From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Date: Wed, 3 Jul 2019 05:53:38 +0000 From: QA Team Robot To: sisyphus-cybertalk@lists.altlinux.org Message-ID: <20190703055338.GA8178@gyle.altlinux.org> Mail-Followup-To: sisyphus-cybertalk@lists.altlinux.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Subject: [cyber] I: p8/branch packages: +4! -2 +12 (18213) X-BeenThere: sisyphus-cybertalk@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: devel@lists.altlinux.org List-Id: ALT Linux Sisyphus cybertalk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Jul 2019 05:53:38 -0000 Archived-At: List-Archive: 4 ADDED packages alt-rootfs-installer - Installer rootfs archive to any specified block device * Wed Jun 26 2019 Anton Midyukov 0.2.3-alt1 - 0.2.3 - Simplified code, improved portability (thanks sem@ and arei@) * Thu Apr 18 2019 Anton Midyukov 0.2.1-alt1 - 0.2.1 - support u-boot-* 2019.04 * Fri Mar 29 2019 Anton Midyukov 0.2-alt0.1 - 0.2-beta - Renamed package arm-rootfs-installer to alt-rootfs-installer - Add support riscv64 (thanks arei@) - Update URL * Sun Feb 24 2019 Anton Midyukov 0.1-alt1 xygrib - Visualisation of meteo data from files in GRIB formats [14M] * Fri Jun 28 2019 Sergey Y. Afonin 1.2.4-alt1 - Initial build for AltLinux xygrib-cities-LowPop - Additional cities lists for XyGrib (with low population). * Fri Jun 28 2019 Sergey Y. Afonin 0.1-alt1 - Initial build for AltLinux xygrib-maps-HiRes - Higher resolution maps for XyGrib [99M] * Fri Jun 28 2019 Sergey Y. Afonin 0.1-alt1 - Initial build for AltLinux 2 REMOVED packages arm-rootfs-installer 0.1-alt1 qutim 7:0.3.2-alt3.2 12 UPDATED packages distromap-fedora-rawhide-altlinux-sisyphus - fedora-rawhide-altlinux-sisyphus DistroMap database * Fri Jun 28 2019 Igor Vlasenko 0.439-alt1 - db updates * Sat Apr 13 2019 Igor Vlasenko 0.438-alt1 distromap-mageia-cauldron-altlinux-sisyphus - mageia-cauldron-altlinux-sisyphus DistroMap database * Fri Jun 28 2019 Igor Vlasenko 0.044-alt1 - db update * Sat Apr 13 2019 Igor Vlasenko 0.043-alt1 distromap-suse-default-altlinux-sisyphus - suse-default-altlinux-sisyphus DistroMap database * Fri Jun 28 2019 Igor Vlasenko 0.039-alt1 - db update * Sat Apr 13 2019 Igor Vlasenko 0.038-alt1 hplip - Solution for printing, scanning, and faxing with Hewlett-Packard inkjet and laser printers. [21M] * Sat Jun 29 2019 Andrey Cherepanov 1:3.19.6-alt1 - New version. - Added support for new printers: + HP Smart Tank 500 series + HP Smart Tank 530 series + HP Smart Tank Plus 570 series + HP Smart Tank Plus 650 + HP Smart Tank 610 + HP Smart Tank Plus 550 + HP Smart Tank 510 + HP Neverstop Laser MFP 1200a + HP Neverstop Laser MFP 1200w + HP Laser NS MFP 1005 + HP Laser NS MFP 1005w + HP Neverstop Laser 1000a + HP Neverstop Laser 1000w + HP Laser NS 1020 + HP Laser NS 1020w + HP DesignJet T2600dr Postscript MFP + HP DesignJet XL 3600 PS MFP + HP Color LaserJet Pro M453cdn + HP Color LaserJet Pro M454dn + HP Color LaserJet Pro M454cdn + HP Color LaserJet Pro M453cdw + HP Color LaserJet Pro M454nw + HP Color LaserJet Pro M454dw + HP Color LaserJet Pro M454cdw + HP Color LaserJet Pro MFP M479dw + HP Color LaserJet Pro MFP M478fcdn + HP Color LaserJet Pro MFP M479fdn + HP Color LaserJet Pro MFP M479fcdn + HP Color LaserJet Pro MFP M478fcdw + HP Color LaserJet Pro MFP M479fdw + HP Color LaserJet Pro MFP M479fnw + HP Color LaserJet Pro MFP M479fcdw + HP LaserJet Pro MFP M428dw + HP LaserJet Pro MFP M429dw + HP LaserJet Pro MFP M428fdn + HP LaserJet Pro MFP M428c1 + HP LaserJet Pro MFP M428c3 + HP LaserJet Pro MFP M428m + HP LaserJet Pro MFP M429fdn + HP LaserJet Pro