Репозитории ALT
Последнее обновление в Сб, 06 июня 2020, 00:49:50 +0000 | Пакетов: 15384
en ru
Исправления уязвимостей

kernel-image-sec-def-1:3.14.29-alt2.src.rpm  сборка 2006-02-07

Группа: Система/Ядро и оборудование
О пакете: The Linux kernel with GRsecurity patches
Изменения:

- Updated kernel-fix-core:
+ fix setting irq affinity with MSI enabled
- Updated kernel-fix-drivers-scsi:
+ i2o_scsi: fix oops on command abort
- Updated kernel-fix-fs:
+ ufs: fix oops on mount
+ reiserfs: fix mount options parsing
- Updated kernel-fix-net:
+ ebtables: don't match tcp/udp source/destination port for IP fragments
+ netlink: fix oops on socket creation failure
+ fix /sys/class/net//wireless without dev->get_wireless_stats
+ make second arg to skb_reserve() signed (fixes PPP on 64-bit archs)
- Updated kernel-fix-security:
+ moxa: require CAP_SYS_RAWIO for firmware loading ioctls
+ CVE-2006-0036: netfilter: fix crash in ip_nat_pptp
+ CVE-2006-0037: netfilter: fix another crash in ip_nat_pptp
+ CVE-2005-3356: fix refcounting on failure exits in sys_mq_open()
+ CVE-2006-0454: icmp: fix extra dst release when ip_options_echo() fails

libopenmotif3-2.2.4-alt3.src.rpm  сборка 2006-02-07

Группа: Система/Библиотеки
О пакете: The Open Motif
Изменения:

- Migration from /usr/X11R6 to /usr.
- Security fix for CVE-2005-3964 (buffer overflows in libUil).
- Patch for new rgb.txt location.
- Add buildreq'ed deps.

apache-1.3.42rusPL30.24-alt5.src.rpm  сборка 2006-01-25

Группа: Система/Серверы
О пакете: The most widely used Web server on the Internet
Изменения:

- security fix for CVE-2005-3352:
+ cross-site scripting (XSS) vulnerability in the mod_imap module of Apache
httpd before 1.3.35-dev allows remote attackers to inject arbitrary web
script or HTML via the Referer when using image maps.
+ patch taken from Debian

xpdf-3.03-alt1.src.rpm  сборка 2006-01-13

Группа: Офис
О пакете: Portable Document Format (PDF) suite
Изменения:

- Security fix (CVE-2005-3191). Apply both recent security patches
from Fedora package.

auth_ldap-1.6.1-alt1.1.1.qa1.src.rpm  сборка 2006-01-11

Группа: Система/Серверы
О пакете: This is a LDAP authentication module for Apache
Изменения:

- 1.6.1 (NMU)
- SECURITY FIX:
* CVE-2006-0150: Fixed security bug that could allow attacker to execute arbitrary
commands as the apache user. (Digital Armaments, Seregorn )
- Fixed #3878
- modified patch1: /usr/lib -> $(LIBDIR)

kernel-image-std-pae-1:3.14.79-alt0.M70P.1.src.rpm  сборка 2006-01-07

Группа: Система/Ядро и оборудование
О пакете: The Linux kernel (the core of the Linux operating system)
Изменения:

