Sisyphus repository
Last update: 17 march 2018 | SRPMs: 18217 | Visits: 11163924
en ru br
Security fixes

tor-   build Vladimir Didenko, 2018-03-13

- new version (Fixes: CVE-2018-0491)

samba-4.6.14-alt1.S1   build Evgeny Sinelnikov, 2018-03-12

- Update to spring security release
- Security fixes:
+ CVE-2018-1050 Codenomicon crashes in spoolss server code
+ CVE-2018-1057 Unprivileged user can change any user (and admin) password

samba-DC-4.6.14-alt1.S1   build Evgeny Sinelnikov, 2018-03-12

- Update to spring security release
- Security fixes:
+ CVE-2018-1050 Codenomicon crashes in spoolss server code
+ CVE-2018-1057 Unprivileged user can change any user (and admin) password

kernel-image-std-def-4.9.87-alt1   build Kernel Bot, 2018-03-12

- v4.9.87 (Fixes: CVE-2011-1161)

firefox-esr-52.7.0-alt1   build Andrey Cherepanov, 2018-03-10

- New ESR version (52.7.0).
- Fixes:
+ CVE-2018-5127 Buffer overflow manipulating SVG animatedPathSegList
+ CVE-2018-5129 Out-of-bounds write with malformed IPC messages
+ CVE-2018-5130 Mismatched RTP payload type can trigger memory corruption
+ CVE-2018-5131 Fetch API improperly returns cached copies of no-store/no-cache resources
+ CVE-2018-5144 Integer overflow during Unicode conversion
+ CVE-2018-5125 Memory safety bugs fixed in Firefox 59 and Firefox ESR 52.7
+ CVE-2018-5145 Memory safety bugs fixed in Firefox ESR 52.7

chromium-65.0.3325.146-alt1   build Alexey Gladkov, 2018-03-07

- New version (65.0.3325.146).
- Use clang.
- Security fixes:
- CVE-2018-6058: Use after free in Flash.
- CVE-2018-6059: Use after free in Flash.
- CVE-2018-6060: Use after free in Blink.
- CVE-2018-6061: Race condition in V8.
- CVE-2018-6062: Heap buffer overflow in Skia.
- CVE-2018-6057: Incorrect permissions on shared memory.
- CVE-2018-6063: Incorrect permissions on shared memory.
- CVE-2018-6064: Type confusion in V8.
- CVE-2018-6065: Integer overflow in V8.
- CVE-2018-6066: Same Origin Bypass via canvas.
- CVE-2018-6067: Buffer overflow in Skia.
- CVE-2018-6068: Object lifecycle issues in Chrome Custom Tab.
- CVE-2018-6069: Stack buffer overflow in Skia.
- CVE-2018-6070: CSP bypass through extensions.
- CVE-2018-6071: Heap bufffer overflow in Skia.
- CVE-2018-6072: Integer overflow in PDFium.
- CVE-2018-6073: Heap bufffer overflow in WebGL.
- CVE-2018-6074: Mark-of-the-Web bypass.
- CVE-2018-6075: Overly permissive cross origin downloads.
- CVE-2018-6076: Incorrect handling of URL fragment identifiers in Blink.
- CVE-2018-6077: Timing attack using SVG filters.
- CVE-2018-6078: URL Spoof in OmniBox.
- CVE-2018-6079: Information disclosure via texture data in WebGL.
- CVE-2018-6080: Information disclosure in IPC call.
- CVE-2018-6081: XSS in interstitials.
- CVE-2018-6082: Circumvention of port blocking.
- CVE-2018-6083: Incorrect processing of AppManifests.

exim-4.90.1-alt1   build Aleksandr Antonov, 2018-03-06

- Updated to upstream version 4.90.1
- Fixes:
+ CVE-2018-6789 Buffer overflow may happen. This can be used to execute code remotely.

ruby-2.5.0-alt1   build Andrey Cherepanov, 2018-03-05

- New version.
- Fixes:
+ CVE-2017-17405 Command injection vulnerability in Net::FTP
- Update Rubygems to 2.7.6 with security fixes (see

ntp-4.2.8p11-alt1   build Sergey Y. Afonin, 2018-03-04

- 4.2.8p11 (CVE-2018-7185, CVE-2018-7184, CVE-2018-7170, CVE-2018-7183,
CVE-2018-7182, CVE-2016-1549)
- updated vniiftri ntp servers in ntp.conf
- added perl-HTTP-Tiny, perl-Net-SSLeay, perl-IO-Socket-SSL to BuildRequires