MFP M428fdw + HP LaserJet Pro MFP M428c2 + HP LaserJet Pro MFP M428c4 + HP LaserJet Pro MFP M429fdw + HP LaserJet Pro M404d + HP LaserJet Pro M405d + HP LaserJet Pro M404n + HP LaserJet Pro M405n + HP LaserJet Pro M404dn + HP LaserJet Pro M404c1 + HP LaserJet Pro M404c3 + HP LaserJet Pro M404m + HP LaserJet Pro M405dn + HP LaserJet Pro M404dw + HP LaserJet Pro M404c2 + HP LaserJet Pro M404c4 + HP LaserJet Pro M405dw * Thu May 23 2019 Andrey Cherepanov 1:3.19.5-alt2 - Add Russian localization to desktop file. - Remove hp-uiscan.desktop. * Tue May 14 2019 Andrey Cherepanov 1:3.19.5-alt1 hunspell - Hunspell is a spell checker and morphological analyzer * Tue Sep 11 2018 Valery Inozemtsev 1.6.2-alt1 - 1.6.2 (closes: #35377) * Mon Feb 07 2011 Valery Inozemtsev 1.3.1-alt1 kf5-sonnet - KDE Frameworks 5 multi-language spell checker * Wed Nov 28 2018 Andrey Cherepanov 5.49.0-alt2.M80P.1 - Rebuild with hunspell 1.6.2. * Tue Aug 21 2018 Sergey V Turchin 5.49.0-alt1 Note: changelog entry for 5.49.0-alt1.M80P.1 not found. otter-browser - Otter Browser aims to recreate the best aspects of the classic Opera (12.x) UI using Qt5 * Wed Nov 28 2018 Andrey Cherepanov 0.9.96-alt2.M80P.1 - Rebuild with hunspell 1.6.2. * Fri Mar 23 2018 Anton Midyukov 0.9.96-alt1 Note: changelog entry for 0.9.96-alt1.M80P.1 not found. perl-Source-Bundle - Source-Bundle - Perl extension for converting SRPM and spec files * Sun Jun 30 2019 Igor Vlasenko 0.010.001-alt1 - added datatypes * Thu Jan 31 2019 Igor Vlasenko 0.010-alt1 sigil - Sigil is a free, open source, multi-platform WYSIWYG ebook editor * Tue Nov 27 2018 Andrey Cherepanov 0.6.1-alt1.qa1.M80P.1 - Rebuild with hunspell 1.6.2. * Thu Apr 07 2016 Dmitry V. Levin (QA) 0.6.1-alt1.qa1 sqlite3 - An Embeddable SQL Database Engine * Mon Nov 26 2018 Andrey Cherepanov 3.22.0-alt0.M80P.1 - Backport new version to p8 branch with enabled SQLITE_ENABLE_DBSTAT_VTAB. * Sun Mar 25 2018 Vladimir D. Seleznev 3.22.0-alt1 - 3.22.0 - Patches from Fedora: + sqlite-3.7.7.1-stupid-openfiles-test.patch + sqlite-3.22.0-int-float-compare.patch + sqlite-3.22.0-corrupt-schema.patch - Fixes: + CVE-2017-15286 a NULL pointer dereference in tableColumnList * Wed Sep 13 2017 Mikhail Efremov 3.20.1-alt2 - Enable FTS5 support (closes: #33885). * Mon Aug 28 2017 Mikhail Efremov 3.20.1-alt1 - 3.20.1. * Fri Jul 14 2017 Mikhail Efremov 3.19.3-alt1 - 3.19.3. * Mon Apr 03 2017 Mikhail Efremov 3.18.0-alt1 - Disable test date-2.2c on i586. - 3.18.0. * Tue Jan 10 2017 Mikhail Efremov 3.16.2-alt1 - 3.16.2. * Tue Nov 29 2016 Mikhail Efremov 3.15.2-alt1 thunderbird - Thunderbird is Mozilla's e-mail client [276M] * Sat Jun 22 2019 Andrey Cherepanov 60.7.2-alt0.M80P.1 - Backport new version to p8 branch. * Sat Jun 22 2019 Andrey Cherepanov 60.7.2-alt1 - New version (60.7.2). - Fixed: + CVE-2019-11707 Type confusion in Array.pop + CVE-2019-11708 sandbox escape using Prompt:Open * Wed Jun 19 2019 Andrey Cherepanov 60.7.1-alt1.M80P.1 - Backport new version to p8 branch. * Tue Jun 18 2019 Andrey Cherepanov 60.7.1-alt2 - enigmail: disable pEpAutoDownload. * Fri Jun 14 2019 Andrey Cherepanov 60.7.1-alt1 - New version (60.7.1). - Fixed: + CVE-2019-11703 Heap buffer overflow in icalparser.c + CVE-2019-11704 Heap buffer overflow in icalvalue.c + CVE-2019-11705 Stack buffer overflow in icalrecur.c + CVE-2019-11706 Type confusion in icalproperty.c - Enigmail 2.0.11. - thunderbird-enigmail now requires pinentry-x11 (ALT #18790). - Use juniorModeForceOff by default in Enigmail (ALT #36447). - Fix l10n dtd of Enigmail. * Tue May 21 2019 Andrey Cherepanov 60.7.0-alt0.M80P.1 - Backport new version to