Репозитории ALT
Последнее обновление в Сб, 06 июня 2020, 00:49:50 +0000 | Пакетов: 15384
en ru
Исправления уязвимостей

openssh-6.7p1-alt1.M70P.4.src.rpm  сборка 2016-11-08

Группа: Сети/Удалённый доступ
О пакете: OpenSSH free Secure Shell (SSH) implementation
Изменения:

- Backported upstream fixes for CVE-2015-5352, CVE-2015-6563,
CVE-2015-6564.

adobe-flash-player-3:25-alt0.M70P.1.src.rpm  сборка 2016-10-27

Группа: Сети/WWW
О пакете: Adobe Flash Player
Изменения:

- new version
- security fixes: CVE-2016-7855

kernel-image-std-def-1:3.14.79-alt0.M70P.2.src.rpm  сборка 2016-10-24

Группа: Система/Ядро и оборудование
О пакете: The Linux kernel (the core of the Linux operating system)
Изменения:

- CVE-2016-5195 fixed

kernel-image-ovz-el-2.6.32-alt152.src.rpm  сборка 2016-10-21

Группа: Система/Ядро и оборудование
О пакете: The Linux kernel (the core of the Linux operating system)
Изменения:

- Added fix for CVE-2016-5195.

openssh-6.7p1-alt1.M70P.4.src.rpm  сборка 2016-10-20

Группа: Сети/Удалённый доступ
О пакете: OpenSSH free Secure Shell (SSH) implementation
Изменения:

- Backported upstream fixes for CVE-2015-8325, CVE-2016-6210,
CVE-2016-8858.

adobe-flash-player-3:25-alt0.M70P.1.src.rpm  сборка 2016-10-12

Группа: Сети/WWW
О пакете: Adobe Flash Player
Изменения:

- new version
- security fixes:
CVE-2016-4273, CVE-2016-4286, CVE-2016-6981, CVE-2016-6982,
CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986,
CVE-2016-6987, CVE-2016-6989, CVE-2016-6990, CVE-2016-6992

dbus-1.6.30-alt1.M70P.1.src.rpm  сборка 2016-10-10

Группа: Система/Серверы
О пакете: D-BUS is a simple IPC framework based on messages.
Изменения:

- fixed CVE-2015-0245

bind-9.9.8-alt2.M70P.2.src.rpm  сборка 2016-09-27

Группа: Система/Серверы
О пакете: ISC BIND - DNS server
Изменения:

- Applied upstream fix for CVE-2016-2776.

openssl10-1.0.1u-alt0.M70P.1.src.rpm  сборка 2016-09-22

Группа: Система/Основа
О пакете: OpenSSL - Secure Sockets Layer and cryptography shared libraries and tools
Изменения:

- Updated to 1.0.1u (fixes CVE-2016-2177, CVE-2016-2178, CVE-2016-2179,
CVE-2016-2180, CVE-2016-2181, CVE-2016-2182, CVE-2016-2183,
CVE-2016-6302, CVE-2016-6303, CVE-2016-6304, CVE-2016-6306).

adobe-flash-player-3:25-alt0.M70P.1.src.rpm  сборка 2016-09-19

Группа: Сети/WWW
О пакете: Adobe Flash Player
Изменения:

- new version
CVE-2016-4271, CVE-2016-4272, CVE-2016-4274, CVE-2016-4275,
CVE-2016-4276, CVE-2016-4277, CVE-2016-4278, CVE-2016-4279,
CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283,
CVE-2016-4284, CVE-2016-4285, CVE-2016-4287, CVE-2016-6921,
CVE-2016-6922, CVE-2016-6923, CVE-2016-6924, CVE-2016-6925,
CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930,
CVE-2016-6931, CVE-2016-6932

libgtk+2-2.24.32-alt0.M70T.1.src.rpm  сборка 2016-09-07

Группа: Система/Библиотеки
О пакете: The GIMP ToolKit (GTK+), a library for creating GUIs
Изменения:

- 2.24.31 (CVE-2013-7447)

adobe-flash-player-3:25-alt0.M70P.1.src.rpm  сборка 2016-07-20

Группа: Сети/WWW
О пакете: Adobe Flash Player
Изменения:

