Sisyphus repositório
Última atualização: 4 setembro 2015 | SRPMs: 18217 | Visitas: 6835521
en ru br
As correcções de segurança

chromium-45.0.2454.85-alt1   build Andrey Cherepanov, 2015-09-02


- New version
- Security fixes:
- High CVE-2015-1291: Cross-origin bypass in DOM.
- High CVE-2015-1292: Cross-origin bypass in ServiceWorker.
- High CVE-2015-1293: Cross-origin bypass in DOM.
- High CVE-2015-1294: Use-after-free in Skia.
- High CVE-2015-1295: Use-after-free in Printing.
- High CVE-2015-1296: Character spoofing in omnibox.
- Medium CVE-2015-1297: Permission scoping error in WebRequest.
- Medium CVE-2015-1298: URL validation error in extensions.
- Medium CVE-2015-1299: Use-after-free in Blink.
- Medium CVE-2015-1300: Information leak in Blink.

libvdpau-1.1.1-alt1   build Sergey V Turchin, 2015-09-01


- new version
- security fixes: CVE-2015-5198, CVE-2015-5199, CVE-2015-5200

adobe-flash-player-11-alt52   build Sergey V Turchin, 2015-08-12


- new version
- security fixes:
CVE-2015-3107, CVE-2015-5124, CVE-2015-5125, CVE-2015-5127,
CVE-2015-5128, CVE-2015-5129, CVE-2015-5130, CVE-2015-5131,
CVE-2015-5132, CVE-2015-5133, CVE-2015-5134, CVE-2015-5539,
CVE-2015-5540, CVE-2015-5541, CVE-2015-5544, CVE-2015-5545,
CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549,
CVE-2015-5550, CVE-2015-5551, CVE-2015-5552, CVE-2015-5553,
CVE-2015-5554, CVE-2015-5555, CVE-2015-5556, CVE-2015-5557,
CVE-2015-5558, CVE-2015-5559, CVE-2015-5560, CVE-2015-5561,
CVE-2015-5562, CVE-2015-5563, CVE-2015-5564

libarchive-3.1.2-alt2   build Sergey V Turchin, 2015-08-05


- merge SuSE and FC patches
- security fixes: CVE-2013-0211

bind-9.9.7-alt1   build Fr. Br. George, 2015-07-28


- Update to ftp://ftp.isc.org/isc/bind9/9.9.7-P1/bind-9.9.7-P1.tar.gz
- CVE-2015-5477 fix

adobe-flash-player-11-alt51   build Sergey V Turchin, 2015-07-18


- new version
- security fixes: CVE-2015-5122, CVE-2015-5123

xymon-4.3.21-alt1   build Sergey Y. Afonin, 2015-07-17


- new version (CVE-2015-1430 was fixed in previous 4.3.18)
- moved binaries from /usr/lib to /usr/libexec
(xymonserver.cfg of earlier installed package should be updated manualy)
- removed "Requires: ntp" (but ntpdate and ntpq may be needed
in some installations)

adobe-flash-player-11-alt50   build Sergey V Turchin, 2015-07-14


- fix changelog
- security NOT fixed: CVE-2015-5122, CVE-2015-5123

openssl10-1.0.1k-alt4   build Gleb F-Malinovskiy, 2015-07-09


- Fixed CVE-2015-1793.

adobe-flash-player-11-alt47   build Sergey V Turchin, 2015-07-08


- new version
- security fixes:
CVE-2014-0578, CVE-2015-3097, CVE-2015-3114, CVE-2015-3115,
CVE-2015-3116, CVE-2015-3117, CVE-2015-3118, CVE-2015-3119,
CVE-2015-3120, CVE-2015-3121, CVE-2015-3122, CVE-2015-3123,
CVE-2015-3124, CVE-2015-3125, CVE-2015-3126, CVE-2015-3127,
CVE-2015-3128, CVE-2015-3129, CVE-2015-3130, CVE-2015-3131,
CVE-2015-3132, CVE-2015-3133, CVE-2015-3134, CVE-2015-3135,
CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, CVE-2015-4429,
CVE-2015-4430, CVE-2015-4431, CVE-2015-4432, CVE-2015-4433,
CVE-2015-5116, CVE-2015-5117, CVE-2015-5118, CVE-2015-5119

