As correcções de segurança
libexif-0.6.22-alt3
build Dmitriy Khanzhin,
2021-01-19
- added upstream commit:
+ fixed a incorrect overflow check that could be optimized away
(fixes CVE-2020-0452)
openvswitch-2.14.1-alt1 build Alexey Shabalin, 2021-01-19
- 2.14.1 (Fixes: CVE-2015-8011, CVE-2020-27827)
cve-manager-0.46.0-alt1 build Alexey Appolonov, 2021-01-18
- Ability to monitor vulnerabilities of specified distributions (the 'download'
parameter must be assigned in the 'cve-monitor.conf').
edk2-aarch64-20201127-alt1 build Alexey Shabalin, 2021-01-17
- edk2-stable202011 (Fixes: CVE-2019-14584, CVE-2019-11098)
edk2-20201127-alt1 build Alexey Shabalin, 2021-01-17
- edk2-stable202011 (Fixes: CVE-2019-14584, CVE-2019-11098)
italc3-3.0.3-alt3 build Andrey Cherepanov, 2021-01-15
- Apply patches from Debian (fixes CVE-2018-15127, CVE-2018-20019, CVE-2018-20020, CVE-2018-20021, CVE-2018-20022, CVE-2018-20023, CVE-2018-20024, CVE-2018-20748, CVE-2018-20748, CVE-2018-20748, CVE-2018-20748, CVE-2018-20749, CVE-2018-20750, CVE-2018-7225, CVE-2019-15681).
kernel-image-un-def-5.10.7-alt1 build Kernel Bot, 2021-01-13
- v5.10.7 (Fixes: CVE-2020-28374)
kernel-image-std-debug-5.4.89-alt1 build Kernel Bot, 2021-01-13
- v5.4.89 (Fixes: CVE-2020-28374)
kernel-image-std-def-5.4.89-alt1 build Kernel Bot, 2021-01-13
- v5.4.89 (Fixes: CVE-2020-28374)
dovecot-2.3.13-alt1 build Andrey Cherepanov, 2021-01-12
- Updated to 2.3.13 (fixes CVE-2020-24386, CVE-2020-25275).
thunderbird-78.6.1-alt1 build Andrey Cherepanov, 2021-01-12
- New version (78.6.1).
- Security fixes:
+ CVE-2020-16044 Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk
chromium-gost-87.0.4280.141-alt0 build Alexey Gladkov, 2021-01-08
- New version (87.0.4280.141).
- Security fixes:
- CVE-2020-15995: Out of bounds write in V8.
- CVE-2020-16043: Insufficient data validation in networking.
- CVE-2021-21106: Use after free in autofill.
- CVE-2021-21107: Use after free in drag and drop.
- CVE-2021-21108: Use after free in media.
- CVE-2021-21109: Use after free in payments.
- CVE-2021-21110: Use after free in safe browsing.
- CVE-2021-21111: Insufficient policy enforcement in WebUI.
- CVE-2021-21112: Use after free in Blink.
- CVE-2021-21113: Heap buffer overflow in Skia.
- CVE-2021-21114: Use after free in audio.
- CVE-2021-21115: Use after free in safe browsing.
- CVE-2021-21116: Heap buffer overflow in audio.
chromium-87.0.4280.141-alt1 build Alexey Gladkov, 2021-01-08
- New version (87.0.4280.141).
- Security fixes:
- CVE-2020-15995: Out of bounds write in V8.
- CVE-2020-16043: Insufficient data validation in networking.
- CVE-2021-21106: Use after free in autofill.
- CVE-2021-21107: Use after free in drag and drop.
- CVE-2021-21108: Use after free in media.
- CVE-2021-21109: Use after free in payments.
- CVE-2021-21110: Use after free in safe browsing.
- CVE-2021-21111: Insufficient policy enforcement in WebUI.
- CVE-2021-21112: Use after free in Blink.
- CVE-2021-21113: Heap buffer overflow in Skia.
