Security fix for the ALT Linux 10 package thunderbird version 102.5.1-alt1

102.5.1-alt1 built Dec. 13, 2022 Pavel Vasenkov in task 311239 Dec. 5, 2022 Pavel Vasenkov - New version. - Security fixes: + CVE-2022-45414 Quoting from an HTML email with certain tags will trigger network requests and load remote content, regardless of a configuration...

Security fix for the ALT Linux 10 package libarchive version 3.6.1-alt2

3.6.1-alt2 built Dec. 12, 2022 Alexander Danilov in task 311215 Dec. 5, 2022 Alexander Danilov - security fixes: CVE-2022-36227...

Security fix for the ALT Linux 10 package helm version 3.10.2-alt1

3.10.2-alt1 built Dec. 8, 2022 Mikhail Gordeev in task 311367 Dec. 3, 2022 Mikhail Gordeev - new version 3.10.2 - Fixes: CVE-2022-36055 CVE-2022-36049 CVE-2021-32690 CVE-2021-21303...

Security fix for the ALT Linux 10 package golang version 1.19.4-alt1

Dec. 7, 2022 Alexey Shabalin 1.19.4-alt1 - New version 1.19.4 Fixes: CVE-2022-41717, CVE-2022-41720...

Security fix for the ALT Linux 9 package freerdp version 2.9.0-alt1

2.9.0-alt1 built Dec. 6, 2022 Andrey Cherepanov in task 310221 Nov. 18, 2022 Andrey Cherepanov - New version. - Fixed multiple client side input validation issues CVE-2022-39316, CVE-2022-39317, CVE-2022-39318, CVE-2022-39319, CVE-2022-39320, CVE-2022-41877, CVE-2022-39347...

Security fix for the ALT Linux 9 package tcpreplay version 4.4.2-alt1

4.4.2-alt1 built Nov. 30, 2022 Anton Farygin in task 310755 Nov. 28, 2022 Anton Farygin - 4.4.2 Fixes: CVE-2022-28487, CVE-2022-27942, CVE-2022-27940, CVE-2022-37047, CVE-2022-37049, CVE-2022-27939, CVE-2022-25484, CVE-2022-27941...

Security fix for the ALT Linux 10 package cri-o version 1.24.3-alt1

Nov. 24, 2022 Mikhail Gordeev 1.24.3-alt1 - 1.24.3 - Fixes: CVE-2022-1708...

Security fix for the ALT Linux 10 package thunderbird version 102.5.0-alt1

102.5.0-alt1 built Nov. 24, 2022 Pavel Vasenkov in task 310334 Nov. 16, 2022 Pavel Vasenkov - New version. - Security fixes: + CVE-2022-45403 Service Workers might have learned size of cross-origin media files + CVE-2022-45404 Fullscreen notification bypass + CVE-2022-45405 Use-after-free in...

Security fix for the ALT Linux 9 package krb5 version 1.17.2-alt4

1.17.2-alt4 built Nov. 24, 2022 Ivan A. Melnikov in task 310094 Nov. 16, 2022 Ivan A. Melnikov - Backports from 1.19.4: + fix integer overflows in PAC parsing Fixes: CVE-2022-42898; + fix some memory leaks...

Security fix for the ALT Linux 10 package samba version 4.16.7-alt1

Nov. 22, 2022 Evgeny Sinelnikov 4.16.7-alt1 - Update to maintenance release of Samba 4.16 Samba15203 - Security fixes: + CVE-2022-42898: Samba's Kerberos libraries and AD DC failed to guard against integer overflows when parsing a PAC on a 32-bit system, which allowed an attacker with a forged PA...

Security fix for the ALT Linux 9 package libexo version 0.12.11-alt3

0.12.11-alt3 built Nov. 18, 2022 Mikhail Efremov in task 310173 Nov. 17, 2022 Mikhail Efremov - exo-helper: Properly quote command parameters fixes: CVE-2022-45062...

Security fix for the ALT Linux 10 package firefox-esr version 102.5.0-alt1

Nov. 16, 2022 Pavel Vasenkov 102.5.0-alt1 - New ESR version. - Security fixes: + CVE-2022-45403 Service Workers might have learned size of cross-origin media files + CVE-2022-45404 Fullscreen notification bypass + CVE-2022-45405 Use-after-free in InputStream implementation + CVE-2022-45406...

