Sisyphus repositório
Última atualização: 27 junho 2016 | SRPMs: 17416 | Visitas: 7619040
en ru br
As correcções de segurança

wget-1.18-alt1   build Michael Shigorin, 2016-06-10


- 1.18 (fixes CVE-2016-4971: untrusted filenames when following
HTTP to FTP redirects)

glibc-2.23-alt3   build Gleb F-Malinovskiy, 2016-06-09


- Backported upstream fixes for sw bugs: 19648 19703 19861 20005 20010
20012 20111 20112 (including fix for CVE-2016-4429).
- Backported upstream implementation of group merging (NSS).

openssl10-1.0.2h-alt2   build Gleb F-Malinovskiy, 2016-06-08


- Backported upstream fix for CVE-2016-2178.

gnutls30-3.4.13-alt1   build Mikhail Efremov, 2016-06-07


- Updated BR for tests.
- Updated to 3.4.13 (CVE-2016-4456).

ImageMagick-6.9.4.7-alt1   build Anton Farygin, 2016-06-05


- new version with fixes for CVE-2016-5118 (closes: #32174)

nginx-1.10.1-alt1   build Denis Smirnov, 2016-06-01


- 1.10.1
- CVE-2016-4450

libwebkitgtk4-2.12.3-alt1   build Yuri N. Sedunov, 2016-05-31


- 2.12.3 (fixed VE-2016-1857, CVE-2016-1856)

qemu-2.6.0-alt1   build Alexey Shabalin, 2016-05-13


- 2.6.0
- fixed CVE-2015-8558,CVE-2015-8619,CVE-2016-1981,CVE-2016-3710,CVE-2016-3712
- move virtfs-proxy-helper and qemu-bridge-helper to from qemu-img to qemu-system
- ignore test failures for check
- add vhost-net manage to control
- disable xen support

adobe-flash-player-11-alt62   build Sergey V Turchin, 2016-05-13


- new version
- security fixes:
CVE-2016-1096, CVE-2016-1097, CVE-2016-1098, CVE-2016-1099,
CVE-2016-1100, CVE-2016-1101, CVE-2016-1102, CVE-2016-1103,
CVE-2016-1104, CVE-2016-1105, CVE-2016-1106, CVE-2016-1107,
CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108,
CVE-2016-4109, CVE-2016-4110, CVE-2016-4111, CVE-2016-4112,
CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4116,
CVE-2016-4117

glibc-2.23-alt2   build Gleb F-Malinovskiy, 2016-05-10


- Backported upstream fixes for sw bugs:
19679, 19758, 19759, 19762, 19791, 19792, 19822, 19879
(including fixes for CVE-2016-1234, CVE-2016-3075, CVE-2016-3706).

cacti-0.8.8h-alt1   build Alexey Shabalin, 2016-05-10


- 0.8.8h
- fixed CVE-2014-2326,CVE-2014-2327,CVE-2014-2328,CVE-2014-5025,
CVE-2014-5026,CVE-2014-4002,CVE-2013-5588,CVE-2013-5589,
CVE-2015-4342,CVE-2015-4634,CVE-2015-8377,CVE-2015-8604,
CVE-2016-3659

squid-3.5.19-alt1   build Gleb F-Malinovskiy, 2016-05-09


- Updated to 3.5.19 (inludes fixes for CVE-2016-4553, CVE-2016-4554,
CVE-2016-4555, CVE-2016-4556).

autotrace-0.31.1-alt6   build Anton Farygin, 2016-05-06


- fixed CVE-2013-1953

openssl10-1.0.2h-alt1   build Gleb F-Malinovskiy, 2016-05-03


- Updated to 1.0.2h (fixes CVE-2016-2105 CVE-2016-2106 CVE-2016-2107
CVE-2016-2109 CVE-2016-2176).