- Updated kernel-fix-core:
+ add try_to_freeze to kauditd to fix suspend failure
+ kernel/params.c: fix sysfs access with CONFIG_MODULES=n
- Updated kernel-fix-drivers-block:
+ cciss: bug fix for hpacucli
+ cciss: bug fix for BIG_PASS_THRU
- Updated kernel-fix-drivers-char:
+ agpgart: fix serverworks TLB flush
+ i8k: fix /proc reporting of blank service tags
- Updated kernel-fix-drivers-ide:
+ ide-floppy: fix software eject with LS-120 drive
- Added kernel-fix-drivers-media:
+ dvb: BUDGET CI card depends on STV0297 demodulator
+ dvb: fix tuner init for Pinnacle PCTV Stereo
+ dvb: fix analog NTSC for Thomson DTT 761X hybrid tuner (pcHDTV 3000,
FusionHDTV3 Gold-T)
+ dvb: dst: fix possible buffer overflow
- Updated kernel-fix-drivers-net:
+ sungem: gem_remove_one mustn't be __devexit
- Added kernel-fix-drivers-pcmcia:
+ i82365: release all resources if no devices are found
- Updated kernel-fix-drivers-scsi:
+ libata: separate controller-wide spinlock from Scsi_Host lock
+ dpt_i2o fix for deadlock condition
+ fix transfer direction in sd (kernel panic when ejecting iPod)
+ fix transfer direction in scsi_lib and st
- Updated kernel-fix-drivers-usb:
+ adapt microtek driver to new scsi features
+ usbhid: fix oops when connecting simulation devices generating unknown
simulation events
+ pl2303: add IDs for Siemens SX1 and x75 mobiles
+ pl2303: fix data length check in pl2303_update_line_status
- Updated kernel-fix-fs:
+ fix listxattr() for generic security attributes
+ ufs: inode->i_sem is not released in error path
- Updated kernel-fix-net:
+ fix processing of fib_lookup netlink messages
+ bonding: fix feature consolidation
+ bridge: recompute features when adding a new device
+ netfilter: fix CTA_PROTO_NUM attribute size in ctnetlink
+ netfilter: fix unbalanced read_unlock_bh in ctnetlink
+ ip_gre: fix hardware checksum modification
+ vlan: fix hardware rx csum errors
+ netfilter: fix NAT init order
+ netfilter: fix incorrect dependency for IP6_NF_TARGET_NFQUEUE
+ rtnetlink: fix RTNLGRP definitions in rtnetlink.h
+ bridge-nf: fix ipv6 length check
+ ipv6: fix route lifetime
+ ipsec: perform SA switchover immediately
+ IEEE80211_CRYPT_TKIP depends on NET_RADIO
- Updated kernel-fix-security:
+ updated CVE-2005-3257 fix patch:
- require CAP_SYS_TTY_CONFIG for KDSKBENT in addition to KDSKBSENT
- allow normal users to read current settings
+ CVE-2005-3623: nfsd: do not allow setting ACLs on readonly mounted NFS
filesystems
+ CVE-2005-4605: insanity avoidance in /proc
+ sysctl: don't overflow the user-supplied buffer with '\0'
+ sysctl: make sure to terminate strings with a NUL

tetex-2.0-alt12.src.rpm  сборка 2005-12-30

Группа: Издательство
О пакете: The TeX text formatting system
Изменения:

- SECURITY FIXES:
+ CVE-2004-0888
+ CVE-2004-1125
+ CVE-2005-0064
+ CVE-2005-3191, CVE-2005-3192
- Fix build: changed buildrequires flex -> flex-old
- Build with system w3c-libwww (this also fix CVE-2005-3183)

mailman-5:2.1.12-alt2.1.1.src.rpm  сборка 2005-12-09

Группа: Система/Серверы
О пакете: Mailing list manager with built in web access
Изменения:

- Fix for file permissions
- Patches for CVE-2005-3573

kernel-image-std-def-1:3.14.79-alt0.M70P.2.src.rpm  сборка 2005-12-04

Группа: Система/Ядро и оборудование
О пакете: The Linux kernel (the core of the Linux operating system)
Изменения:

- Restored x86_64 support; updated kernel config for x86_64.
- Updated kernel-fix-acpi:
+ fix HP nx8220 boot hang regression due to change in acpi_bus_find_driver()
+ prefer _CST over FADT for C-state capabilities (as written in the ACPI
standard)
+ support FADT P_LVL2_UP flag (C2 is valid for UP only)
+ properly detect pmtimer on ASUS A8V
+ fix null pointer deref in video/lcd/brightness
+ fix boot hang on HT boxes with broken BIOS reporting wrong ACPI IDs
+ allow return to active cooling mode once passive mode is entered
- Updated kernel-fix-drivers-ide:
+ via82cxxx: add VT6410 controller support
- Updated kernel-fix-fs:
+ xfs: fix umount/xfslogd deadlock
- Updated kernel-fix-security:
+ CVE-2005-3257: require root privileges for loading key mappings
+ CVE-2005-3857: remove time_out_leases() printk that's easily triggered by
users
+ CVE-2005-3808: fix 32bit integer overflow in invalidate_inode_pages2()

w3c-libwww-5.4.1-alt3.1.qa1.src.rpm  сборка 2005-12-04

Группа: Система/Библиотеки
О пакете: HTTP library of common code
Изменения:

- SECURITY FIX:
CVE-2005-3183 (DoS) - Fixed incorrect bounds checking in HTBoundary_put_block()
function in Library/src/HTBound.c. (Patch adopted from RH#159597)

kernel-image-sec-def-1:3.14.29-alt2.src.rpm  сборка 2005-11-30

Группа: Система/Ядро и оборудование
О пакете: The Linux kernel with GRsecurity patches
Изменения:

- 2.6.14.
- Temporarily removed x86_64 support (to be restored by arch maintainers).
- Removed kernel-fix-drivers-ieee1394, kernel-fix-drivers-input,
kernel-fix-drivers-media, kernel-feat-drivers-input (obsolete).
- Removed kernel-feat-drivers-video-splash (does not work currently).
- Removed kernel-feat-drivers-lirc (the patch is unmaintained, some drivers no
longer compile at all, others refer to symbols which no longer exist in the
kernel).
- Added kernel-fix-drivers-hwmon - fixes to hardware monitoring drivers:
+ it87: fix missing fan div init
+ lm78: fix VID conversion
+ w83627hf: fix missing boundary check when setting in0 limits
- Added kernel-feat-net-ieee80211 - IEEE 802.11 subsystem update (needed for
newer versions of ipw2x00 drivers; cannot be built separately, because now
there are some in-kernel drivers which use it).
- Added drivers/md/dm*.h headers to kernel-headers-modules-%flavour (#8443).
- Added drivers/media/video/bttv.h, drivers/media/video/bttvp.h to
kernel-headers-modules-%flavour (needed for separate compilation of lirc
modules).
- Updated kernel-fix-acpi:
+ updated the dsdt-initrd patch to version 0.7e for kernel 2.6.14
+ fix oops on processor module unload when ACPI is disabled
- Updated kernel-fix-build:
+ fix Kconfig dependencies (selecting NFSD_V4 forced CRYPTO_MD5 to be
builtin, even if NFSD was modular)
- Updated kernel-fix-core:
+ fix de_thread() vs send_group_sigqueue() race
+ fix ptrace self-attach rule
+ fix signal->live leak in copy_process()
+ ptrace: don't auto-reap traced children
+ x86_64/i386: Compute correct MTRR mask on early Noconas
+ fix crash when ptrace poking hugepage areas
- Updated kernel-fix-drivers-block:
+ fix oops on suspend after on-the-fly switch to anticipatory i/o scheduler
+ pktcdvd: fix possible oops in pkt_count_states() due to array overrun
- Updated kernel-fix-drivers-char:
+ fix soft lockup with ALSA rtc-timer due to the wrong irq handling in
rtc_control()
- Updated kernel-fix-drivers-net:
+ airo.c/airo_cs.c: correct prototypes
+ prism54: fix frame length setting bug which might result in information
leak
+ drivers/isdn/hardware/eicon/os_4bri.c: correct the xdiLoadFile() signature
+ generic HDLC WAN drivers: disable netif_carrier_off()
+ infiniband: fix a use-after-free
- Updated kernel-fix-drivers-scsi:
+ updated patch for old megaraid driver:
+ removed controllers which are supported by the new driver (megaraid_mbox)
from the table of supported devices
+ changed PCI driver name to megaraid_legacy to avoid conflict with the
newer driver
+ dpt_i2o: fix use-after-free
+ i2o_pci: fix use-after-free
+ fix SCSI_SATA_INTEL_COMBINED setting with modular IDE
+ add boot option to control Intel combined mode behavior (to allow DMA in
combined mode configs)
- Updated kernel-fix-drivers-usb:
+ USB: always export interface information for modalias
- Updated kernel-fix-fs:
+ VFS: fix memory leak with file leases
+ fix XFS_QUOTA for modular XFS
- Updated kernel-fix-net:
+ fix zero-size datagram reception
+ ipvs: fix connection leak if expire_nodest_conn=1
+ tcp: fix too large BIC max increment
+ ctnetlink: check if protoinfo is present
+ ctnetlink: fix oops when no ICMP ID info in message
+ ipv6: fix calculation of AH length during filling ancillary data
+ ipv6: fix memory management error during setting up new advapi sockopts
+ ipv6: fix sending extension headers before and including routing header
+ ip_conntrack: fix ftp/irc/tftp helpers on ports >= 32768
+ ip_conntrack TCP: Accept SYN+PUSH like SYN
+ NAT: fix module refcount dropping too far
+ nf_queue: fix Ooops when no queue handler registered
+ PPTP helper: fix endianness bug in GRE key / CallID NAT
+ PPTP helper: fix PNS-PAC expectation call id
+ fix refcount leak of proto when ctnetlink dumping tuple
- Updated kernel-fix-security:
+ fix syctls unregistration oops (CVE-2005-2709)