- new version
- security fixes:
CVE-2016-4172, CVE-2016-4173, CVE-2016-4174, CVE-2016-4175,
CVE-2016-4176, CVE-2016-4177, CVE-2016-4178, CVE-2016-4179,
CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183,
CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187,
CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217,
CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221,
CVE-2016-4222, CVE-2016-4223, CVE-2016-4224, CVE-2016-4225,
CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229,
CVE-2016-4230, CVE-2016-4231, CVE-2016-4232, CVE-2016-4233,
CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237,
CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241,
CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245,
CVE-2016-4246, CVE-2016-4247, CVE-2016-4248, CVE-2016-4249

samba-4.5.12-alt1.M70P.1.src.rpm  сборка 2016-07-10

Группа: Система/Серверы
О пакете: The Samba4 CIFS and AD client and server suite
Изменения:

- Update for security release with CVE-2016-2119

iperf3-3.3-alt1.src.rpm  сборка 2016-07-09

Группа: Мониторинг
О пакете: A TCP, UDP, and SCTP network bandwidth measurement tool
Изменения:

- New version (CVE-2016-4303)

samba-DC-4.5.12-alt1.M70P.1.src.rpm  сборка 2016-07-08

Группа: Система/Серверы
О пакете: Samba Active Directory Domain Controller
Изменения:

- Update for security release with CVE-2016-2119

ntp-4.2.8p11-alt0.M70P.1.src.rpm  сборка 2016-07-05

Группа: Система/Настройка/Прочее
О пакете: The Network Time Protocol (NTP)
Изменения:

- 4.2.8p8 (CVE-2016-4957 and other CVEs)

adobe-flash-player-3:25-alt0.M70P.1.src.rpm  сборка 2016-06-27

Группа: Сети/WWW
О пакете: Adobe Flash Player
Изменения:

- new version
- security fixes:
CVE-2016-4122, CVE-2016-4123, CVE-2016-4124, CVE-2016-4125,
CVE-2016-4127, CVE-2016-4128, CVE-2016-4129, CVE-2016-4130,
CVE-2016-4131, CVE-2016-4132, CVE-2016-4133, CVE-2016-4134,
CVE-2016-4135, CVE-2016-4136, CVE-2016-4137, CVE-2016-4138,
CVE-2016-4139, CVE-2016-4140, CVE-2016-4141, CVE-2016-4142,
CVE-2016-4143, CVE-2016-4144, CVE-2016-4145, CVE-2016-4146,
CVE-2016-4147, CVE-2016-4148, CVE-2016-4149, CVE-2016-4150,
CVE-2016-4151, CVE-2016-4152, CVE-2016-4153, CVE-2016-4154,
CVE-2016-4155, CVE-2016-4156, CVE-2016-4166, CVE-2016-4171

wget-1.18-alt0.M70P.1.src.rpm  сборка 2016-06-10

Группа: Сети/WWW
О пакете: An utility for retrieving files using the HTTP, HTTPS or FTP protocols
Изменения:

- 1.18 (fixes CVE-2016-4971: untrusted filenames when following
HTTP to FTP redirects)

ImageMagick-6.8.4.10-alt3.M70P.2.src.rpm  сборка 2016-06-06

Группа: Графика
О пакете: An X application for displaying and manipulating images
Изменения:

- Apply security patch from Debian:
Disable support for reading input from a shell command, or writing
output to a shell command. This was done by the pipe (|) prefix. It
was possible to perform a command injection as discrived by
CVE-2016-5118 since it use popen.

ImageMagick-6.8.4.10-alt3.M70P.2.src.rpm  сборка 2016-05-18

Группа: Графика
О пакете: An X application for displaying and manipulating images
Изменения:

- Apply security patches from Debian:
ImageTragick: The coders EPHEMERAL, URL, HTTPS, MVG, MSL, TEXT,
SHOW, WIN, and PLT are disabled via policy.xml file, since they are
vulnerable to code injection. This mitigates CVE-2016-3714,
CVE-2016-3715, CVE-2016-3716, CVE-2016-3717, and CVE-2016-3718.
Since ImageMagick reverts to its internal SVG renderer (which uses
MVG coder) if Inkscape or RSVG is not used, the option --with-rsvg
is included. Closes: 823542. In addition, some other actions were
taken with respect to these vulnerabilities:
- Drop the PLT/Gnuplot decoder, which was vulnerable to command
injection.
- Some sanitization for input filenames in http/https delegates is
added.
- Indirect filename are now authorized by policy.
- Indirect reads with label:@ are prevented.
- Less secure coders (such as MVG, TEXT, and MSL) require explicit
reference in the filename (e.g. mvg:my-graph.mvg).