LibreSSL-2.3.4-alt1   build Vladimir D. Seleznev, 2016-05-03


- 2.3.4
- Fix multiple vulnerabilities in libcrypto relating to ASN.1 and encoding
(From OpenSSL):
+ Memory corruption in the ASN.1 encoder (CVE-2016-2108)
+ Padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
+ EVP_EncodeUpdate overflow (CVE-2016-2105)
+ EVP_EncryptUpdate overflow (CVE-2016-2106)
+ ASN.1 BIO excessive memory allocation (CVE-2016-2109)
- Minor build fixes.
- LibreSSL-openssl
+ Added conflict to openssl-doc

privoxy-3.0.24-alt1   build Denis Smirnov, 2016-04-30


- 3.0.24 (ALT #29857)
- CVE-2016-1982
- CVE-2016-1983

samba-4.4.2-alt2   build Andrey Cherepanov, 2016-04-28


- Fix CVE-2016-2110/NTLMSSP regression (https://bugzilla.samba.org/show_bug.cgi?id=11849)

samba-DC-4.4.2-alt2   build Andrey Cherepanov, 2016-04-28


- Fix CVE-2016-2110/NTLMSSP regression (https://bugzilla.samba.org/show_bug.cgi?id=11849)

krb5-1.14.2-alt1   build Alexey Shabalin, 2016-04-25


- 1.14.2
- fixed CVE-2015-2695,CVE-2015-2696,CVE-2015-2697,CVE-2015-2698,CVE-2015-8629,CVE-2015-8630,CVE-2015-8631,CVE-2016-3119
- allow verification of attributes on krb5.conf

samba-DC-4.4.2-alt1   build Andrey Cherepanov, 2016-04-12


- New version
- Security fixes:
- CVE-2015-5370 (Multiple errors in DCE-RPC code)
- CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP)
- CVE-2016-2111 (NETLOGON Spoofing Vulnerability)
- CVE-2016-2112 (LDAP client and server don't enforce integrity)
- CVE-2016-2113 (Missing TLS certificate validation)
- CVE-2016-2114 ("server signing = mandatory" not enforced)
- CVE-2016-2115 (SMB IPC traffic is not integrity protected)
- CVE-2016-2118 (SAMR and LSA man in the middle attacks possible)

samba-4.4.2-alt1   build Andrey Cherepanov, 2016-04-12


- New version
- Security fixes:
- CVE-2015-5370 (Multiple errors in DCE-RPC code)
- CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP)
- CVE-2016-2111 (NETLOGON Spoofing Vulnerability)
- CVE-2016-2112 (LDAP client and server don't enforce integrity)
- CVE-2016-2113 (Missing TLS certificate validation)
- CVE-2016-2114 ("server signing = mandatory" not enforced)
- CVE-2016-2115 (SMB IPC traffic is not integrity protected)
- CVE-2016-2118 (SAMR and LSA man in the middle attacks possible)

libwebkitgtk2-2.4.11-alt1   build Yuri N. Sedunov, 2016-04-10


- 2.4.11 (CVE-2015-1120, CVE-2015-1076, CVE-2015-1071, CVE-2015-1081, CVE-2015-1122,
CVE-2015-1155, CVE-2014-1748, CVE-2015-3752, CVE-2015-5809, CVE-2015-5928, CVE-2015-3749,
CVE-2015-3659, CVE-2015-3748, CVE-2015-3743, CVE-2015-3731, CVE-2015-3745, CVE-2015-5822,
CVE-2015-3658, CVE-2015-3741, CVE-2015-3727, CVE-2015-5801, CVE-2015-5788, CVE-2015-3747,
CVE-2015-5794, CVE-2015-1127, CVE-2015-1153, CVE-2015-1083)

adobe-flash-player-11-alt61   build Sergey V Turchin, 2016-04-08


- new version
- security fixes:
CVE-2016-1006, CVE-2016-1011, CVE-2016-1012, CVE-2016-1013,
CVE-2016-1014, CVE-2016-1015, CVE-2016-1016, CVE-2016-1017,
CVE-2016-1018, CVE-2016-1019, CVE-2016-1020, CVE-2016-1021,
CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025,
CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029,
CVE-2016-1030, CVE-2016-1031, CVE-2016-1032, CVE-2016-1033

chromium-49.0.2623.108-alt1   build Andrey Cherepanov, 2016-03-25


- New version
- Security fixes:
- High CVE-2016-1647: Use-after-free in Navigation.
- High CVE-2016-1648: Use-after-free in Extensions.
- High CVE-2016-1649: Buffer overflow in libANGLE.

v8-chromium-4.9.385.33-alt1   build Andrey Cherepanov, 2016-03-25


- New version for chromium-49.0.2623.108
- Security fixes:
- High CVE-2016-1646: Out-of-bounds read in V8.
 
projeto & código: Vladimir Lettiev aka crux © 2004-2005, Andrew Avramenko aka liks © 2007-2008
mantenedor atual: Michael Shigorin
mantenedor da tradução: Fernando Martini aka fmartini © 2009