From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Date: Fri, 16 Feb 2018 04:44:03 +0000 From: QA Team Robot To: sisyphus-cybertalk@lists.altlinux.org Message-ID: <20180216044403.GA18930@gyle.altlinux.org> Mail-Followup-To: sisyphus-cybertalk@lists.altlinux.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Subject: [cyber] I: p8/branch packages: +10 (17938) X-BeenThere: sisyphus-cybertalk@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: devel@lists.altlinux.org List-Id: ALT Linux Sisyphus cybertalk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Feb 2018 04:44:04 -0000 Archived-At: List-Archive: 10 UPDATED packages firefox - The Mozilla Firefox project is a redesign of Mozilla's browser [241M] * Tue Feb 13 2018 Andrey Cherepanov 58.0.2-alt0.M80P.1 - Backport new version to p8 branch. * Sun Feb 11 2018 Alexey Gladkov 58.0.2-alt1 - New release (58.0.2). - Fixed: + CVE-2018-5091: Use-after-free with DTMF timers + CVE-2018-5092: Use-after-free in Web Workers + CVE-2018-5093: Buffer overflow in WebAssembly during Memory/Table resizing + CVE-2018-5094: Buffer overflow in WebAssembly with garbage collection on uninitialized memory + CVE-2018-5095: Integer overflow in Skia library during edge builder allocation + CVE-2018-5097: Use-after-free when source document is manipulated during XSLT + CVE-2018-5098: Use-after-free while manipulating form input elements + CVE-2018-5099: Use-after-free with widget listener + CVE-2018-5100: Use-after-free when IsPotentiallyScrollable arguments are freed from memory + CVE-2018-5101: Use-after-free with floating first-letter style elements + CVE-2018-5102: Use-after-free in HTML media elements + CVE-2018-5103: Use-after-free during mouse event handling + CVE-2018-5104: Use-after-free during font face manipulation + CVE-2018-5105: WebExtensions can save and execute files on local file system without user prompts + CVE-2018-5106: Developer Tools can expose style editor information cross-origin through service worker + CVE-2018-5107: Printing process will follow symlinks for local file access + CVE-2018-5108: Manually entered blob URL can be accessed by subsequent private browsing tabs + CVE-2018-5109: Audio capture prompts and starts with incorrect origin attribution + CVE-2018-5110: Cursor can be made invisible on OS X + CVE-2018-5111: URL spoofing in addressbar through drag and drop + CVE-2018-5112: Extension development tools panel can open a non-relative URL in the panel + CVE-2018-5113: WebExtensions can load non-HTTPS pages with browser.identity.launchWebAuthFlow + CVE-2018-5114: The old value of a cookie changed to HttpOnly remains accessible to scripts + CVE-2018-5115: Background network requests can open HTTP authentication in unrelated foreground tabs + CVE-2018-5116: WebExtension ActiveTab permission allows cross-origin frame content access + CVE-2018-5117: URL spoofing with right-to-left text aligned left-to-right + CVE-2018-5118: Activity Stream images can attempt to load local content through file: + CVE-2018-5119: Reader view will load cross-origin content in violation of CORS headers + CVE-2018-5121: OS X Tibetan characters render incompletely in the addressbar + CVE-2018-5122: Potential integer overflow in DoCrypt + CVE-2018-5090: Memory safety bugs fixed in Firefox 58 + CVE-2018-5089: Memory safety bugs fixed in Firefox 58 and Firefox ESR 52.6 + CVE-2018-5124: Sanitize HTML fragments created for chrome-privileged documents * Wed Jan 10 2018 Andrey Cherepanov 57.0.4-alt0.M80P.1 firefox-kk - Kazakh (KZ) Language Pack for Firefox * Mon Feb 12 2018 Alexey Gladkov 58.0.2-alt1 - New version (58.0.2). * Mon Dec 04 2017 Alexey Gladkov 57.0.1-alt1 firefox-ru - Russian (RU) Language Pack for Firefox * Mon Feb 12 2018 Alexey Gladkov 58.0.2-alt1 - New version (58.0.2). * Mon Dec 04 2017 Alexey Gladkov 57.0.1-alt1 firefox-uk - Ukrainian (UA) Language Pack for Firefox * Mon Feb 12 2018 Alexey Gladkov 58.0.2-alt1 - New version (58.0.2). * Mon Dec 04 2017 Alexey Gladkov 57.0.1-alt1 golang - The Go Programming Language [11M] * Thu Feb 15 2018 Alexey Shabalin 1.8.7-alt0.M80P.1 - Build 1.8.7 to p8 branch * Mon Aug 28 2017 Alexey Shabalin 1.8.3-alt0.M80P.1 grafana - Metrics dashboard and graph editor [54M] * Wed Feb 14 2018 Alexey Shabalin 4.6.3-alt1.M80P.1 - 4.6.3 * Mon Dec 04 2017 Alexey Shabalin 4.6.2-alt1.M80P.1 - 4.6.2 * Mon Oct 30 2017 Alexey Shabalin 4.6.0-alt1.M80P.1 nss - Netscape Network Security Services(NSS) * Thu Feb 15 2018 Andrey Cherepanov 3.34.1-alt0.M80P.1 - Backport new version to p8 branch. * Fri Jan 12 2018 Alexey Gladkov 3.34.1-alt3 - Fix the alteranatives file. * Fri Dec 29 2017 Alexey Gladkov 3.34.1-alt2 - Add the alteranatives file for libnssckbi.so. - Add libnss-nssckbi-checkinstall subpackage. * Sat Dec 23 2017 Alexey Gladkov 3.34.1-alt1 - New version (3.34.1). - Remove obsolete nss-alt-ssl-addon-certs.txt. * Tue Oct 17 2017 Andrey Cherepanov 3.33.0-alt0.M80P.1 rust - The Rust Programming Language [18M] * Thu Feb 15 2018 Andrey Cherepanov 1.21.0-alt0.M80P.1 - backport new version to p8 branch * Wed Feb 14 2018 Andrey Cherepanov 1.20.0-alt0.M80P.1 rust-cargo - The Rust package manager * Thu Feb 15 2018 Andrey Cherepanov 0.22.0-alt0.M80P.1 - backport new version to p8 branch * Wed Feb 14 2018 Andrey Cherepanov 0.21.1-alt0.M80P.1 telegraf - The plugin-driven server agent for collecting and reporting metrics [29M] * Wed Feb 14 2018 Alexey Shabalin 1.5.2-alt2.M80P.1 - fix "commit" * Thu Feb 01 2018 Alexey Shabalin 1.5.2-alt1.M80P.1 - 1.5.2 * Mon Oct 30 2017 Alexey Shabalin 1.4.3-alt1.M80P.1 Total 17938 source packages.