Sisyphus repositório
Última atualização: 14 agosto 2018 | SRPMs: 18657 | Visitas: 12073343
en ru br
As correcções de segurança

bind-9.11.4.P1-alt1   build Stanislav Levin, 2018-08-13


- 9.11.3 -> 9.11.4.P1 (fixes: CVE-2018-5738, CVE-2018-5740).

gdm-3.28.3-alt1   build Yuri N. Sedunov, 2018-08-13


- 3.28.3 (fixed CVE-2018-14424)
- disabled parallel build on aarch64

postgresql9.3-9.3.24-alt1   build Alexei Takaseev, 2018-08-11


- 9.3.24
- Fix CVE-2018-10915

postgresql9.5-9.5.14-alt1   build Alexei Takaseev, 2018-08-11


- 9.5.14
- Fix CVE-2018-10915, CVE-2018-10925

postgresql9.4-9.4.19-alt1   build Alexei Takaseev, 2018-08-11


- 9.4.19
- Fix CVE-2018-10915

postgresql9.6-1C-9.6.10-alt1   build Alexei Takaseev, 2018-08-11


- 9.6.10
- Fix CVE-2018-10915, CVE-2018-10925

postgresql10-10.5-alt1   build Alexei Takaseev, 2018-08-11


- 10.5
- Fix CVE-2018-10915, CVE-2018-10925

postgresql9.6-9.6.10-alt1   build Alexei Takaseev, 2018-08-11


- 9.6.9
- Fix CVE-2018-10915, CVE-2018-10925

postgresql10-1C-10.5-alt1   build Alexei Takaseev, 2018-08-11


- 10.5
- Fix CVE-2018-10915, CVE-2018-10925

adobe-flash-player-ppapi-30-alt1.S1   build Sergey V Turchin, 2018-08-09


- new version (ALT#34555)
- security fixes:
CVE-2018-4944, CVE-2018-4945, CVE-2018-5000, CVE-2018-5001,
CVE-2018-5002, CVE-2018-5007, CVE-2018-5008

exiv2-0.26-alt2   build Yuri N. Sedunov, 2018-08-07


- applied set of fc/upstream patches (fixed CVE-2017-11683,
CVE-2017-14859, CVE-2017-14860, CVE-2017-14862,
CVE-2017-14864, CVE-2017-17669, CVE-2017-17723,
CVE-2017-17725, CVE-2018-10958, CVE-2018-10998,
CVE-2018-11531, CVE-2018-12264, CVE-2018-12265,
CVE-2018-14046, CVE-2018-5772, CVE-2018-8976,
CVE-2018-8977)

firmware-intel-ucode-6-alt1.20180703   build L.A. Kostis, 2018-08-06


- Sync with Debian 3.20180703.2:
+ Updated Microcodes:
sig 0x000206d6, pf_mask 0x6d, 2018-05-08, rev 0x061d, size 18432
sig 0x000206d7, pf_mask 0x6d, 2018-05-08, rev 0x0714, size 19456
sig 0x000306e4, pf_mask 0xed, 2018-04-25, rev 0x042d, size 15360
sig 0x000306e7, pf_mask 0xed, 2018-04-25, rev 0x0714, size 17408
sig 0x000306f2, pf_mask 0x6f, 2018-04-20, rev 0x003d, size 33792
sig 0x000306f4, pf_mask 0x80, 2018-04-20, rev 0x0012, size 17408
sig 0x000406f1, pf_mask 0xef, 2018-04-19, rev 0xb00002e, size 28672
sig 0x00050654, pf_mask 0xb7, 2018-05-15, rev 0x200004d, size 31744
sig 0x00050665, pf_mask 0x10, 2018-04-20, rev 0xe00000a, size 18432
+ First batch of fixes for: Intel SA-00115, CVE-2018-3639, CVE-2018-3640
+ SSBD support (Spectre-v4 mitigation) and fix Spectre-v3a for:
Sandybridge server, Ivy Bridge server, Haswell server, Skylake server,
Broadwell server, a few HEDT Core i7/i9 models that are actually gimped
server dies.
- source: update symlinks to reflect id of the latest release, 20180703

libwebkitgtk4-2.20.4-alt2   build Yuri N. Sedunov, 2018-08-06


- 2.20.4 (fixed CVE-2018-4261, CVE-2018-4262, CVE-2018-4263,
CVE-2018-4264, CVE-2018-4265, CVE-2018-4266, CVE-2018-4267,
CVE-2018-4270, CVE-2018-4272, CVE-2018-4273, CVE-2018-4278,
CVE-2018-4284)

