Репозиторий Sisyphus
Последнее обновление: 15 декабря 2017 | Пакетов: 18225 | Посещений: 10576692
en ru br
Исправления уязвимостей

firefox-esr-52.5.2-alt1   сборка Andrey Cherepanov, 2017-12-10


- New ESR version (52.5.2)
- Fixes:
+ CVE-2017-7843 Web worker in Private Browsing mode can write IndexedDB data
- Build with DBUS support (ALT #34302)

wireshark-2.4.3-alt1.S1   сборка Anton Farygin, 2017-12-09


- 2.4.3
- fixes:
* wnpa-sec-2017-49 CIP Safety dissector crash CVE-2017-17085
* wnpa-sec-2017-48 NetBIOS dissector crash CVE-2017-17083
* wnpa-sec-2017-47 IWARP_MPA dissector crash CVE-2017-17084

pve-qemu-2.9.1-alt4   сборка Valery Inozemtsev, 2017-12-07


- fixes:
+ CVE-2017-17381 fix and backup race condition fix

openssl10-1.0.2n-alt1   сборка Gleb F-Malinovskiy, 2017-12-07


- Updated to v1.0.2n (fixes CVE-2017-3737, CVE-2017-3738).
- Added --disable tsget knob.
- Added support of s390x and mips* architectures.

kernel-image-std-def-4.9.67-alt1   сборка Kernel Bot, 2017-12-06


- v4.9.67 (Fixes: CVE-2017-8824)

kernel-image-un-def-4.14.4-alt1   сборка Kernel Bot, 2017-12-06


- v4.14.4 (Fixes: CVE-2011-1161, CVE-2017-8824)

kernel-image-std-pae-4.4.104-alt1   сборка Kernel Bot, 2017-12-06


- v4.4.104 (Fixes: CVE-2017-8824)

mariadb-10.1.29-alt1.S1   сборка Alexey Shabalin, 2017-12-06


- 10.1.29
- Fixes for the following security vulnerabilities:
+ CVE-2017-10378
+ CVE-2017-10268
+ MDEV-13819

kernel-image-std-def-4.9.66-alt1.1   сборка Kernel Bot, 2017-12-05


- temporary fix for HugeDirtyCowPOC (fixes CVE-2017-1000405)

kernel-image-un-def-4.13.16-alt1.1   сборка Kernel Bot, 2017-12-05


- temporary fix for HugeDirtyCowPOC (fixes CVE-2017-1000405)

kernel-image-std-pae-4.4.103-alt1.1   сборка Kernel Bot, 2017-12-05


- temporary fix for HugeDirtyCowPOC (fixes CVE-2017-1000405)

libXcursor-1.1.15-alt1.S1   сборка Valery Inozemtsev, 2017-12-04


- fixes:
+ CVE-2017-16612 Fix heap overflows when parsing malicious files

libXfont-1.5.4-alt1.S1   сборка Valery Inozemtsev, 2017-12-04


- fixes:
+ CVE-2017-16611 Open files with O_NOFOLLOW

libXfont2-2.0.3-alt1.S1   сборка Valery Inozemtsev, 2017-12-04


- fixes:
+ CVE-2017-16611 Open files with O_NOFOLLOW

palemoon-27.6.2-alt1   сборка Hihin Ruslan, 2017-12-02


- New Version - Release 27.6.2
- Fixed CVE-2017-7832, CVE-2017-7835, CVE-2017-7840. See Changelog

tor-0.3.1.9-alt1.S1   сборка Vladimir Didenko, 2017-12-01


- new version (Fixes: CVE-2017-8819, CVE-2017-8820, CVE-2017-8821,
CVE-2017-8822, CVE-2017-8823)

curl-7.57.0-alt1.S1   сборка Anton Farygin, 2017-12-01


- new version
- fixes:
* CVE-2017-8818 SSL out of buffer access
* CVE-2017-8817 FTP wildcard out of bounds read
* CVE-2017-8816 NTLM buffer overflow via integer overflow

rabbitmq-server-3.6.14-alt4   сборка Denis Medvedev, 2017-11-27


- added (Fixes: CVE-2016-9877).

thunderbird-52.5.0-alt1   сборка Andrey Cherepanov, 2017-11-24


- New version (52.5.0)
- Fixes:
+ CVE-2017-7828 Use-after-free of PressShell while restyling layout
+ CVE-2017-7830 Cross-origin URL information leak through Resource
+ CVE-2017-7826 Memory safety bugs fixed in Firefox 57, Firefox ESR 52.5, and Thunderbird 52.5

kernel-image-std-pae-4.4.100-alt1   сборка Kernel Bot, 2017-11-22


- v4.4.100 (Fixes: CVE-2017-7518)

samba-4.6.11-alt1.S1   сборка Evgeny Sinelnikov, 2017-11-21


- Second autumn security release (Fixes: CVE-2017-14746, CVE-2017-15275)

samba-DC-4.6.11-alt1.S1   сборка Evgeny Sinelnikov, 2017-11-21


- Second autumn security release (Fixes: CVE-2017-14746, CVE-2017-15275)

firefox-57.0-alt1   сборка Alexey Gladkov, 2017-11-21


- New release (57.0).
- Fixed:
+ CVE-2017-7828: Use-after-free of PressShell while restyling layout
+ CVE-2017-7830: Cross-origin URL information leak through Resource Timing API
+ CVE-2017-7831: Information disclosure of exposed properties on JavaScript proxy objects
+ CVE-2017-7832: Domain spoofing through use of dotless 'i' character followed by accent markers
+ CVE-2017-7833: Domain spoofing with Arabic and Indic vowel marker characters
+ CVE-2017-7834: data: URLs opened in new tabs bypass CSP protections
+ CVE-2017-7835: Mixed content blocking incorrectly applies with redirects
+ CVE-2017-7836: Pingsender dynamically loads libcurl on Linux and OS X
+ CVE-2017-7837: SVG loaded as <img> can use meta tags to set cookies
+ CVE-2017-7838: Failure of individual decoding of labels in international domain names triggers punycode display of entire IDN
+ CVE-2017-7839: Control characters before javascript: URLs defeats self-XSS prevention mechanism
+ CVE-2017-7840: Exported bookmarks do not strip script elements from user-supplied tags
+ CVE-2017-7842: Referrer Policy is not always respected for <link> elements
+ CVE-2017-7827: Memory safety bugs fixed in Firefox 57
+ CVE-2017-7826: Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5

weechat-1.9.1-alt1   сборка Evgeny Sinelnikov, 2017-11-20


- NMU: New security version (1.9.1) (Fixes: CVE-2017-14727)

openvpn-2.4.4-alt1   сборка Nikolay A. Fetisov, 2017-11-18


- New version
- Security fixes:
+ CVE-2017-12166: Buffer overflow when using (obsolete) '--key-method 1'
 
дизайн и разработка: Vladimir Lettiev aka crux © 2004-2005, Andrew Avramenko aka liks © 2007-2008
текущий майнтейнер: Michael Shigorin