Sisyphus repository
Last update: 19 march 2019 | SRPMs: 17649 | Visits: 13231011
en ru br
Security fixes

samba-4.9.5-alt1   build Evgeny Sinelikov, 2019-03-15


- Update to latest release with security ldb fixes (CVE-2019-3824)
- Prepare to replace runtime files from /var/run to /run directory

ruby-rails-5.2.2.1-alt1   build Pavel Skrylev, 2019-03-14


- Bump to 5.2.2.1;
- fix CVE-2019-5418, CVE-2019-5420.

dotnet-bootstrap-2.1.9-alt1   build Vitaly Lipatov, 2019-03-13


- new version 2.1.9 (with rpmrb script)
- includes .NET Core 2.1.9, ASP.NET Core 2.1.9 and .NET Core SDK 2.1.505
- CVE-2019-0657: .NET Core NuGet Tampering Vulnerability

gvfs-1.38.2-alt1   build Yuri N. Sedunov, 2019-03-11


- 1.38.2 (fixed CVE-2019-3827)

node-10.15.3-alt1   build Vitaly Lipatov, 2019-03-09


- new version 10.15.3 (with rpmrb script)
- 2018-03-05, Version 10.15.3 'Dubnium' (LTS), @BethGriggs
- CVE-2019-5737
- fix rpm's cflags using, add -latomic on mipsel
- use external gyp

wireshark-2.6.7-alt1   build Anton Farygin, 2019-03-04


- 2.6.7
- fixes:
* ASN.1 BER and related dissectors crash. CVE-2019-9209
* TCAP dissector crash. CVE-2019-9208

mariadb-10.3.13-alt1   build Alexey Shabalin, 2019-03-02


- 10.3.13
- Fixes for the following security vulnerabilities:
+ CVE-2019-2510
+ CVE-2019-2537

gdm-3.30.3-alt1   build Yuri N. Sedunov, 2019-02-27


- 3.30.3 (fixed CVE-2019-3825)

libldb-1.4.6-alt1   build Evgeny Sinelnikov, 2019-02-27


- Update to the 1.4.6 security release for samba-4.9.5
- Security fixes:
+ CVE-2019-3824 ldb: Out of bound read in ldb_wildcard_compare

tor-0.3.5.8-alt1   build Vladimir Didenko, 2019-02-22


- new version (fixes: CVE-2019-8955)

bind-9.11.5.P4-alt1   build Stanislav Levin, 2019-02-22


- 9.11.5 -> 9.11.5.P4 (fixes: CVE-2018-5744, CVE-2018-5745, CVE-2019-6465).

kernel-image-std-pae-4.14.102-alt1   build Kernel Bot, 2019-02-21


- v4.14.102 (Fixes: CVE-2018-1000026)

kernel-image-std-debug-4.14.102-alt1   build Kernel Bot, 2019-02-21


- v4.14.102 (Fixes: CVE-2018-1000026)

ceph-13.2.4-alt1   build Alexey Shabalin, 2019-02-19


- 13.2.4
- disable build for 32-bit arch
- build with python3 and without python2
- disable build mgr dashboard
- split ceph-mgr package
- build with spdk and dpdk support
- Fixes for the following security vulnerabilities:
+ CVE-2018-16846: rgw: enforce bounds on max-keys/max-uploads/max-parts
+ CVE-2018-14662: mon: limit caps allowed to access the config store

systemd-241-alt2   build Alexey Shabalin, 2019-02-19


- Fixes for the following security vulnerabilities:
+ CVE-2019-6454: systemd (PID1) crash with specially crafted D-Bus message

firefox-65.0.1-alt1   build Alexey Gladkov, 2019-02-19


- New release (65.0.1).
- Fixed:
+ CVE-2018-18356: Use-after-free in Skia
+ CVE-2019-5785: Integer overflow in Skia
+ CVE-2018-18511: Cross-origin theft of images with ImageBitmapRenderingContext

kernel-image-std-pae-4.14.101-alt1   build Kernel Bot, 2019-02-15


- v4.14.101 (Fixes: CVE-2019-3819, CVE-2019-6974, CVE-2019-7221, CVE-2019-7222)

kernel-image-std-def-4.19.23-alt1   build Kernel Bot, 2019-02-15


- v4.19.23 (Fixes: CVE-2019-3819, CVE-2019-6974, CVE-2019-7221, CVE-2019-7222)

elfutils-0.176-alt1   build Dmitry V. Levin, 2019-02-15


- 0.175 -> 0.176 (fixes: CVE-2019-7146, CVE-2019-7148,
CVE-2019-7149, CVE-2019-7150, CVE-2019-7664, CVE-2019-7665).

firefox-esr-60.5.1-alt1   build Andrey Cherepanov, 2019-02-15


- New ESR version (60.5.1).
- Fixed:
+ CVE-2018-18356 Use-after-free in Skia
+ CVE-2019-5785 Integer overflow in Skia
+ CVE-2018-18335 Buffer overflow in Skia with accelerated Canvas 2D

thunderbird-60.5.1-alt1   build Andrey Cherepanov, 2019-02-15


- New version (60.5.1).
- Fixes:
+ CVE-2018-18356 Use-after-free in Skia
+ CVE-2019-5785 Integer overflow in Skia
+ CVE-2018-18335 Buffer overflow in Skia with accelerated Canvas 2D
+ CVE-2018-18509 S/MIME signature spoofing

kernel-image-std-debug-4.14.101-alt1   build Kernel Bot, 2019-02-15


- v4.14.101 (Fixes: CVE-2019-3819, CVE-2019-6974, CVE-2019-7221, CVE-2019-7222)

runc-1.0.0-alt7.git0a012df   build Alexey Shabalin, 2019-02-13


- snapshot of master branch.
- Fixes CVE-2019-5736.

lxc-3.0.3-alt3   build Denis Pynkin, 2019-02-13


- Apply patch fixing the startup of LXD containers (after CVE-2019-5736)

containerd-1.2.3-alt1   build Alexey Shabalin, 2019-02-13


- Snapshot of release/1.2 branch
- Fixes CVE-2019-5736.
 
design & coding: Vladimir Lettiev aka crux © 2004-2005, Andrew Avramenko aka liks © 2007-2008
current maintainer: Michael Shigorin