Security fix for the ALT Linux 10 package apache2 version 1:2.4.25-alt1

May 18, 2017 Anton Farygin 1:2.4.25-alt1 - updated to 2.4.25 witch security fixes: + CVE-2016-8740 modhttp2: Mitigate DoS memory exhaustion via endless CONTINUATION frames. + CVE-2016-5387 core: Mitigate fcgi "httpoxy" issues + CVE-2016-2161 modauthdigest: Prevent segfaults during client entry...

Security fix for the ALT Linux 9 package openvpn version 2.4.2-alt1

May 14, 2017 Nikolay A. Fetisov 2.4.2-alt1 - New version - Security fixes: + CVE-2017-7478 Don't assert out on receiving too-large control packets + CVE-2017-7479 Drop packets instead of assert out if packet id rolls over...

Security fix for the ALT Linux 8 package jq version 1.5-alt1.M80P.1

1.5-alt1.M80P.1 built May 11, 2017 Anton Farygin in task 182774 May 10, 2017 Anton Farygin - new version with security fixes CVE-2015-8863...

Security fix for the ALT Linux 10 package git version 2.10.3-alt1

May 11, 2017 Dmitry V. Levin 2.10.3-alt1 - 2.10.2 - 2.10.3 fixes: CVE-2017-8386...

Security fix for the ALT Linux 8 package git version 2.10.3-alt1

May 11, 2017 Dmitry V. Levin 2.10.3-alt1 - 2.10.2 - 2.10.3 fixes: CVE-2017-8386...

Security fix for the ALT Linux 10 package firefox-esr version 52.1.1-alt1

May 8, 2017 Andrey Cherepanov 52.1.1-alt1 - New ESR version 52.1.1 - Set plugin.loadflashonly setting to false to allow use all NPAPI plugins - Security fixes since 52.0: + CVE-2016-10196: Vulnerabilities in Libevent library + CVE-2017-5031: Use after free in ANGLE + CVE-2017-5428: integer overfl...

Security fix for the ALT Linux 10 package firefox-esr version 52.0-alt1

May 8, 2017 Andrey Cherepanov 52.0-alt1 - New release 52.0 based on legion@ build. - Built with internal icu. - Fixed: + CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP + CVE-2017-5401: Memory Corruption when handling ErrorResult + CVE-2017-5402: Use-after-free working with events in...

Security fix for the ALT Linux 8 package mariadb version 10.1.23-alt1

May 5, 2017 Alexey Shabalin 10.1.23-alt1 - 10.1.23 - add maria-backup package - Fixes for the following security vulnerabilities: + CVE-2017-3302 + CVE-2017-3313 + CVE-2017-3308 + CVE-2017-3309 + CVE-2017-3453 + CVE-2017-3456 + CVE-2017-3464...

Security fix for the ALT Linux 10 package thunderbird version 52.1.0-alt1

May 2, 2017 Andrey Cherepanov 52.1.0-alt1 - New version 52.0.1 - Security fixes: + CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR + CVE-2017-5430: Memory safety bugs fixed in Firefox 53, Firefox ESR + CVE-2017-5432: Use-after-free in text input selection + CVE-2017-5433:...

Security fix for the ALT Linux 10 package firefox-esr version 45.9.0-alt1

April 20, 2017 Andrey Cherepanov 45.9.0-alt1 - New ESR version - Security fixes: + CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, + CVE-2017-5462: DRBG flaw in NSS + CVE-2017-5445: Uninitialized values used while parsing + CVE-2017-5469: Potential Buffer overflow in...

Security fix for the ALT Linux 8 package curl version 7.54.0-alt1

April 19, 2017 Anton Farygin 7.54.0-alt1 - new version with security fixes: CVE-2016-5419: TLS session resumption client cert bypass again...

Security fix for the ALT Linux 9 package wireshark version 2.2.6-alt1

April 14, 2017 Anton Farygin 2.2.6-alt1 - new version with these security fixes: wnpa-sec-2017-12 IMAP dissector crash CVE-2017-7703 wnpa-sec-2017-13 WBMXL dissector infinite loop CVE-2017-7702 wnpa-sec-2017-14 NetScaler file parser infinite loop CVE-2017-7700 wnpa-sec-2017-15 RPCoRDMA dissector...

