From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Date: Sun, 12 Apr 2020 04:43:21 +0000 From: QA Team Robot To: sisyphus-cybertalk@lists.altlinux.org Message-ID: <20200412044315.GA4468@gyle.altlinux.org> Mail-Followup-To: sisyphus-cybertalk@lists.altlinux.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Subject: [cyber] I: Sisyphus-20200412 packages: +1! -3 +21 (17566) X-BeenThere: sisyphus-cybertalk@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: devel@lists.altlinux.org List-Id: ALT Linux Sisyphus cybertalk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 12 Apr 2020 04:43:30 -0000 Archived-At: List-Archive: 1 ADDED package python3-module-wheel - A built-package format for Python3 * Sat Apr 11 2020 Alexey Shabalin 0.34.2-alt1 - 0.34.2 3 REMOVED packages comix 4.0.4-alt3 easytag 2.4.3-alt2 ffmpeg2theora 0.30-alt3 21 UPDATED packages LibreSSL - OpenBSD fork of OpenSSL library * Thu Apr 09 2020 Vladimir D. Seleznev 3.1.0-alt1 - Updated to 3.1.0. * Sun Dec 01 2019 Vladimir D. Seleznev 3.0.2-alt2 ansible-lint - Best practices checker for Ansible * Thu Mar 12 2020 Alexey Shabalin 4.2.0-alt1 - 4.2.0 * Thu Sep 12 2019 Grigory Ustinov 4.1.0-alt1 chromium - An open source web browser developed by Google [935M] * Wed Apr 08 2020 Alexey Gladkov 81.0.4044.92-alt1 - New version (81.0.4044.92). - Security fixes: - CVE-2020-6423: Use after free in audio. - CVE-2020-6430: Type Confusion in V8. - CVE-2020-6431: Insufficient policy enforcement in full screen. - CVE-2020-6432: Insufficient policy enforcement in navigations. - CVE-2020-6433: Insufficient policy enforcement in extensions. - CVE-2020-6434: Use after free in devtools. - CVE-2020-6435: Insufficient policy enforcement in extensions. - CVE-2020-6436: Use after free in window management. - CVE-2020-6437: Inappropriate implementation in WebView. - CVE-2020-6438: Insufficient policy enforcement in extensions. - CVE-2020-6439: Insufficient policy enforcement in navigations. - CVE-2020-6440: Inappropriate implementation in extensions. - CVE-2020-6441: Insufficient policy enforcement in omnibox. - CVE-2020-6442: Inappropriate implementation in cache. - CVE-2020-6443: Insufficient data validation in developer tools. - CVE-2020-6444: Uninitialized Use in WebRTC. - CVE-2020-6445: Insufficient policy enforcement in trusted types. - CVE-2020-6446: Insufficient policy enforcement in trusted types. - CVE-2020-6447: Inappropriate implementation in developer tools. - CVE-2020-6448: Use after free in V8. - CVE-2020-6454: Use after free in extensions. - CVE-2020-6455: Out of bounds read in WebSQL. - CVE-2020-6456: Insufficient validation of untrusted input in clipboard. * Fri Mar 06 2020 Alexey Gladkov 80.0.3987.132-alt1 chromium-gost - An open source web browser developed by Google [986M] * Sat Apr 04 2020 Fr. Br. George 80.0.3987.132-alt1 - Build GOST version * Fri Mar 06 2020 Alexey Gladkov 80.0.3987.132-alt0 - New version (80.0.3987.132). - Security fixes: - CVE-2019-18197: Multiple vulnerabilities in XML. - CVE-2019-19923: Out of bounds memory access in SQLite. - CVE-2019-19925: Multiple vulnerabilities in SQLite. - CVE-2019-19926: Inappropriate implementation in SQLite. - CVE-2020-6381: Integer overflow in JavaScript. - CVE-2020-6382: Type Confusion in JavaScript. - CVE-2020-6383: Type confusion in V8. - CVE-2020-6384: Use after free in WebAudio. - CVE-2020-6385: Insufficient policy enforcement in storage. - CVE-2020-6386: Use after free in speech. - CVE-2020-6387: Out of bounds write in WebRTC. - CVE-2020-6388: Out of bounds memory access in WebAudio. - CVE-2020-6389: Out of bounds write in WebRTC. - CVE-2020-6390: Out of bounds memory access in streams. - CVE-2020-6391: Insufficient validation of untrusted input in Blink. - CVE-2020-6392: Insufficient