Security fix for the ALT Linux 10 package thunderbird version 68.8.0-alt1

May 5, 2020 Andrey Cherepanov 68.8.0-alt1 - New version 68.8.0. - Fixes: + CVE-2020-12397 Sender Email Address Spoofing using encoded Unicode characters + CVE-2020-12387 Use-after-free during worker shutdown + CVE-2020-6831 Buffer overflow in SCTP chunk input validation + CVE-2020-12392 Arbitrary...

Security fix for the ALT Linux 10 package git version 2.25.4-alt1

April 19, 2020 Dmitry V. Levin 2.25.4-alt1 - 2.25.3 - 2.25.4 fixes: CVE-2020-11008...

Security fix for the ALT Linux 9 package wireshark version 3.2.3-alt1

April 14, 2020 Anton Farygin 3.2.3-alt1 - 3.2.3 - fixes: the BACapp dissector could crash. CVE-2020-11647...

Security fix for the ALT Linux 10 package python3-module-django version 2.2.12-alt1

April 12, 2020 Alexey Shabalin 2.2.12-alt1 - 2.2.12 - Fixes for the following security vulnerabilities: + CVE-2019-19118 Privilege escalation in the Django admin. + CVE-2019-19844 Potential account hijack via password reset form + CVE-2020-7471 Potential SQL injection via StringAggdelimiter +...

Security fix for the ALT Linux 8 package postgresql9.6 version 9.6.17-alt0.M80P.1

9.6.17-alt0.M80P.1 built Feb. 25, 2020 Alexei Takaseev in task 245913 Feb. 12, 2020 Alexei Takaseev - 9.6.17 Fixes CVE-2020-1720...

Security fix for the ALT Linux 9 package postgresql9.6 version 9.6.17-alt1

9.6.17-alt1 built Feb. 18, 2020 Alexei Takaseev in task 245909 Feb. 12, 2020 Alexei Takaseev - 9.6.17 Fixes CVE-2020-1720...

Security fix for the ALT Linux 9 package postgresql12-1C version 11.5-alt4

Feb. 12, 2020 Alexei Takaseev 11.5-alt4 - Fix priv checks for ALTER &LTobject DEPENDS ON EXTENSION Fixes CVE-2020-1720...

Security fix for the ALT Linux 10 package firefox-esr version 68.2.0-alt1

Oct. 27, 2019 Andrey Cherepanov 68.2.0-alt1 - New ESR version 68.2.0. - Fixed: + CVE-2019-15903 Heap overflow in expat library in XMLGetCurrentLineNumber + CVE-2019-11757 Use-after-free when creating index updates in IndexedDB + CVE-2019-11758 Potentially exploitable crash due to 360 Total Securi...

Security fix for the ALT Linux 10 package thunderbird version 68.1.2-alt1

Oct. 13, 2019 Andrey Cherepanov 68.1.2-alt1 - New version 68.1.2. - Fixed: + CVE-2019-11739 Covert Content Attack on S/MIME encryption using a crafted multipart/alternative message + CVE-2019-11746 Use-after-free while manipulating video + CVE-2019-11744 XSS by breaking out of title and textarea...

Security fix for the ALT Linux 10 package openssl1.1 version 1.1.1d-alt1

Sept. 19, 2019 Gleb Fotengauer-Malinovskiy 1.1.1d-alt1 - Updated to 1.1.1d fixes CVE-2019-1543, CVE-2019-1549, CVE-2019-1563, CVE-2019-1547, CVE-2019-1552. - Changed License: tag to SPDX identifier of actual openssl license...

Security fix for the ALT Linux 10 package grafana version 6.3.4-alt1

Aug. 30, 2019 Alexey Shabalin 6.3.4-alt1 - 6.3.4 Fixes: CVE-2019-15043...

Security fix for the ALT Linux 10 package wireshark version 3.0.3-alt1

July 22, 2019 Anton Farygin 3.0.3-alt1 - 3.0.3 - fixes: ASN.1 BER and related dissectors crash. CVE-2019-13619...