chromium-43.0.2357.130-alt1   build Andrey Cherepanov, 2015-06-29


- New version
- Security fixes:
- High CVE-2015-1266: Scheme validation error in WebUI.
- High CVE-2015-1268: Cross-origin bypass in Blink.
- Medium CVE-2015-1267: Cross-origin bypass in Blink.
- Medium CVE-2015-1269: Normalization error in HSTS/HPKP preload list.
- use more external shared libraries (especially libv8)

adobe-flash-player-11-alt46   build Sergey V Turchin, 2015-06-24


- new version
- security fixes: CVE-2015-3113

curl-7.43.0-alt1   build Anton Farygin, 2015-06-19


- new version, with fixes for CVE-2015-3236, CVE-2015-3237

libssh-0.6.5-alt1   build Sergey V Turchin, 2015-06-17


- new version
- security fix: CVE-2015-3146

qemu-2.3.0-alt3   build Alexey Shabalin, 2015-06-15


- add aarch64-softmmu to target_list_system
- fixed CVE-2015-4037, CVE-2015-3209

openssl10-1.0.1k-alt3   build Gleb F-Malinovskiy, 2015-06-15


- Fixed CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792,
CVE-2015-0209, CVE-2015-4000.

kernel-image-ovz-el-2.6.32-alt134   build Gleb F-Malinovskiy, 2015-06-12


- Updated to 042stab108.3 (CVE-2015-2925).

adobe-flash-player-11-alt45   build Sergey V Turchin, 2015-06-10


- new version
- security fixes:
CVE-2015-3096, CVE-2015-3097, CVE-2015-3098, CVE-2015-3099,
CVE-2015-3100, CVE-2015-3101, CVE-2015-3102, CVE-2015-3103,
CVE-2015-3104, CVE-2015-3105, CVE-2015-3106, CVE-2015-3107,
CVE-2015-3108

strongswan-5.3.2-alt1   build Michael Shigorin, 2015-06-09


- new version (watch file uupdate)
+ fixes CVE-2015-4171: client info disclosure, see
https://www.strongswan.org/blog/2015/06/08/

polkit-0.112-alt4   build Yuri N. Sedunov, 2015-06-09


- updated to 264cc195e (fixed FDO bugs #90879, 90877, 76358, 90829(CVE-2015-3218))

strongswan-5.3.1-alt1   build Michael Shigorin, 2015-06-02


- new version (watch file uupdate)
+ fixes CVE-2015-3991: DoS with potential code execution, see
https://www.strongswan.org/blog/2015/06/01/

proftpd-1.3.5-alt1.gita31d0ab   build Konstantin A. Lepikhov, 2015-05-20


- Updated to 1.3.5-a31d0ab GIT fixing following CVEs:
+ CVE-2013-4359.
- Include the fix for Bug 4169 (Unauthenticated copying of files
via SITE CPFR/CPTO allowed by mod_copy).
- Configuration changes:
+ enabled pcre support;
+ enabled memcache support (mod_tls_memcache is using it).

chromium-43.0.2357.65-alt1   build Andrey Cherepanov, 2015-05-20


- New version
- Security fixes:
- High CVE-2015-1252: Sandbox escape in Chrome.
- High CVE-2015-1253: Cross-origin bypass in DOM.
- High CVE-2015-1254: Cross-origin bypass in Editing.
- High CVE-2015-1255: Use-after-free in WebAudio.
- High CVE-2015-1256: Use-after-free in SVG.
- High CVE-2015-1251: Use-after-free in Speech.
- Medium CVE-2015-1257: Container-overflow in SVG.
- Medium CVE-2015-1258: Negative-size parameter in Libvpx.
- Medium CVE-2015-1259: Uninitialized value in PDFium.
- Medium CVE-2015-1260: Use-after-free in WebRTC.
- Medium CVE-2015-1261: URL bar spoofing.
- Medium CVE-2015-1262: Uninitialized value in Blink.
- Low CVE-2015-1263: Insecure download of spellcheck dictionary.
- Low CVE-2015-1264: Cross-site scripting in bookmarks.

kde4-webkitpart-1.3.4-alt2   build Sergey V Turchin, 2015-05-15


- security fix: CVE-2014-8600

qemu-2.3.0-alt2   build Alexey Shabalin, 2015-05-14


- fixed CVE-2015-3456
 
projeto & código: Vladimir Lettiev aka crux © 2004-2005, Andrew Avramenko aka liks © 2007-2008
mantenedor atual: Michael Shigorin
mantenedor da tradução: Fernando Martini aka fmartini © 2009