Репозиторий Sisyphus
Последнее обновление: 27 октября 2020 | Пакетов: 17696 | Посещений: 19494642
en ru br
Исправления уязвимостей

inspircd-2.0.29-alt1   сборка Aleksei Nikiforov, 2020-10-26


- Updated to upstream version 2.0.29 (Fixes: CVE-2019-20917, CVE-2020-25269).

squid-4.13-alt1   сборка Alexey Shabalin, 2020-10-24


- 4.13 (Fixes: CVE-2020-15811, CVE-2020-15810, CVE-2020-24606)

squid-4.12-alt1   сборка Alexey Shabalin, 2020-10-24


- 4.12 (Fixes: CVE-2020-14059, CVE-2020-14058, CVE-2020-15049)

chromium-86.0.4240.111-alt1   сборка Alexey Gladkov, 2020-10-24


- New version (86.0.4240.111).
- Enable vulkan support on x86/x86_64 platforms (thx Konstantin A. Lepikhov).
- Security fixes:
- CVE-2020-15999: Heap buffer overflow in Freetype.
- CVE-2020-16000: Inappropriate implementation in Blink.
- CVE-2020-16001: Use after free in media.
- CVE-2020-16002: Use after free in PDFium.
- CVE-2020-16003: Use after free in printing.

wpa_supplicant-2.9-alt3   сборка Sergey Bolshakov, 2020-10-23


- AP: Silently ignore management frame from unexpected source address
(Fixes: CVE-2019-16275) (Closes: 39132)

openldap-2.4.54-alt1   сборка Alexey Shabalin, 2020-10-23


- 2.4.54 (Fixes: CVE-2020-12243)

hostapd-2.9-alt2   сборка Sergey Bolshakov, 2020-10-23


- AP: Silently ignore management frame from unexpected source address
(Fixes: CVE-2019-16275) (Closes: 39131)

ntfs-3g-2017.3.23-alt3   сборка Valery Inozemtsev, 2020-10-23


- add upstream fix for CVE-2019-9755

xli-1.17.0-alt9   сборка Aleksei Nikiforov, 2020-10-22


- Applied patches from Debian (Fixes: CVE-2005-3178).

pstotext-1.9-alt3   сборка Aleksei Nikiforov, 2020-10-22


- Applied patches from Debian and Gentoo (Fixes: CVE-2005-2536, CVE-2006-5869).
- Build now respects %optflags.

thunderbird-78.4.0-alt1   сборка Andrey Cherepanov, 2020-10-22


- New version (78.4.0).
- Fixes:
+ CVE-2020-15969 Use-after-free in usersctp
+ CVE-2020-15683 Memory safety bugs fixed in Thunderbird 78.4

firefox-82.0-alt1   сборка Alexey Gladkov, 2020-10-22


- New release (82.0).
- Security fixes:
+ CVE-2020-15969: Use-after-free in usersctp
+ CVE-2020-15254: Undefined behavior in bounded channel of crossbeam rust crate
+ CVE-2020-15680: Presence of external protocol handlers could be determined through image tags
+ CVE-2020-15681: Multiple WASM threads may have overwritten each others' stub table entries
+ CVE-2020-15682: The domain associated with the prompt to open an external protocol could be spoofed to display the incorrect origin
+ CVE-2020-15683: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4
+ CVE-2020-15684: Memory safety bugs fixed in Firefox 82

nss-3.58.0-alt1   сборка Alexey Gladkov, 2020-10-22


- New version (3.58).
- Security fixes:
+ CVE-2020-25648: Tighten CCS handling for middlebox compatibility mode
- Certificate Authority Changes:
+ Add CN=Trustwave Global Certification Authority
+ Add CN=Trustwave Global ECC P256 Certification Authority
+ Add CN=Trustwave Global ECC P384 Certification Authority
+ Remove CN=EE Certification Centre Root CA
+ Remove O=Government Root Certification Authority; C=TW
+ Modify CN=OISTE WISeKey Global Root GA CA

spamassassin-3.4.4-alt1   сборка Sergey Y. Afonin, 2020-10-21


- 3.4.4 (fixes: CVE-2020-1931, CVE-2020-1930)
- applied repocop's patch for specfile-useradd-n

t1lib-5.1.2-alt6   сборка Aleksei Nikiforov, 2020-10-21


- Applied security fixes from Gentoo (Fixes: CVE-2010-2642, CVE-2011-0433,
CVE-2011-0764, CVE-2011-1552, CVE-2011-1553, CVE-2011-1554, CVE-2011-5244).