adobe-flash-player-3:25-alt0.M70P.1.src.rpm  сборка 2016-05-13

Группа: Сети/WWW
О пакете: Adobe Flash Player
Изменения:

- new version
- security fixes:
CVE-2016-1096, CVE-2016-1097, CVE-2016-1098, CVE-2016-1099,
CVE-2016-1100, CVE-2016-1101, CVE-2016-1102, CVE-2016-1103,
CVE-2016-1104, CVE-2016-1105, CVE-2016-1106, CVE-2016-1107,
CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108,
CVE-2016-4109, CVE-2016-4110, CVE-2016-4111, CVE-2016-4112,
CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4116,
CVE-2016-4117

openssl10-1.0.1u-alt0.M70P.1.src.rpm  сборка 2016-05-03

Группа: Система/Основа
О пакете: OpenSSL - Secure Sockets Layer and cryptography shared libraries and tools
Изменения:

- Updated to 1.0.1t (fixes CVE-2016-2105 CVE-2016-2106 CVE-2016-2107
CVE-2016-2109 CVE-2016-2176).

samba-DC-4.5.12-alt1.M70P.1.src.rpm  сборка 2016-04-28

Группа: Система/Серверы
О пакете: Samba Active Directory Domain Controller
Изменения:

- Fix CVE-2016-2110/NTLMSSP regression (https://bugzilla.samba.org/show_bug.cgi?id=11849)

NetworkManager-0.9.8.10-alt1.M70P.2.git20150519.src.rpm  сборка 2016-04-14

Группа: Система/Настройка/Сеть
О пакете: Network Link Manager and User Applications
Изменения:

- keyfile: fix temporary file races (CVE-2016-0764).
- Upstream git snapshot (nm-0-9-8 branch).

samba-DC-4.5.12-alt1.M70P.1.src.rpm  сборка 2016-04-12

Группа: Система/Серверы
О пакете: Samba Active Directory Domain Controller
Изменения:

- New version
- Security fixes:
- CVE-2015-5370 (Multiple errors in DCE-RPC code)
- CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP)
- CVE-2016-2111 (NETLOGON Spoofing Vulnerability)
- CVE-2016-2112 (LDAP client and server don't enforce integrity)
- CVE-2016-2113 (Missing TLS certificate validation)
- CVE-2016-2114 ("server signing = mandatory" not enforced)
- CVE-2016-2115 (SMB IPC traffic is not integrity protected)
- CVE-2016-2118 (SAMR and LSA man in the middle attacks possible)

adobe-flash-player-3:25-alt0.M70P.1.src.rpm  сборка 2016-04-08

Группа: Сети/WWW
О пакете: Adobe Flash Player
Изменения:

- new version
- security fixes:
CVE-2016-1006, CVE-2016-1011, CVE-2016-1012, CVE-2016-1013,
CVE-2016-1014, CVE-2016-1015, CVE-2016-1016, CVE-2016-1017,
CVE-2016-1018, CVE-2016-1019, CVE-2016-1020, CVE-2016-1021,
CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025,
CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029,
CVE-2016-1030, CVE-2016-1031, CVE-2016-1032, CVE-2016-1033

openssh-6.7p1-alt1.M70P.4.src.rpm  сборка 2016-03-14

Группа: Сети/Удалённый доступ
О пакете: OpenSSH free Secure Shell (SSH) implementation
Изменения:

- Backported "sanitise characters destined for xauth"
(fixes CVE-2016-3115).

adobe-flash-player-3:25-alt0.M70P.1.src.rpm  сборка 2016-03-11

Группа: Сети/WWW
О пакете: Adobe Flash Player
Изменения:

- new version
- security fixes:
CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0963,
CVE-2016-0986, CVE-2016-0987, CVE-2016-0988, CVE-2016-0989,
CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993,
CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997,
CVE-2016-0998, CVE-2016-0999, CVE-2016-1000, CVE-2016-1001,
CVE-2016-1002, CVE-2016-1005, CVE-2016-1010

samba-DC-4.5.12-alt1.M70P.1.src.rpm  сборка 2016-03-09

Группа: Система/Серверы
О пакете: Samba Active Directory Domain Controller
Изменения:

- New version (https://www.samba.org/samba/history/samba-4.3.6.html)
- Security fixes:
- CVE-2015-7560 (Incorrect ACL get/set allowed on symlink path)
- CVE-2016-0771 (Out-of-bounds read in internal DNS server)
- Do not use specified GID for wbpriv group

samba-4.5.12-alt1.M70P.1.src.rpm  сборка 2016-03-09

Группа: Система/Серверы
О пакете: The Samba4 CIFS and AD client and server suite
Изменения:

- New version (https://www.samba.org/samba/history/samba-4.3.6.html)
- Security fixes:
- CVE-2015-7560 (Incorrect ACL get/set allowed on symlink path)
- CVE-2016-0771 (Out-of-bounds read in internal DNS server)
- Do not use specified GID for wbpriv group (ALT #31858)

openssl10-1.0.1u-alt0.M70P.1.src.rpm  сборка 2016-03-01

Группа: Система/Основа
О пакете: OpenSSL - Secure Sockets Layer and cryptography shared libraries and tools
Изменения:

- Updated to v1.0.1s (fixes CVE-2016-0701 CVE-2016-0702 CVE-2016-0705
CVE-2016-0797 CVE-2016-0798 CVE-2016-0799 CVE-2016-0800).

xymon-4.3.30-alt0.M70T.2.src.rpm  сборка 2016-02-26

Группа: Мониторинг
О пакете: A system for monitoring servers and networks
Изменения:

- new version (CVE-2016-2054, CVE-2016-2055, CVE-2016-2056,
CVE-2016-2057, CVE-2016-2058 was fixed in previous 4.3.25)

xymon-4.3.28-alt0.M70T.1.src.rpm  сборка 2016-02-26

Группа: Мониторинг
О пакете: A system for monitoring servers and networks
Изменения:

- new version (CVE-2016-2054, CVE-2016-2055, CVE-2016-2056,
CVE-2016-2057, CVE-2016-2058 was fixed in previous 4.3.25)

glibc-6:2.17-alt8.M70P.2.src.rpm  сборка 2016-02-16

Группа: Система/Основа
О пакете: The GNU libc libraries
Изменения:

- Fixed CVE-2015-7547.

adobe-flash-player-3:25-alt0.M70P.1.src.rpm  сборка 2016-02-10

Группа: Сети/WWW
О пакете: Adobe Flash Player
Изменения:

- new version
- security fixes:
CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967,
CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0971,
CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975,
CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979,
CVE-2016-0980, CVE-2016-0981, CVE-2016-0982, CVE-2016-0983,
CVE-2016-0984, CVE-2016-0985

nginx-1.8.1-alt0.M70P.1.src.rpm  сборка 2016-02-01

Группа: Система/Серверы
О пакете: Fast HTTP server
Изменения:

- 1.8.1
- CVE-2016-0742
- CVE-2016-0746
- CVE-2016-0747

openssl10-1.0.1u-alt0.M70P.1.src.rpm  сборка 2016-01-28

Группа: Система/Основа
О пакете: OpenSSL - Secure Sockets Layer and cryptography shared libraries and tools
Изменения:

- Updated to v1.0.1r (CVE-2015-3197 CVE-2016-0701).

kernel-image-std-pae-1:3.14.79-alt0.M70P.1.src.rpm  сборка 2016-01-19

Группа: Система/Ядро и оборудование
О пакете: The Linux kernel (the core of the Linux operating system)
Изменения:

- CVE-2016-0728 fixed

dhcpcd-1:5.6.8-alt2.M70P.1.src.rpm  сборка 2016-01-18

Группа: Система/Серверы
О пакете: DHCP Client
Изменения:

- Ensure that length of the DHCP option's data less then buffer size.
- Fix CVE-2014-6060.

claws-mail-3.14.1-alt0.M70P.1.src.rpm  сборка 2016-01-18

Группа: Сети/Почта
О пакете: Claws Mail is a GTK+ based, user-friendly, lightweight, and fast email client.
Изменения:

- Patch from upstream:
+ fix CVE-2015-8708, bug 3557, 'Remotely exploitable bug.'.

