Sisyphus repository
Last update: 29 may 2015 | SRPMs: 17919 | Visits: 6664772
en ru br
Security fixes

proftpd-1.3.5-alt1.gita31d0ab   build Konstantin A. Lepikhov, 2015-05-20

- Updated to 1.3.5-a31d0ab GIT fixing following CVEs:
+ CVE-2013-4359.
- Include the fix for Bug 4169 (Unauthenticated copying of files
via SITE CPFR/CPTO allowed by mod_copy).
- Configuration changes:
+ enabled pcre support;
+ enabled memcache support (mod_tls_memcache is using it).

kde4-webkitpart-1.3.4-alt2   build Sergey V Turchin, 2015-05-15

- security fix: CVE-2014-8600

qemu-2.3.0-alt2   build Alexey Shabalin, 2015-05-14

- fixed CVE-2015-3456

adobe-flash-player-11-alt44   build Sergey V Turchin, 2015-05-14

- new version
- security fixes:
CVE-2015-3044, CVE-2015-3077, CVE-2015-3078, CVE-2015-3079,
CVE-2015-3080, CVE-2015-3081, CVE-2015-3082, CVE-2015-3083,
CVE-2015-3084, CVE-2015-3085, CVE-2015-3086, CVE-2015-3087,
CVE-2015-3088, CVE-2015-3089, CVE-2015-3090, CVE-2015-3091,
CVE-2015-3092, CVE-2015-3093

docker-io-1.6.1-alt1   build Evgeny Sinelnikov, 2015-05-08

- Update to new version with security updates
+ Fix read/write /proc paths (CVE-2015-3630)
+ Prohibit VOLUME /proc and VOLUME / (CVE-2015-3631)
+ Fix opening of file-descriptor 1 (CVE-2015-3627)
+ Fix symlink traversal on container respawn allowing
local privilege escalation (CVE-2015-3629)
+ Prohibit mount of /sys

curl-7.42.1-alt1   build Anton Farygin, 2015-04-29

- new version, with fixes for CVE-2015-3153

wpa_supplicant-2.4-alt2   build Sergey Bolshakov, 2015-04-24

- CVE-2015-1863

curl-7.42.0-alt1   build Anton Farygin, 2015-04-22

- new version, with fixes for CVE-2015-3148, CVE-2015-3143, CVE-2015-3145
and CVE-2015-3144

adobe-flash-player-11-alt43   build Sergey V Turchin, 2015-04-15

- new version
- security fixes:
CVE-2015-0346, CVE-2015-0347, CVE-2015-0348, CVE-2015-0349,
CVE-2015-0350, CVE-2015-0351, CVE-2015-0352, CVE-2015-0353,
CVE-2015-0354, CVE-2015-0355, CVE-2015-0356, CVE-2015-0357,
CVE-2015-0358, CVE-2015-0359, CVE-2015-0360, CVE-2015-3038,
CVE-2015-3039, CVE-2015-3040, CVE-2015-3041, CVE-2015-3042,
CVE-2015-3043, CVE-2015-3044

chromium-41.0.2272.118-alt1   build Andrey Cherepanov, 2015-04-02

- New version
- Security fixes:
- Critical CVE-2015-1233: A special thanks to Anonymous for a
combination of V8, Gamepad and IPC bugs that can lead to remote
code execution outside of the sandbox.
- High CVE-2015-1234: Buffer overflow via race condition in GPU.

openssl10-1.0.1k-alt2   build Gleb F-Malinovskiy, 2015-03-19

- Fixed CVE-2015-0209, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288,
CVE-2015-0289, CVE-2015-0293.

adobe-flash-player-11-alt42   build Sergey V Turchin, 2015-03-13

- new version
- security fixes:
CVE-2015-0332, CVE-2015-0333, CVE-2015-0334, CVE-2015-0335,
CVE-2015-0336, CVE-2015-0337, CVE-2015-0338, CVE-2015-0339,
CVE-2015-0340, CVE-2015-0341, CVE-2015-0342

chromium-41.0.2272.76-alt1   build Andrey Cherepanov, 2015-03-04

- New version
- Security fixes:
- High CVE-2015-1212: Out-of-bounds write in media.
- High CVE-2015-1213: Out-of-bounds write in skia filters.
- High CVE-2015-1214: Out-of-bounds write in skia filters.
- High CVE-2015-1215: Out-of-bounds write in skia filters.
- High CVE-2015-1216: Use-after-free in v8 bindings.
- High CVE-2015-1217: Type confusion in v8 bindings.
- High CVE-2015-1218: Use-after-free in dom.
- High CVE-2015-1219: Integer overflow in webgl.
- High CVE-2015-1220: Use-after-free in gif decoder.
- High CVE-2015-1221: Use-after-free in web databases.
- High CVE-2015-1222: Use-after-free in service workers.
- High CVE-2015-1223: Use-after-free in dom.
- High CVE-2015-1230: Type confusion in v8.
- Medium CVE-2015-1224: Out-of-bounds read in vpxdecoder.
- Medium CVE-2015-1225: Out-of-bounds read in pdfium.
- Medium CVE-2015-1226: Validation issue in debugger.
- Medium CVE-2015-1227: Uninitialized value in blink.
- Medium CVE-2015-1228: Uninitialized value in rendering.
- Medium CVE-2015-1229: Cookie injection via proxies.