policy enforcement in extensions. - CVE-2020-6393: Insufficient policy enforcement in Blink. - CVE-2020-6394: Insufficient policy enforcement in Blink. - CVE-2020-6395: Out of bounds read in JavaScript. - CVE-2020-6396: Inappropriate implementation in Skia. - CVE-2020-6397: Incorrect security UI in sharing. - CVE-2020-6398: Uninitialized use in PDFium. - CVE-2020-6399: Insufficient policy enforcement in AppCache. - CVE-2020-6400: Inappropriate implementation in CORS. - CVE-2020-6401: Insufficient validation of untrusted input in Omnibox. - CVE-2020-6402: Insufficient policy enforcement in downloads. - CVE-2020-6403: Incorrect security UI in Omnibox. - CVE-2020-6404: Inappropriate implementation in Blink. - CVE-2020-6405: Out of bounds read in SQLite. - CVE-2020-6406: Use after free in audio. - CVE-2020-6407: Out of bounds memory access in streams. - CVE-2020-6408: Insufficient policy enforcement in CORS. - CVE-2020-6409: Inappropriate implementation in Omnibox. - CVE-2020-6410: Insufficient policy enforcement in navigation. - CVE-2020-6411: Insufficient validation of untrusted input in Omnibox. - CVE-2020-6412: Insufficient validation of untrusted input in Omnibox. - CVE-2020-6413: Inappropriate implementation in Blink. - CVE-2020-6414: Insufficient policy enforcement in Safe Browsing. - CVE-2020-6415: Inappropriate implementation in JavaScript. - CVE-2020-6416: Insufficient data validation in streams. - CVE-2020-6417: Inappropriate implementation in installer. - CVE-2020-6418: Type confusion in V8. - CVE-2020-6420: Insufficient policy enforcement in media. * Mon Feb 03 2020 Alexey Gladkov 79.0.3945.130-alt1 - New version (79.0.3945.130). - Security fixes: - CVE-2019-13767: Use after free in media picker. - CVE-2020-6377: Use after free in audio. - CVE-2020-6378: Use-after-free in speech recognizer. - CVE-2020-6379: Use-after-free in speech recognizer. - CVE-2020-6380: Extension message verification error. * Mon Dec 16 2019 Alexey Gladkov 79.0.3945.79-alt1 - New version (79.0.3945.79). - Security fixes: - CVE-2019-13725: Use after free in Bluetooth. - CVE-2019-13726: Heap buffer overflow in password manager. - CVE-2019-13727: Insufficient policy enforcement in WebSockets. - CVE-2019-13728: Out of bounds write in V8. - CVE-2019-13729: Use after free in WebSockets. - CVE-2019-13730: Type Confusion in V8. - CVE-2019-13732: Use after free in WebAudio. - CVE-2019-13734: Out of bounds write in SQLite. - CVE-2019-13735: Out of bounds write in V8. - CVE-2019-13736: Integer overflow in PDFium. - CVE-2019-13737: Insufficient policy enforcement in autocomplete. - CVE-2019-13738: Insufficient policy enforcement in navigation. - CVE-2019-13739: Incorrect security UI in Omnibox. - CVE-2019-13740: Incorrect security UI in sharing. - CVE-2019-13741: Insufficient validation of untrusted input in Blink. - CVE-2019-13742: Incorrect security UI in Omnibox. - CVE-2019-13743: Incorrect security UI in external protocol handling. - CVE-2019-13744: Insufficient policy enforcement in cookies. - CVE-2019-13745: Insufficient policy enforcement in audio. - CVE-2019-13746: Insufficient policy enforcement in Omnibox. - CVE-2019-13747: Uninitialized Use in rendering. - CVE-2019-13748: Insufficient policy enforcement in developer tools. - CVE-2019-13749: Incorrect security UI in Omnibox. - CVE-2019-13750: Insufficient data validation in SQLite. - CVE-2019-13751: Uninitialized Use in SQLite. - CVE-2019-13752: Out of bounds read in SQLite. - CVE-2019-13753: Out of bounds read in SQLite. - CVE-2019-13754: Insufficient policy enforcement in extensions. - CVE-2019-13755: Insufficient policy enforcement in extensions. - CVE-2019-13756: Incorrect security UI in printing. - CVE-2019-13757: Incorrect security UI in Omnibox. - CVE-2019-13758: Insufficient policy enforcement in navigation. - CVE-2019-13759: Incorrect security UI in interstitials. - CVE-2019-13761: Incorrect security UI in Omnibox. - CVE-2019-13762: Insufficient policy enforcement in downloads. - CVE-2019-13763: Insufficient policy enforcement in payments. - CVE-2019-13764: Type Confusion in V8. * Mon Dec 02 2019 Alexey Gladkov 78.0.3904.108-alt1 - New version (78.0.3904.108). - Security fixes: - CVE-2019-13723: Use-after-free in Bluetooth. - CVE-2019-13724: Out-of-bounds access in Bluetooth. * Sat Nov 09 2019 Alexey Gladkov 78.0.3904.97-alt1 - New version (78.0.3904.97). - Security fixes: - CVE-2019-13720: Use-after-free in audio. - CVE-2019-13721: Use-after-free in PDFium. * Thu Oct 24 2019 Alexey Gladkov 78.0.3904.70-alt1 - New version (78.0.3904.70). - Security fixes: - CVE-2019-13699: Use-after-free in media. - CVE-2019-13700: Buffer overrun in Blink. - CVE-2019-13701: URL spoof in navigation. - CVE-2019-13702: Privilege elevation in Installer. - CVE-2019-13703: URL bar spoofing. - CVE-2019-13704: CSP bypass. - CVE-2019-13705: Extension permission bypass. - CVE-2019-13706: Out-of-bounds read in PDFium. - CVE-2019-13707: File storage disclosure. - CVE-2019-13708: HTTP authentication spoof. - CVE-2019-13709: File download protection bypass. - CVE-2019-13710: File download protection bypass. - CVE-2019-13711: Cross-context information leak. - CVE-2019-13713: Cross-origin data leak. - CVE-2019-13714: CSS injection. - CVE-2019-13715: Address bar spoofing. - CVE-2019-13716: Service worker state error. - CVE-2019-13717: Notification obscured. - CVE-2019-13718: IDN spoof. - CVE-2019-13719: Notification obscured. - CVE-2019-15903: Buffer overflow in expat. * Mon Oct 21 2019 Alexey Gladkov 77.0.3865.120-alt1 - New version (77.0.3865.120). - Security fixes: - CVE-2019-13693: Use-after-free in IndexedDB. - CVE-2019-13694: Use-after-free in WebRTC. - CVE-2019-13695: Use-after-free in audio. - CVE-2019-13696: Use-after-free in V8. - CVE-2019-13697: Cross-origin size leak. * Wed Sep 25 2019 Alexey Gladkov 77.0.3865.90-alt1 - New version (77.0.3865.90). - Security fixes: - CVE-2019-13685: Use-after-free in UI. - CVE-2019-13686: Use-after-free in offline pages. - CVE-2019-13687: Use-after-free in media. - CVE-2019-13688: Use-after-free in media. * Mon Sep 23 2019 Alexey Gladkov 77.0.3865.75-alt1 - New version (77.0.3865.75). - Security fixes: - CVE-2019-13659: URL spoof. - CVE-2019-13660: Full screen notification overlap. - CVE-2019-13661: Full screen notification spoof. - CVE-2019-13662: CSP bypass. - CVE-2019-13663: IDN spoof. - CVE-2019-13664: CSRF bypass. - CVE-2019-13665: Multiple file download protection bypass. - CVE-2019-13666: Side channel using storage size estimate. - CVE-2019-13667: URI bar spoof when using external app URIs. - CVE-2019-13668: Global window leak via console. - CVE-2019-13669: HTTP authentication spoof. - CVE-2019-13670: V8 memory corruption in regex. - CVE-2019-13671: Dialog box fails to show origin. - CVE-2019-13673: Cross-origin information leak using devtools. - CVE-2019-13674: IDN spoofing. - CVE-2019-13675: Extensions can be disabled by trailing slash. - CVE-2019-13676: Google URI shown for certificate warning. - CVE-2019-13677: Chrome web store origin needs to be isolated. - CVE-2019-13678: Download dialog spoofing. - CVE-2019-13679: User gesture needed for printing. - CVE-2019-13680: IP address spoofing to servers. - CVE-2019-13681: Bypass on download restrictions. - CVE-2019-13682: Site isolation bypass. - CVE-2019-13683: Exceptions leaked by devtools. - CVE-2019-5870: Use-after-free in media. - CVE-2019-5871: Heap overflow in Skia. - CVE-2019-5872: Use-after-free in Mojo. - CVE-2019-5873: URL bar spoofing on iOS. - CVE-2019-5874: External URIs may trigger