openssh-6.7p1-alt1.M70P.4.src.rpm  сборка 2016-01-14

Группа: Сети/Удалённый доступ
О пакете: OpenSSH free Secure Shell (SSH) implementation
Изменения:

- openssh-clients: disabled UseRoaming (fixes CVE-2016-0777 and CVE-2016-0778).
- Backported to p7 branch.

keepassx-0.4.4-alt0.M70T.1.src.rpm  сборка 2016-01-05

Группа: Сети/Прочее
О пакете: KeePassX Password Safe - light-weight cross-platform password manager
Изменения:

- New version: security fixes
- Fix CVE-2015-8378: Canceling XML export operation creates export as ".xml"

adobe-flash-player-3:25-alt0.M70P.1.src.rpm  сборка 2015-12-29

Группа: Сети/WWW
О пакете: Adobe Flash Player
Изменения:

- new version
- security fixes:
CVE-2015-8459, CVE-2015-8460, CVE-2015-8634, CVE-2015-8635,
CVE-2015-8636, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640,
CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8644,
CVE-2015-8645, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648,
CVE-2015-8649, CVE-2015-8650, CVE-2015-8651

binutils-1:2.23.51.0.1-alt2.M70P.1.src.rpm  сборка 2015-12-23

Группа: Разработка/Прочее
О пакете: GNU Binary Utility Development Utilities
Изменения:

- strings: enabled --all option by default, added --data option
(by Nick Clifton; addresses past and future CVEs wrt strings(1)).

openssl10-1.0.1u-alt0.M70P.1.src.rpm  сборка 2015-12-17

Группа: Система/Основа
О пакете: OpenSSL - Secure Sockets Layer and cryptography shared libraries and tools
Изменения:

- Updated to 1.0.1q (CVE-2015-1788 CVE-2015-3196 CVE-2015-3195
CVE-2015-3194).

libldb-1.1.27-alt0.M70P.1.src.rpm  сборка 2015-12-16

Группа: Система/Библиотеки
О пакете: A schema-less, ldap like, API and database
Изменения:

- 1.1.24
- Security fixes:
- CVE-2015-5330 (Remote memory read in Samba LDAP server)
- CVE-2015-3223 (Denial of service in Samba Active Directory server)

samba-DC-4.5.12-alt1.M70P.1.src.rpm  сборка 2015-12-16

Группа: Система/Серверы
О пакете: Samba Active Directory Domain Controller
Изменения:

- New version (https://www.samba.org/samba/history/samba-4.3.3.html)
- Security fixes:
- CVE-2015-3223 (Denial of service in Samba Active Directory
server)
- CVE-2015-5252 (Insufficient symlink verification in smbd)
- CVE-2015-5299 (Missing access control check in shadow copy
code)
- CVE-2015-5296 (Samba client requesting encryption vulnerable
to downgrade attack)
- CVE-2015-8467 (Denial of service attack against Windows
Active Directory server)
- CVE-2015-5330 (Remote memory read in Samba LDAP server)

openssl098-0.9.8zh-alt0.M70T.1.src.rpm  сборка 2015-12-15

Группа: Система/Основа
О пакете: OpenSSL - Secure Sockets Layer and cryptography shared libraries and tools
Изменения:

- Backport to t7 branch (multiple CVEs).

cyrus-imapd-2.4.18-alt1.M70P.1.src.rpm  сборка 2015-12-15

Группа: Система/Серверы
О пакете: A high-performance mail store with IMAP and POP3 support
Изменения:

- updated to git 20151026 of "cyrus-imapd-2.4" branch
(CVE-2015-8077, CVE-2015-8078)

ntp-4.2.8p11-alt0.M70P.1.src.rpm  сборка 2015-12-14

Группа: Система/Настройка/Прочее
О пакете: The Network Time Protocol (NTP)
Изменения:

- 4.2.8p4 (multiple CVEs; see "NEWS" file)
- ntpdate is not used in init script (obsoleted by --panicgate),
removed ntpdate from "Requires" in the ntpd subpackage
- updated chrooted environment (update_chrooted is used now)
- added IPv6 localhost as trusted source
- compressed manual pages

  « Первая             2         4     5     6            Последняя »  

 
Ветви:
свернуть окно
Проект Geyser основан на коде из проекта Prometheus 2.0, который был доступен по лицензии MIT