From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Date: Wed, 20 Mar 2013 01:31:21 +0000 From: QA Team Robot To: sisyphus-cybertalk@lists.altlinux.org Message-ID: <20130320013121.GA11837@granary.egro.altlinux.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Subject: [cyber] I: p6/branch packages: +1! +11 (11635) X-BeenThere: sisyphus-cybertalk@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: devel@lists.altlinux.org List-Id: ALT Linux Sisyphus cybertalk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Mar 2013 01:31:22 -0000 Archived-At: List-Archive: 1 ADDED package kernel-image-el-def - The Linux kernel (the core of the Linux operating system) [67M] * Tue Mar 19 2013 Andrey Cherepanov 2.6.32-alt3.M60P.1 - Backport to p6 branch new kernel (ALT #28683) * Sun Mar 17 2013 Led 2.6.32-alt4 11 UPDATED packages chromium - An open source web browser developed by Google [1821M] * Mon Mar 18 2013 Andrey Cherepanov 25.0.1364.172-alt0.r187217.M60P.1 - Backport to p6 branch new version * Wed Mar 13 2013 Andrey Cherepanov 25.0.1364.172-alt1.r187217 - New version 25.0.1364.172 * Mon Mar 11 2013 Andrey Cherepanov 25.0.1364.160-alt1.r186726 - New version 25.0.1364.160 - Security fixes: - CVE-2013-0912: Type confusion in WebKit. - Build with system libpng12 (old version) * Wed Mar 06 2013 Andrey Cherepanov 25.0.1364.152-alt1.r185281 - New version 25.0.1364.152 - Security fixes: - High CVE-2013-0902: Use-after-free in frame loader. - High CVE-2013-0903: Use-after-free in browser navigation handling. - High CVE-2013-0904: Memory corruption in Web Audio. - High CVE-2013-0905: Use-after-free with SVG animations. - High CVE-2013-0906: Memory corruption in Indexed DB. - Medium CVE-2013-0907: Race condition in media thread handling. - Medium CVE-2013-0908: Incorrect handling of bindings for extension processes. - Low CVE-2013-0909: Referer leakage with XSS Auditor. - Medium CVE-2013-0910: Mediate renderer -> browser plug-in loads more strictly. - High CVE-2013-0911: Possible path traversal in database handling. - Use builtin libpng * Fri Feb 22 2013 Andrey Cherepanov 25.0.1364.97-alt1.r183676 - New version 25.0.1364.97 - Security fixes: - High CVE-2013-0879: Memory corruption with web audio node. - High CVE-2013-0880: Use-after-free in database handling. - Medium CVE-2013-0881: Bad read in Matroska handling. - High CVE-2013-0882: Bad memory access with excessive SVG parameters. - Medium CVE-2013-0883: Bad read in Skia. - Low CVE-2013-0884: Inappropriate load of NaCl. - Medium CVE-2013-0885: Too many API permissions granted to web store. - Low CVE-2013-0887: Developer tools process has too many permissions and places too much trust in the connected server. - Medium CVE-2013-0888: Out-of-bounds read in Skia. - Low CVE-2013-0889: Tighten user gesture check for dangerous file downloads. - High CVE-2013-0890: Memory safety issues across the IPC layer. - High CVE-2013-0891: Integer overflow in blob handling. - Medium CVE-2013-0892: Lower severity issues across the IPC layer. - Medium CVE-2013-0893: Race condition in media handling. - High CVE-2013-0894: Buffer overflow in vorbis decoding. - High