Репозиторий Sisyphus
Последнее обновление: 5 мая 2016 | Пакетов: 17323 | Посещений: 7423175
en ru br
Исправления уязвимостей

openssl10-1.0.2h-alt1   сборка Gleb F-Malinovskiy, 2016-05-03


- Updated to 1.0.2h (fixes CVE-2016-2105 CVE-2016-2106 CVE-2016-2107
CVE-2016-2109 CVE-2016-2176).

LibreSSL-2.3.4-alt1   сборка Vladimir D. Seleznev, 2016-05-03


- 2.3.4
- Fix multiple vulnerabilities in libcrypto relating to ASN.1 and encoding
(From OpenSSL):
+ Memory corruption in the ASN.1 encoder (CVE-2016-2108)
+ Padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
+ EVP_EncodeUpdate overflow (CVE-2016-2105)
+ EVP_EncryptUpdate overflow (CVE-2016-2106)
+ ASN.1 BIO excessive memory allocation (CVE-2016-2109)
- Minor build fixes.
- LibreSSL-openssl
+ Added conflict to openssl-doc

privoxy-3.0.24-alt1   сборка Denis Smirnov, 2016-04-30


- 3.0.24 (ALT #29857)
- CVE-2016-1982
- CVE-2016-1983

samba-4.4.2-alt2   сборка Andrey Cherepanov, 2016-04-28


- Fix CVE-2016-2110/NTLMSSP regression (https://bugzilla.samba.org/show_bug.cgi?id=11849)

samba-DC-4.4.2-alt2   сборка Andrey Cherepanov, 2016-04-28


- Fix CVE-2016-2110/NTLMSSP regression (https://bugzilla.samba.org/show_bug.cgi?id=11849)

krb5-1.14.2-alt1   сборка Alexey Shabalin, 2016-04-25


- 1.14.2
- fixed CVE-2015-2695,CVE-2015-2696,CVE-2015-2697,CVE-2015-2698,CVE-2015-8629,CVE-2015-8630,CVE-2015-8631,CVE-2016-3119
- allow verification of attributes on krb5.conf

samba-4.4.2-alt1   сборка Andrey Cherepanov, 2016-04-12


- New version
- Security fixes:
- CVE-2015-5370 (Multiple errors in DCE-RPC code)
- CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP)
- CVE-2016-2111 (NETLOGON Spoofing Vulnerability)
- CVE-2016-2112 (LDAP client and server don't enforce integrity)
- CVE-2016-2113 (Missing TLS certificate validation)
- CVE-2016-2114 ("server signing = mandatory" not enforced)
- CVE-2016-2115 (SMB IPC traffic is not integrity protected)
- CVE-2016-2118 (SAMR and LSA man in the middle attacks possible)

samba-DC-4.4.2-alt1   сборка Andrey Cherepanov, 2016-04-12


- New version
- Security fixes:
- CVE-2015-5370 (Multiple errors in DCE-RPC code)
- CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP)
- CVE-2016-2111 (NETLOGON Spoofing Vulnerability)
- CVE-2016-2112 (LDAP client and server don't enforce integrity)
- CVE-2016-2113 (Missing TLS certificate validation)
- CVE-2016-2114 ("server signing = mandatory" not enforced)
- CVE-2016-2115 (SMB IPC traffic is not integrity protected)
- CVE-2016-2118 (SAMR and LSA man in the middle attacks possible)

libwebkitgtk2-2.4.11-alt1   сборка Yuri N. Sedunov, 2016-04-10


- 2.4.11 (CVE-2015-1120, CVE-2015-1076, CVE-2015-1071, CVE-2015-1081, CVE-2015-1122,
CVE-2015-1155, CVE-2014-1748, CVE-2015-3752, CVE-2015-5809, CVE-2015-5928, CVE-2015-3749,
CVE-2015-3659, CVE-2015-3748, CVE-2015-3743, CVE-2015-3731, CVE-2015-3745, CVE-2015-5822,
CVE-2015-3658, CVE-2015-3741, CVE-2015-3727, CVE-2015-5801, CVE-2015-5788, CVE-2015-3747,
CVE-2015-5794, CVE-2015-1127, CVE-2015-1153, CVE-2015-1083)

adobe-flash-player-11-alt61   сборка Sergey V Turchin, 2016-04-08


- new version
- security fixes:
CVE-2016-1006, CVE-2016-1011, CVE-2016-1012, CVE-2016-1013,
CVE-2016-1014, CVE-2016-1015, CVE-2016-1016, CVE-2016-1017,
CVE-2016-1018, CVE-2016-1019, CVE-2016-1020, CVE-2016-1021,
CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025,
CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029,
CVE-2016-1030, CVE-2016-1031, CVE-2016-1032, CVE-2016-1033

chromium-49.0.2623.108-alt1   сборка Andrey Cherepanov, 2016-03-25


- New version
- Security fixes:
- High CVE-2016-1647: Use-after-free in Navigation.
- High CVE-2016-1648: Use-after-free in Extensions.
- High CVE-2016-1649: Buffer overflow in libANGLE.

