Репозиторий Sisyphus
Последнее обновление: 25 мая 2018 | Пакетов: 18367 | Посещений: 11552586
en ru br
Исправления уязвимостей

wireshark-2.6.1-alt1.S1   сборка Anton Farygin, 2018-05-24


- 2.6.1 (fixes: CVE-2018-11359, CVE-2018-11361, CVE-2018-11358, CVE-2018-11360, CVE-2018-11356, CVE-2018-11357, CVE-2018-11355, CVE-2018-11354, CVE-2018-11362)

kernel-image-std-def-4.9.101-alt1   сборка Kernel Bot, 2018-05-21


- v4.9.101 (Fixes: CVE-2018-1120)

kernel-image-un-def-4.16.10-alt1   сборка Kernel Bot, 2018-05-21


- v4.16.10 (Fixes: CVE-2018-1120)

thunderbird-52.8.0-alt1   сборка Andrey Cherepanov, 2018-05-19


- New version (52.8.0).
- Enigmail 2.0.4.
- Fixes:
+ CVE-2018-5183 Backport critical security fixes in Skia
+ CVE-2018-5184 Full plaintext recovery in S/MIME via chosen-ciphertext attack
+ CVE-2018-5154 Use-after-free with SVG animations and clip paths
+ CVE-2018-5155 Use-after-free with SVG animations and text paths
+ CVE-2018-5159 Integer overflow and out-of-bounds write in Skia
+ CVE-2018-5161 Hang via malformed headers
+ CVE-2018-5162 Encrypted mail leaks plaintext through src attribute
+ CVE-2018-5170 Filename spoofing for external attachments
+ CVE-2018-5168 Lightweight themes can be installed without user interaction
+ CVE-2018-5178 Buffer overflow during UTF-8 to Unicode string conversion through legacy extension
+ CVE-2018-5185 Leaking plaintext through HTML forms
+ CVE-2018-5150 Memory safety bugs fixed in Firefox 60, Firefox ESR 52.8, and Thunderbird 52.8
- Build in several threads.

glusterfs3-3.12.9-alt1   сборка Vitaly Lipatov, 2018-05-17


- new version 3.12.9 (with rpmrb script)
- CVE-2018-1088

firefox-60.0.1-alt1   сборка Alexey Gladkov, 2018-05-17


- New release (60.0.1).
- Fixed:
+ CVE-2018-5154: Use-after-free with SVG animations and clip paths
+ CVE-2018-5155: Use-after-free with SVG animations and text paths
+ CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF files
+ CVE-2018-5158: Malicious PDF can inject JavaScript into PDF Viewer
+ CVE-2018-5159: Integer overflow and out-of-bounds write in Skia
+ CVE-2018-5160: Uninitialized memory use by WebRTC encoder
+ CVE-2018-5152: WebExtensions information leak through webRequest API
+ CVE-2018-5153: Out-of-bounds read in mixed content websocket messages
+ CVE-2018-5163: Replacing cached data in JavaScript Start-up Bytecode Cache
+ CVE-2018-5164: CSP not applied to all multipart content sent with multipart/x-mixed-replace
+ CVE-2018-5166: WebExtension host permission bypass through filterReponseData
+ CVE-2018-5167: Improper linkification of chrome: and javascript: content in web console and JavaScript debugger
+ CVE-2018-5168: Lightweight themes can be installed without user interaction
+ CVE-2018-5169: Dragging and dropping link text onto home button can set home page to include chrome pages
+ CVE-2018-5172: Pasted script from clipboard can run in the Live Bookmarks page or PDF viewer
+ CVE-2018-5173: File name spoofing of Downloads panel with Unicode characters
+ CVE-2018-5174: Windows Defender SmartScreen UI runs with less secure behavior for downloaded files in Windows 10 April 2018 Update
+ CVE-2018-5175: Universal CSP bypass on sites using strict-dynamic in their policies
+ CVE-2018-5176: JSON Viewer script injection
+ CVE-2018-5177: Buffer overflow in XSLT during number formatting
+ CVE-2018-5165: Checkbox for enabling Flash protected mode is inverted in 32-bit Firefox
+ CVE-2018-5180: heap-use-after-free in mozilla::WebGLContext::DrawElementsInstanced
+ CVE-2018-5181: Local file can be displayed in noopener tab through drag and drop of hyperlink
+ CVE-2018-5182: Local file can be displayed from hyperlink dragged and dropped on addressbar
+ CVE-2018-5151: Memory safety bugs fixed in Firefox 60
+ CVE-2018-5150: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8

