overflow in cp_create() in jpc_enc.c

blueman-2.1.4-alt2.src.rpm  сборка 2021-01-21

Группа: Разработка/Python 3
О пакете: Blueman is a GTK+ Bluetooth Manager
Изменения:

- new version 2.1.4 (Fixes CVE-2020-15238).

  « Первая         1         3         5     6     7            Последняя »  

 
Ветви:
свернуть окно
Проект Geyser основан на коде из проекта Prometheus 2.0, который был доступен по лицензии MIT