Репозиторий Sisyphus
Последнее обновление: 2018-10-15 11:14:39 +0400 | Пакетов: 15382 | Войти или Зарегистрироваться
en ru uk br
Security fixes

postgresql9.6-1C-9.6.9-alt0.M70P.1  сборка 2018-05-09

Группа: Базы данных
О пакете: PostgreSQL client programs and libraries (edition for 1C 8.3.3 and later)
Изменения:

- 9.6.9
- Fix CVE-2018-1115

postgresql9.3-9.3.23-alt0.M70P.1  сборка 2018-05-09

Группа: Базы данных
О пакете: PostgreSQL client programs and libraries
Изменения:

- 9.3.23
- Fix CVE-2018-1115

postgresql9.6-9.6.9-alt0.M70P.1  сборка 2018-05-09

Группа: Базы данных
О пакете: PostgreSQL client programs and libraries
Изменения:

- 9.6.9
- Fix CVE-2018-1115

postgresql9.5-9.5.13-alt0.M70P.1  сборка 2018-05-09

Группа: Базы данных
О пакете: PostgreSQL client programs and libraries
Изменения:

- 9.5.13
- Fix CVE-2018-1115

postgresql10-10.4-alt0.M70P.1  сборка 2018-05-09

Группа: Базы данных
О пакете: PostgreSQL client programs and libraries
Изменения:

- 10.4
- Fix CVE-2018-1115

postgresql9.4-9.4.18-alt0.M70P.1  сборка 2018-05-09

Группа: Базы данных
О пакете: PostgreSQL client programs and libraries
Изменения:

- 9.4.18
- Fix CVE-2018-1115

clamav-0.99.4-alt1  сборка 2018-03-04

Группа: Работа с файлами
О пакете: Clam Antivirus scanner
Изменения:

- 0.99.4 (CVE-2012-6706, CVE-2017-6419, CVE-2017-11423,
CVE-2018-0202, and CVE-2018-1000085)

ntp-4.2.8p11-alt1  сборка 2018-03-04

Группа: Система/Настройка/Прочее
О пакете: The Network Time Protocol (NTP)
Изменения:

- 4.2.8p11 (CVE-2018-7185, CVE-2018-7184, CVE-2018-7170, CVE-2018-7183,
CVE-2018-7182, CVE-2016-1549)
- updated vniiftri ntp servers in ntp.conf
- added perl-HTTP-Tiny, perl-Net-SSLeay, perl-IO-Socket-SSL to BuildRequires

postgresql9.5-9.5.12-alt0.M70P.1  сборка 2018-03-02

Группа: Базы данных
О пакете: PostgreSQL client programs and libraries
Изменения:

- 9.5.12
- Fix CVE-2018-1058

postgresql9.4-9.4.17-alt0.M70P.1  сборка 2018-03-02

Группа: Базы данных
О пакете: PostgreSQL client programs and libraries
Изменения:

- 9.4.17
- Fix CVE-2018-1058

postgresql10-10.3-alt0.M70P.1  сборка 2018-03-02

Группа: Базы данных
О пакете: PostgreSQL client programs and libraries
Изменения:

- 10.3
- Fix CVE-2018-1058

postgresql9.3-9.3.22-alt0.M70P.1  сборка 2018-03-02

Группа: Базы данных
О пакете: PostgreSQL client programs and libraries
Изменения:

- 9.3.22
- Fix CVE-2018-1058

postgresql9.6-1C-9.6.8-alt0.M70P.1  сборка 2018-03-02

Группа: Базы данных
О пакете: PostgreSQL client programs and libraries (edition for 1C 8.3.3 and later)
Изменения:

- 9.6.8
- Re-applay patches from 1C:
* 00001-1c_FULL_96.patch
* 00004-postgresql-1c-9.6.patch
* 00005-exists_opt-2.patch
- Remove path 00001-1c_create_append_path.patch (fixed in 00001-1c_FULL_96.patch)
- Fix CVE-2018-1058

postgresql9.6-9.6.8-alt0.M70P.1  сборка 2018-03-02

Группа: Базы данных
О пакете: PostgreSQL client programs and libraries
Изменения:

- 9.6.8
- Fix CVE-2018-1058

libgtk+2-2.24.32-alt0.M70T.1  сборка 2018-02-20

Группа: Система/Библиотеки
О пакете: The GIMP ToolKit (GTK+), a library for creating GUIs
Изменения:

- Build for t7. (Fixes: CVE-2013-7447)
- gtkprintbackendcups.c: fix \n at end of a debugging note.
- (.spec) Enable --enable debug.
- (.spec) Enable build with parallel jobs.

clamav-0.99.3-alt1  сборка 2018-01-28

Группа: Работа с файлами
О пакете: Clam Antivirus scanner
Изменения:

- 0.99.3 (multiple CVE's, look to README)
- removed cve-2017-6418.patch and cve-2017-6420.patch (in upstream now)

kernel-image-un-def-1:4.1.49-alt0.M70P.1  сборка 2018-01-24

Группа: Система/Ядро и оборудование
О пакете: The Linux kernel (the core of the Linux operating system)
Изменения:

- v4.1.49 (Fixes: CVE-2017-0861, CVE-2017-1000407, CVE-2017-7184)

kernel-image-un-def-1:4.1.47-alt0.M70P.1  сборка 2017-12-08

Группа: Система/Ядро и оборудование
О пакете: The Linux kernel (the core of the Linux operating system)
Изменения:

- v4.1.47 (Fixes: CVE-2017-13080, CVE-2017-7518, CVE-2017-8824)

kernel-image-un-def-1:4.1.46-alt0.M70P.1.1  сборка 2017-12-05

Группа: Система/Ядро и оборудование
О пакете: The Linux kernel (the core of the Linux operating system)
Изменения:

- temporary fix for HugeDirtyCowPOC (fixes CVE-2017-1000405)

palemoon-2:27.6.2-alt0.M70P.1  сборка 2017-12-02

Группа: Сети/WWW
О пакете: The New Moon browser, an unofficial branding of the Pale Moon project browser
Изменения:

- New Version - Release 27.6.2
- Fixed CVE-2017-7832, CVE-2017-7835, CVE-2017-7840. See Changelog

openvpn-2.4.4-alt1  сборка 2017-11-18

Группа: Система/Серверы
О пакете: a full-featured SSL VPN solution
Изменения:

- New version
- Security fixes:
+ CVE-2017-12166: Buffer overflow when using (obsolete) '--key-method 1'

kernel-image-un-def-1:4.1.46-alt0.M70P.1  сборка 2017-11-15

Группа: Система/Ядро и оборудование
О пакете: The Linux kernel (the core of the Linux operating system)
Изменения:

- v4.1.46 (Fixes: CVE-2017-0786, CVE-2017-12153, CVE-2017-12154, CVE-2017-12193,
CVE-2017-15265)

glibc-6:2.17-alt8.M70P.2  сборка 2017-10-23

Группа: Система/Основа
О пакете: The GNU libc libraries
Изменения:

- Backported upstream secutiry patches (fixes CVE-2017-15670 CVE-2017-15804).

kernel-image-un-def-1:4.1.45-alt0.M70P.1.1  сборка 2017-10-18

Группа: Система/Ядро и оборудование
О пакете: The Linux kernel (the core of the Linux operating system)
Изменения:

- v4.1.45 (Fixes: CVE-2017-11600)

kernel-image-un-def-1:4.1.44-alt0.M70P.1.1  сборка 2017-10-17

Группа: Система/Ядро и оборудование
О пакете: The Linux kernel (the core of the Linux operating system)
Изменения:

- Local root in alsa fixed (Fixes: CVE-2017-15265)

ntp-4.2.8p10-alt1  сборка 2017-09-27

Группа: Система/Настройка/Прочее
О пакете: The Network Time Protocol (NTP)
Изменения:

- updated to 4.2.8p10 (Fixes: CVE-2017-6451, CVE-2017-6452, CVE-2017-6455,
CVE-2017-6458, CVE-2017-6459, CVE-2017-6460, CVE-2017-6462,
CVE-2017-6463, CVE-2017-6464)
- patch level moved to version to pleasure CVE checkoing tools

clamav-0.99.2-alt3  сборка 2017-09-25

Группа: Работа с файлами
О пакете: Clam Antivirus scanner
Изменения:

- Fixes:
+ CVE-2017-6418 remote attackers can cause a denial of service (out-of-bounds read) via a crafted e-mail message
+ CVE-2017-6420 remote attackers can cause a denial of service (use-after-free) via a crafted PE file with WWPack compression

postgresql9.6-1C-9.6.4-alt0.M70P.1  сборка 2017-08-09

Группа: Базы данных
О пакете: PostgreSQL client programs and libraries (edition for 1C 8.3.3 and later)
Изменения:

- 9.6.4
- fix CVE-2017-7547

postgresql9.4-9.4.13-alt0.M70P.1  сборка 2017-08-09

Группа: Базы данных
О пакете: PostgreSQL client programs and libraries
Изменения:

- 9.4.13
- fix CVE-2017-7547

postgresql10-9.6.4-alt1  сборка 2017-08-09

Группа: Базы данных
О пакете: PostgreSQL client programs and libraries
Изменения:

- 9.6.4
- fix CVE-2017-7547

postgresql9.6-9.6.4-alt0.M70P.1  сборка 2017-08-09

Группа: Базы данных
О пакете: PostgreSQL client programs and libraries
Изменения:

- 9.6.4
- fix CVE-2017-7547

postgresql9.5-9.5.8-alt0.M70P.1  сборка 2017-08-09

Группа: Базы данных
О пакете: PostgreSQL client programs and libraries
Изменения:

- 9.5.8
- fix CVE-2017-7547

postgresql9.3-9.3.18-alt0.M70P.1  сборка 2017-08-09

Группа: Базы данных
О пакете: PostgreSQL client programs and libraries
Изменения:

- 9.3.18
- fix CVE-2017-7547

samba-DC-4.5.12-alt1.M70P.1  сборка 2017-07-12

Группа: Система/Серверы
О пакете: Samba Active Directory Domain Controller
Изменения:

- Update to summer security release
- Security fixes:
+ CVE-2017-11103 Orpheus' Lyre KDC-REP service name validation

samba-4.5.12-alt1.M70P.1  сборка 2017-07-12

Группа: Система/Серверы
О пакете: The Samba4 CIFS and AD client and server suite
Изменения:

- Update to summer security release
- Security fixes:
+ CVE-2017-11103 Orpheus' Lyre KDC-REP service name validation
(Samba binaries built against MIT Kerberos are not vulnerable.)

openvpn-2.4.3-alt1  сборка 2017-06-21

Группа: Система/Серверы
О пакете: a full-featured SSL VPN solution
Изменения:

- New version
- Security fixes:
+ CVE-2017-7522 Post-authentication --x509-track remote DoS
+ CVE-2017-7521 Post-authentication remote-triggerable memory leaks
+ CVE-2017-7521 Potential post-authentication remote code execution
on servers that use the --x509-username-field option
+ CVE-2017-7520 Pre-authentication remote crash / information disclosure
for clients
+ CVE-2017-7508 Remotely-triggerable ASSERT() on malformed IPv6 packet
- Force to use built-in PIN prompt with PKCS11 regardless
of systemd presence (OpenVPN bug 538)

wireshark-2.2.7-alt1.M70P.1  сборка 2017-06-04

Группа: Мониторинг
О пакете: The BugTraq Award Winning Network Traffic Analyzer
Изменения:

- new version with these security fixes:
* wnpa-sec-2017-22 Bazaar dissector infinite loop CVE-2017-9352
* wnpa-sec-2017-23 DOF dissector read overflow CVE-2017-9348
* wnpa-sec-2017-24 DHCP dissector read overflow CVE-2017-9351
* wnpa-sec-2017-25 SoulSeek dissector infinite loop CVE-2017-9346
* wnpa-sec-2017-26 DNS dissector infinite loop CVE-2017-9345
* wnpa-sec-2017-27 DICOM dissector infinite loop CVE-2017-9349
* wnpa-sec-2017-28 openSAFETY dissector memory exhaustion CVE-2017-9350
* wnpa-sec-2017-29 BT L2CAP dissector divide by zero CVE-2017-9344
* wnpa-sec-2017-30 MSNIP dissector crash CVE-2017-9343
* wnpa-sec-2017-31 ROS dissector crash CVE-2017-9347
* wnpa-sec-2017-32 RGMP dissector crash CVE-2017-9354
* wnpa-sec-2017-30 MSNIP dissector crash CVE-2017-9343
* wnpa-sec-2017-31 ROS dissector crash CVE-2017-9347
* wnpa-sec-2017-32 RGMP dissector crash CVE-2017-9354
* wnpa-sec-2017-33 IPv6 dissector crash CVE-2017-9353

samba-DC-4.5.10-alt1.M70P.1  сборка 2017-05-24

Группа: Система/Серверы
О пакете: Samba Active Directory Domain Controller
Изменения:

- Update to second spring security release
- Fix longtime initialization bug in ldb proxy
- Security fixes:
+ CVE-2017-7494 Remote code execution from a writable share

samba-4.5.10-alt1.M70P.1  сборка 2017-05-24

Группа: Система/Серверы
О пакете: The Samba4 CIFS and AD client and server suite
Изменения:

- Update to second spring security release
- Fix longtime initialization bug in ldb proxy
- Security fixes:
+ CVE-2017-7494 Remote code execution from a writable share

openvpn-2.4.2-alt1  сборка 2017-05-14

Группа: Система/Серверы
О пакете: a full-featured SSL VPN solution
Изменения:

- New version
- Security fixes:
+ CVE-2017-7478 Don't assert out on receiving too-large control packets
+ CVE-2017-7479 Drop packets instead of assert out if packet id rolls over

firefox-esr-45.9.0-alt1  сборка 2017-04-20

Группа: Сети/WWW
О пакете: The Mozilla Firefox project is a redesign of Mozilla's browser
Изменения:

- New ESR version
- Security fixes:
+ CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9,
+ CVE-2017-5462: DRBG flaw in NSS
+ CVE-2017-5445: Uninitialized values used while parsing
+ CVE-2017-5469: Potential Buffer overflow in flex-generated code
+ CVE-2017-5437: Vulnerabilities in Libevent library
+ CVE-2017-5448: Out-of-bounds write in ClearKeyDecryptor
+ CVE-2017-5465: Out-of-bounds read in ConvolvePixel
+ CVE-2017-5447: Out-of-bounds read during glyph processing
+ CVE-2017-5446: Out-of-bounds read when HTTP/2 DATA frames are sent with
+ CVE-2017-5444: Buffer overflow while parsing application/http-index-format
+ CVE-2017-5443: Out-of-bounds write during BinHex decoding
+ CVE-2017-5464: Memory corruption with accessibility and DOM manipulation
+ CVE-2017-5442: Use-after-free during style changes
+ CVE-2017-5441: Use-after-free with selection during scroll events
+ CVE-2017-5440: Use-after-free in txExecutionState destructor during XSLT
+ CVE-2017-5439: Use-after-free in nsTArray Length() during XSLT processing
+ CVE-2017-5438: Use-after-free in nsAutoPtr during XSLT processing
+ CVE-2017-5460: Use-after-free in frame selection
+ CVE-2017-5432: Use-after-free in text input selection
+ CVE-2017-5434: Use-after-free during focus handling
+ CVE-2017-5459: Buffer overflow in WebGL
+ CVE-2017-5461: Out-of-bounds write in Base64 encoding in NSS
+ CVE-2017-5436: Out-of-bounds write with malicious font in Graphite 2
+ CVE-2017-5435: Use-after-free during transaction processing in the editor
+ CVE-2017-5433: Use-after-free in SMIL animation functions

firefox-45.9.0-alt1  сборка 2017-04-20

Группа: Сети/WWW
О пакете: The Mozilla Firefox project is a redesign of Mozilla's browser
Изменения:

- New ESR version
- Security fixes:
+ CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9,
+ CVE-2017-5462: DRBG flaw in NSS
+ CVE-2017-5445: Uninitialized values used while parsing
+ CVE-2017-5469: Potential Buffer overflow in flex-generated code
+ CVE-2017-5437: Vulnerabilities in Libevent library
+ CVE-2017-5448: Out-of-bounds write in ClearKeyDecryptor
+ CVE-2017-5465: Out-of-bounds read in ConvolvePixel
+ CVE-2017-5447: Out-of-bounds read during glyph processing
+ CVE-2017-5446: Out-of-bounds read when HTTP/2 DATA frames are sent with
+ CVE-2017-5444: Buffer overflow while parsing application/http-index-format
+ CVE-2017-5443: Out-of-bounds write during BinHex decoding
+ CVE-2017-5464: Memory corruption with accessibility and DOM manipulation
+ CVE-2017-5442: Use-after-free during style changes
+ CVE-2017-5441: Use-after-free with selection during scroll events
+ CVE-2017-5440: Use-after-free in txExecutionState destructor during XSLT
+ CVE-2017-5439: Use-after-free in nsTArray Length() during XSLT processing
+ CVE-2017-5438: Use-after-free in nsAutoPtr during XSLT processing
+ CVE-2017-5460: Use-after-free in frame selection
+ CVE-2017-5432: Use-after-free in text input selection
+ CVE-2017-5434: Use-after-free during focus handling
+ CVE-2017-5459: Buffer overflow in WebGL
+ CVE-2017-5461: Out-of-bounds write in Base64 encoding in NSS
+ CVE-2017-5436: Out-of-bounds write with malicious font in Graphite 2
+ CVE-2017-5435: Use-after-free during transaction processing in the editor
+ CVE-2017-5433: Use-after-free in SMIL animation functions

wireshark-2.2.6-alt1.M70P.1  сборка 2017-04-14

Группа: Мониторинг
О пакете: The BugTraq Award Winning Network Traffic Analyzer
Изменения:

