From: QA Team Robot <qa@altlinux.org> To: sisyphus-cybertalk@lists.altlinux.org Subject: [cyber] I: p8/branch packages: +10 (17938) Date: Fri, 16 Feb 2018 04:44:03 +0000 Message-ID: <20180216044403.GA18930@gyle.altlinux.org> (raw) 10 UPDATED packages firefox - The Mozilla Firefox project is a redesign of Mozilla's browser [241M] * Tue Feb 13 2018 Andrey Cherepanov <cas@altlinux> 58.0.2-alt0.M80P.1 - Backport new version to p8 branch. * Sun Feb 11 2018 Alexey Gladkov <legion@altlinux> 58.0.2-alt1 - New release (58.0.2). - Fixed: + CVE-2018-5091: Use-after-free with DTMF timers + CVE-2018-5092: Use-after-free in Web Workers + CVE-2018-5093: Buffer overflow in WebAssembly during Memory/Table resizing + CVE-2018-5094: Buffer overflow in WebAssembly with garbage collection on uninitialized memory + CVE-2018-5095: Integer overflow in Skia library during edge builder allocation + CVE-2018-5097: Use-after-free when source document is manipulated during XSLT + CVE-2018-5098: Use-after-free while manipulating form input elements + CVE-2018-5099: Use-after-free with widget listener + CVE-2018-5100: Use-after-free when IsPotentiallyScrollable arguments are freed from memory + CVE-2018-5101: Use-after-free with floating first-letter style elements + CVE-2018-5102: Use-after-free in HTML media elements + CVE-2018-5103: Use-after-free during mouse event handling + CVE-2018-5104: Use-after-free during font face manipulation + CVE-2018-5105: WebExtensions can save and execute files on local file system without user prompts + CVE-2018-5106: Developer Tools can expose style editor information cross-origin through service worker + CVE-2018-5107: Printing process will follow symlinks for local file access + CVE-2018-5108: Manually entered blob URL can be accessed by subsequent private browsing tabs + CVE-2018-5109: Audio capture prompts and starts with incorrect origin attribution + CVE-2018-5110: Cursor can be made invisible on OS X + CVE-2018-5111: URL spoofing in addressbar through drag and drop + CVE-2018-5112: Extension development tools panel can open a non-relative URL in the panel + CVE-2018-5113: WebExtensions can load non-HTTPS pages with browser.identity.launchWebAuthFlow + CVE-2018-5114: The old value of a cookie changed to HttpOnly remains accessible to scripts + CVE-2018-5115: Background network requests can open HTTP authentication in unrelated foreground tabs + CVE-2018-5116: WebExtension ActiveTab permission allows cross-origin frame content access + CVE-2018-5117: URL spoofing with right-to-left text aligned left-to-right + CVE-2018-5118: Activity Stream images can attempt to load local content through file: + CVE-2018-5119: Reader view will load cross-origin content in violation of CORS headers + CVE-2018-5121: OS X Tibetan characters render incompletely in the addressbar + CVE-2018-5122: Potential integer overflow in DoCrypt + CVE-2018-5090: Memory safety bugs fixed in Firefox 58 + CVE-2018-5089: Memory safety bugs fixed in Firefox 58 and Firefox ESR 52.6 + CVE-2018-5124: Sanitize HTML fragments created for chrome-privileged documents * Wed Jan 10 2018 Andrey Cherepanov <cas@altlinux> 57.0.4-alt0.M80P.1 firefox-kk - Kazakh (KZ) Language Pack for Firefox * Mon Feb 12 2018 Alexey Gladkov <legion@altlinux> 58.0.2-alt1 - New version (58.0.2). * Mon Dec 04 2017 Alexey Gladkov <legion@altlinux> 57.0.1-alt1 firefox-ru - Russian (RU) Language Pack for Firefox * Mon Feb 12 2018 Alexey Gladkov <legion@altlinux> 58.0.2-alt1 - New version (58.0.2). * Mon Dec 04 2017 Alexey Gladkov <legion@altlinux> 57.0.1-alt1 firefox-uk - Ukrainian (UA) Language Pack for Firefox * Mon Feb 12 2018 Alexey Gladkov <legion@altlinux> 58.0.2-alt1 - New version (58.0.2). * Mon Dec 04 2017 Alexey Gladkov <legion@altlinux> 57.0.1-alt1 golang - The Go Programming Language [11M] * Thu Feb 15 2018 Alexey Shabalin <shaba@altlinux> 1.8.7-alt0.M80P.1 - Build 1.8.7 to p8 branch * Mon Aug 28 2017 Alexey Shabalin <shaba@altlinux> 1.8.3-alt0.M80P.1 grafana - Metrics dashboard and graph editor [54M] * Wed Feb 14 2018 Alexey Shabalin <shaba@altlinux> 4.6.3-alt1.M80P.1 - 4.6.3 * Mon Dec 04 2017 Alexey Shabalin <shaba@altlinux> 4.6.2-alt1.M80P.1 - 4.6.2 * Mon Oct 30 2017 Alexey Shabalin <shaba@altlinux> 4.6.0-alt1.M80P.1 nss - Netscape Network Security Services(NSS) * Thu Feb 15 2018 Andrey Cherepanov <cas@altlinux> 3.34.1-alt0.M80P.1 - Backport new version to p8 branch. * Fri Jan 12 2018 Alexey Gladkov <legion@altlinux> 3.34.1-alt3 - Fix the alteranatives file. * Fri Dec 29 2017 Alexey Gladkov <legion@altlinux> 3.34.1-alt2 - Add the alteranatives file for libnssckbi.so. - Add libnss-nssckbi-checkinstall subpackage. * Sat Dec 23 2017 Alexey Gladkov <legion@altlinux> 3.34.1-alt1 - New version (3.34.1). - Remove obsolete nss-alt-ssl-addon-certs.txt. * Tue Oct 17 2017 Andrey Cherepanov <cas@altlinux> 3.33.0-alt0.M80P.1 rust - The Rust Programming Language [18M] * Thu Feb 15 2018 Andrey Cherepanov <cas@altlinux> 1.21.0-alt0.M80P.1 - backport new version to p8 branch * Wed Feb 14 2018 Andrey Cherepanov <cas@altlinux> 1.20.0-alt0.M80P.1 rust-cargo - The Rust package manager * Thu Feb 15 2018 Andrey Cherepanov <cas@altlinux> 0.22.0-alt0.M80P.1 - backport new version to p8 branch * Wed Feb 14 2018 Andrey Cherepanov <cas@altlinux> 0.21.1-alt0.M80P.1 telegraf - The plugin-driven server agent for collecting and reporting metrics [29M] * Wed Feb 14 2018 Alexey Shabalin <shaba@altlinux> 1.5.2-alt2.M80P.1 - fix "commit" * Thu Feb 01 2018 Alexey Shabalin <shaba@altlinux> 1.5.2-alt1.M80P.1 - 1.5.2 * Mon Oct 30 2017 Alexey Shabalin <shaba@altlinux> 1.4.3-alt1.M80P.1 Total 17938 source packages.
reply other threads:[~2018-02-16 4:44 UTC|newest] Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20180216044403.GA18930@gyle.altlinux.org \ --to=qa@altlinux.org \ --cc=devel@lists.altlinux.org \ --cc=sisyphus-cybertalk@lists.altlinux.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
ALT Linux Sisyphus cybertalk This inbox may be cloned and mirrored by anyone: git clone --mirror http://lore.altlinux.org/sisyphus-cybertalk/0 sisyphus-cybertalk/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 sisyphus-cybertalk sisyphus-cybertalk/ http://lore.altlinux.org/sisyphus-cybertalk \ sisyphus-cybertalk@lists.altlinux.org sisyphus-cybertalk@lists.altlinux.ru sisyphus-cybertalk@lists.altlinux.com public-inbox-index sisyphus-cybertalk Example config snippet for mirrors. Newsgroup available over NNTP: nntp://lore.altlinux.org/org.altlinux.lists.sisyphus-cybertalk AGPL code for this site: git clone https://public-inbox.org/public-inbox.git