Security fix for the ALT Linux 10 package firefox-esr version 102.4.0-alt1

102.4.0-alt1 built Nov. 10, 2022 Andrey Cherepanov in task 309056 Oct. 24, 2022 Pavel Vasenkov - New ESR version. - Security fixes: + CVE-2022-42927 Same-origin policy violation could have leaked cross-origin URLs + CVE-2022-42928 Memory Corruption in JS Engine + CVE-2022-42929 Denial of Service...

Security fix for the ALT Linux 9 package glpi version 9.5.10-alt1

Nov. 4, 2022 Pavel Zilke 9.5.10-alt1 - New version 9.5.10 - This release fixes several security issues that has been recently discovered. Update is recommended! - Security fixes: + CVE-2022-39276 : Blind SSRF in RSS feeds and planning + CVE-2022-39372 : Stored XSS in user information +...

Security fix for the ALT Linux 10 package glpi version 9.5.10-alt1

Nov. 4, 2022 Pavel Zilke 9.5.10-alt1 - New version 9.5.10 - This release fixes several security issues that has been recently discovered. Update is recommended! - Security fixes: + CVE-2022-39276 : Blind SSRF in RSS feeds and planning + CVE-2022-39372 : Stored XSS in user information +...

Security fix for the ALT Linux 10 package golang version 1.19.3-alt1

Nov. 3, 2022 Alexey Shabalin 1.19.3-alt1 - New version 1.19.3 Fixes: CVE-2022-41716...

Security fix for the ALT Linux 10 package php8.1 version 8.1.12-alt1

8.1.12-alt1 built Nov. 3, 2022 Anton Farygin in task 309327 Oct. 31, 2022 Anton Farygin - 8.1.11 - 8.1.12 Fixes: CVE-2022-37454, CVE-2022-31630...

Security fix for the ALT Linux 10 package php8.0 version 8.0.25-alt1

8.0.25-alt1 built Nov. 2, 2022 Anton Farygin in task 309328 Oct. 26, 2022 Anton Farygin - 8.0.24 - 8.0.25 Fixes: CVE-2022-31630, CVE-2022-37454...

Security fix for the ALT Linux 10 package java-17-openjdk version 0:17.0.5.0.8-alt1

0:17.0.5.0.8-alt1 built Nov. 2, 2022 Andrey Cherepanov in task 305236 Oct. 30, 2022 Andrey Cherepanov - New version. - Security fixes: + JDK-8286077, CVE-2022-21618: Wider MultiByte conversions + JDK-8286526, CVE-2022-21619: Improve NTLM support + JDK-8286910, CVE-2022-21624: Improve JNDI lookups...

Security fix for the ALT Linux 9 package nginx version 1.22.1-alt1

1.22.1-alt1 built Oct. 31, 2022 Anton Farygin in task 308764 Oct. 21, 2022 Anton Farygin - 1.22.1 Fixes: CVE-2022-41741, CVE-2022-41742...

Security fix for the ALT Linux 10 package php8.2 version 8.1.12-alt1

Oct. 31, 2022 Anton Farygin 8.1.12-alt1 - 8.1.11 - 8.1.12 Fixes: CVE-2022-37454, CVE-2022-31630...

Security fix for the ALT Linux 10 package samba version 4.16.6-alt1

Oct. 27, 2022 Evgeny Sinelnikov 4.16.6-alt1 - Update to maintenance release of Samba 4.16 Samba15134 - Security fixes: + CVE-2022-3437: There is a limited write heap buffer overflow in the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal included in Samba...

Security fix for the ALT Linux 10 package thunderbird version 102.2.1-alt1

102.2.1-alt1 built Oct. 26, 2022 Andrey Cherepanov in task 307737 Sept. 6, 2022 Pavel Vasenkov - New version. - Security fixes: + CVE-2022-3033 Leaking of sensitive information when composing a response to an HTML email with a META refresh tag + CVE-2022-3032 Remote content specified in an HTML...

Security fix for the ALT Linux 10 package libarchive version 3.6.0-alt2

Oct. 26, 2022 Alexander Danilov 3.6.0-alt2 - security fixes: CVE-2022-26280...

Security fix for the ALT Linux 10 package git version 2.33.5-alt1

2.33.5-alt1 built Oct. 22, 2022 Dmitry V. Levin in task 308655 Oct. 6, 2022 Dmitry V. Levin - 2.33.4 - 2.33.5 fixes: CVE-2022-39253, CVE-2022-39260...

