Sisyphus repositório
Última atualização: 18 dezembro 2018 | SRPMs: 18647 | Visitas: 12727161
en ru br
As correcções de segurança

kernel-image-std-pae-4.14.88-alt1   build Kernel Bot, 2018-12-13


- v4.14.88 (Fixes: CVE-2018-14625)

kernel-image-std-def-4.14.88-alt1   build Kernel Bot, 2018-12-13


- v4.14.88 (Fixes: CVE-2018-14625)

kernel-image-std-debug-4.14.88-alt1   build Kernel Bot, 2018-12-13


- v4.14.88 (Fixes: CVE-2018-14625)

kernel-image-un-def-4.19.9-alt1   build Kernel Bot, 2018-12-13


- v4.19.9 (Fixes: CVE-2018-14625)

firefox-esr-60.4.0-alt1   build Andrey Cherepanov, 2018-12-11


- New ESR version (60.4.0)
- Fixed:
+ CVE-2018-17466 Buffer overflow and out-of-bounds read in ANGLE library with TextureStorage11
+ CVE-2018-18492 Use-after-free with select element
+ CVE-2018-18493 Buffer overflow in accelerated 2D canvas with Skia
+ CVE-2018-18494 Same-origin policy violation using location attribute and performance.getEntries to steal cross-origin URLs
+ CVE-2018-18498 Integer overflow when calculating buffer sizes for images
+ CVE-2018-12405 Memory safety bugs fixed in Firefox 64 and Firefox ESR 60.4

cve-manager-0.19.0-alt1   build Alexey Appolonov, 2018-12-10


- Ability to run in multiprocessing mode;
- Ability to exclude data sources;
- Modified user interface of the cve-monitor;
- Showing CVSS score in cve-monitor reports;
- Ability to order monitoring results in various ways;
- Ability to group packages with unfixed vulnerabilities in cve-monitor reports;
- All printing operations carried by Printer class, which not only makes life
easier but brings cool features like buffering the input for later mailout;
- Ability to run in 'silent' mode;
- Ability to send emails with cve-monitor reports.

nettle-3.4.1-alt1   build Mikhail Efremov, 2018-12-06


- Updated to 3.4.1 (fixes: CVE-2018-16869).

kernel-image-std-pae-4.14.86-alt1   build Kernel Bot, 2018-12-06


- v4.14.86 (Fixes: CVE-2018-1128, CVE-2018-1129)

gnutls30-3.6.5-alt1   build Mikhail Efremov, 2018-12-06


- Updated to 3.6.5 (fixes: CVE-2018-16868).

kernel-image-std-def-4.14.86-alt1   build Kernel Bot, 2018-12-06


- v4.14.86 (Fixes: CVE-2018-1128, CVE-2018-1129)

polkit-0.115-alt4   build Alexey Shabalin, 2018-12-06


- updated to 0.115-23fd211e
- Port the JS authority to mozjs-60
- Move D-Bus policy file to /usr/share/dbus-1/system.d/
- Drop deprecated use of g_type_class_add_private()
- Allow negative uids/gids in PolkitUnixUser and Group objects (fixed CVE-2018-19788)

kernel-image-std-debug-4.14.86-alt1   build Kernel Bot, 2018-12-06


- v4.14.86 (Fixes: CVE-2018-1128, CVE-2018-1129)

wireshark-2.6.5-alt1   build Anton Farygin, 2018-12-03


- 2.6.5
- added devel package (closes: #29869)
- fixes:
* The Wireshark dissection engine could crash. CVE-2018-19625
* The DCOM dissector could crash. CVE-2018-19626
* The LBMPDM dissector could crash. CVE-2018-19623
* The MMSE dissector could go into an infinite loop. CVE-2018-19622
* The IxVeriWave file parser could crash. CVE-2018-19627
* The PVFS dissector could crash. CVE-2018-19624
* The ZigBee ZCL dissector could crash. CVE-2018-19628