samba-4.1.17-alt1   build Anton V. Boyarshinov, 2015-02-23

- 4.1.17
- CVE-2015-0240 fixed

libvirt-1.2.12-alt1   build Alexey Shabalin, 2015-02-11

- 1.2.12
- fixed CVE-2015-0236

krb5-1.13-alt3   build Ivan A. Melnikov, 2015-02-08

- fix for MITKRB5-SA-2015-001 (CVE-2014-5352, CVE-2014-9421,
CVE-2014-9422, CVE-2014-9423)

adobe-flash-player-11-alt41   build Sergey V Turchin, 2015-02-06

- new version
- security fixes:
CVE-2015-0313, CVE-2015-0314, CVE-2015-0315, CVE-2015-0316,
CVE-2015-0317, CVE-2015-0318, CVE-2015-0319, CVE-2015-0320,
CVE-2015-0321, CVE-2015-0322, CVE-2015-0323, CVE-2015-0324,
CVE-2015-0325, CVE-2015-0326, CVE-2015-0327, CVE-2015-0328,
CVE-2015-0329, CVE-2015-0330

chromium-40.0.2214.111-alt1   build Andrey Cherepanov, 2015-02-06

- New version
- Security fixes:
- High CVE-2015-1211: Privilege escalation using service workers.

adobe-flash-player-11-alt40   build Sergey V Turchin, 2015-01-28

- new version
- security fixes: CVE-2015-0311, CVE-2015-0312

clamav-0.98.6-alt1   build Sergey Y. Afonin, 2015-01-28

- 0.98.6 (CVE-2014-9328)

pxz-4.999.9beta-alt3   build Michael Shigorin, 2015-01-27

- CVE-2015-1200 fix (patch from debian bug #775306)

adobe-flash-player-11-alt39   build Sergey V Turchin, 2015-01-23

- new version
- security fixes: CVE-2015-0310, CVE-2015-0311

chromium-40.0.2214.91-alt1   build Andrey Cherepanov, 2015-01-23

- New version
- Security fixes:
- High CVE-2014-7923: Memory corruption in ICU.
- High CVE-2014-7924: Use-after-free in IndexedDB.
- High CVE-2014-7925: Use-after-free in WebAudio.
- High CVE-2014-7926: Memory corruption in ICU.
- High CVE-2014-7927: Memory corruption in V8.
- High CVE-2014-7928: Memory corruption in V8.
- High CVE-2014-7930: Use-after-free in DOM.
- High CVE-2014-7931: Memory corruption in V8.
- High CVE-2014-7929: Use-after-free in DOM.
- High CVE-2014-7932: Use-after-free in DOM.
- High CVE-2014-7933: Use-after-free in FFmpeg.
- High CVE-2014-7934: Use-after-free in DOM.
- High CVE-2014-7935: Use-after-free in Speech.
- High CVE-2014-7936: Use-after-free in Views.
- High CVE-2014-7937: Use-after-free in FFmpeg.
- High CVE-2014-7938: Memory corruption in Fonts.
- High CVE-2014-7939: Same-origin-bypass in V8.
- Medium CVE-2014-7940: Uninitialized-value in ICU.
- Medium CVE-2014-7941: Out-of-bounds read in UI.
- Medium CVE-2014-7942: Uninitialized-value in Fonts.
- Medium CVE-2014-7943: Out-of-bounds read in Skia.
- Medium CVE-2014-7944: Out-of-bounds read in PDFium.
- Medium CVE-2014-7945: Out-of-bounds read in PDFium.
- Medium CVE-2014-7946: Out-of-bounds read in Fonts.
- Medium CVE-2014-7947: Out-of-bounds read in PDFium.
- Medium CVE-2014-7948: Caching error in AppCache.

openvpn-2.3.6-alt1   build Nikolay A. Fetisov, 2015-01-15

- New version 2.3.6
- CVE-2014-8104 (Closes: 30529)
- Adding pkcs11 support (Closes: 30614)
- Adding systemd service files (Closes: 28071)

adobe-flash-player-11-alt38   build Sergey V Turchin, 2015-01-14

design & coding: Vladimir Lettiev aka crux © 2004-2005, Andrew Avramenko aka liks © 2007-2008
current maintainer: Michael Shigorin