As correcções de segurança
firefox-esr-60.7.1-alt1
build Andrey Cherepanov,
2019-06-18
- New ESR version (60.7.1).
- Fixed:
+ CVE-2019-11707 Type confusion in Array.pop
thunderbird-60.7.1-alt1 build Andrey Cherepanov, 2019-06-14
- New version (60.7.1).
- Fixed:
+ CVE-2019-11703 Heap buffer overflow in icalparser.c
+ CVE-2019-11704 Heap buffer overflow in icalvalue.c
+ CVE-2019-11705 Stack buffer overflow in icalrecur.c
+ CVE-2019-11706 Type confusion in icalproperty.c
- Enigmail 2.0.11.
- thunderbird-enigmail now requires pinentry-x11 (ALT #18790).
- Use juniorModeForceOff by default in Enigmail (ALT #36447).
- Fix l10n dtd of Enigmail.
vim-8.1.1517-alt1 build Gleb F-Malinovskiy, 2019-06-11
- Updated to 8.1.1517 (fixes: CVE-2019-12735) (ALT#36882).
glib2-2.60.4-alt1 build Yuri N. Sedunov, 2019-06-10
- 2.60.4 (fixed CVE-2019-12450)
mediawiki-1.32.2-alt1 build Vitaly Lipatov, 2019-06-06
- new version 1.32.2 (with rpmrb script)
- CVE-2019-12468, CVE-2019-12473, CVE-2019-12471
- CVE-2019-12472, CVE-2019-12474, CVE-2019-12467
- CVE-2019-12466, CVE-2019-12469, CVE-2019-12470
- CVE-2019-11358
libvirt-5.4.0-alt1 build Alexey Shabalin, 2019-06-04
- 5.4.0 (Fixes: CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091, CVE-2019-10132)
sqlite3-3.28.0-alt1 build Vladimir D. Seleznev, 2019-06-02
- 3.28.0 (Fixes: CVE-2019-9936, CVE-2019-9937)
php7-7.2.19-alt1 build Anton Farygin, 2019-06-01
- 7.2.19 (fixes: CVE-2019-11040)
- fixed build on mipsel by iv@
qemu-4.0.0-alt1 build Alexey Shabalin, 2019-05-31
- 4.0.0
- define md-clear CPUID bit
(fixes: CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091)
wireshark-3.0.2-alt1 build Anton Farygin, 2019-05-31
- 3.0.2
- fixes:
* Wireshark dissection engine crash. CVE-2019-12295
SPICE-0.14.2-alt1 build Alexey Shabalin, 2019-05-31
- 0.14.2 (fixes: CVE-2019-3813)
- build with gstreamer support
samba-4.10.3-alt1 build Evgeny Sinelikov, 2019-05-27
- Update to latest security release
- Security fixes:
+ CVE-2018-16860 Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum
libwebkitgtk4-2.24.2-alt1 build Yuri N. Sedunov, 2019-05-24
- 2.24.2 (fixed CVE-2019-8595, CVE-2019-8607, CVE-2019-8615)
libxml2-2.9.9.0.52.f824-alt1 build Alexey Shabalin, 2019-05-22
- v2.9.4-12-ge905f08 -> v2.9.9-52-gf824a4bd
(fixes: CVE-2017-9047, CVE-2017-9048, CVE-2017-9049, CVE-2017-9050,
CVE-2017-5969, CVE-2018-14404, CVE-2018-9251, CVE-2018-14567).
kernel-image-std-pae-4.19.45-alt1 build Kernel Bot, 2019-05-22
- v4.19.45 (Fixes: CVE-2019-11833)
kernel-image-std-def-4.19.45-alt1 build Kernel Bot, 2019-05-22
- v4.19.45 (Fixes: CVE-2019-11833)
curl-7.65.0-alt1 build Anton Farygin, 2019-05-22
- 7.65.0
- fixes:
* CVE-2019-5435: Integer overflows in curl_url_set
* CVE-2019-5436: tftp: use the current blksize for recvfrom
kernel-image-std-debug-4.19.45-alt1 build Kernel Bot, 2019-05-22
- v4.19.45 (Fixes: CVE-2019-11833)
kernel-image-un-def-5.0.18-alt1 build Kernel Bot, 2019-05-22
- v5.0.18 (Fixes: CVE-2019-11833)
firefox-67.0-alt1 build Alexey Gladkov, 2019-05-22
- New release (67.0).