Security fix for the ALT Linux 10 package thunderbird version 60.7.0-alt1

May 20, 2019 Andrey Cherepanov 60.7.0-alt1 - New version 60.7.0. - Fixed: + CVE-2019-9815 Disable hyperthreading on content JavaScript threads on macOS + CVE-2019-9816 Type confusion with object groups and UnboxedObjects + CVE-2019-9817 Stealing of cross-domain images using canvas + CVE-2019-9818...

Security fix for the ALT Linux 10 package postgresql13 version 11.3-alt1

May 8, 2019 Alexei Takaseev 11.3-alt1 - 11.3 - Fixes CVE-2019-10129, CVE-2019-10130...

Security fix for the ALT Linux 9 package wireshark version 3.0.1-alt1

April 10, 2019 Anton Farygin 3.0.1-alt1 - 3.0.1 - fixes: NetScaler file parser crash. CVE-2019-10895 SRVLOC dissector crash. CVE-2019-10899 IEEE 802.11 dissector infinite loop. CVE-2019-10897 GSUP dissector infinite loop. CVE-2019-10898 Rbm dissector infinite loop. CVE-2019-10900 GSS-API dissecto...

Security fix for the ALT Linux 10 package dotnet-bootstrap-6.0 version 2.1.9-alt1

March 13, 2019 Vitaly Lipatov 2.1.9-alt1 - new version 2.1.9 with rpmrb script - includes .NET Core 2.1.9, ASP.NET Core 2.1.9 and .NET Core SDK 2.1.505 - CVE-2019-0657: .NET Core NuGet Tampering Vulnerability...

Security fix for the ALT Linux 10 package dotnet-bootstrap-5.0 version 2.1.9-alt1

March 13, 2019 Vitaly Lipatov 2.1.9-alt1 - new version 2.1.9 with rpmrb script - includes .NET Core 2.1.9, ASP.NET Core 2.1.9 and .NET Core SDK 2.1.505 - CVE-2019-0657: .NET Core NuGet Tampering Vulnerability...

Security fix for the ALT Linux 10 package firefox-esr version 60.5.1-alt1

Feb. 15, 2019 Andrey Cherepanov 60.5.1-alt1 - New ESR version 60.5.1. - Fixed: + CVE-2018-18356 Use-after-free in Skia + CVE-2019-5785 Integer overflow in Skia + CVE-2018-18335 Buffer overflow in Skia with accelerated Canvas 2D...

Security fix for the ALT Linux 10 package firefox-esr version 60.5.0-alt1

Feb. 1, 2019 Andrey Cherepanov 60.5.0-alt1 - New ESR version 60.5.0. - Fixed: + CVE-2018-18500 Use-after-free parsing HTML5 stream + CVE-2018-18505 Privilege escalation through IPC channel messages + CVE-2018-18501 Memory safety bugs fixed in Firefox 65 and Firefox ESR 60.5...

Security fix for the ALT Linux 10 package firefox-esr version 60.4.0-alt1

Dec. 11, 2018 Andrey Cherepanov 60.4.0-alt1 - New ESR version 60.4.0 - Fixed: + CVE-2018-17466 Buffer overflow and out-of-bounds read in ANGLE library with TextureStorage11 + CVE-2018-18492 Use-after-free with select element + CVE-2018-18493 Buffer overflow in accelerated 2D canvas with Skia +...

Security fix for the ALT Linux 8 package postgresql12 version 11.1-alt0.M80P.1

Nov. 8, 2018 Alexei Takaseev 11.1-alt0.M80P.1 - 11.1 - Fix CVE-2018-16850...

Security fix for the ALT Linux 8 package git version 2.17.2-alt1

Sept. 27, 2018 Dmitry V. Levin 2.17.2-alt1 - 2.17.1 - 2.17.2 fixes: CVE-2018-17456...

Security fix for the ALT Linux 9 package wireshark version 2.6.2-alt1

July 21, 2018 Anton Farygin 2.6.2-alt1 - 2.6.2 fixes: CVE-2018-14370, CVE-2018-14367, CVE-2018-14369, CVE-2018-14368, CVE-2018-14341, CVE-2018-14339, CVE-2018-14343, CVE-2018-14340, CVE-2018-14344, CVE-2018-14342...