Security fix for the ALT Linux 7 package wireshark version 2.2.6-alt1.M70P.1

April 14, 2017 Anton Farygin 2.2.6-alt1.M70P.1 - new version with these security fixes: wnpa-sec-2017-12 IMAP dissector crash CVE-2017-7703 wnpa-sec-2017-13 WBMXL dissector infinite loop CVE-2017-7702 wnpa-sec-2017-14 NetScaler file parser infinite loop CVE-2017-7700 wnpa-sec-2017-15 RPCoRDMA...

Security fix for the ALT Linux 7 package krb5 version 1.13.7-alt0.M70P.1

1.13.7-alt0.M70P.1 built April 13, 2017 Evgeny Sinelnikov in task 180726 March 24, 2017 Evgeny Sinelnikov - Update to supported security release Fixes: CVE-2014-5355, CVE-2015-2694, CVE-2015-2695, CVE-2015-2696, CVE-2015-2698, CVE-2015-2697, CVE-2015-8629, CVE-2015-8630, CVE-2015-8631,...

Security fix for the ALT Linux 9 package python3-module-django version 1.8.18-alt1

April 12, 2017 Alexey Shabalin 1.8.18-alt1 - 1.8.18 - fixed CVE-2017-7233,CVE-2017-7234...

Security fix for the ALT Linux 10 package python3-module-django version 1.8.18-alt1

April 12, 2017 Alexey Shabalin 1.8.18-alt1 - 1.8.18 - fixed CVE-2017-7233,CVE-2017-7234...

Security fix for the ALT Linux 9 package bind version 9.10.4.P8-alt1

April 12, 2017 Dmitry V. Levin 9.10.4.P8-alt1 - 9.10.4-P6 - 9.10.4-P8 fixes: CVE-2017-3136, CVE-2017-3137, CVE-2017-3138. - bind.service: pass $CHROOT to named-checkconf closes: 33239. - bind.init: check named configuration on startup...

Security fix for the ALT Linux 8 package bind version 9.10.4.P8-alt1

April 12, 2017 Dmitry V. Levin 9.10.4.P8-alt1 - 9.10.4-P6 - 9.10.4-P8 fixes: CVE-2017-3136, CVE-2017-3137, CVE-2017-3138. - bind.service: pass $CHROOT to named-checkconf closes: 33239. - bind.init: check named configuration on startup...

Security fix for the ALT Linux 8 package file version 4.26-alt13

4.26-alt13 built March 28, 2017 Dmitry V. Levin in task 180955 --- March 22, 2017 Dmitry V. Levin - Backported readelf fix by sem@; fixes: CVE-2014-9653. - Backported magic for lrzip, lz4, zstd, and snappy. - Backported -z support for lrzip, lz4, and zstd...

Security fix for the ALT Linux 8 package gnupg version 1.4.21-alt1

1.4.21-alt1 built March 28, 2017 Dmitry V. Levin in task 180956 --- Aug. 17, 2016 Dmitry V. Levin - 1.4.20 - 1.4.21 fixes CVE-2016-6313...

Security fix for the ALT Linux 8 package tar version 1.29.0.19.d061-alt1

1.29.0.19.d061-alt1 built March 28, 2017 Dmitry V. Levin in task 180955 --- March 20, 2017 Dmitry V. Levin - tar: release128-39-gd02c81d - release129-19-gd06126f fixes: CVE-2016-6321. - tar: added --lz4 and --zstd options. - gnulib: v0.1-585-g2fda85e - v0.1-1209-g24b3216...

Security fix for the ALT Linux 10 package samba version 4.6.1-alt1.S1

March 23, 2017 Evgeny Sinelnikov 4.6.1-alt1.S1 - Update to spring security release - Fixed build --without docs closes: 33118 - Security fixes: + CVE-2017-2619 Symlink race allows access outside share definition...

Security fix for the ALT Linux 8 package samba version 4.6.1-alt1

March 23, 2017 Evgeny Sinelnikov 4.6.1-alt1 - Update to spring security release - Fixed build --without docs closes: 33118 - Security fixes: + CVE-2017-2619 Symlink race allows access outside share definition...

Security fix for the ALT Linux 8 package samba-DC version 4.6.1-alt1

March 23, 2017 Evgeny Sinelnikov 4.6.1-alt1 - Update to spring security release - Fixed build --without docs closes: 33118 - Security fixes: + CVE-2017-2619 Symlink race allows access outside share definition...