- Fixed:
+ CVE-2019-9815: Disable hyperthreading on content JavaScript threads on macOS
+ CVE-2019-9816: Type confusion with object groups and UnboxedObjects
+ CVE-2019-9817: Stealing of cross-domain images using canvas
+ CVE-2019-9818: Use-after-free in crash generation server
+ CVE-2019-9819: Compartment mismatch with fetch API
+ CVE-2019-9820: Use-after-free of ChromeEventHandler by DocShell
+ CVE-2019-9821: Use-after-free in AssertWorkerThread
+ CVE-2019-11691: Use-after-free in XMLHttpRequest
+ CVE-2019-11692: Use-after-free removing listeners in the event listener manager
+ CVE-2019-11693: Buffer overflow in WebGL bufferdata on Linux
+ CVE-2019-7317: Use-after-free in png_image_free of libpng library
+ CVE-2019-11694: Uninitialized memory memory leakage in Windows sandbox
+ CVE-2019-11695: Custom cursor can render over user interface outside of web content
+ CVE-2019-11696: Java web start .JNLP files are not recognized as executable files for download prompts
+ CVE-2019-11697: Pressing key combinations can bypass installation prompt delays and install extensions
+ CVE-2019-11698: Theft of user history data through drag and drop of hyperlinks to and from bookmarks
+ CVE-2019-11700: res: protocol can be used to open known local files
+ CVE-2019-11699: Incorrect domain name highlighting during page navigation
+ CVE-2019-11701: webcal: protocol default handler loads vulnerable web page
+ CVE-2019-9814: Memory safety bugs fixed in Firefox 67
+ CVE-2019-9800: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7
firefox-esr-60.7.0-alt1 build Andrey Cherepanov, 2019-05-21
- New ESR version (60.7.0).
- Fixed:
+ CVE-2019-9815 Disable hyperthreading on content JavaScript threads on macOS
+ CVE-2019-9816 Type confusion with object groups and UnboxedObjects
+ CVE-2019-9817 Stealing of cross-domain images using canvas
+ CVE-2019-9818 Use-after-free in crash generation server
+ CVE-2019-9819 Compartment mismatch with fetch API
+ CVE-2019-9820 Use-after-free of ChromeEventHandler by DocShell
+ CVE-2019-11691 Use-after-free in XMLHttpRequest
+ CVE-2019-11692 Use-after-free removing listeners in the event listener manager
+ CVE-2019-11693 Buffer overflow in WebGL bufferdata on Linux
+ CVE-2019-7317 Use-after-free in png_image_free of libpng library
+ CVE-2019-9797 Cross-origin theft of images with createImageBitmap
+ CVE-2018-18511 Cross-origin theft of images with ImageBitmapRenderingContext
+ CVE-2019-11694 Uninitialized memory memory leakage in Windows sandbox
+ CVE-2019-11698 Theft of user history data through drag and drop of hyperlinks to and from bookmarks
+ CVE-2019-5798 Out-of-bounds read in Skia
+ CVE-2019-9800 Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7
thunderbird-60.7.0-alt1 build Andrey Cherepanov, 2019-05-20
- New version (60.7.0).
- Fixed:
+ CVE-2019-9815 Disable hyperthreading on content JavaScript threads on macOS
+ CVE-2019-9816 Type confusion with object groups and UnboxedObjects
+ CVE-2019-9817 Stealing of cross-domain images using canvas
+ CVE-2019-9818 Use-after-free in crash generation server
+ CVE-2019-9819 Compartment mismatch with fetch API
+ CVE-2019-9820 Use-after-free of ChromeEventHandler by DocShell
+ CVE-2019-11691 Use-after-free in XMLHttpRequest
+ CVE-2019-11692 Use-after-free removing listeners in the event listener manager
+ CVE-2019-11693 Buffer overflow in WebGL bufferdata on Linux
+ CVE-2019-7317 Use-after-free in png_image_free of libpng library
+ CVE-2019-9797 Cross-origin theft of images with createImageBitmap
+ CVE-2018-18511 Cross-origin theft of images with ImageBitmapRenderingContext
+ CVE-2019-11694 Uninitialized memory memory leakage in Windows sandbox
+ CVE-2019-11698 Theft of user history data through drag and drop of hyperlinks to and from bookmarks
+ CVE-2019-5798 Out-of-bounds read in Skia
+ CVE-2019-9800 Memory safety bugs fixed in Firefox 67, Firefox ESR 60.7, and Thunderbird 60.7