kernel-image-std-pae-4.14.85-alt1   build Kernel Bot, 2018-12-02


- v4.14.85 (Fixes: CVE-2000-1134, CVE-2007-3852, CVE-2008-0525, CVE-2009-0416,
CVE-2011-4834, CVE-2015-1838, CVE-2015-7442, CVE-2016-7489)

kernel-image-std-def-4.14.85-alt1   build Kernel Bot, 2018-12-02


- v4.14.85 (Fixes: CVE-2000-1134, CVE-2007-3852, CVE-2008-0525, CVE-2009-0416,
CVE-2011-4834, CVE-2015-1838, CVE-2015-7442, CVE-2016-7489)

kernel-image-std-debug-4.14.85-alt1   build Kernel Bot, 2018-12-02


- v4.14.85 (Fixes: CVE-2000-1134, CVE-2007-3852, CVE-2008-0525, CVE-2009-0416,
CVE-2011-4834, CVE-2015-1838, CVE-2015-7442, CVE-2016-7489)

openslp-2.0.0-alt2   build Stanislav Levin, 2018-12-01


- Fixed libslp namespace (closes: #35692).
- Enabled SLPv2 Security.
- Enabled testing.
- Applied security fixes (fixes: CVE-2012-4428, CVE-2016-4912, CVE-2016-7567,
CVE-2017-17833).

node-10.14.1-alt1   build Vitaly Lipatov, 2018-11-30


- new version 10.14.1 (with rpmrb script)
- disable internal doc
- 2018-11-27, Version 10.14.0 'Dubnium' (LTS), @rvagg
- CVE-2018-12121, CVE-2018-12122, CVE-2018-12123

mariadb-10.3.11-alt1   build Alexey Shabalin, 2018-11-28


- 10.3.11
- Fixes for the following security vulnerabilities:
+ CVE-2018-3282
+ CVE-2016-9843
+ CVE-2018-3174
+ CVE-2018-3143
+ CVE-2018-3156
+ CVE-2018-3251
+ CVE-2018-3185
+ CVE-2018-3277
+ CVE-2018-3162
+ CVE-2018-3173
+ CVE-2018-3200
+ CVE-2018-3284

samba-DC-4.9.3-alt1   build Evgeny Sinelnikov, 2018-11-28


- Update to autumn security release
- Revert Samba DC to build with internal Heimdal Kerberos implementation
- Clean test module of third_party/iso8601 and subunit modules
- Security fixes:
+ CVE-2018-14629 Unprivileged adding of CNAME record causing loop in AD Internal DNS server
+ CVE-2018-16841 Double-free in Samba AD DC KDC with PKINIT
+ CVE-2018-16851 NULL pointer de-reference in Samba AD DC LDAP server
+ CVE-2018-16852 NULL pointer de-reference in Samba AD DC DNS servers
+ CVE-2018-16853 Samba AD DC S4U2Self crash in experimental MIT Kerberos configuration (unsupported)
+ CVE-2018-16857 Bad password count in AD DC not always effective

glibc-2.27-alt7   build Dmitry V. Levin, 2018-11-27


- Updated to glibc-2.27-89-g9f433fc791 from 2.27 branch
(fixes CVE-2018-19591).

libsoundtouch-2.1.1-alt1   build Yuri N. Sedunov, 2018-11-22


- 2.1.1 (fixed CVE-2018-17097)

kernel-image-std-pae-4.14.82-alt1   build Kernel Bot, 2018-11-22


- v4.14.82 (Fixes: CVE-2018-10940, CVE-2018-16658)

kernel-image-std-def-4.14.82-alt1   build Kernel Bot, 2018-11-22


- v4.14.82 (Fixes: CVE-2018-10940, CVE-2018-16658)

kernel-image-std-debug-4.14.82-alt1   build Kernel Bot, 2018-11-22


- v4.14.82 (Fixes: CVE-2018-10940, CVE-2018-16658)
 
projeto & código: Vladimir Lettiev aka crux © 2004-2005, Andrew Avramenko aka liks © 2007-2008
mantenedor atual: Michael Shigorin
mantenedor da tradução: Fernando Martini aka fmartini © 2009