CVE-2013-0895: Incorrect path handling in file copying. - High CVE-2013-0896: Memory management issues in plug-in message handling. - Low CVE-2013-0897: Off-by-one read in PDF. - High CVE-2013-0898: Use-after-free in URL handling. - Low CVE-2013-0899: Integer overflow in Opus handling. - Medium CVE-2013-0900: Race condition in ICU. * Thu Jan 31 2013 Andrey Cherepanov 24.0.1312.57-alt1.r178923 - New version 24.0.1312.57 - Remove revision number from tarball name * Wed Jan 23 2013 Andrey Cherepanov 24.0.1312.56-alt1.r177594 - New version 24.0.1312.56 - Security fixes: - High CVE-2013-0839: Use-after-free in canvas font handling. - Medium CVE-2013-0840: Missing URL validation when opening new windows. - High CVE-2013-0841: Unchecked array index in content blocking. - Medium CVE-2013-0842: Problems with NULL characters embedded in paths. * Mon Jan 14 2013 Andrey Cherepanov 24.0.1312.52-alt1.r175374 - New version 24.0.1312.52 - Security fixes: - High CVE-2012-5145: Use-after-free in SVG layout. - High CVE-2012-5146: Same origin policy bypass with malformed URL. - High CVE-2012-5147: Use-after-free in DOM handling. - Medium CVE-2012-5148: Missing filename sanitization in hyphenation support. - High CVE-2012-5149: Integer overflow in audio IPC handling. - High CVE-2012-5150: Use-after-free when seeking video. - High CVE-2012-5151: Integer overflow in PDF JavaScript. - Medium CVE-2012-5152: Out-of-bounds read when seeking video. - High CVE-2012-5156: Use-after-free in PDF fields. - Medium CVE-2012-5157: Out-of-bounds reads in PDF image handling. - High CVE-2013-0828: Bad cast in PDF root handling. - High CVE-2013-0829: Corruption of database metadata leading to incorrect file access. - Low CVE-2013-0831: Possible path traversal from extension process. - Medium CVE-2013-0832: Use-after-free with printing. - Medium CVE-2013-0833: Out-of-bounds read with printing. - Medium CVE-2013-0834: Out-of-bounds read with glyph handling. - Low CVE-2013-0835: Browser crash with geolocation. - Medium CVE-2013-0837: Crash in extension tab handling. - Low CVE-2013-0838: Tighten permissions on shared memory segments. - Fixes: - Add new option CHROMIUM_ULIMIT in /etc/chromium/default for increase for example maximum number of open file descriptors ("-n 1024" is recommended for many opened tabs) if needed. * Wed Dec 12 2012 Andrey Cherepanov 23.0.1271.97-alt1.r171054 - New version 23.0.1271.97 - Security fixes: - High CVE-2012-5139: Use-after-free with visibility events. - High CVE-2012-5140: Use-after-free in URL loader. - Medium CVE-2012-5141: Limit Chromoting client plug-in instantiation. - Critical CVE-2012-5142: Crash in history navigation. - Medium CVE-2012-5143: Integer overflow in PPAPI image buffers. - High CVE-2012-5144: Stack corruption in AAC decoding. - Fixes: - Some texts in a Website Settings popup are trimmed - selection renders white text on white bg in apps - some plugins stopped working * Fri Nov 30 2012 Andrey Cherepanov 23.0.1271.95-alt1.r169798 - New version 23.0.1271.95 - Security fixes: - High CVE-2012-5138: Incorrect file path handling. - High CVE-2012-5137: Use-after-free in media source handling. - High