v8-chromium-4.9.385.33-alt1   сборка Andrey Cherepanov, 2016-03-25


- New version for chromium-49.0.2623.108
- Security fixes:
- High CVE-2016-1646: Out-of-bounds read in V8.

git-2.6.5-alt3   сборка Dmitry V. Levin, 2016-03-17


- Merged jk/path-name-safety-2.6
(fixes CVEБ─▒2016Б─▒2315 and CVE-2016-2324; closes: #31896).

gnome-photos-3.18.3-alt1   сборка Yuri N. Sedunov, 2016-03-15


- 3.18.3 (CVE-2013-7447)

libwebkitgtk3-2.4.10-alt1   сборка Yuri N. Sedunov, 2016-03-14


- 2.4.10 (CVE-2015-1120, CVE-2015-1076, CVE-2015-1071, CVE-2015-1081,
CVE-2015-1122, CVE-2015-1155, CVE-2014-1748, CVE-2015-3752,
CVE-2015-5809, CVE-2015-5928, CVE-2015-3749, CVE-2015-3659,
CVE-2015-3748, CVE-2015-3743, CVE-2015-3731, CVE-2015-3745,
CVE-2015-5822, CVE-2015-3658, CVE-2015-3741, CVE-2015-3727,
CVE-2015-5801, CVE-2015-5788, CVE-2015-3747, CVE-2015-5794,
CVE-2015-1127, CVE-2015-1153, CVE-2015-1083)

libwebkitgtk4-2.10.8-alt1   сборка Yuri N. Sedunov, 2016-03-11


- 2.10.8 (CVE-2016-1726)

adobe-flash-player-11-alt60   сборка Sergey V Turchin, 2016-03-11


- new version
- security fixes:
CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0963,
CVE-2016-0986, CVE-2016-0987, CVE-2016-0988, CVE-2016-0989,
CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993,
CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997,
CVE-2016-0998, CVE-2016-0999, CVE-2016-1000, CVE-2016-1001,
CVE-2016-1002, CVE-2016-1005, CVE-2016-1010

chromium-49.0.2623.87-alt1   сборка Andrey Cherepanov, 2016-03-09


- New version
- Security fixes:
- High CVE-2016-1643: Type confusion in Blink.
- High CVE-2016-1644: Use-after-free in Blink.
- High CVE-2016-1645: Out-of-bounds write in PDFium.

libotr5-4.1.1-alt1   сборка Gleb F-Malinovskiy, 2016-03-09


- Updated to 4.1.1 (fixes CVE-2016-2851).

samba-DC-4.3.6-alt1   сборка Andrey Cherepanov, 2016-03-09


- New version (https://www.samba.org/samba/history/samba-4.3.6.html)
- Security fixes:
- CVE-2015-7560 (Incorrect ACL get/set allowed on symlink path)
- CVE-2016-0771 (Out-of-bounds read in internal DNS server)
- Do not use specified GID for wbpriv group

samba-4.3.6-alt1   сборка Andrey Cherepanov, 2016-03-09


- New version (https://www.samba.org/samba/history/samba-4.3.6.html)
- Security fixes:
- CVE-2015-7560 (Incorrect ACL get/set allowed on symlink path)
- CVE-2016-0771 (Out-of-bounds read in internal DNS server)
- Do not use specified GID for wbpriv group (ALT #31858)

chromium-49.0.2623.75-alt1   сборка Andrey Cherepanov, 2016-03-03


- New version
- Security fixes:
- High CVE-2016-1630: Same-origin bypass in Blink.
- High CVE-2016-1631: Same-origin bypass in Pepper Plugin.
- High CVE-2016-1632: Bad cast in Extensions.
- High CVE-2016-1633: Use-after-free in Blink.
- High CVE-2016-1634: Use-after-free in Blink.
- High CVE-2016-1635: Use-after-free in Blink.
- High CVE-2016-1636: SRI Validation Bypass.
- High CVE-2015-8126: Out-of-bounds access in libpng.
- Medium CVE-2016-1637: Information Leak in Skia.
- Medium CVE-2016-1638: WebAPI Bypass.
- Medium CVE-2016-1639: Use-after-free in WebRTC.
- Medium CVE-2016-1640: Origin confusion in Extensions UI.
- Medium CVE-2016-1641: Use-after-free in Favicon.

openssl10-1.0.2g-alt1   сборка Gleb F-Malinovskiy, 2016-03-01


- Updated to 1.0.2g (fixes CVE-2016-0701 CVE-2016-0702
CVE-2016-0705 CVE-2016-0797 CVE-2016-0798
CVE-2016-0799 CVE-2016-0800).
- Added default ciphers to system profile.

xymon-4.3.26-alt1   сборка Sergey Y. Afonin, 2016-02-26


- new version (CVE-2016-2054, CVE-2016-2055, CVE-2016-2056,
CVE-2016-2057, CVE-2016-2058 was fixed in previous 4.3.25)

ipsec-tools-0.8.2-alt1   сборка Alexey Shabalin, 2016-02-21


- 0.8.2
- fixed CVE-2015-4047
 
дизайн и разработка: Vladimir Lettiev aka crux © 2004-2005, Andrew Avramenko aka liks © 2007-2008
текущий майнтейнер: Michael Shigorin