firmware-intel-ucode-9-alt1.20190514 build L.A. Kostis, 2019-05-20
- Sync with Debian 3.20190514.1:
+ New upstream microcode datafile 20190514
+ SECURITY UPDATE
Implements MDS mitigation (RIDL, Fallout, Zombieload), INTEL-SA-00223
CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
+ New Microcodes:
sig 0x00030678, pf_mask 0x02, 2019-04-22, rev 0x0838, size 52224
sig 0x00030678, pf_mask 0x0c, 2019-04-22, rev 0x0838, size 52224
sig 0x00030679, pf_mask 0x0f, 2019-04-23, rev 0x090c, size 52224
sig 0x000406c3, pf_mask 0x01, 2019-04-23, rev 0x0368, size 69632
sig 0x000406c4, pf_mask 0x01, 2019-04-23, rev 0x0411, size 68608
sig 0x00050657, pf_mask 0xbf, 2019-02-27, rev 0x5000021, size 47104
+ Updated Microcodes:
sig 0x000206a7, pf_mask 0x12, 2019-02-17, rev 0x002f, size 12288
sig 0x000306a9, pf_mask 0x12, 2019-02-13, rev 0x0021, size 14336
sig 0x000306c3, pf_mask 0x32, 2019-02-26, rev 0x0027, size 23552
sig 0x000306d4, pf_mask 0xc0, 2019-03-07, rev 0x002d, size 19456
sig 0x000306e4, pf_mask 0xed, 2019-03-14, rev 0x042e, size 16384
sig 0x000306e7, pf_mask 0xed, 2019-03-14, rev 0x0715, size 17408
sig 0x000306f2, pf_mask 0x6f, 2019-03-01, rev 0x0043, size 34816
sig 0x000306f4, pf_mask 0x80, 2019-03-01, rev 0x0014, size 18432
sig 0x00040651, pf_mask 0x72, 2019-02-26, rev 0x0025, size 21504
sig 0x00040661, pf_mask 0x32, 2019-02-26, rev 0x001b, size 25600
sig 0x00040671, pf_mask 0x22, 2019-03-07, rev 0x0020, size 14336
sig 0x000406e3, pf_mask 0xc0, 2019-04-01, rev 0x00cc, size 100352
sig 0x000406f1, pf_mask 0xef, 2019-03-02, rev 0xb000036, size 30720
sig 0x00050654, pf_mask 0xb7, 2019-04-02, rev 0x200005e, size 32768
sig 0x00050662, pf_mask 0x10, 2019-03-23, rev 0x001a, size 32768
sig 0x00050663, pf_mask 0x10, 2019-03-23, rev 0x7000017, size 24576
sig 0x00050664, pf_mask 0x10, 2019-03-23, rev 0xf000015, size 23552
sig 0x00050665, pf_mask 0x10, 2019-03-23, rev 0xe00000d, size 19456
sig 0x000506c9, pf_mask 0x03, 2019-01-15, rev 0x0038, size 17408
sig 0x000506ca, pf_mask 0x03, 2019-03-01, rev 0x0016, size 15360
sig 0x000506e3, pf_mask 0x36, 2019-04-01, rev 0x00cc, size 100352
sig 0x000506f1, pf_mask 0x01, 2019-03-21, rev 0x002e, size 11264
sig 0x000706a1, pf_mask 0x01, 2019-01-02, rev 0x002e, size 73728
sig 0x000806e9, pf_mask 0x10, 2019-04-01, rev 0x00b4, size 98304
sig 0x000806e9, pf_mask 0xc0, 2019-04-01, rev 0x00b4, size 99328
sig 0x000806ea, pf_mask 0xc0, 2019-04-01, rev 0x00b4, size 99328
sig 0x000806eb, pf_mask 0xd0, 2019-03-30, rev 0x00b8, size 98304
sig 0x000806ec, pf_mask 0x94, 2019-03-30, rev 0x00b8, size 97280
sig 0x000906e9, pf_mask 0x2a, 2019-04-01, rev 0x00b4, size 99328
sig 0x000906ea, pf_mask 0x22, 2019-04-01, rev 0x00b4, size 98304
sig 0x000906eb, pf_mask 0x02, 2019-04-01, rev 0x00b4, size 99328
sig 0x000906ec, pf_mask 0x22, 2019-02-14, rev 0x00ae, size 98304
sig 0x000906ed, pf_mask 0x22, 2019-03-17, rev 0x00b8, size 97280
cve-manager-0.22.0-alt1 build Alexey Appolonov, 2019-05-19
- Multithreading is arranged in a more optimal way;
- 'Complete' matching is not performed for a packages that got one of the
special prefixes ('python-module', 'perl', ...);
- Enhanced algorithm of the 'partial' matching;
- Package names that differ only by numerical part at the end
(so called 'relatives') is handled more wisely during mapping;
- Issues that differ only in additional part of CPE is ignored;
- cve-monitor is using only senior branches (that must be specified
in the conf) in 'cure' suggestions, 'cure' suggestions is optional;
- cve-monitor is placing too long lists of vulnerable versions in footnotes
of the reports.
kernel-image-std-pae-4.19.43-alt1 build Kernel Bot, 2019-05-15
projeto & código: Vladimir Lettiev aka crux © 2004-2005,
Andrew Avramenko aka liks © 2007-2008
mantenedor atual: Michael Shigorin
mantenedor da tradução: Fernando Martini aka fmartini © 2009
mantenedor atual: Michael Shigorin
mantenedor da tradução: Fernando Martini aka fmartini © 2009