Репозиторий Sisyphus
Последнее обновление: 19 января 2021 | Пакетов: 17773 | Посещений: 20079567
en ru br
Исправления уязвимостей

libexif-0.6.22-alt3   сборка Dmitriy Khanzhin, 2021-01-19


- added upstream commit:
+ fixed a incorrect overflow check that could be optimized away
(fixes CVE-2020-0452)

openvswitch-2.14.1-alt1   сборка Alexey Shabalin, 2021-01-19


- 2.14.1 (Fixes: CVE-2015-8011, CVE-2020-27827)

edk2-aarch64-20201127-alt1   сборка Alexey Shabalin, 2021-01-17


- edk2-stable202011 (Fixes: CVE-2019-14584, CVE-2019-11098)

edk2-20201127-alt1   сборка Alexey Shabalin, 2021-01-17


- edk2-stable202011 (Fixes: CVE-2019-14584, CVE-2019-11098)

italc3-3.0.3-alt3   сборка Andrey Cherepanov, 2021-01-15


- Apply patches from Debian (fixes CVE-2018-15127, CVE-2018-20019, CVE-2018-20020, CVE-2018-20021, CVE-2018-20022, CVE-2018-20023, CVE-2018-20024, CVE-2018-20748, CVE-2018-20748, CVE-2018-20748, CVE-2018-20748, CVE-2018-20749, CVE-2018-20750, CVE-2018-7225, CVE-2019-15681).

kernel-image-un-def-5.10.7-alt1   сборка Kernel Bot, 2021-01-13


- v5.10.7 (Fixes: CVE-2020-28374)

kernel-image-std-debug-5.4.89-alt1   сборка Kernel Bot, 2021-01-13


- v5.4.89 (Fixes: CVE-2020-28374)

kernel-image-std-def-5.4.89-alt1   сборка Kernel Bot, 2021-01-13


- v5.4.89 (Fixes: CVE-2020-28374)

dovecot-2.3.13-alt1   сборка Andrey Cherepanov, 2021-01-12


- Updated to 2.3.13 (fixes CVE-2020-24386, CVE-2020-25275).

thunderbird-78.6.1-alt1   сборка Andrey Cherepanov, 2021-01-12


- New version (78.6.1).
- Security fixes:
+ CVE-2020-16044 Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk

chromium-gost-87.0.4280.141-alt0   сборка Alexey Gladkov, 2021-01-08


- New version (87.0.4280.141).
- Security fixes:
- CVE-2020-15995: Out of bounds write in V8.
- CVE-2020-16043: Insufficient data validation in networking.
- CVE-2021-21106: Use after free in autofill.
- CVE-2021-21107: Use after free in drag and drop.
- CVE-2021-21108: Use after free in media.
- CVE-2021-21109: Use after free in payments.
- CVE-2021-21110: Use after free in safe browsing.
- CVE-2021-21111: Insufficient policy enforcement in WebUI.
- CVE-2021-21112: Use after free in Blink.
- CVE-2021-21113: Heap buffer overflow in Skia.
- CVE-2021-21114: Use after free in audio.
- CVE-2021-21115: Use after free in safe browsing.
- CVE-2021-21116: Heap buffer overflow in audio.

chromium-87.0.4280.141-alt1   сборка Alexey Gladkov, 2021-01-08


- New version (87.0.4280.141).
- Security fixes:
- CVE-2020-15995: Out of bounds write in V8.
- CVE-2020-16043: Insufficient data validation in networking.
- CVE-2021-21106: Use after free in autofill.
- CVE-2021-21107: Use after free in drag and drop.
- CVE-2021-21108: Use after free in media.
- CVE-2021-21109: Use after free in payments.
- CVE-2021-21110: Use after free in safe browsing.
- CVE-2021-21111: Insufficient policy enforcement in WebUI.
- CVE-2021-21112: Use after free in Blink.
- CVE-2021-21113: Heap buffer overflow in Skia.
- CVE-2021-21114: Use after free in audio.
- CVE-2021-21115: Use after free in safe browsing.
- CVE-2021-21116: Heap buffer overflow in audio.