p8 branch. * Mon May 20 2019 Andrey Cherepanov 60.7.0-alt1 - New version (60.7.0). - Fixed: + CVE-2019-9815 Disable hyperthreading on content JavaScript threads on macOS + CVE-2019-9816 Type confusion with object groups and UnboxedObjects + CVE-2019-9817 Stealing of cross-domain images using canvas + CVE-2019-9818 Use-after-free in crash generation server + CVE-2019-9819 Compartment mismatch with fetch API + CVE-2019-9820 Use-after-free of ChromeEventHandler by DocShell + CVE-2019-11691 Use-after-free in XMLHttpRequest + CVE-2019-11692 Use-after-free removing listeners in the event listener manager + CVE-2019-11693 Buffer overflow in WebGL bufferdata on Linux + CVE-2019-7317 Use-after-free in png_image_free of libpng library + CVE-2019-9797 Cross-origin theft of images with createImageBitmap + CVE-2018-18511 Cross-origin theft of images with ImageBitmapRenderingContext + CVE-2019-11694 Uninitialized memory memory leakage in Windows sandbox + CVE-2019-11698 Theft of user history data through drag and drop of hyperlinks to and from bookmarks + CVE-2019-5798 Out-of-bounds read in Skia + CVE-2019-9800 Memory safety bugs fixed in Firefox 67, Firefox ESR 60.7, and Thunderbird 60.7 <<<<<<< HEAD * Mon Apr 22 2019 Andrey Cherepanov 60.6.1-alt1.M80P.1 - Backport new version to p8 branch. ======= >>>>>>> sisyphus * Mon Apr 22 2019 Andrey Cherepanov 60.6.1-alt2 - Fix global search indexing by link with bundled sqlite3 (ALT #35761). * Tue Mar 26 2019 Andrey Cherepanov 60.6.1-alt1 - New version (60.6.1). - Fixes: + CVE-2019-9810 IonMonkey MArraySlice has incorrect alias information + CVE-2019-9813 Ionmonkey type confusion with __proto__ mutations * Thu Mar 21 2019 Andrey Cherepanov 60.6.0-alt1 - New version (60.6.0). - Fixes: + CVE-2019-9790 Use-after-free when removing in-use DOM elements + CVE-2019-9791 Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey + CVE-2019-9792 IonMonkey leaks JS_OPTIMIZED_OUT magic value to script + CVE-2019-9793 Improper bounds checks when Spectre mitigations are disabled + CVE-2019-9794 Command line arguments not discarded during execution + CVE-2019-9795 Type-confusion in IonMonkey JIT compiler + CVE-2019-9796 Use-after-free with SMIL animation controller + CVE-2019-9801 Windows programs that are not 'URL Handlers' are exposed to web content + CVE-2018-18506 Proxy Auto-Configuration file can define localhost access to be proxied + CVE-2019-9788 Memory safety bugs fixed in Firefox 66, Firefox ESR 60.6, and Thunderbird 60.6 - Build with Clang. * Wed Feb 27 2019 Andrey Cherepanov 60.5.2-alt1 - New version (60.5.2). * Sat Feb 16 2019 Andrey Cherepanov 60.5.1-alt0.M80P.1 - Backport new version to p8 branch. * Fri Feb 15 2019 Andrey Cherepanov 60.5.1-alt1 - New version (60.5.1). - Fixes: + CVE-2018-18356 Use-after-free in Skia + CVE-2019-5785 Integer overflow in Skia + CVE-2018-18335 Buffer overflow in Skia with accelerated Canvas 2D + CVE-2018-18509 S/MIME signature spoofing * Sun Feb 03 2019 Andrey Cherepanov 60.5.0-alt0.M80P.1 - Backport new version to p8 branch. * Fri Feb 01 2019 Andrey Cherepanov 60.5.0-alt1 - New version (60.5.0). - Fixes: + CVE-2018-18500 Use-after-free parsing HTML5 stream + CVE-2018-18505 Privilege escalation through IPC channel messages + CVE-2016-5824 DoS (use-after-free) via a crafted ics file + CVE-2018-18501 Memory safety bugs fixed in Firefox 65, Firefox ESR 60.5, and Thunderbird 60.5 * Tue Jan 29 2019 Paul Wolneykien 60.4.0-alt3 - Added Enigmail GOST patch. * Thu Jan 10 2019 Andrey Cherepanov 60.4.0-alt2 - Rebuild with llvm7.0. * Mon Dec 24 2018 Andrey Cherepanov 60.4.0-alt1 - New version (60.4.0). - Enigmail 