libgif-4.1.6-alt3.src.rpm  сборка 2005-11-03

Группа: Система/Библиотеки
О пакете: A library for manipulating GIF format image files
Изменения:

- Updated to 4.1.4 (fixes CVE-2005-2974 and CVE-2005-3350 but
the code remains far from clean yet).

fetchmail-6.3.23-alt2.src.rpm  сборка 2005-10-28

Группа: Сети/Почта
О пакете: Full-featured POP/IMAP/ETRN mail retrieval daemon
Изменения:

- Changed URL
- Updated to 6.2.5.2
- Update fetchmailconf 1.4.32 which fixes CVE-2005-3088
- Patch17 went upstream

apache-1.3.42rusPL30.24-alt5.src.rpm  сборка 2005-10-27

Группа: Система/Серверы
О пакете: The most widely used Web server on the Internet
Изменения:

- 1.3.34
- official security fixes:
+ CVE-2005-2088: If a request contains both Transfer-Encoding and
Content-Length headers, remove the Content-Length, mitigating some HTTP
Request Splitting/Spoofing attacks.
+ Added TraceEnable [on|off|extended] per-server directive to alter the
behavior of the TRACE method.
+ please note that CAN-2005-2088 fix (patch95) was already included
in 1.3.33rusPL30.20-alt4
- added default localhost configuration for mod_realip;
thanks Denis Smirnov (mithraen@)
- updated EAPI to 2.8.25
- updated RA to PL30.22

mpg321-0.3.2-alt1.src.rpm  сборка 2005-07-26

Группа: Звук
О пакете: A Free command-line mp3 player, compatible with mpg123
Изменения:

- security fix for #7465 (CVE-2003-0969: format string vulnerability)
- tarball updated from security.debian.org

squid_3.1-3.1.23-alt6.src.rpm  сборка 2005-05-12

Группа: Система/Серверы
О пакете: The Squid proxy caching server
Изменения:

- applied:
+ 2005-04-20 14:59 (Medium) Fails to process requests for files larger than 2GB in size
+ 2005-03-26 23:53 (Minor) rename() related cleanup
+ 2005-03-29 09:52 (Cosmetic) New cachemgr pending_objects and client_objects actions
+ 2005-03-30 22:51 (Cosmetic) external acls requiring authentication does not request new credentials on access denials like proxy_auth does.
+ 2005-04-26 04:42 (Cosmetic) should syslog to daemon facility not local4
+ 2005-04-20 21:36 (Cosmetic) Error template substitution for authenitcated user name
+ 2005-04-21 10:46 (Cosmetic) Missing newlines in debug statements
+ 2005-04-20 21:55 (Minor) fix transparent proxying when squid listens on NATed non-80 port
+ 2005-04-20 21:55 (Minor) Unable to run "squid -k" when hostname cannot be determined
+ 2005-04-21 10:31 (Cosmetic) Correctly read DOS/Windows formatted config files with CRLF as line terminator
+ 2005-04-22 20:21 (Minor) Unrecognized cache-control directives are silently dropped
+ 2005-04-24 16:35 (Minor) Make the use of the %m error page to return auth info messages
+ 2005-04-22 20:48 (Cosmetic) PID file check fails when chrooting
+ 2005-04-26 04:30 (Minor Security) Fix for CVE-1999-0710: cachemgr malicouse use
+ 2005-04-25 16:36 (Cosmetic) Minor aufs improvements
+ 2005-04-30 12:58 (Medium) Poor hot object cache hit ratio and sporadic assertion failed: store_swapin.c: e->mem_status == NOT_IN_MEMORY
+ 2005-05-01 10:58 (Cosmetic) Cosmetic change to DISKD statistics
+ 2005-05-04 18:09 (Minor) SNMP Agent updates to support SNMP Version 2 and bulk requests
+ 2005-05-08 14:01 (Cosmetic) Minor arp ACL improvements
+ 2005-05-09 01:51 (Minor) Allow dstdomain and dstdom_regex to match IP based hosts
+ 2005-05-11 19:19 (Security issue) DNS lookups unreliable on untrusted networks
+ 2005-05-10 22:33 (Medium) assertion failed: store_client.c:343: "storeSwapOutObjectBytesOnDisk(mem) > sc->copy_offset"
+ 2005-05-10 23:11 (Cosmetic) Extended documentation of the always_direct directive
- updated:
+ 2005-04-19 22:46 (Cosmetic) LDAP helpers fails to compile with SUN LDAP SDK
+ 2005-03-29 08:45 (Minor) Several minor aufs issues
- updated FAQ to v 1.250 2005/04/22
- enabled 2GB+ files support
- disabled aa patch for now

gpsd-2.94-alt2.1.src.rpm  сборка 2005-01-27

Группа: Система/Серверы
О пакете: Service daemon for mediating access to a GPS
Изменения:

- Embarrassing typo fix in gps.py. Avoid buffer overrun in xgps.c.
Plug Debian security bug 292347, CVE number CAN-2004-1388.
This version issued on an emergency basis without Python libraries,
which have packaging problems due to the 2.3/2.4 transition.

cvs-1.11.23-alt5.src.rpm  сборка 2004-06-08

Группа: Разработка/Прочее
О пакете: A version control system
Изменения:

- Applied upstream security fixes to CAN-2004-0414, CAN-2004-0416,
CAN-2004-0417, CAN-2004-0418, and to some minor bugs which didn't
appear to deserve CVE names. Thanks to Stefan Esser, Sebastian
Krahmer, and Derek Robert Price for finding and fixing these.

openssh-6.7p1-alt1.M70P.4.src.rpm  сборка 2003-08-25

Группа: Сети/Удалённый доступ
О пакете: OpenSSH free Secure Shell (SSH) implementation
Изменения:

- Removed explicit kernel dependence.
- Backported from CVS:
+ copy argv correctly to fix potential restart after SIGHUP
problem;
+ replace deprecated VerifyReverseMapping option with new
option, UseDNS (Owl) (CVE-2003-0386).

  « Первая            16     17     18         20  

 
Ветви:
свернуть окно
Проект Geyser основан на коде из проекта Prometheus 2.0, который был доступен по лицензии MIT