Security fix for the ALT Linux 10 package firefox-esr version 68.9.0-alt1

June 3, 2020 Andrey Cherepanov 68.9.0-alt1 - New ESR version 68.9.0. - Fixes: + CVE-2020-12399 Timing attack on DSA signatures in NSS library + CVE-2020-12405 Use-after-free in SharedWorkerService + CVE-2020-12406 JavaScript Type confusion with NativeTypes + CVE-2020-12410 Memory safety bugs fixe...

Security fix for the ALT Linux 10 package php8.0 version 7.3.18-alt1

June 1, 2020 Anton Farygin 7.3.18-alt1 - 7.3.18 Fixes: CVE-2019-11048...

Security fix for the ALT Linux 10 package thunderbird version 68.8.0-alt1

May 5, 2020 Andrey Cherepanov 68.8.0-alt1 - New version 68.8.0. - Fixes: + CVE-2020-12397 Sender Email Address Spoofing using encoded Unicode characters + CVE-2020-12387 Use-after-free during worker shutdown + CVE-2020-6831 Buffer overflow in SCTP chunk input validation + CVE-2020-12392 Arbitrary...

Security fix for the ALT Linux 10 package firefox-esr version 68.8.0-alt1

May 5, 2020 Andrey Cherepanov 68.8.0-alt1 - New ESR version 68.8.0. - Fixes: + CVE-2020-12387 Use-after-free during worker shutdown + CVE-2020-12388 Sandbox escape with improperly guarded Access Tokens + CVE-2020-12389 Sandbox escape with improperly separated process types + CVE-2020-6831 Buffer...

Security fix for the ALT Linux 10 package php8.0 version 7.3.17-alt1

April 21, 2020 Anton Farygin 7.3.17-alt1 - 7.3.17 Fixes: CVE-2020-7067...

Security fix for the ALT Linux 10 package php8.1 version 7.3.17-alt1

April 21, 2020 Anton Farygin 7.3.17-alt1 - 7.3.17 Fixes: CVE-2020-7067...

Security fix for the ALT Linux 10 package openssl1.1 version 1.1.1g-alt1

April 21, 2020 Gleb Fotengauer-Malinovskiy 1.1.1g-alt1 - Updated to 1.1.1g fixes CVE-2019-1551, CVE-2020-1967...

Security fix for the ALT Linux 10 package git version 2.25.4-alt1

April 19, 2020 Dmitry V. Levin 2.25.4-alt1 - 2.25.3 - 2.25.4 fixes: CVE-2020-11008...

Security fix for the ALT Linux 10 package python3-module-django version 2.2.12-alt1

April 12, 2020 Alexey Shabalin 2.2.12-alt1 - 2.2.12 - Fixes for the following security vulnerabilities: + CVE-2019-19118 Privilege escalation in the Django admin. + CVE-2019-19844 Potential account hijack via password reset form + CVE-2020-7471 Potential SQL injection via StringAggdelimiter +...

Security fix for the ALT Linux 10 package thunderbird version 68.7.0-alt1

April 8, 2020 Andrey Cherepanov 68.7.0-alt1 - New version 68.7.0. - Fixes: + CVE-2020-6819 Use-after-free while running the nsDocShell destructor + CVE-2020-6820 Use-after-free when handling a ReadableStream + CVE-2020-6821 Uninitialized memory could be read when using the WebGL copyTexSubImage...

Security fix for the ALT Linux 10 package firefox-esr version 68.7.0-alt1

April 6, 2020 Andrey Cherepanov 68.7.0-alt1 - New ESR version 68.7.0. - Fixes: + CVE-2020-6828 Preference overwrite via crafted Intent from malicious Android application + CVE-2020-6827 Custom Tabs in Firefox for Android could have the URI spoofed + CVE-2020-6821 Uninitialized memory could be rea...

Security fix for the ALT Linux 10 package apache2 version 1:2.4.43-alt1

April 6, 2020 Anton Farygin 1:2.4.43-alt1 - 2.4.43 Fixes: CVE-2020-1927, CVE-2020-1934...

Security fix for the ALT Linux 10 package firefox-esr version 68.6.1-alt1

April 4, 2020 Andrey Cherepanov 68.6.1-alt1 - New ESR version 68.6.1. - Fixed: + CVE-2020-6819 Use-after-free while running the nsDocShell destructor + CVE-2020-6820 Use-after-free when handling a ReadableStream...

Security fix for the ALT Linux 10 package php8.0 version 7.3.16-alt1

March 24, 2020 Anton Farygin 7.3.16-alt1 - 7.3.16 Fixes: CVE-2020-7064, CVE-2020-7065, CVE-2020-7066...

Security fix for the ALT Linux 10 package git version 2.25.3-alt1

March 18, 2020 Dmitry V. Levin 2.25.3-alt1 - 2.25.2 - 2.25.3 fixes: CVE-2020-5260...

Security fix for the ALT Linux 10 package thunderbird version 68.6.0-alt1

March 14, 2020 Andrey Cherepanov 68.6.0-alt1 - New version 68.6.0. - Fixed: + CVE-2020-6805 Use-after-free when removing data about origins + CVE-2020-6806 BodyStream::OnInputStreamReady was missing protections against state confusion + CVE-2020-6807 Use-after-free in cubeb during stream...

Security fix for the ALT Linux 10 package wireshark version 3.0.9-alt1

March 12, 2020 Anton Farygin 3.0.9-alt1 - 3.0.9 - fixes: LTE RRC dissector could leak memory. CVE-2020-9431 WiMax DLMAP dissector could crash. CVE-2020-9430...

Security fix for the ALT Linux 10 package firefox-esr version 68.6.0-alt1

March 10, 2020 Andrey Cherepanov 68.6.0-alt1 - New ESR version 68.6.0. - Fix license tag according to SPDX. - Fixed: + CVE-2020-6805 Use-after-free when removing data about origins + CVE-2020-6806 BodyStream::OnInputStreamReady was missing protections against state confusion + CVE-2020-6807...

Security fix for the ALT Linux 10 package thunderbird version 68.5.0-alt1

Feb. 12, 2020 Andrey Cherepanov 68.5.0-alt1 - New version 68.5.0. - Fixed: + CVE-2020-6793 Out-of-bounds read when processing certain email messages + CVE-2020-6794 Setting a master password post-Thunderbird 52 does not delete unencrypted previously stored passwords + CVE-2020-6795 Crash processi...

Security fix for the ALT Linux 10 package postgresql13 version 12.2-alt1

Feb. 12, 2020 Alexei Takaseev 12.2-alt1 - 12.2 Fixes CVE-2020-1720...