Security fix for the ALT Linux 10 package firefox-esr version 52.8.0-alt1

May 9, 2018 Andrey Cherepanov 52.8.0-alt1 - New ESR version 52.8.0. - Fixes: + CVE-2018-5183 Backport critical security fixes in Skia + CVE-2018-5154 Use-after-free with SVG animations and clip paths + CVE-2018-5155 Use-after-free with SVG animations and text paths + CVE-2018-5157 Same-origin...

Security fix for the ALT Linux 10 package thunderbird version 52.7.0-alt1

March 24, 2018 Andrey Cherepanov 52.7.0-alt1 - New version 52.7.0 - Fixes: + CVE-2018-5127 Buffer overflow manipulating SVG animatedPathSegList + CVE-2018-5129 Out-of-bounds write with malformed IPC messages + CVE-2018-5144 Integer overflow during Unicode conversion + CVE-2018-5146 Out of bounds...

Security fix for the ALT Linux 7 package postgresql9.4 version 9.4.17-alt0.M70P.1

9.4.17-alt0.M70P.1 built March 4, 2018 Alexei Takaseev in task 201191 March 2, 2018 Alexei Takaseev - 9.4.17 - Fix CVE-2018-1058...

Security fix for the ALT Linux 7 package postgresql10 version 10.3-alt0.M70P.1

10.3-alt0.M70P.1 built March 4, 2018 Alexei Takaseev in task 201191 March 2, 2018 Alexei Takaseev - 10.3 - Fix CVE-2018-1058...

Security fix for the ALT Linux 9 package openvpn version 2.4.4-alt1

Nov. 18, 2017 Nikolay A. Fetisov 2.4.4-alt1 - New version - Security fixes: + CVE-2017-12166: Buffer overflow when using obsolete '--key-method 1'...

Security fix for the ALT Linux 8 package samba-DC version 4.6.8-alt1

Sept. 20, 2017 Evgeny Sinelnikov 4.6.8-alt1 - Update for autumn security release: + CVE-2017-12150 SMB1/2/3 connections may not require signing where they should + CVE-2017-12151 SMB3 connections don't keep encryption across DFS redirects + CVE-2017-12163 Server memory information leak over SMB1...

Security fix for the ALT Linux 8 package postgresql9.6 version 9.6.4-alt0.M80P.1

9.6.4-alt0.M80P.1 built Aug. 9, 2017 Alexei Takaseev in task 186870 Aug. 9, 2017 Alexei Takaseev - 9.6.4 - Fixes CVE-2017-7547...

Security fix for the ALT Linux 9 package c-ares version 1.13.0-alt1

Aug. 8, 2017 Anton Farygin 1.13.0-alt1 - 1.13.0 with these security fixes: CVE-2016-5180 - Heap-based buffer overflow in the arescreatequery function. CVE-2017-1000381 - NAPTR parser out of bounds access...

Security fix for the ALT Linux 9 package wireshark version 2.2.8-alt1

July 21, 2017 Anton Farygin 2.2.8-alt1 - new version: wnpa-sec-2017-13 WBMXL dissector infinite loop CVE-2017-7702, CVE-2017-11410 wnpa-sec-2017-28 openSAFETY dissector memory exhaustion CVE-2017-9350, CVE-2017-11411 wnpa-sec-2017-34 AMQP dissector crash CVE-2017-11408 wnpa-sec-2017-35 MQ dissect...

Security fix for the ALT Linux 8 package bind version 9.10.5.P3-alt1

July 11, 2017 Dmitry V. Levin 9.10.5.P3-alt1 - 9.10.4-P8 - 9.10.5-P3 fixes: CVE-2017-3140, CVE-2017-3141, CVE-2017-3142, CVE-2017-3143...

Security fix for the ALT Linux 8 package curl version 7.54.1-alt1

June 14, 2017 Anton Farygin 7.54.1-alt1 - new version with security fixes: CVE-2017-9502: URL file scheme drive letter buffer overflow...

Security fix for the ALT Linux 10 package git version 2.10.3-alt1

May 11, 2017 Dmitry V. Levin 2.10.3-alt1 - 2.10.2 - 2.10.3 fixes: CVE-2017-8386...