- CVE-2021-21114: Use after free in audio.
- CVE-2021-21115: Use after free in safe browsing.
- CVE-2021-21116: Heap buffer overflow in audio.
firefox-84.0.2-alt1 build Alexey Gladkov, 2021-01-06
- New release (84.0.2).
- Security fixes:
+ CVE-2020-16044: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk
- Add firefox GNOME Shell search provider.
- Enable smooth scrolling option.
firefox-esr-78.6.1-alt1 build Andrey Cherepanov, 2021-01-06
- New version (78.6.1).
- Security fixes:
+ CVE-2020-16044 Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk
curl-7.74.0-alt1 build Anton Farygin, 2020-12-30
- 7.74.0
- Fixes:
* CVE-2020-8286 Inferior OCSP verification
* CVE-2020-8285 FTP wildcard stack overflow
* CVE-2020-8284 trusting FTP PASV responses
libopenjpeg2.0-2.4.0-alt1 build Yuri N. Sedunov, 2020-12-29
- updated to v2.4.0-2-gb897e2cb (fixed CVE-2020-8112, CVE-2020-6851
CVE-2019-6988, CVE-2019-12973)
- new -devel-doc subpackage
- fixed License tag
roundcube-1.4.10-alt1 build Vitaly Lipatov, 2020-12-28
- new version 1.4.10 (with rpmrb script)
- CVE-2020-35730
openldap-2.4.56-alt1 build Alexey Shabalin, 2020-12-27
- 2.4.55 (Fixes: CVE-2020-25692)
ceph-15.2.8-alt1 build Alexey Shabalin, 2020-12-24
- 15.2.8
- Fixes for the following security vulnerabilities:
+ CVE-2020-27781 OpenStack Manila use of ceph_volume_client.py library
allowed tenant access to any Ceph credential's secret.
edk2-tools-20201127-alt1 build Alexey Shabalin, 2020-12-23
- edk2-stable202011 (Fixes: CVE-2019-14584, CVE-2019-11098)
mediawiki-1.35.1-alt1 build Vitaly Lipatov, 2020-12-23
- new version 1.35.1 (with rpmrb script)
- T268894, CVE-2020-35474, T268917, CVE-2020-35475
- T268938, CVE-2020-35478, CVE-2020-35479
- T205908, CVE-2020-35477, T120883, CVE-2020-35480
chromium-gost-87.0.4280.88-alt1 build Alexey Gladkov, 2020-12-20
- New version (87.0.4280.88).
- Security fixes:
- CVE-2020-16037: Use after free in clipboard.
- CVE-2020-16038: Use after free in media.
- CVE-2020-16039: Use after free in extensions.
- CVE-2020-16040: Insufficient data validation in V8.
- CVE-2020-16041: Out of bounds read in networking.
- CVE-2020-16042: Uninitialized Use in V8.
chromium-87.0.4280.88-alt1 build Alexey Gladkov, 2020-12-20
- New version (87.0.4280.88).
- Security fixes:
- CVE-2020-16037: Use after free in clipboard.
- CVE-2020-16038: Use after free in media.
- CVE-2020-16039: Use after free in extensions.
- CVE-2020-16040: Insufficient data validation in V8.
- CVE-2020-16041: Out of bounds read in networking.
- CVE-2020-16042: Uninitialized Use in V8.
libdb4.7-4.7.25-alt10 build Dmitry V. Levin, 2020-12-19
- Do not access DB_CONFIG when env->db_home is not set (fixes: CVE-2017-10140).
- Build without RPC support.
projeto & código: Vladimir Lettiev aka crux © 2004-2005,
Andrew Avramenko aka liks © 2007-2008
mantenedor atual: Michael Shigorin
mantenedor da tradução: Fernando Martini aka fmartini © 2009
mantenedor atual: Michael Shigorin
mantenedor da tradução: Fernando Martini aka fmartini © 2009