2.0.9. - Fixes: + CVE-2018-17466 Buffer overflow and out-of-bounds read in ANGLE library with TextureStorage11 + CVE-2018-18492 Use-after-free with select element + CVE-2018-18493 Buffer overflow in accelerated 2D canvas with Skia + CVE-2018-18494 Same-origin policy violation using location attribute and performance.getEntries to steal cross-origin URLs + CVE-2018-18498 Integer overflow when calculating buffer sizes for images + CVE-2018-12405 Memory safety bugs fixed in Firefox 64, Firefox ESR 60.4, and Thunderbird 60.4 * Sun Dec 09 2018 Andrey Cherepanov 60.3.3-alt1 - New version (60.3.3). * Fri Nov 30 2018 Andrey Cherepanov 60.3.2-alt1 - New version (60.3.2). * Thu Nov 22 2018 Andrey Cherepanov 60.3.1-alt1 - New version (60.3.1). * Fri Nov 02 2018 Andrey Cherepanov 60.3.0-alt1 - New version (60.3.0). - Fixes: + CVE-2018-12391 HTTP Live Stream audio data is accessible cross-origin + CVE-2018-12392 Crash with nested event loops + CVE-2018-12393 Integer overflow during Unicode conversion while loading JavaScript + CVE-2018-12389 Memory safety bugs fixed in Firefox ESR 60.3 and Thunderbird 60.3 + CVE-2018-12390 Memory safety bugs fixed in Firefox 63, Firefox ESR 60.3, and Thunderbird 60.3 * Mon Oct 15 2018 Andrey Cherepanov 60.2.1-alt1 - New version (60.2.1). - Fixes: + CVE-2018-12377 Use-after-free in refresh driver timers + CVE-2018-12378 Use-after-free in IndexedDB + CVE-2018-12379 Out-of-bounds write with malicious MAR file + CVE-2017-16541 Proxy bypass using automount and autofs + CVE-2018-12376 Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2 + CVE-2018-12385 Crash in TransportSecurityInfo due to cached data + CVE-2018-12383 Setting a master password post-Firefox 58 does not delete unencrypted previously stored passwords * Mon Aug 13 2018 Andrey Cherepanov 60.0-alt1 - New version (60.0). - Enigmail 2.0.8. - Fixes: + CVE-2018-12359 Buffer overflow using computed size of canvas element + CVE-2018-12360 Use-after-free when using focus() + CVE-2018-12361 Integer overflow in SwizzleData + CVE-2018-12362 Integer overflow in SSSE3 scaler + CVE-2018-5156 Media recorder segmentation fault when track type is changed during capture + CVE-2018-12363 Use-after-free when appending DOM nodes + CVE-2018-12364 CSRF attacks through 307 redirects and NPAPI plugins + CVE-2018-12365 Compromised IPC child process can list local filenames + CVE-2018-12371 Integer overflow in Skia library during edge builder allocation + CVE-2018-12366 Invalid data handling during QCMS transformations + CVE-2018-12367 Timing attack mitigation of PerformanceNavigationTiming + CVE-2018-12368 No warning when opening executable SettingContent-ms files + CVE-2018-5187 Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, and Thunderbird 60 + CVE-2018-5188 Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, Firefox ESR 52.9, and Thunderbird 60 * Wed Jul 11 2018 Andrey Cherepanov 52.9.1-alt1 - New version (52.9.1). - Complete fix of the EFAIL vulnerability. * Wed Jul 04 2018 Andrey Cherepanov 52.9.0-alt1 Note: changelog entry for 52.9.1-alt0.M80P.2 not found. thunderbird-ru - Russian (RU) Language Pack for Thunderbird (with Lightning support) * Fri Feb 01 2019 Andrey Cherepanov 60.5.0-alt1 - New version. * Mon Dec 24 2018 Andrey Cherepanov 60.4.0-alt1 - New version. * Fri Nov 02 2018 Andrey Cherepanov 60.3.0-alt1 - New version. - Move Russian localization of Lightning to thunderbird. * Thu Oct 18 2018 Andrey Cherepanov 60.2.1-alt1 - New version. * Mon Aug 13 2018 Andrey Cherepanov 60.0-alt1 - New version. * Wed Jul 04 2018 Andrey Cherepanov 52.9.0-alt1 Total 18213 source packages.