Security fix for the ALT Linux 9 package libxml2 version 1:2.9.4.0.12.e905-alt1

March 3, 2017 Dmitry V. Levin 1:2.9.4.0.12.e905-alt1 - v2.9.3-5-g65112cb - v2.9.4-12-ge905f08 fixes: CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705, CVE-2016-4449, CVE-2016-4483, CVE-2016-4658,...

Security fix for the ALT Linux 8 package bind version 9.10.4-alt2

Feb. 8, 2017 Dmitry V. Levin 9.10.4-alt2 - 9.10.4-P5 - 9.10.4-P6 fixes CVE-2017-3135...

Security fix for the ALT Linux 8 package runc version 1.0.0-alt2.gitc91b5be

Jan. 23, 2017 Vladimir Didenko 1.0.0-alt2.gitc91b5be - New version. - Fixes CVE-2016-9962...

Security fix for the ALT Linux 9 package openssl1.1 version 1.0.2h-alt2

June 8, 2016 Gleb Fotengauer-Malinovskiy 1.0.2h-alt2 - Backported upstream fix for CVE-2016-2178...

Security fix for the ALT Linux 9 package cyrus-imapd version 2.5.7-alt1

Dec. 11, 2015 Sergey Y. Afonin 2.5.7-alt1 - 2.5.7 CVE-2015-8077, CVE-2015-8078; Closes: 31611 - added tzdata to "Requires" Closes: 31612...

Security fix for the ALT Linux 8 package curl version 7.42.1-alt1

April 29, 2015 Anton Farygin 7.42.1-alt1 - new version, with fixes for CVE-2015-3153...

Security fix for the ALT Linux 10 package samba version 4.1.9-alt1

June 24, 2014 Alexey Shabalin 4.1.9-alt1 - 4.1.9 - fixed nmbd denial of serviceCVE-2014-0244 - fixed Segmentation fault in smbdmarshalldirentryCVE-2014-3493...

Security fix for the ALT Linux 6 package adobe-flash-player version 3:11-alt29

3:11-alt29 built April 29, 2014 Sergey V Turchin in task 118985 --- April 29, 2014 Sergey V Turchin - new version - security fixes: CVE-2014-0515...

Security fix for the ALT Linux 8 package libssh version 0.6.3-alt1

March 25, 2014 Sergey V Turchin 0.6.3-alt1 - new version - security fixes: CVE-2014-0017, CVE-2014-0017...

Security fix for the ALT Linux 10 package gnutls30 version 2.12.23-alt2

March 5, 2014 Dmitry V. Levin 2.12.23-alt2 - Applied upstream fixes for CVE-2013-2116, CVE-2014-1959, and CVE-2014-0092...

Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt18

2.6.32-alt18 built Feb. 13, 2014 Led in task 113991 Feb. 12, 2014 Led - 2.6.32-431.5.1.el6: + CVE-2013-2929 + CVE-2013-4588 + CVE-2013-6405...

Security fix for the ALT Linux 6 package curl version 7.24.0-alt1.M60P.1

June 24, 2013 Anton Farygin 7.24.0-alt1.M60P.1 - CVE-2013-2174 fixed curleasyunescape may parse data beyond the end of the input buffer...

Security fix for the ALT Linux 9 package krb5 version 1.11.2-alt2

May 14, 2013 Ivan A. Melnikov 1.11.2-alt2 - add patch 23 from upstream git to fix kpasswd udp ping-pong CVE-2002-2443...

Security fix for the ALT Linux 9 package bind version 9.9.2-alt3

Dec. 11, 2012 George V. Kouryachy 9.9.2-alt3 - Update to 9.9.2-P1 CVE-2012-5688 and bugfixes - Add systemd service file from FC...

Security fix for the ALT Linux 10 package libtiff version 3.9.6-alt3

Aug. 27, 2012 Dmitry V. Levin 3.9.6-alt3 - Updated to Release-v3-9-6-8-g0f67777 fixes CVE-2012-2113 CVE-2012-2088 CVE-2012-3401...