CVE-2012-5133: Use-after-free in SVG filters. * Thu Nov 08 2012 Andrey Cherepanov 23.0.1271.64-alt1.r165196 - New version 23.0.1271.64 - Fixes: - High CVE-2012-5116: Use-after-free in SVG filter handling. - High CVE-2012-5121: Use-after-free in video layout. - High CVE-2012-5124: Memory corruption in texture handling. - Critical CVE-2012-5112: SVG use-after-free and IPC arbitrary file write. - High CVE-2012-2900: Crash in Skia text rendering. - Critical CVE-2012-5108: Race condition in audio device handling. - High CVE-2012-2896: Integer overflow in WebGL - High CVE-2012-2895: Out-of-bounds writes in PDF viewer. - High CVE-2012-2894: Crash in graphics context handling. - High CVE-2012-2893: Double free in XSL transforms. - High CVE-2012-2890: Use-after-free in PDF viewer. - High CVE-2012-2889: UXSS in frame handling. - High CVE-2012-2888: Use-after-free in SVG text references. - High CVE-2012-2887: Use-after-free in onclick handling. - High CVE-2012-2886: UXSS in v8 bindings. - High CVE-2012-2883: Out-of-bounds write in Skia. - High CVE-2012-2882: Wild pointer in OGG container handling. - High CVE-2012-2881: DOM tree corruption with plug-ins. - High CVE-2012-2878: Use-after-free in plug-in handling. - High CVE-2012-2876: Buffer overflow in SSE2 optimizations. - High CVE-2012-2874: Out-of-bounds write in Skia. - Total move to system v8 - Use builtin icu-4.6 and patched zlib (see http://code.google.com/p/chromium/issues/detail?id=143623) * Wed Oct 03 2012 Andrey Cherepanov 21.0.1180.89-alt4.r154005 - Set flags for build on ARM - Rebuild with new version of v8 * Tue Oct 02 2012 Andrey Cherepanov 21.0.1180.89-alt2.r154005.M60P.1 clamtk - Easy to use front-end for ClamAV * Sun May 27 2012 Vitaly Lipatov 4.40-alt1 - new version 4.40 (with rpmrb script) * Sun Feb 07 2010 Vitaly Lipatov 4.23-alt1 fpc - Free Pascal Compiler -- Meta Package [29M] * Fri Mar 15 2013 Andrey Cherepanov 2:2.6.2-alt0.M60P.1 - Backport to p6 branch new version * Sun Mar 10 2013 Slava Dubrovskiy 2:2.6.2-alt1 - New version (ALT #28639) - Add Requires libX11-devel libXext-devel libXrandr-devel libXxf86dga-devel libXxf86vm-devel svgalib-devel in units-gfx (ALT #26812) * Tue Aug 28 2012 Repocop Q. A. Robot 2:2.6.0-alt2.qa2 - NMU (by repocop). See http://www.altlinux.org/Tools/Repocop - applied repocop fixes: * beehive-log-dependency-needs-epoch-x86_64 for fpc * postclean-03-private-rpm-macros for the spec file * Tue May 22 2012 Andrey Cherepanov 2:2.6.0-alt1.M60P.1 lazarus - Lazarus Component Library and IDE [59M] * Fri Mar 15 2013 Andrey Cherepanov 1:1.0.6-alt0.M60P.1 - Backport to p6 branch new version * Fri Mar 15 2013 Andrey Cherepanov 1:1.0.6-alt1 - New version 1.0.6 * Fri Dec 28 2012 Andrey Cherepanov 1:1.0.4-alt1.M60P.1 libtag - TagLib, is well, a library for reading and editing audio meta data * Tue Mar 19 2013 Sergey V Turchin 1.8-alt1.M60P.1 - built for M60P (ALT#28700) * Tue Mar 19 2013 Sergey V Turchin 1.8-alt2 - sync patches with SuSE (return rusxmms patch) * Mon Jan 14 2013 Sergey V Turchin 1.8-alt0.M60P.1 - build for M60P * Tue Oct 16 2012 Sergey V Turchin 1.8-alt1 - new version - built without tag encoding