libfreetype-2.10.4-alt1   сборка Valery Inozemtsev, 2020-10-20


- 2.10.4 (fix CVE-2020-15999)

w3m-0.5.3-alt3.git20200502   сборка Aleksei Nikiforov, 2020-10-20


- Updated to snapshot from upstream (Fixes: CVE-2016-9422, CVE-2016-9423,
CVE-2016-9424, CVE-2016-9425, CVE-2016-9426, CVE-2016-9428, CVE-2016-9429,
CVE-2016-9430, CVE-2016-9431, CVE-2016-9432, CVE-2016-9433, CVE-2016-9434,
CVE-2016-9435, CVE-2016-9436, CVE-2016-9437, CVE-2016-9438, CVE-2016-9439,
CVE-2016-9440, CVE-2016-9441, CVE-2016-9442, CVE-2016-9443, CVE-2016-9622,
CVE-2016-9623, CVE-2016-9624, CVE-2016-9625, CVE-2016-9626, CVE-2016-9627,
CVE-2016-9628, CVE-2016-9629, CVE-2016-9630, CVE-2016-9631, CVE-2016-9632,
CVE-2016-9633, CVE-2018-6196, CVE-2018-6197, CVE-2018-6198).

firefox-esr-78.4.0-alt1   сборка Andrey Cherepanov, 2020-10-20


- New version (78.4.0).
- Fixes:
+ CVE-2020-15969 Use-after-free in usersctp
+ CVE-2020-15683 Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4

feh-3.5-alt1   сборка Aleksei Nikiforov, 2020-10-19


- Updated to upstream version 3.5 (Fixes: CVE-2017-7875).

libid3tag-0.15.1b-alt9   сборка Aleksei Nikiforov, 2020-10-19


- Applied patches from Debian and Gentoo (Fixes: CVE-2004-2779).

phpipam-1.42.027-alt1   сборка Alexey Shabalin, 2020-10-19


- snapshot of 1.4 branch 0c66d2335a9dd13006c83ed64ae565a4a3cb7f0c
- Update jQuery to address three CVE Vulnerabilities
- Fixes:
+ CVE-2020-11022
+ CVE-2020-11023
+ CVE-2019-11358

freecol-0.11.6-alt2   сборка Aleksei Nikiforov, 2020-10-19


- Applied security fix from Debian (Fixes: CVE-2018-1000825).
- Updated license tag.

matrix-synapse-1.21.2-alt1   сборка Vitaly Lipatov, 2020-10-16


- new version 1.21.2 (with rpmrb script)
- CVE-2020-26891 (HTML pages were vulnerable to cross-site scripting (XSS) attacks)

pve-qemu-5.1.0-alt2   сборка Valery Inozemtsev, 2020-10-10


- 5.1.0-3 (fix CVE-2020-14364)

chromium-86.0.4240.75-alt1   сборка Alexey Gladkov, 2020-10-10


- New version (86.0.4240.75).
- Security fixes:
- CVE-2020-15967: Use after free in payments.
- CVE-2020-15968: Use after free in Blink.
- CVE-2020-15969: Use after free in WebRTC.
- CVE-2020-15970: Use after free in NFC.
- CVE-2020-15971: Use after free in printing.
- CVE-2020-15972: Use after free in audio.
- CVE-2020-15973: Insufficient policy enforcement in extensions.
- CVE-2020-15974: Integer overflow in Blink.
- CVE-2020-15975: Integer overflow in SwiftShader.
- CVE-2020-15976: Use after free in WebXR.
- CVE-2020-15977: Insufficient data validation in dialogs.
- CVE-2020-15978: Insufficient data validation in navigation.
- CVE-2020-15979: Inappropriate implementation in V8.
- CVE-2020-15980: Insufficient policy enforcement in Intents.
- CVE-2020-15981: Out of bounds read in audio.
- CVE-2020-15982: Side-channel information leakage in cache.
- CVE-2020-15983: Insufficient data validation in webUI.
- CVE-2020-15984: Insufficient policy enforcement in Omnibox.
- CVE-2020-15985: Inappropriate implementation in Blink.
- CVE-2020-15986: Integer overflow in media.
- CVE-2020-15987: Use after free in WebRTC.
- CVE-2020-15988: Insufficient policy enforcement in downloads.
- CVE-2020-15989: Uninitialized Use in PDFium.
- CVE-2020-15990: Use after free in autofill.
- CVE-2020-15991: Use after free in password manager.
- CVE-2020-15992: Insufficient policy enforcement in networking.
- CVE-2020-6557: Inappropriate implementation in networking.
 
дизайн и разработка: Vladimir Lettiev aka crux © 2004-2005, Andrew Avramenko aka liks © 2007-2008
текущий майнтейнер: Michael Shigorin