Репозиторий Sisyphus
Последнее обновление: 16 февраля 2020 | Пакетов: 17493 | Посещений: 17401309
en ru br
Исправления уязвимостей

systemd-244.3-alt1   сборка Alexey Shabalin, 2020-02-16


- 244.3 (Fixes: CVE-2020-1712)

kernel-image-std-def-5.4.19-alt1   сборка Kernel Bot, 2020-02-13


- v5.4.19 (Fixes: CVE-2013-1798, CVE-2019-3016)

kernel-image-un-def-5.5.3-alt1   сборка Kernel Bot, 2020-02-13


- v5.5.3 (Fixes: CVE-2013-1798, CVE-2019-3016)

postgresql10-10.12-alt1   сборка Alexei Takaseev, 2020-02-12


- 10.12 (Fixes CVE-2020-1720)

postgresql11-11.7-alt1   сборка Alexei Takaseev, 2020-02-12


- 11.7 (Fixes CVE-2020-1720)

firefox-esr-68.5.0-alt1   сборка Andrey Cherepanov, 2020-02-12


- New ESR version (68.5.0).
- Fixed:
+ CVE-2020-6796 Missing bounds check on shared memory read in the parent process
+ CVE-2020-6797 Extensions granted downloads.open permission could open arbitrary applications on Mac OSX
+ CVE-2020-6798 Incorrect parsing of template tag could result in JavaScript injection
+ CVE-2020-6799 Arbitrary code execution when opening pdf links from other applications, when Firefox is configured as default pdf reader
+ CVE-2020-6800 Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5

postgresql12-12.2-alt1   сборка Alexei Takaseev, 2020-02-12


- 12.2 (Fixes CVE-2020-1720)

postgresql9.6-9.6.17-alt1   сборка Alexei Takaseev, 2020-02-12


- 9.6.17 (Fixes CVE-2020-1720)

postgresql11-1C-11.5-alt4   сборка Alexei Takaseev, 2020-02-12


- Fix priv checks for ALTER <object> DEPENDS ON EXTENSION (Fixes CVE-2020-1720)

thunderbird-68.5.0-alt1   сборка Andrey Cherepanov, 2020-02-12


- New version (68.5.0).
- Fixed:
+ CVE-2020-6793 Out-of-bounds read when processing certain email messages
+ CVE-2020-6794 Setting a master password post-Thunderbird 52 does not delete unencrypted previously stored passwords
+ CVE-2020-6795 Crash processing S/MIME messages with multiple signatures
+ CVE-2020-6797 Extensions granted downloads.open permission could open arbitrary applications on Mac OSX
+ CVE-2020-6798 Incorrect parsing of template tag could result in JavaScript injection
+ CVE-2020-6792 Message ID calculcation was based on uninitialized data
+ CVE-2020-6800 Memory safety bugs fixed in Thunderbird 68.5

node-13.8.0-alt1   сборка Vitaly Lipatov, 2020-02-11


- new version 13.8.0 (with rpmrb script)
- CVE-2019-15606, CVE-2019-15605, CVE-2019-15604

mariadb-10.4.12-alt1   сборка Alexey Shabalin, 2020-02-09


- 10.4.12
- Fixes for the following security vulnerabilities:
+ CVE-2020-2574
+ CVE-2020-2574

kernel-image-std-def-5.4.17-alt1   сборка Kernel Bot, 2020-02-07


- v5.4.17 (Fixes: CVE-2019-14896, CVE-2019-14897)

qt5-base-5.12.6-alt3   сборка Sergey V Turchin, 2020-02-06


- security (Fixes: CVE-2020-0569, CVE-2020-0570)

kernel-image-std-pae-4.19.102-alt1   сборка Kernel Bot, 2020-02-05


- v4.19.102 (Fixes: CVE-2019-11477, CVE-2019-11478, CVE-2019-11479)

kernel-image-std-def-4.19.102-alt1   сборка Kernel Bot, 2020-02-05


- v4.19.102 (Fixes: CVE-2019-11477, CVE-2019-11478, CVE-2019-11479)

kernel-image-std-debug-4.19.102-alt1   сборка Kernel Bot, 2020-02-05


- v4.19.102 (Fixes: CVE-2019-11477, CVE-2019-11478, CVE-2019-11479)

php7-7.3.14-alt1   сборка Anton Farygin, 2020-02-04


- 7.3.14 (Fixes: CVE-2020-7060, CVE-2020-7059)

kernel-image-un-def-5.4.17-alt1   сборка Kernel Bot, 2020-02-04


- v5.4.17(Fixes:_CVE-2019-14896,_CVE-2019-14897)

chromium-79.0.3945.130-alt1   сборка Alexey Gladkov, 2020-02-03


- New version (79.0.3945.130).
- Security fixes:
- CVE-2019-13767: Use after free in media picker.
- CVE-2020-6377: Use after free in audio.
- CVE-2020-6378: Use-after-free in speech recognizer.
- CVE-2020-6379: Use-after-free in speech recognizer.
- CVE-2020-6380: Extension message verification error.

cve-manager-0.29.4-alt1   сборка Alexey Appolonov, 2020-01-25


- cve-monitor reports take less memory space (by means of not including
useless space symbols).

samba-4.10.13-alt1   сборка Evgeny Sinelikov, 2020-01-24


- Update to latest stable release of the Samba 4.10
- Security fixes:
+ CVE-2019-14902: Replication of ACLs set to inherit down a subtree on AD Directory not automatic
+ CVE-2019-14907: Crash after failed character conversion at log level 3 or above
+ CVE-2019-19344: Use after free during DNS zone scavenging in Samba AD DC

sqlite3-3.31.0-alt1   сборка Vladimir D. Seleznev, 2020-01-23


- 3.31.0 (Fixes: CVE-2019-19923, CVE-2019-19924, CVE-2019-19925,
CVE-2019-19926).

firefox-72.0.2-alt1   сборка Alexey Gladkov, 2020-01-23


- New release (72.0.2).
- Security fixes:
+ CVE-2019-17015: Memory corruption in parent process during new content process initialization on Windows
+ CVE-2019-17016: Bypass of @namespace CSS sanitization during pasting
+ CVE-2019-17017: Type Confusion in XPCVariant.cpp
+ CVE-2019-17018: Windows Keyboard in Private Browsing Mode may retain word suggestions
+ CVE-2019-17019: Python files could be inadvertently executed upon opening a download
+ CVE-2019-17020: Content Security Policy not applied to XSL stylesheets applied to XML documents
+ CVE-2019-17021: Heap address disclosure in parent process during content process initialization on Windows
+ CVE-2019-17022: CSS sanitization does not escape HTML tags
+ CVE-2019-17023: NSS may negotiate TLS 1.2 or below after a TLS 1.3 HelloRetryRequest had been sent
+ CVE-2019-17024: Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4
+ CVE-2019-17025: Memory safety bugs fixed in Firefox 72
+ CVE-2019-17026: IonMonkey type confusion with StoreElementHole and FallibleStoreElement

nss-3.49.1-alt1   сборка Alexey Gladkov, 2020-01-23


- New version (3.49.1).
- Security fixes:
+ CVE-2019-17023: Additional HRR Tests
- Certificate Authority Changes:
+ Add Entrust Root Certification Authority - G4 Cert
 
дизайн и разработка: Vladimir Lettiev aka crux © 2004-2005, Andrew Avramenko aka liks © 2007-2008
текущий майнтейнер: Michael Shigorin