Security fix for the ALT Linux 7 package samba-DC version 4.5.7-alt1.M70P.1

March 23, 2017 Evgeny Sinelnikov 4.5.7-alt1.M70P.1 - Update to spring security release - Fixed build --without docs closes: 33118 - Security fixes: + CVE-2017-2619 Symlink race allows access outside share definition...

Security fix for the ALT Linux 7 package samba version 4.5.7-alt1.M70P.1

March 23, 2017 Evgeny Sinelnikov 4.5.7-alt1.M70P.1 - Update to spring security release - Fixed build --without docs closes: 33118 - Security fixes: + CVE-2017-2619 Symlink race allows access outside share definition...

Security fix for the ALT Linux 7 package adobe-flash-player version 3:25-alt0.M70P.1

3:25-alt0.M70P.1 built March 20, 2017 Sergey V Turchin in task 180552 March 20, 2017 Sergey V Turchin - new version - security fixes: CVE-2017-2997, CVE-2017-2998, CVE-2017-2999, CVE-2017-3000, CVE-2017-3001, CVE-2017-3002, CVE-2017-3003...

Security fix for the ALT Linux 8 package shadow version 1:4.2.1-alt7.M80P.1

1:4.2.1-alt7.M80P.1 built March 13, 2017 Mikhail Efremov in task 179286 --- March 7, 2017 Mikhail Efremov - Backported from upstream git: + Fix a resource leak in syslogsg. + Fix a resource leak in libmis/idmapping.c. + Free memory on error path. - Fix user busy errors at userdel patch from Fedor...

Security fix for the ALT Linux 8 package libxml2 version 1:2.9.4.0.12.e905-alt1

1:2.9.4.0.12.e905-alt1 built March 7, 2017 Dmitry V. Levin in task 179256 --- March 3, 2017 Dmitry V. Levin - v2.9.3-5-g65112cb - v2.9.4-12-ge905f08 fixes: CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627,...

Security fix for the ALT Linux 9 package libxml2 version 1:2.9.4.0.12.e905-alt1

March 3, 2017 Dmitry V. Levin 1:2.9.4.0.12.e905-alt1 - v2.9.3-5-g65112cb - v2.9.4-12-ge905f08 fixes: CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705, CVE-2016-4449, CVE-2016-4483, CVE-2016-4658,...

Security fix for the ALT Linux 10 package libxml2 version 1:2.9.4.0.12.e905-alt1

March 3, 2017 Dmitry V. Levin 1:2.9.4.0.12.e905-alt1 - v2.9.3-5-g65112cb - v2.9.4-12-ge905f08 fixes: CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705, CVE-2016-4449, CVE-2016-4483, CVE-2016-4658,...

Security fix for the ALT Linux 8 package curl version 7.53.0-alt1

Feb. 22, 2017 Anton Farygin 7.53.0-alt1 - new version with security fixes: CVE-2017-2629: SSLVERIFYSTATUS ignored...

Security fix for the ALT Linux 7 package adobe-flash-player version 3:24-alt0.M70P.3

3:24-alt0.M70P.3 built Feb. 17, 2017 Sergey V Turchin in task 178313 Feb. 17, 2017 Sergey V Turchin - new version - security fixes: CVE-2017-2982, CVE-2017-2984, CVE-2017-2985, CVE-2017-2986, CVE-2017-2987, CVE-2017-2988, CVE-2017-2990, CVE-2017-2991, CVE-2017-2992, CVE-2017-2993, CVE-2017-2994,...

Security fix for the ALT Linux 8 package krb5 version 1.14.4-alt1.M80P.1

Feb. 15, 2017 Evgeny Sinelnikov 1.14.4-alt1.M80P.1 - 1.14.4 - fixed CVE-2016-3120...

Security fix for the ALT Linux 9 package krb5 version 1.14.4-alt1.S1

Feb. 15, 2017 Evgeny Sinelnikov 1.14.4-alt1.S1 - 1.14.4 - fixed CVE-2016-3120...

Security fix for the ALT Linux 8 package bind version 9.10.4-alt2

Feb. 8, 2017 Dmitry V. Levin 9.10.4-alt2 - 9.10.4-P5 - 9.10.4-P6 fixes CVE-2017-3135...

Security fix for the ALT Linux 9 package bind version 9.10.4-alt2

Feb. 8, 2017 Dmitry V. Levin 9.10.4-alt2 - 9.10.4-P5 - 9.10.4-P6 fixes CVE-2017-3135...

