As correcções de segurança
clamav-0.98.6-alt1
build Sergey Y. Afonin,
2015-01-28
- 0.98.6 (CVE-2014-9328)
adobe-flash-player-11-alt40 build Sergey V Turchin, 2015-01-28
- new version
- security fixes: CVE-2015-0311, CVE-2015-0312
pxz-4.999.9beta-alt3 build Michael Shigorin, 2015-01-27
- CVE-2015-1200 fix (patch from debian bug #775306)
adobe-flash-player-11-alt39 build Sergey V Turchin, 2015-01-23
- new version
- security fixes: CVE-2015-0310, CVE-2015-0311
chromium-40.0.2214.91-alt1 build Andrey Cherepanov, 2015-01-23
- New version
- Security fixes:
- High CVE-2014-7923: Memory corruption in ICU.
- High CVE-2014-7924: Use-after-free in IndexedDB.
- High CVE-2014-7925: Use-after-free in WebAudio.
- High CVE-2014-7926: Memory corruption in ICU.
- High CVE-2014-7927: Memory corruption in V8.
- High CVE-2014-7928: Memory corruption in V8.
- High CVE-2014-7930: Use-after-free in DOM.
- High CVE-2014-7931: Memory corruption in V8.
- High CVE-2014-7929: Use-after-free in DOM.
- High CVE-2014-7932: Use-after-free in DOM.
- High CVE-2014-7933: Use-after-free in FFmpeg.
- High CVE-2014-7934: Use-after-free in DOM.
- High CVE-2014-7935: Use-after-free in Speech.
- High CVE-2014-7936: Use-after-free in Views.
- High CVE-2014-7937: Use-after-free in FFmpeg.
- High CVE-2014-7938: Memory corruption in Fonts.
- High CVE-2014-7939: Same-origin-bypass in V8.
- Medium CVE-2014-7940: Uninitialized-value in ICU.
- Medium CVE-2014-7941: Out-of-bounds read in UI.
- Medium CVE-2014-7942: Uninitialized-value in Fonts.
- Medium CVE-2014-7943: Out-of-bounds read in Skia.
- Medium CVE-2014-7944: Out-of-bounds read in PDFium.
- Medium CVE-2014-7945: Out-of-bounds read in PDFium.
- Medium CVE-2014-7946: Out-of-bounds read in Fonts.
- Medium CVE-2014-7947: Out-of-bounds read in PDFium.
- Medium CVE-2014-7948: Caching error in AppCache.
openvpn-2.3.6-alt1 build Nikolay A. Fetisov, 2015-01-15
- New version 2.3.6
- CVE-2014-8104 (Closes: 30529)
- Adding pkcs11 support (Closes: 30614)
- Adding systemd service files (Closes: 28071)
adobe-flash-player-11-alt38 build Sergey V Turchin, 2015-01-14
- new version
- security fixes:
CVE-2015-0301, CVE-2015-0302, CVE-2015-0303, CVE-2015-0304,
CVE-2015-0305, CVE-2015-0306, CVE-2015-0307, CVE-2015-0308,
CVE-2015-0309
openssl10-1.0.1k-alt1 build Gleb F-Malinovskiy, 2015-01-12
- Updated to 1.0.1k (fixes CVE-2014-3571, CVE-2015-0206, CVE-2014-3569,
CVE-2014-3572, CVE-2015-0204, CVE-2015-0205, CVE-2014-8275,
CVE-2014-3570) (closes: 30644).
strongswan-5.2.2-alt1 build Michael Shigorin, 2015-01-05
- new version (watch file uupdate)
- fixes CVE-2014-9221 (DoS)
krb5-1.13-alt2 build Alexey Shabalin, 2014-12-23
- fixed CVE-2014-5353, CVE-2014-5354
libvirt-1.2.11-alt1 build Alexey Shabalin, 2014-12-18
- 1.2.11
- fixed CVE-2014-7823,CVE-2014-8135,CVE-2014-8136,CVE-2014-8131
adobe-flash-player-11-alt37 build Sergey V Turchin, 2014-12-10
- new version
- security fixes:
CVE-2014-0580, CVE-2014-0587, CVE-2014-8443, CVE-2014-9162,
CVE-2014-9163, CVE-2014-9164
adobe-flash-player-11-alt36 build Sergey V Turchin, 2014-11-26
- new version
- security fixes: CVE-2014-8439
chromium-39.0.2171.65-alt1 build Andrey Cherepanov, 2014-11-21
- New version
- Security fixes:
- High CVE-2014-7899: Address bar spoofing.
- High CVE-2014-7900: Use-after-free in pdfium.
- High CVE-2014-7901: Integer overflow in pdfium.
- High CVE-2014-7902: Use-after-free in pdfium.
- High CVE-2014-7903: Buffer overflow in pdfium.
- High CVE-2014-7904: Buffer overflow in Skia.