firefox-84.0.2-alt1   сборка Alexey Gladkov, 2021-01-06


- New release (84.0.2).
- Security fixes:
+ CVE-2020-16044: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk
- Add firefox GNOME Shell search provider.
- Enable smooth scrolling option.

firefox-esr-78.6.1-alt1   сборка Andrey Cherepanov, 2021-01-06


- New version (78.6.1).
- Security fixes:
+ CVE-2020-16044 Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk

curl-7.74.0-alt1   сборка Anton Farygin, 2020-12-30


- 7.74.0
- Fixes:
* CVE-2020-8286 Inferior OCSP verification
* CVE-2020-8285 FTP wildcard stack overflow
* CVE-2020-8284 trusting FTP PASV responses

libopenjpeg2.0-2.4.0-alt1   сборка Yuri N. Sedunov, 2020-12-29


- updated to v2.4.0-2-gb897e2cb (fixed CVE-2020-8112, CVE-2020-6851
CVE-2019-6988, CVE-2019-12973)
- new -devel-doc subpackage
- fixed License tag

roundcube-1.4.10-alt1   сборка Vitaly Lipatov, 2020-12-28


- new version 1.4.10 (with rpmrb script)
- CVE-2020-35730

openldap-2.4.56-alt1   сборка Alexey Shabalin, 2020-12-27


- 2.4.55 (Fixes: CVE-2020-25692)

ceph-15.2.8-alt1   сборка Alexey Shabalin, 2020-12-24


- 15.2.8
- Fixes for the following security vulnerabilities:
+ CVE-2020-27781 OpenStack Manila use of ceph_volume_client.py library
allowed tenant access to any Ceph credential's secret.

edk2-tools-20201127-alt1   сборка Alexey Shabalin, 2020-12-23


- edk2-stable202011 (Fixes: CVE-2019-14584, CVE-2019-11098)

mediawiki-1.35.1-alt1   сборка Vitaly Lipatov, 2020-12-23


- new version 1.35.1 (with rpmrb script)
- T268894, CVE-2020-35474, T268917, CVE-2020-35475
- T268938, CVE-2020-35478, CVE-2020-35479
- T205908, CVE-2020-35477, T120883, CVE-2020-35480

chromium-gost-87.0.4280.88-alt1   сборка Alexey Gladkov, 2020-12-20


- New version (87.0.4280.88).
- Security fixes:
- CVE-2020-16037: Use after free in clipboard.
- CVE-2020-16038: Use after free in media.
- CVE-2020-16039: Use after free in extensions.
- CVE-2020-16040: Insufficient data validation in V8.
- CVE-2020-16041: Out of bounds read in networking.
- CVE-2020-16042: Uninitialized Use in V8.

chromium-87.0.4280.88-alt1   сборка Alexey Gladkov, 2020-12-20


- New version (87.0.4280.88).
- Security fixes:
- CVE-2020-16037: Use after free in clipboard.
- CVE-2020-16038: Use after free in media.
- CVE-2020-16039: Use after free in extensions.
- CVE-2020-16040: Insufficient data validation in V8.
- CVE-2020-16041: Out of bounds read in networking.
- CVE-2020-16042: Uninitialized Use in V8.

libdb4.7-4.7.25-alt10   сборка Dmitry V. Levin, 2020-12-19


- Do not access DB_CONFIG when env->db_home is not set (fixes: CVE-2017-10140).
- Build without RPC support.

wildmidi-0.4.3-alt1   сборка Aleksei Nikiforov, 2020-12-18


- Updated to upstream version 0.4.3 (Fixes: CVE-2017-1000418).
 
дизайн и разработка: Vladimir Lettiev aka crux © 2004-2005, Andrew Avramenko aka liks © 2007-2008
текущий майнтейнер: Michael Shigorin