curl-7.60.0-alt1.S1   сборка Anton Farygin, 2018-05-16


- 7.60.0
- fixes:
* CVE-2018-1000300 FTP shutdown response buffer overflow
* CVE-2018-1000301 RTSP bad headers buffer over-read

kernel-image-un-def-4.16.9-alt1   сборка Kernel Bot, 2018-05-16


- v4.16.9 (Fixes: CVE-2018-1000200)

postgresql10-10.4-alt1   сборка Alexei Takaseev, 2018-05-09


- 10.4
- Fix CVE-2018-1115

postgresql9.3-9.3.23-alt1   сборка Alexei Takaseev, 2018-05-09


- 9.3.23
- Fix CVE-2018-1115

postgresql9.4-9.4.18-alt1   сборка Alexei Takaseev, 2018-05-09


- 9.4.18
- Fix CVE-2018-1115

postgresql9.5-9.5.13-alt1   сборка Alexei Takaseev, 2018-05-09


- 9.5.13
- Fix CVE-2018-1115

postgresql9.6-1C-9.6.9-alt1   сборка Alexei Takaseev, 2018-05-09


- 9.6.9
- Fix CVE-2018-1115

postgresql9.6-9.6.9-alt1   сборка Alexei Takaseev, 2018-05-09


- 9.6.9
- Fix CVE-2018-1115

php5-5.6.36-alt1.S1   сборка Anton Farygin, 2018-05-08


- 5.6.33 (fixes: CVE-2018-10549, CVE-2018-10546, CVE-2018-10548, CVE-2018-10547, CVE-2018-10545, CVE-2018-7584)

libwebkitgtk4-2.20.2-alt1   сборка Yuri N. Sedunov, 2018-05-08


- 2.20.2 (fixed CVE-2018-4200)

adobe-flash-player-ppapi-29-alt1.S1   сборка Sergey V Turchin, 2018-05-07


- new version (ALT#34555)
- security fixes:
CVE-2018-4919, CVE-2018-4920, CVE-2018-4932, CVE-2018-4933,
CVE-2018-4934, CVE-2018-4935, CVE-2018-4936, CVE-2018-4937

kernel-image-std-pae-4.4.131-alt1   сборка Kernel Bot, 2018-05-06


- v4.4.131 (Fixes: CVE-2018-1093)

kernel-image-std-def-4.9.98-alt1   сборка Kernel Bot, 2018-05-06


- v4.9.98 (Fixes: CVE-2018-1093, CVE-2018-1108)

kernel-image-un-def-4.16.7-alt1   сборка Kernel Bot, 2018-05-06


- v4.16.7 (Fixes: CVE-2018-1093, CVE-2018-1108)

plasma5-kwallet-pam-5.12.5-alt1.S1   сборка Sergey V Turchin, 2018-05-03


- new version
- security fixes: CVE-2018-10380

kernel-image-std-pae-4.4.129-alt1   сборка Kernel Bot, 2018-04-24


- v4.4.129 (Fixes: CVE-2018-1092)

kernel-image-std-def-4.9.96-alt1   сборка Kernel Bot, 2018-04-24


- v4.9.96 (Fixes: CVE-2018-1092, CVE-2018-1108)

kernel-image-un-def-4.16.4-alt1   сборка Kernel Bot, 2018-04-24


- v4.16.4 (Fixes: CVE-2018-1092, CVE-2018-1094, CVE-2018-1095, CVE-2018-1108)

kernel-image-std-def-4.9.95-alt1   сборка Kernel Bot, 2018-04-21


- v4.9.95 (Fixes: CVE-2017-5715)
 
дизайн и разработка: Vladimir Lettiev aka crux © 2004-2005, Andrew Avramenko aka liks © 2007-2008
текущий майнтейнер: Michael Shigorin