- High CVE-2014-7905: Flaw allowing navigation to intents that do not
have the BROWSABLE category.
- High CVE-2014-7906: Use-after-free in pepper plugins.
- High CVE-2014-0574: Double-free in Flash.
- High CVE-2014-7907: Use-after-free in blink.
- High CVE-2014-7908: Integer overflow in media.
- Medium CVE-2014-7909: Uninitialized memory read in Skia.
- Mark all files in /etc/chromium as config
- Strip Chromium executables to disable debuginfo generation (became too
huge)
adobe-flash-player-11-alt35 build Sergey V Turchin, 2014-11-12
- new version
- security fixes:
CVE-2014-0573, CVE-2014-0574, CVE-2014-0576, CVE-2014-0577,
CVE-2014-0581, CVE-2014-0582, CVE-2014-0583, CVE-2014-0584,
CVE-2014-0585, CVE-2014-0586, CVE-2014-0588, CVE-2014-0589,
CVE-2014-0590, CVE-2014-8437, CVE-2014-8438, CVE-2014-8440,
CVE-2014-8441, CVE-2014-8442
krb5-1.13-alt1 build Alexey Shabalin, 2014-10-31
- 1.13
- fixed CVE-2014-5351
- move header from /usr/include/krb5 to /usr/include
- drop kdcrotate service
- update krb5.conf:
+ add [logging] example
+ add [realms] example
+ add [domain_realm] example
+ define default_ccache_name as KEYRING:persistent:%{uid}
openssl10-1.0.1j-alt1 build Gleb F-Malinovskiy, 2014-10-30
- Updated to 1.0.1j (fixes CVE-2014-3512, CVE-2014-3511, CVE-2014-3510,
CVE-2014-3507, CVE-2014-3506, CVE-2014-3505, CVE-2014-3509,
CVE-2014-5139, CVE-2014-3508, CVE-2014-3513, CVE-2014-3567,
CVE-2014-3566, CVE-2014-3568).
- Updated patches from Fedora openssl-1.0.1j-2.
- kssl.h: include <krb5/krb5.h> instead of <krb5/krb5/krb5.h> (ldv@).
wget-1.15-alt2 build Michael Shigorin, 2014-10-28
- added upstream patch for CVE-2014-4877 (arbitrary symlink access)
+ not packaging 1.16 yet due to progresbar regressions in UTF-8 locales
pidgin-2.10.10-alt1 build Gleb F-Malinovskiy, 2014-10-27
- New version (CVE-2014-3694, CVE-2014-3695, CVE-2014-3696, CVE-2014-3697
CVE-2014-3698).
adobe-flash-player-11-alt34 build Sergey V Turchin, 2014-10-15
- new version
- security fixes: CVE-2014-0570, CVE-2014-0571, CVE-2014-0572
rsyslog-8.4.2-alt1 build Alexey Shabalin, 2014-10-09
- 8.4.2 (v8-stable)
- fixed CVE-2014-3634, CVE-2014-3683
chromium-38.0.2125.101-alt1 build Andrey Cherepanov, 2014-10-09
- New version
- Security fixes:
- Critical CVE-2014-3188: A special thanks to Juri Aedla for a
combination of V8 and IPC bugs that can lead to remote code
execution outside of the sandbox.
- High CVE-2014-3189: Out-of-bounds read in PDFium.
- High CVE-2014-3190: Use-after-free in Events.
- High CVE-2014-3191: Use-after-free in Rendering.
- High CVE-2014-3192: Use-after-free in DOM.
- High CVE-2014-3193: Type confusion in Session Management.
- High CVE-2014-3194: Use-after-free in Web Workers.
- Medium CVE-2014-3195: Information Leak in V8.
- Medium CVE-2014-3197: Information Leak in XSS Auditor.
- Medium CVE-2014-3198: Out-of-bounds read in PDFium.
- Low CVE-2014-3199: Release Assert in V8 bindings.
- Replace chromium-support-ModeSwitch-key.patch by upstream version from
commit 8585724
libvirt-1.2.9-alt1 build Alexey Shabalin, 2014-10-03
- 1.2.9
- fixed CVE-2014-3633, CVE-2014-3657
bash4-4.2.50-alt1 build Dmitry V. Levin, 2014-09-28
- Updated to 4.2 patchlevel 50 (fixes: CVE-2014-6278).
bash-3.2.53-alt1 build Dmitry V. Levin, 2014-09-26
- Updated to 3.2 patchlevel 53.
- Applied OOB array access fix from Florian Weimer
(fixes: CVE-2014-7186, CVE-2014-7187).
projeto & código: Vladimir Lettiev aka crux © 2004-2005,
Andrew Avramenko aka liks © 2007-2008
mantenedor atual: Michael Shigorin
mantenedor da tradução: Fernando Martini aka fmartini © 2009
mantenedor atual: Michael Shigorin
mantenedor da tradução: Fernando Martini aka fmartini © 2009