Security fix for the ALT Linux 10 package firefox-esr version 78.6.0-alt1

Dec. 14, 2020 Andrey Cherepanov 78.6.0-alt1 - New version 78.6.0. - Fixes: + CVE-2020-16042 Operations on a BigInt could have caused uninitialized memory to be exposed + CVE-2020-26971 Heap buffer overflow in WebGL + CVE-2020-26973 CSS Sanitizer performed incorrect sanitization + CVE-2020-26974...

Security fix for the ALT Linux 10 package openssl1.1 version 1.1.1i-alt1

Dec. 8, 2020 Gleb Fotengauer-Malinovskiy 1.1.1i-alt1 - Updated to 1.1.1i fixes CVE-2020-1971...

Security fix for the ALT Linux 10 package thunderbird version 78.5.1-alt1

Dec. 2, 2020 Andrey Cherepanov 78.5.1-alt1 - New version 78.5.1. - Security fixes: + CVE-2020-26970 Stack overflow due to incorrect parsing of SMTP server response codes...

Security fix for the ALT Linux 10 package thunderbird version 78.5.0-alt1

Nov. 19, 2020 Andrey Cherepanov 78.5.0-alt1 - New version 78.5.0. - Fixes: + CVE-2020-26951 Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code + CVE-2020-16012 Variable time processing of cross-origin images during drawImage calls + CVE-2020-26953 Fullscreen...

Security fix for the ALT Linux 10 package postgresql14 version 13.1-alt1

Nov. 16, 2020 Alexei Takaseev 13.1-alt1 - 13.1 Fixes CVE-2020-25694, CVE-2020-25695, CVE-2020-25696...

Security fix for the ALT Linux 10 package postgresql12 version 12.5-alt1

Nov. 16, 2020 Alexei Takaseev 12.5-alt1 - 12.5 Fixes CVE-2020-25694, CVE-2020-25695, CVE-2020-25696...

Security fix for the ALT Linux 10 package node version 14.15.1-alt1

Nov. 16, 2020 Vitaly Lipatov 14.15.1-alt1 - new version 14.15.1 with rpmrb script - set c-ares = 1.16.1-alt2 - CVE-2020-8277: Denial of Service through DNS request High...

Security fix for the ALT Linux 10 package firefox-esr version 78.5.0-alt1

Nov. 16, 2020 Andrey Cherepanov 78.5.0-alt1 - New version 78.5.0. - Fixes: + CVE-2020-26951 Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code + CVE-2020-16012 Variable time processing of cross-origin images during drawImage calls + CVE-2020-26953 Fullscreen...

Security fix for the ALT Linux 10 package golang version 1.15.5-alt1

Nov. 14, 2020 Alexey Shabalin 1.15.5-alt1 - New version 1.15.5. - Fixes: + CVE-2020-28362 + CVE-2020-28366 + CVE-2020-28367...

Security fix for the ALT Linux 10 package firefox-esr version 78.4.1-alt1

Nov. 10, 2020 Andrey Cherepanov 78.4.1-alt1 - New version 78.4.1. - Fixes: + CVE-2020-26950 Write side effects in MCallGetProperty opcode not accounted for...

Security fix for the ALT Linux 10 package libxml2 version 1:2.9.10-alt4

Nov. 6, 2020 Aleksei Nikiforov 1:2.9.10-alt4 - Applied security fixes from upstream Fixes: CVE-2019-20388, CVE-2020-7595, CVE-2020-24977...

Security fix for the ALT Linux 10 package samba version 4.12.9-alt1

Oct. 29, 2020 Evgeny Sinelnikov 4.12.9-alt1 - Update to latest stable security release of the Samba 4.12 - Security fixes: + CVE-2020-14318: Missing handle permissions check in SMB1/2/3 ChangeNotify + CVE-2020-14323: Unprivileged user can crash winbind + CVE-2020-14383: An authenticated user can...

Security fix for the ALT Linux 10 package glpi version 9.5.2-alt1

Oct. 26, 2020 Pavel Zilke 9.5.2-alt1 - New version 9.5.2 - Security fixes: + CVE-2020-15176 : SQL injection with a query parameter of user form + CVE-2020-15175 : Removal of .htaccess file in the files folder via a plugin endpoint + CVE-2020-15217 : Leakage issue with knowledge base +...

Security fix for the ALT Linux 10 package thunderbird version 78.4.0-alt1

Oct. 22, 2020 Andrey Cherepanov 78.4.0-alt1 - New version 78.4.0. - Fixes: + CVE-2020-15969 Use-after-free in usersctp + CVE-2020-15683 Memory safety bugs fixed in Thunderbird 78.4...

Security fix for the ALT Linux 10 package firefox-esr version 78.4.0-alt1

Oct. 20, 2020 Andrey Cherepanov 78.4.0-alt1 - New version 78.4.0. - Fixes: + CVE-2020-15969 Use-after-free in usersctp + CVE-2020-15683 Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4...

Security fix for the ALT Linux 10 package wireshark version 3.2.7-alt1

Sept. 30, 2020 Anton Farygin 3.2.7-alt1 - 3.2.7 - fixes: BLIP dissector crash. CVE-2020-25866 TCP dissector crash. CVE-2020-25862 MIME Multipart dissector crash. CVE-2020-25863...

Security fix for the ALT Linux 10 package thunderbird version 78.3.0-alt1

Sept. 25, 2020 Andrey Cherepanov 78.3.0-alt1 - New version 78.3.0. - Fixes: + CVE-2020-15677 Download origin spoofing via redirect + CVE-2020-15676 XSS when pasting attacker-controlled data into a contenteditable element + CVE-2020-15678 When recursing through layers while scrolling, an iterator...

Security fix for the ALT Linux 10 package firefox-esr version 78.3.0-alt1

Sept. 23, 2020 Andrey Cherepanov 78.3.0-alt1 - New release 78.3.0. - Fixes: + CVE-2020-15677 Download origin spoofing via redirect + CVE-2020-15676 XSS when pasting attacker-controlled data into a contenteditable element + CVE-2020-15678 When recursing through layers while scrolling, an iterator...

Security fix for the ALT Linux 10 package samba version 4.11.13-alt1

Sept. 19, 2020 Evgeny Sinelnikov 4.11.13-alt1 - Update to latest stable security release of the Samba 4.11 - Security fixes: + CVE-2020-1472: Unauthenticated domain takeover via netlogon "ZeroLogon" https://www.samba.org/samba/security/CVE-2020-1472.html...

Security fix for the ALT Linux 10 package node version 14.11.0-alt1

Sept. 16, 2020 Vitaly Lipatov 14.11.0-alt1 - new version 14.11.0 with rpmrb script - CVE-2020-8251: Denial of Service by resource exhaustion CWE-400 due to unfinished HTTP/1.1 requests Critical - CVE-2020-8201: HTTP Request Smuggling due to CR-to-Hyphen conversion High...