detection patch * Wed May 16 2012 Sergey V Turchin 1.7.2-alt0.M60P.1 node - Evented I/O for V8 Javascript * Tue Mar 19 2013 Andrey Cherepanov 0.8.18-alt1.0.M60P.1 - Backport to p6 new version - Rebuild with new version of libv8 * Fri Jan 25 2013 Dmitriy Kulik 0.8.18-alt1.1 - Fix spec + non-strict dependency on node + added -pipe -Wall -g -O2 -march=i586 -mtune=i686 on build * Sun Jan 20 2013 Dmitriy Kulik 0.8.18-alt1 - 0.8.18 - npm 1.2.2 * Sat Oct 27 2012 Dmitriy Kulik 0.8.14-alt1 - v0.8.14 - npm v1.1.65 * Fri Aug 24 2012 Andrey Cherepanov 0.8.3-alt0.M60P.1 numerix - Numerix "big integer" * Fri Mar 15 2013 Andrey Cherepanov 0.22-alt7.2.M60P.1 - Rebuild with new fpc version * Mon Mar 11 2013 Slava Dubrovskiy 0.22-alt7.3 - Rebuild with new fpc * Thu Aug 30 2012 Eugeny A. Rostovtsev (REAL) 0.22-alt7.2 - Rebuilt with gmp 5.0.5 * Tue May 22 2012 Andrey Cherepanov 0.22-alt5.M60P.2 pciids - Repository of PCI IDs (pci.ids database) * Mon Mar 18 2013 Cronbuild Service 20130318-alt1 - repocop cronbuild 20130318. At your service. * Mon Mar 11 2013 Cronbuild Service 20130311-alt1 - repocop cronbuild 20130311. At your service. * Mon Mar 04 2013 Cronbuild Service 20130304-alt1 - repocop cronbuild 20130304. At your service. * Mon Feb 25 2013 Cronbuild Service 20130225-alt1 sisyphus_check - package checker for Sisyphus * Thu Jan 24 2013 Dmitry V. Levin 0.8.37-alt1 - 211-check-firmware: added exception for firmware-tools and firmware-tools-* (closes: #28284). - fhs: added exception for msp430* packages (closes: #28286). * Wed Dec 05 2012 Dmitry V. Levin 0.8.36-alt1 - 090-check-nvr: added a check for package name validity. * Wed Sep 12 2012 Dmitry V. Levin 0.8.35-alt1 - 211-check-firmware: removed "noarch" check (closes: #27709). * Fri Apr 13 2012 Dmitry V. Levin 0.8.34-alt1 - 220-check-python: implemented additional restrictions on requirements between python2 and python3 modules (closes: #27194). * Tue Apr 10 2012 Dmitry V. Levin 0.8.33-alt1 - 220-check-python: + reverted the change made in 0.8.32-alt1; + disallowed python3 requirements in python2 modules and vice versa (closes: #27194). * Thu Apr 05 2012 Dmitry V. Levin 0.8.32-alt1 - 220-check-python: ignore "i586-" arepo prefix in package names. * Wed Feb 08 2012 Vitaly Kuznetsov 0.8.31-alt1 usbids - Repository of USB vendor IDs * Mon Mar 11 2013 Cronbuild Service 20130311-alt1 - repocop cronbuild 20130311. At your service. * Sun Jan 20 2013 Cronbuild Service 20130120-alt1 v8 - V8 is Google's open source JavaScript engine. [14M] * Mon Mar 18 2013 Andrey Cherepanov 3.15.11.10-alt1.M60P.1 - Backport to p6 branch new version * Fri Mar 01 2013 Sergey Bolshakov 3.15.11.10-alt2 - built for arm * Sat Jan 19 2013 Dmitriy Kulik 3.15.11.10-alt1 - 3.15.11.10 (Closes: #28346) + High CVE-2012-5153: Out-of-bounds stack access in v8. + High CVE-2013-0836: Crash in v8 garbage collection. * Thu Nov 08 2012 Dmitriy Kulik 3.13.7.5-alt1 - 3.13.7.5 (Closes: #27940) + CVE-2012-5128 * Mon Sep 17 2012 Dmitriy Kulik 3.13.7.1-alt1 - 3.13.7.1 * Mon Sep 17 2012 Dmitriy Kulik 3.11.10.22-alt1 - 3.11.10.22 * Fri Aug 10 2012 Andrey Cherepanov 3.11.10.5-alt0.M60P.1 Total 11635 source packages.