Исправления уязвимостей
krb5-1.11.2-alt2
сборка Ivan A. Melnikov,
2013-05-14
- add patch 23 from upstream git to fix kpasswd udp ping-pong
(CVE-2002-2443).
kernel-image-el-def-2.6.32-alt6 сборка Led, 2013-05-14
- perf: Treat attr.config as u64 in perf_swevent_init() (CVE-2013-2094)
- added gpu/drm/gma500
kernel-image-ovz-el-2.6.32-alt88 сборка Led, 2013-05-14
- perf: Treat attr.config as u64 in perf_swevent_init() (CVE-2013-2094)
chromium-26.0.1410.57-alt1.r191765 сборка Andrey Cherepanov, 2013-05-13
- New version 26.0.1410.57
- Security fixes:
- High CVE-2013-0927: Unsafe config option loading in Pango.
- Requires new version speech-dispatcher
kernel-image-led-ws-3.4.43-alt1 сборка Led, 2013-05-07
- 3.4.43
- updated:
+ fix-drivers-tty
+ fix-mm--mmu
+ fix-net-core (CVE-2013-0290)
- added:
+ fix-net-unix--unix (CVE-2013-0290)
- disabled:
+ UCB1400_CORE
+ GPIO_UCB1400
+ TOUCHSCREEN_UCB1400
nginx-1.4.1-alt1 сборка Denis Smirnov, 2013-05-07
- 1.4.1
- CVE-2013-2028
strongswan-5.0.4-alt1 сборка Michael Shigorin, 2013-04-30
- 5.0.4: CVE-2013-2944 fix (ECDSA signature vulnerability
if openssl backend is loaded)
apache2-2.2.24-alt1 сборка Aleksey Avdeev, 2013-04-14
- 2.2.24
- Security fixes (CVE-2012-3499, CVE-2012-4558, CVE-2012-0883,
CVE-2012-2687)
adobe-flash-player-11-alt17 сборка Sergey V Turchin, 2013-04-11
- 11.2.202.280 (x86,x86-64)
- security fixes:
CVE-2013-1378, CVE-2013-1379, CVE-2013-1380, CVE-2013-2555
kernel-modules-nvidia-std-pae-310.44-alt1.. сборка Sergey V Turchin, 2013-04-03
- new releases (310.44 and 304.88)
- security fixes:
CVE-2013-0131
kernel-modules-nvidia-std-def-310.44-alt1.. сборка Sergey V Turchin, 2013-04-03
- new releases (310.44 and 304.88)
- security fixes:
CVE-2013-0131
kernel-modules-nvidia-hpc-skif-310.44-alt1.. сборка Sergey V Turchin, 2013-04-03
- new releases (310.44 and 304.88)
- security fixes:
CVE-2013-0131
kernel-modules-nvidia-un-def-310.44-alt1.. сборка Sergey V Turchin, 2013-04-03
- new releases (310.44 and 304.88)
- security fixes:
CVE-2013-0131
kernel-modules-nvidia-led-ws-310.44-alt1.. сборка Sergey V Turchin, 2013-04-03
- new releases (310.44 and 304.88)
- security fixes:
CVE-2013-0131
mariadb-5.5.30-alt10 сборка Michael Shigorin, 2013-04-01
- New version
- NB: 5.5.29 had important security fixes, including:
+ A buffer overflow that can cause a server crash or
arbitrary code execution (a variant of CVE-2012-5611)
+ CVE-2012-5627 fast password brute-forcing using the "change user"
+ CVE-2012-5615 information leakage about existing user accounts
via the protocol handshake
+ fixes for DoS attacks - crashes and server lockups
+ all security fixes from MySQL 5.5.29, such as fix for CVE-2012-5612
- please note that client libraries are now built from MariaDB code;
these should be backwards compatible (but still add 84 symbols),
see also #28289
+ merged fedora's version script changes (but left ours in too)
- selectively synced build options with fedora
+ enabled readline support
+ do not force PBXT storage plugin build (deprecated in 5.5)
- see also https://kb.askmonty.org/en/about-pbxt/
- causes ICE
- removed MySQL-MariaDB subpackage being rather superfluous
- updated BR: (see #16878)
- bumped Release: to be higher than MySQL's, just in case
krb5-1.11.1-alt1 сборка Ivan A. Melnikov, 2013-03-30
- 1.11.1
+ fix a null pointer dereference in the KDC PKINIT code
(CVE-2013-1415);
- drop obsolete patch 21;
- add patch 22 from upstream git to fix a memory leak in
krb5_get_init_creds_keytab (upstream ticket 7586).
chromium-26.0.1410.43-alt1.r189671 сборка Andrey Cherepanov, 2013-03-27
- New version 26.0.1410.43
- Security fixes:
- Medium CVE-2013-0926: Avoid pasting active tags in certain situations.
- Low CVE-2013-0925: Avoid leaking URLs to extensions without the tabs permissions.
- Low CVE-2013-0924: Check an extension's permissions API usage again file permissions.
- Medium CVE-2013-0923: Memory safety issues in the USB Apps API.
- Low CVE-2013-0922: Avoid HTTP basic auth brute force attempts.
- High CVE-2013-0921: Ensure isolated web sites run in their own processes.
- Medium CVE-2013-0920: Use-after-free in extension bookmarks API.
- Medium CVE-2013-0919: Use-after-free with pop-up windows in extensions.
- Low CVE-2013-0918: Do not navigate dev tools upon drag and drop.
- Low CVE-2013-0917: Out-of-bounds read in URL loader.
- High CVE-2013-0916: Use-after-free in Web Audio.
exim-4.76-alt3 сборка Michael Shigorin, 2013-03-19
- NMU:
+ applied CVE-2012-5671.patch
+ dropped mailq symlink duplicating sendmail-common's one (ALT#28006)
samba-4.0.4-alt1 сборка Alexey Shabalin, 2013-03-19
- 4.0.4 (fixed CVE-2013-186)
- add /var/cache/samba to samba-common package (ALT#28601)
augeas-1.0.0-alt1 сборка Slava Dubrovskiy, 2013-03-17
- New version (closes: #28696)
- Fix CVE-2012-0786, CVE-2012-0787
- Apply patch for fix test-run https://fedorahosted.org/augeas/ticket/332
kernel-image-un-def-3.8.2-alt3 сборка Anton V. Boyarshinov, 2013-03-14
- Don't allow CLONE_NEWUSER | CLONE_FS (local root fixed)
- CVE-2013-1828 fixed
kernel-image-std-pae-3.8.2-alt3 сборка Anton V. Boyarshinov, 2013-03-14
- Don't allow CLONE_NEWUSER | CLONE_FS (local root fixed)
- CVE-2013-1828 fixed
kernel-image-std-def-3.8.2-alt3 сборка Anton V. Boyarshinov, 2013-03-14
- Don't allow CLONE_NEWUSER | CLONE_FS (local root fixed)
- CVE-2013-1828 fixed
perl-5.16.3-alt1 сборка Vladimir Lettiev, 2013-03-12
- 5.16.2 -> 5.16.3
- Fixed CVE-2013-1667: memory exhaustion with arbitrary hash keys
chromium-25.0.1364.160-alt1.r186726 сборка Andrey Cherepanov, 2013-03-11
- New version 25.0.1364.160
- Security fixes:
- CVE-2013-0912: Type confusion in WebKit.
- Build with system libpng12 (old version)
дизайн и разработка: Vladimir Lettiev aka crux © 2004-2005,
Andrew Avramenko aka liks © 2007-2008
текущий майнтейнер: Michael Shigorin
текущий майнтейнер: Michael Shigorin