other browsers. - CVE-2019-5875: URL bar spoof via download redirect. - CVE-2019-5876: Use-after-free in media. - CVE-2019-5877: Out-of-bounds access in V8. - CVE-2019-5878: Use-after-free in V8. - CVE-2019-5879: Extensions can read some local files. - CVE-2019-5880: SameSite cookie bypass. - CVE-2019-5881: Arbitrary read in SwiftShader. * Wed Sep 18 2019 Fr. Br. George 76.0.3809.87-alt2 chronograf - Open source framework for processing, monitoring, and alerting on time series data [31M] * Sat Apr 11 2020 Alexey Shabalin 1.8.1-alt1 - 1.8.1 * Wed Sep 11 2019 Alexey Shabalin 1.7.14-alt1 cpu-g - CPU-G is an application that shows useful information about your hardware * Sat Apr 11 2020 Motsyo Gennadi 0.16.2-alt1 - 0.16.2 * Thu Mar 31 2016 Motsyo Gennadi 0.9.0-alt1 flatpak-builder - Tool to build flatpaks from source * Sat Apr 11 2020 Yuri N. Sedunov 1:1.0.10-alt1.1 - improved "docs" knob * Sat Mar 21 2020 Yuri N. Sedunov 1:1.0.10-alt1 freeradius - High-performance and highly configurable free RADIUS server * Fri Apr 10 2020 Alexey Shabalin 3.0.21-alt1 - 3.0.21 * Mon Mar 16 2020 Alexey Shabalin 3.0.20-alt1 influxdb - Distributed time-series database [11M] * Sat Apr 11 2020 Alexey Shabalin 1.7.10-alt1 - 1.7.10 * Sun Dec 22 2019 Alexey Shabalin 1.7.9-alt1 libinput - Input devices library * Sat Apr 11 2020 Yuri N. Sedunov 1.15.5-alt1 - 1.15.5 * Wed Mar 18 2020 Yuri N. Sedunov 1.15.4-alt1 libtorrent-rasterbar - libTorrent is a BitTorrent library written in C++ for *nix * Sat Apr 11 2020 Ivan A. Melnikov 3:1.2.5-alt2 - Link with libatomic on %mips32. * Fri Apr 10 2020 Aleksei Nikiforov 3:1.2.5-alt1 libwebkitgtk2 - Web browser engine [10M] * Sat Apr 11 2020 Yuri N. Sedunov 2.4.11-alt10 - switched to python2 for build * Wed Mar 18 2020 Yuri N. Sedunov 2.4.11-alt9 opera64-dev - A fast and secure web browser and Internet suite [80M] * Sat Apr 11 2020 Motsyo Gennadi 69.0.3653.0-alt1.1 - moved libffmpeg.so from source-package to the separate source file * Sat Apr 11 2020 Motsyo Gennadi 69.0.3653.0-alt1 - packaged 69.0.3653.0 snapshot * Sun Feb 16 2020 Motsyo Gennadi 68.0.3590.0-alt1 python-module-wheel - A built-package format for Python * Sat Apr 11 2020 Alexey Shabalin 0.34.2-alt1 - 0.34.2 - build python2 module only * Fri Feb 02 2018 Stanislav Levin 0.29.0-alt1.1 rust - The Rust Programming Language [91M] * Wed Apr 08 2020 Vladimir Lettiev 1:1.41.1-alt1 - 1.41.1 - Fixed i586 build * Sun Dec 22 2019 Vladimir Lettiev 1:1.40.0-alt1 spirv-tools - API and commands for processing SPIR-V modules * Sat Apr 11 2020 Michael Shigorin 2019.4-alt2 - E2K: disable -Werror (hex_float.h:766 triggers ftbfs with -Werror=conversion) * Thu Aug 29 2019 L.A. Kostis 2019.4-alt1 telegraf - The plugin-driven server agent for collecting and reporting metrics * Sat Apr 11 2020 Alexey Shabalin 1.14.0-alt1 - 1.14.0 * Sun Dec 22 2019 Alexey Shabalin 1.13.0-alt1 torrent-file-editor - Torrent File Editor * Sat Apr 11 2020 Motsyo Gennadi 0.3.17-alt1.2 - fix build with cmake 3.17 * Sun Feb 02 2020 Motsyo Gennadi 0.3.17-alt1.1 vdo - Management tools for Virtual Data Optimizer * Sat Apr 11 2020 Alexey Shabalin 6.2.2.117-alt1 - 6.2.2.117 * Thu Dec 12 2019 Alexey Shabalin 6.2.2.33-alt1 - 6.2.2.33 * Tue Oct 22 2019 Alexey Shabalin 6.2.2.18-alt1 xfce4-taskmanager - Taskmanager for Xfce Desktop * Sat Apr 11 2020 Mikhail Efremov 1.2.3-alt1 - Update url. - Add Vcs tag. - Don't use rpm-build-licenses. - Updated to 1.2.3. * Wed Dec 19 2018 Mikhail Efremov 1.2.2-alt1 xmrig - RandomX and CryptoNight CPU miner * Sun Apr 12 2020 Motsyo Gennadi 5.10.0-alt1.1 - add ExcludeArch for aarch64 * Thu Apr 09 2020 Motsyo Gennadi 5.10.0-alt1 - 5.10.0 * Wed Mar 11 2020 Motsyo Gennadi 5.9.0-alt1 - 5.9.0 * Sat Aug 24 2019 Motsyo Gennadi 3.1.0-alt1.1 Total 17566 source packages.