Security fix for the ALT Linux 10 package python3-module-django version 1.8.17-alt1

Feb. 2, 2017 Alexey Shabalin 1.8.17-alt1 - 1.8.17 - fixed CVE-2016-9013,CVE-2016-9014...

Security fix for the ALT Linux 9 package python3-module-django version 1.8.17-alt1

Feb. 2, 2017 Alexey Shabalin 1.8.17-alt1 - 1.8.17 - fixed CVE-2016-9013,CVE-2016-9014...

Security fix for the ALT Linux 8 package openssl10 version 1.0.2k-alt0.M80P.1

1.0.2k-alt0.M80P.1 built Jan. 27, 2017 Gleb Fotengauer-Malinovskiy in task 177185 Jan. 26, 2017 Gleb Fotengauer-Malinovskiy - Backported to p8 branch fixes CVE-2016-7055, CVE-2017-3731, CVE-2017-3732...

Security fix for the ALT Linux 8 package openssl10 version 1.0.2k-alt1

Jan. 26, 2017 Gleb Fotengauer-Malinovskiy 1.0.2k-alt1 - Updated to v1.0.2k fixes CVE-2016-7055, CVE-2017-3731, CVE-2017-3732...

Security fix for the ALT Linux 9 package openssl1.1 version 1.0.2k-alt1

Jan. 26, 2017 Gleb Fotengauer-Malinovskiy 1.0.2k-alt1 - Updated to v1.0.2k fixes CVE-2016-7055, CVE-2017-3731, CVE-2017-3732...

Security fix for the ALT Linux 10 package openssl1.1 version 1.0.2k-alt1

Jan. 26, 2017 Gleb Fotengauer-Malinovskiy 1.0.2k-alt1 - Updated to v1.0.2k fixes CVE-2016-7055, CVE-2017-3731, CVE-2017-3732...

Security fix for the ALT Linux 9 package openssl10 version 1.0.2k-alt1

Jan. 26, 2017 Gleb Fotengauer-Malinovskiy 1.0.2k-alt1 - Updated to v1.0.2k fixes CVE-2016-7055, CVE-2017-3731, CVE-2017-3732...

Security fix for the ALT Linux 10 package runc version 1.0.0-alt2.gitc91b5be

Jan. 23, 2017 Vladimir Didenko 1.0.0-alt2.gitc91b5be - New version. - Fixes CVE-2016-9962...

Security fix for the ALT Linux 8 package runc version 1.0.0-alt2.gitc91b5be

Jan. 23, 2017 Vladimir Didenko 1.0.0-alt2.gitc91b5be - New version. - Fixes CVE-2016-9962...

Security fix for the ALT Linux 8 package freeipa version 4.3.2-alt6

Jan. 23, 2017 Mikhail Efremov 4.3.2-alt6 - client: Require nss-utils closes: 33031. - Patches from upstream: + Fixed CVE-2016-7030. + Fixed CVE-2016-9575...

Security fix for the ALT Linux 7 package adobe-flash-player version 3:24-alt0.M70P.2

3:24-alt0.M70P.2 built Jan. 12, 2017 Sergey V Turchin in task 176069 Jan. 11, 2017 Sergey V Turchin - new version - security fixes: CVE-2017-2925, CVE-2017-2926, CVE-2017-2927, CVE-2017-2928, CVE-2017-2930, CVE-2017-2931, CVE-2017-2932, CVE-2017-2933, CVE-2017-2934, CVE-2017-2935, CVE-2017-2936,...

Security fix for the ALT Linux 6 package adobe-flash-player version 3:24-alt0.M70P.2

3:24-alt0.M70P.2 built Jan. 12, 2017 Sergey V Turchin in task 176070 Jan. 11, 2017 Sergey V Turchin - new version - security fixes: CVE-2017-2925, CVE-2017-2926, CVE-2017-2927, CVE-2017-2928, CVE-2017-2930, CVE-2017-2931, CVE-2017-2932, CVE-2017-2933, CVE-2017-2934, CVE-2017-2935, CVE-2017-2936,...

Security fix for the ALT Linux 9 package phpipam version 1.27.002-alt1

Jan. 10, 2017 Alexey Shabalin 1.27.002-alt1 - git snapshot of master branch d55883ff28a3cf347f18e0cc717cf64b7556706a - update PHPMailer to 5.2.22 fixed CVE-2017-5223...