- new version with these security fixes:
* wnpa-sec-2017-12 IMAP dissector crash CVE-2017-7703
* wnpa-sec-2017-13 WBMXL dissector infinite loop CVE-2017-7702
* wnpa-sec-2017-14 NetScaler file parser infinite loop CVE-2017-7700
* wnpa-sec-2017-15 RPCoRDMA dissector infinite loop CVE-2017-7705
* wnpa-sec-2017-16 BGP dissector infinite loop CVE-2017-7701
* wnpa-sec-2017-17 DOF dissector infinite loop CVE-2017-7704

krb5-1.13.7-alt0.M70P.1  сборка 2017-03-24

Группа: Система/Библиотеки
О пакете: The Kerberos network authentication system
Изменения:

- Update to supported security release (Fixes: CVE-2014-5355, CVE-2015-2694,
CVE-2015-2695, CVE-2015-2696, CVE-2015-2698, CVE-2015-2697, CVE-2015-8629,
CVE-2015-8630, CVE-2015-8631, CVE-2016-3119, CVE-2016-3120)
- Backport _keytab group for default keytab /etc/krb5.keytab

samba-4.5.7-alt1.M70P.1  сборка 2017-03-23

Группа: Система/Серверы
О пакете: The Samba4 CIFS and AD client and server suite
Изменения:

- Update to spring security release
- Fixed build --without docs (closes: 33118)
- Security fixes:
+ CVE-2017-2619 Symlink race allows access outside share definition

samba-DC-4.5.7-alt1.M70P.1  сборка 2017-03-23

Группа: Система/Серверы
О пакете: Samba Active Directory Domain Controller
Изменения:

- Update to spring security release
- Fixed build --without docs (closes: 33118)
- Security fixes:
+ CVE-2017-2619 Symlink race allows access outside share definition

adobe-flash-player-3:25-alt0.M70P.1  сборка 2017-03-20

Группа: Сети/WWW
О пакете: Adobe Flash Player
Изменения:

- new version
- security fixes:
CVE-2017-2997, CVE-2017-2998, CVE-2017-2999, CVE-2017-3000,
CVE-2017-3001, CVE-2017-3002, CVE-2017-3003

adobe-flash-player-3:24-alt0.M70P.3  сборка 2017-02-17

Группа: Сети/WWW
О пакете: Adobe Flash Player
Изменения:

- new version
- security fixes:
CVE-2017-2982, CVE-2017-2984, CVE-2017-2985, CVE-2017-2986,
CVE-2017-2987, CVE-2017-2988, CVE-2017-2990, CVE-2017-2991,
CVE-2017-2992, CVE-2017-2993, CVE-2017-2994, CVE-2017-2995,
CVE-2017-2996

adobe-flash-player-3:24-alt0.M70P.2  сборка 2017-01-11

Группа: Сети/WWW
О пакете: Adobe Flash Player
Изменения:

- new version
- security fixes:
CVE-2017-2925, CVE-2017-2926, CVE-2017-2927, CVE-2017-2928,
CVE-2017-2930, CVE-2017-2931, CVE-2017-2932, CVE-2017-2933,
CVE-2017-2934, CVE-2017-2935, CVE-2017-2936, CVE-2017-2937,
CVE-2017-2938

samba-4.5.3-alt1.M70P.1  сборка 2016-12-19

Группа: Система/Серверы
О пакете: The Samba4 CIFS and AD client and server suite
Изменения:

- Update for release with security fixes:
- CVE-2016-2123 (ndr_pull_dnsp_name contains an integer wrap problem)
- CVE-2016-2125 (client code always requests a forwardable ticket)
- CVE-2016-2126 (crash winbindd using a legitimate Kerberos ticket)

  1         3     4     5            Последняя »  

 
© 2009–2018 Игорь Зубков