memcached-1.5.6-alt1.S1   build Alexey Shabalin, 2018-03-04

- 1.5.6
- disable UDP port by default (fixed CVE-2018-1000115)
- drop scripts package
- add tool package
- add memcached@.service for allow start "instanced" version, like 'memcached@11211'

clamav-0.99.4-alt1   build Sergey Y. Afonin, 2018-03-04

- 0.99.4 (CVE-2012-6706, CVE-2017-6419, CVE-2017-11423,
CVE-2018-0202, and CVE-2018-1000085)

postgresql10-10.3-alt1   build Alexei Takaseev, 2018-03-02

- 10.3
- Fix CVE-2018-1058

postgresql9.3-9.3.22-alt1   build Alexei Takaseev, 2018-03-02

- 9.3.22
- Fix CVE-2018-1058

postgresql9.4-9.4.17-alt1   build Alexei Takaseev, 2018-03-02

- 9.4.17
- Fix CVE-2018-1058

postgresql9.5-9.5.12-alt1   build Alexei Takaseev, 2018-03-02

- 9.5.12
- Fix CVE-2018-1058

postgresql9.6-9.6.8-alt1   build Alexei Takaseev, 2018-03-02

- 9.6.8
- Fix CVE-2018-1058

dhcp-4.3.6.P1-alt1   build Mikhail Efremov, 2018-02-28

- Updated patches.
- Updated to 4.3.6-P1 (fixes: CVE-2017-3144,CVE-2018-5732,CVE-2018-5733).

postgresql9.6-1C-9.6.8-alt1   build Alexei Takaseev, 2018-02-28

- 9.6.8
- Re-applay patches from 1C:
* 00001-1c_FULL_96.patch
* 00004-postgresql-1c-9.6.patch
* 00005-exists_opt-2.patch
- Remove path 00001-1c_create_append_path.patch (fixed in 00001-1c_FULL_96.patch)
- Fix CVE-2018-1058

node-6.13.0-alt1   build Alexey Shabalin, 2018-02-27

- new version 6.13.0
- 2018-02-13, Version 6.13.0 'Boron' (LTS)
- fixed CVE-2017-15896, CVE-2017-3738

wireshark-2.4.5-alt1.S1   build Anton Farygin, 2018-02-26

- 2.4.5
- fixes:
* wnpa-sec-2018-05 The IEEE 802.11 dissector could crash. CVE-2018-7335
* wnpa-sec-2018-06 Multiple dissectors could go into large infinite loops. All ASN.1
BER dissectors, along with the DICOM, DMP, LLTD, OpenFlow, RELOAD, RPCoRDMA, RPKI-Router,
S7COMM, SCCP, Thread, Thrift, USB and WCCP dissectors were susceptible. CVE-2018-7321, CVE-2018-7322,
CVE-2018-7323, CVE-2018-7324, CVE-2018-7325, CVE-2018-7326, CVE-2018-7327, CVE-2018-7328, CVE-2018-7329,
CVE-2018-7330, CVE-2018-7331, CVE-2018-7332, CVE-2018-7333
* wnpa-sec-2018-07 The UMTS MAC dissector could crash. CVE-2018-7334
* wnpa-sec-2018-08 The DOCSIS dissector could crash. CVE-2018-7337
* wnpa-sec-2018-09 The FCP dissector could crash. CVE-2018-7336
* wnpa-sec-2018-10 The SIGCOMP dissector could crash. CVE-2018-7320
* wnpa-sec-2018-11 The pcapng file parser could crash. CVE-2018-7420
* wnpa-sec-2018-12 The IPMI dissector could crash. CVE-2018-7417
* wnpa-sec-2018-13 The SIGCOMP dissector could crash. CVE-2018-7418
* wnpa-sec-2018-14 The NBAP disssector could crash. CVE-2018-7419

dotnet-coreclr-2.0.5-alt1   build Vitaly Lipatov, 2018-02-22

- new version (2.0.5) with rpmgs script
- CVE-2018-0764, CVE-2018-0786
- backport patch: Add support for building under glibc 2.26

kernel-image-std-pae-4.4.116-alt1   build Kernel Bot, 2018-02-19

- v4.4.116 (Fixes: CVE-2017-8824)

adobe-flash-player-ppapi-28-alt2.S1   build Sergey V Turchin, 2018-02-19

- new version (ALT#34555)
- security fixes: CVE-2018-4871, CVE-2018-4877, CVE-2018-4878

kernel-image-un-def-4.14.20-alt1   build Kernel Bot, 2018-02-19

design & coding: Vladimir Lettiev aka crux © 2004-2005, Andrew Avramenko aka liks © 2007-2008
current maintainer: Michael Shigorin