From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on sa.local.altlinux.org X-Spam-Level: X-Spam-Status: No, score=-3.3 required=5.0 tests=BAYES_00,RP_MATCHES_RCVD autolearn=ham autolearn_force=no version=3.4.1 Date: Wed, 22 Dec 2021 00:15:18 +0000 From: QA Team Robot To: sisyphus-cybertalk@lists.altlinux.org Message-ID: Mail-Followup-To: sisyphus-cybertalk@lists.altlinux.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Subject: [cyber] I: p10/branch packages: +7 (17655) X-BeenThere: sisyphus-cybertalk@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: devel@lists.altlinux.org List-Id: ALT Linux Sisyphus cybertalk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Dec 2021 00:15:21 -0000 Archived-At: List-Archive: 7 UPDATED packages desktop-file-utils - Utilities for manipulating .desktop files * Tue Dec 07 2021 Igor Vlasenko 0.26-alt2 - added support for DesktopNames in xsessions and wayland-sessions * Fri Sep 17 2021 Sergey V Turchin 0.26-alt1 firefox - The Mozilla Firefox project is a redesign of Mozilla's browser [396M] * Fri Dec 17 2021 Alexey Gladkov 95.0.1-alt1 - New release (95.0.1). * Wed Dec 08 2021 Alexey Gladkov 95.0-alt1 - New release (95.0). - Security fixes: + CVE-2021-43536: URL leakage when navigating while executing asynchronous function + CVE-2021-43537: Heap buffer overflow when using structured clone + CVE-2021-43538: Missing fullscreen and pointer lock notification when requesting both + CVE-2021-43539: GC rooting failure when calling wasm instance methods + MOZ-2021-0010: Use-after-free in fullscreen objects on MacOS + CVE-2021-43540: WebExtensions could have installed persistent ServiceWorkers + CVE-2021-43541: External protocol handler parameters were unescaped + CVE-2021-43542: XMLHttpRequest error codes could have leaked the existence of an external protocol handler + CVE-2021-43543: Bypass of CSP sandbox directive when embedding + CVE-2021-43544: Receiving a malicious URL as text through a SEND intent could have led to XSS + CVE-2021-43545: Denial of Service when using the Location API in a loop + CVE-2021-43546: Cursor spoofing could overlay user interface when native cursor is zoomed + MOZ-2021-0009: Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 * Fri Nov 19 2021 Alexey Gladkov 94.0.2-alt1 - New release (94.0.2). * Tue Nov 02 2021 Alexey Gladkov 94.0-alt1 kernel-image-rpi-un - The Linux kernel (the core of the Linux operating system) * Fri Dec 17 2021 Dmitry Terekhin 1:5.15.6-alt1 - Updated to 5.15.6 - https://github.com/raspberrypi/linux.git rpi-5.15.y - commit be49bc5cd53b095fbbc9dde271adf580025e5adc - Add TF307 revision D and ROCK PI 4 Model C support from - https://github.com/altlinux/linux-arm/tree/rpi-baikalm-5.15.y - Replaced config-aarch64 file based on baikal_rpi_rockpi4_defconfig - Move v4l and staging modules to kernel-image package - Remove package dependencies rpi4-boot-switch and rpi4-boot-nouboot-filetrigger * Fri Jul 23 2021 Dmitry Terekhin 1:5.12.17-alt1 python3-module-clickhouse-driver - ClickHouse Python Driver with native interface support. * Tue Dec 14 2021 Anton Farygin 0.2.2-alt2 - make pandas requires optional * Wed Sep 29 2021 Anton Farygin 0.2.2-alt1 python3-module-numdifftools - Solves automatic numerical differentiation problems in one or more variables * Fri Jul 30 2021 Aleksei Nikiforov 0.9.39-alt2 - Updated build dependencies. * Thu Nov 05 2020 Vitaly Lipatov 0.9.39-alt1 python3-module-numpy - NumPy: array processing for numbers, strings, records, and objects * Tue Dec 14 2021 Anton Farygin 1:1.21.4-alt2 - relaxed tests on ppc64le due to fall in "test_linalg.py::TestCholesky::test_basic_property" in the build for p10 * Wed Dec 08 2021 Anton Farygin 1:1.21.4-alt1 - 1.21.1 -> 1.21.4 - moved recfunctions.py from tests to main package - added a patch to recfunctions.py for remove dependency to testing - added a patch from the upstream for fix _GenericAlias tests - enabled tests * Wed Sep 01 2021 Aleksei Nikiforov 1:1.21.1-alt2 - Disabled LTO. * Wed Jul 28 2021 Aleksei Nikiforov 1:1.21.1-alt1 - Updated to upstream version 1.21.1. * Tue Jun 15 2021 Aleksei Nikiforov 1:1.20.3-alt1 thunderbird - Thunderbird is Mozilla's e-mail client [412M] * Fri Dec 10 2021 Andrey Cherepanov 91.4.0-alt1 - New version. - Security fixes: + CVE-2021-43536 URL leakage when navigating while executing asynchronous function + CVE-2021-43537 Heap buffer overflow when using structured clone + CVE-2021-43538 Missing fullscreen and pointer lock notification when requesting both + CVE-2021-43539 GC rooting failure when calling wasm instance methods + CVE-2021-43541 External protocol handler parameters were unescaped + CVE-2021-43542 XMLHttpRequest error codes could have leaked the existence of an external protocol handler + CVE-2021-43543 Bypass of CSP sandbox directive when embedding + CVE-2021-43545 Denial of Service when using the Location API in a loop + CVE-2021-43546 Cursor spoofing could overlay user interface when native cursor is zoomed + CVE-2021-43528 JavaScript unexpectedly enabled for the composition area * Fri Nov 19 2021 Andrey Cherepanov 91.3.2-alt1 Total 17655 source packages.