Security fix for the ALT Linux 10 package golang version 1.18.7-alt1

1.18.7-alt1 built Oct. 18, 2022 Alexey Shabalin in task 308328 Oct. 6, 2022 Alexey Shabalin - New version 1.18.7 Fixes: CVE-2022-2879, CVE-2022-2880, CVE-2022-41715...

Security fix for the ALT Linux 9 package freerdp version 2.8.1-alt1

Oct. 14, 2022 Andrey Cherepanov 2.8.1-alt1 - New version. - Security fixes for CVE-2022-39282, CVE-2022-39283...

Security fix for the ALT Linux 10 package wireshark version 3.6.8-alt1

3.6.8-alt1 built Oct. 13, 2022 Anton Farygin in task 307966 Oct. 6, 2022 Anton Farygin - 3.6.5 - 3.6.8 Fixes: CVE-2022-3190...

Security fix for the ALT Linux 10 package php8.0 version 8.0.24-alt1

8.0.24-alt1 built Oct. 13, 2022 Anton Farygin in task 307752 Sept. 30, 2022 Anton Farygin - 8.0.23 - 8.0.24 Fixes: CVE-2022-31629...

Security fix for the ALT Linux 10 package python3-module-django version 3.2.16-alt1

3.2.16-alt1 built Oct. 13, 2022 Alexey Shabalin in task 308240 Oct. 11, 2022 Alexey Shabalin - new version 3.2.16 - Fixes for the following security vulnerabilities: + CVE-2022-41323 Potential denial-of-service vulnerability in internationalized URLs...

Security fix for the ALT Linux 10 package php8.1 version 8.1.11-alt1

8.1.11-alt1 built Oct. 11, 2022 Anton Farygin in task 307734 Sept. 30, 2022 Anton Farygin - 8.1.10 - 8.1.11 fixes: CVE-2022-31628, CVE-2022-31629...

Security fix for the ALT Linux 10 package firefox-esr version 102.3.0-alt1

Oct. 10, 2022 Pavel Vasenkov 102.3.0-alt1 - New ESR version. - Security fixes: + CVE-2022-3266 Out of bounds read when decoding H264 + CVE-2022-40959 Bypassing FeaturePolicy restrictions on transient pages + CVE-2022-40960 Data-race when parsing non-UTF-8 URLs in threads + CVE-2022-40958 Bypassin...

Security fix for the ALT Linux 10 package thunderbird version 102.3.1-alt1

Oct. 10, 2022 Pavel Vasenkov 102.3.1-alt1 - New version. - Security fixes: + CVE-2022-39249 Matrix SDK bundled with Thunderbird vulnerable to an impersonation attack by malicious server administrators + CVE-2022-39250 Matrix SDK bundled with Thunderbird vulnerable to a device verification attack ...

Security fix for the ALT Linux 10 package thunderbird version 102.3.0-alt1

Oct. 9, 2022 Pavel Vasenkov 102.3.0-alt1 - New version. - Security fixes: + CVE-2022-3266 Out of bounds read when decoding H264 + CVE-2022-40959 Bypassing FeaturePolicy restrictions on transient pages + CVE-2022-40960 Data-race when parsing non-UTF-8 URLs in threads + CVE-2022-40958 Bypassing...

Security fix for the ALT Linux 10 package php8.2 version 8.1.11-alt1

Sept. 30, 2022 Anton Farygin 8.1.11-alt1 - 8.1.10 - 8.1.11 fixes: CVE-2022-31628, CVE-2022-31629...

Security fix for the ALT Linux 10 package node version 16.17.1-alt1

Sept. 30, 2022 Vitaly Lipatov 16.17.1-alt1 - new version 16.17.1 with rpmrb script - set npm = 8.15.0 - CVE-2022-32212: DNS rebinding in --inspect on macOS High - CVE-2022-32213: bypass via obs-fold mechanic Medium - CVE-2022-35255: Weak randomness in WebCrypto keygen - CVE-2022-35256: HTTP Reque...

Security fix for the ALT Linux 9 package openvpn version 2.5.6-alt1

2.5.6-alt1 built Sept. 28, 2022 Andrey Cherepanov in task 305924 May 16, 2022 Nikolay A. Fetisov - New version Closes: 42217 - Security fixes: + CVE-2022-0547: possible authentication bypass if multiple authentication plugins tries to do deferred authentication - Fix build with new...