NetworkManager-vpnc-1.2.6-alt1   build Mikhail Efremov, 2018-08-01


- Disable libnm-glib-* support.
- Fix build without libnm-glib-*.
- Updated to 1.2.6 (fixes CVE-2018-10900).

apache2-2.4.34-alt1.S1   build Anton Farygin, 2018-07-31


- 2.4.34
- fixes:
* CVE-2018-1333 DoS for HTTP/2 connections by crafted requests
* CVE-2018-8011 mod_md, DoS via Coredumps on specially crafted requests

libytnef-1.9.3-alt1   build Yuri N. Sedunov, 2018-07-23


- 1.9.3 (fixed CVE-2017-9470, CVE-2017-9471, CVE-2017-9474, CVE-2017-9058,
CVE-2017-12142, CVE-2017-12141, CVE-2017-12144)

wireshark-2.6.2-alt1.S1   build Anton Farygin, 2018-07-21


- 2.6.2 (fixes: CVE-2018-14370, CVE-2018-14367, CVE-2018-14369, CVE-2018-14368, CVE-2018-14341, CVE-2018-14339, CVE-2018-14343, CVE-2018-14340, CVE-2018-14344, CVE-2018-14342)

curl-7.61.0-alt1.S1   build Anton Farygin, 2018-07-17


- 7.61.0
- fixes:
* CVE-2018-0500 SMTP send heap buffer overflow

glusterfs3-3.12.12-alt1   build Vitaly Lipatov, 2018-07-12


- new version 3.12.12 (with rpmrb script)
- CVE-2018-10841

kernel-image-std-pae-4.4.140-alt1   build Kernel Bot, 2018-07-11


- v4.4.140 (Fixes: CVE-2018-10876, CVE-2018-10877, CVE-2018-10881, CVE-2018-10882,
CVE-2018-10883)

kernel-image-std-def-4.14.55-alt1   build Kernel Bot, 2018-07-11


- v4.14.55 (Fixes: CVE-2018-10876, CVE-2018-10877, CVE-2018-10879, CVE-2018-10880,
CVE-2018-10881, CVE-2018-10882, CVE-2018-10883)

kernel-image-un-def-4.17.6-alt1   build Kernel Bot, 2018-07-11


- v4.17.6 (Fixes: CVE-2018-10876, CVE-2018-10877, CVE-2018-10879, CVE-2018-10880,
CVE-2018-10881, CVE-2018-10882, CVE-2018-10883)

polkit-0.115-alt1   build Yuri N. Sedunov, 2018-07-10


- 0.115 (fixed CVE-2018-1116)

libgit2-0.26.5-alt1   build Yuri N. Sedunov, 2018-07-10


- 0.26.5 (fixed CVE-2018-11235, CVE-2018-10887, CVE-2018-10888)

thunderbird-52.9.0-alt1   build Andrey Cherepanov, 2018-07-04


- New version (52.9.0).
- Enigmail 2.0.7.
- Fixes:
+ CVE-2018-12359 Buffer overflow using computed size of canvas element
+ CVE-2018-12360 Use-after-free when using focus()
+ CVE-2018-12372 S/MIME and PGP decryption oracles can be built with HTML emails
+ CVE-2018-12373 S/MIME plaintext can be leaked through HTML reply/forward
+ CVE-2018-12362 Integer overflow in SSSE3 scaler
+ CVE-2018-12363 Use-after-free when appending DOM nodes
+ CVE-2018-12364 CSRF attacks through 307 redirects and NPAPI plugins
+ CVE-2018-12365 Compromised IPC child process can list local filenames
+ CVE-2018-12366 Invalid data handling during QCMS transformations
+ CVE-2018-12368 No warning when opening executable SettingContent-ms files
+ CVE-2018-12374 Using form to exfiltrate encrypted mail part by pressing enter in form field
+ CVE-2018-5188 Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, Firefox ESR 52.9, and Thunderbird 52.9
 
projeto & código: Vladimir Lettiev aka crux © 2004-2005, Andrew Avramenko aka liks © 2007-2008
mantenedor atual: Michael Shigorin
mantenedor da tradução: Fernando Martini aka fmartini © 2009