Security fix for the ALT Linux 9 package glpi version 9.5.9-alt1

9.5.9-alt1 built Sept. 23, 2022 Pavel Zilke in task 307140 Sept. 14, 2022 Pavel Zilke - New version 9.5.9 - This release fixes several critical security issues that has been recently discovered. Update is strongly recommended! - Security fixes: + CVE-2022-35945 : XSS through registration API +...

Security fix for the ALT Linux 10 package glpi version 9.5.9-alt1

9.5.9-alt1 built Sept. 16, 2022 Pavel Zilke in task 306811 Sept. 14, 2022 Pavel Zilke - New version 9.5.9 - This release fixes several critical security issues that has been recently discovered. Update is strongly recommended! - Security fixes: + CVE-2022-35945 : XSS through registration API +...

Security fix for the ALT Linux 10 package golang version 1.18.6-alt1

Sept. 14, 2022 Alexey Shabalin 1.18.6-alt1 - New version 1.18.6 Fixes: CVE-2022-27664...

Security fix for the ALT Linux 10 package samba version 4.16.4-alt2

Sept. 8, 2022 Evgeny Sinelnikov 4.16.4-alt2 - Add support Heimdal only of "ignore requester sid" global option for the correct operation of trust relationships with oldest versions of MS AD without KB5008380 Authentication updates CVE-2021-42287...

Security fix for the ALT Linux 9 package postgresql12 version 12.12-alt0.M90P.1

12.12-alt0.M90P.1 built Sept. 1, 2022 Alexei Takaseev in task 305052 Aug. 10, 2022 Alexei Takaseev - 12.12 Fixes CVE-2022-2625...

Security fix for the ALT Linux 9 package postgresql12-1C version 12.11-alt0.M90P.3

12.11-alt0.M90P.3 built Sept. 1, 2022 Alexei Takaseev in task 305052 Aug. 10, 2022 Alexei Takaseev - Fixes CVE-2022-2625...

Security fix for the ALT Linux 10 package python3-module-django version 3.2.15-alt1

3.2.15-alt1 built Aug. 30, 2022 Alexey Shabalin in task 305627 Aug. 22, 2022 Alexey Shabalin - new version 3.2.15 - Fixes for the following security vulnerabilities: + CVE-2022-34265 Potential SQL injection via Trunckind and Extractlookupname arguments. + CVE-2022-36359 Potential reflected file...

Security fix for the ALT Linux 10 package firefox-esr version 102.2.0-alt1

Aug. 25, 2022 Pavel Vasenkov 102.2.0-alt1 - New ESR version. - Security fixes: + CVE-2022-38472 Address bar spoofing via XSLT error handling + CVE-2022-38473 Cross-origin XSLT Documents would have inherited the parent's permissions + CVE-2022-38476 Data race and potential use-after-free in...

Security fix for the ALT Linux 10 package thunderbird version 102.2.0-alt1

Aug. 24, 2022 Pavel Vasenkov 102.2.0-alt1 - New version. - Security fixes: + CVE-2022-38472 Address bar spoofing via XSLT error handling + CVE-2022-38473 Cross-origin XSLT Documents would have inherited the parent's permissions + CVE-2022-38476 Data race and potential use-after-free in PK11Change...

Security fix for the ALT Linux 10 package postgresql13 version 13.8-alt1

13.8-alt1 built Aug. 18, 2022 Alexei Takaseev in task 305054 Aug. 10, 2022 Alexei Takaseev - 13.8 Fixes CVE-2022-2625...

Security fix for the ALT Linux 10 package postgresql14 version 14.5-alt1

14.5-alt1 built Aug. 18, 2022 Alexei Takaseev in task 305054 Aug. 10, 2022 Alexei Takaseev - 14.5 Fixes CVE-2022-2625...

Security fix for the ALT Linux 10 package postgresql12 version 12.12-alt1

12.12-alt1 built Aug. 18, 2022 Alexei Takaseev in task 305054 Aug. 10, 2022 Alexei Takaseev - 12.12 Fixes CVE-2022-2625...

Security fix for the ALT Linux 10 package samba version 4.15.9-alt1

4.15.9-alt1 built Aug. 15, 2022 Evgeny Sinelnikov in task 302667 July 31, 2022 Evgeny Sinelnikov - Update to security release of Samba 4.15 - Security fixes: + CVE-2022-2031: Samba AD users can bypass certain restrictions associated with changing passwords Samba15047. + CVE-2022-32744: Samba AD...