From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on sa.local.altlinux.org X-Spam-Level: X-Spam-Status: No, score=-3.3 required=5.0 tests=BAYES_00,RP_MATCHES_RCVD autolearn=ham autolearn_force=no version=3.4.1 Date: Sat, 18 Mar 2023 00:16:35 +0000 From: QA Team Robot To: sisyphus-cybertalk@lists.altlinux.org Message-ID: Mail-Followup-To: sisyphus-cybertalk@lists.altlinux.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Subject: [cyber] I: p10/branch packages: +3! -14 +36 (18052) X-BeenThere: sisyphus-cybertalk@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: devel@lists.altlinux.org List-Id: ALT Linux Sisyphus cybertalk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 18 Mar 2023 00:16:40 -0000 Archived-At: List-Archive: 3 ADDED packages liblc3 - Low Complexity Communication Codec (LC3) * Sat Feb 18 2023 Yuri N. Sedunov 1.0.2-alt1 - 1.0.2 * Mon Oct 17 2022 Yuri N. Sedunov 1.0.1-alt1 libmysofa - Reader for AES SOFA files to get better HRTFs [198M] * Thu Feb 16 2023 Yuri N. Sedunov 1.3.1-alt1 - first build for Sisyphus (v1.3.1-8-gbed445b) python3-module-openqa-client - Python API to access openQA server * Fri Mar 10 2023 Alexander Makeenkov 4.2.1-alt1 - Initial build for ALT 14 REMOVED packages element-desktop 1.8.5-alt1 element-web 1.8.5-alt1 node-grunt 1.1.0-alt1 node-iltorb 2.4.5-alt1 node-leveldown 5.6.0-alt1 node-msgpack 1.0.3-alt2 node-nodeunit 0.11.3-alt2 node-semver 7.3.2-alt1 node-sharp 0.25.3-alt2 node-webpack-cli 4.5.0-alt1 vim-plugin-coc 0.0.78-alt2 vim-plugin-coc-calc 2.0.2-alt2 vim-plugin-coc-sh 0.6.0-alt2 webtorrent-desktop 0.21.0-alt1 36 UPDATED packages NetworkManager - Install NetworkManager daemon and plugins * Mon Feb 27 2023 Mikhail Efremov 1.40.16-alt1.p10.1 - Updated to 1.40.16. * Wed Feb 22 2023 Mikhail Efremov 1.40.14-alt0.p10.1 - Patches from upstream git: + device: update address in nm_device_update_from_platform_link(); + device: preserve assume state if updating port fails. - Dropped fake changelog entry. - Updated to 1.40.14. * Mon Jan 30 2023 Mikhail Efremov 1.40.12-alt0.p10.1 apache2 - The most widely used Web server on the Internet * Thu Mar 09 2023 Anton Farygin 1:2.4.56-alt1 - 2.4.56 (Fixes: CVE-2023-25690, CVE-2023-27522) * Wed Feb 01 2023 Anton Farygin 1:2.4.55-alt1 branding-alt-spserver - System/Base * Tue Mar 14 2023 Anton Midyukov 10.2-alt1 - notes: update license * Mon Feb 27 2023 Anton Midyukov 10.1-alt3 - indexhtml: remove link to bugs.altlinux.org - os-release.in: remove link to bugs.altlinux.org - release-notes.all.html.in: update format from russian version - images: update wallpapers * Tue Jan 24 2023 Anton Midyukov 10.1-alt2 branding-alt-spworkstation - System/Base * Tue Mar 14 2023 Anton Midyukov 10.2-alt1 - notes: update license * Mon Feb 27 2023 Anton Midyukov 10.1-alt3 - branding.spec: indexhtml: do'nt require shared-desktop-icons - images: update wallpapers - release-notes.all.html.in: update format from russian version - indexhtml: remove link to bugs.altlinux.org - os-release.in: remove link to bugs.altlinux.org * Tue Jan 24 2023 Anton Midyukov 10.1-alt2 chromium-gost - An open source web browser developed by Google [2042M] * Thu Mar 09 2023 Andrey Cherepanov 110.0.5481.177-alt1.p10.1 - Backported new version to p10 branch. - Filtered out LGBT material from customization startup page. * Tue Mar 07 2023 Fr. Br. George 110.0.5481.177-alt2 - GOST version * Wed Mar 01 2023 Alexey Gladkov 110.0.5481.177-alt2 - Bring back compiler optimizations (ALT#45454). * Thu Feb 23 2023 Alexey Gladkov 110.0.5481.177-alt1 - New version (110.0.5481.177). - Fix crach in autofill (ALT#45269). - Security fixes: - CVE-2023-0927: Use after free in Web Payments API. - CVE-2023-0928: Use after free in SwiftShader. - CVE-2023-0929: Use after free in Vulkan. - CVE-2023-0930: Heap buffer overflow in Video. - CVE-2023-0931: Use after free in Video. - CVE-2023-0932: Use after free in WebRTC. - CVE-2023-0933: Integer overflow in PDF. - CVE-2023-0941: Use after free in Prompts. * Tue Feb 14 2023 Fr. Br. George 110.0.5481.77-alt1 - GOST version * Thu Feb 09 2023 Alexey Gladkov 110.0.5481.77-alt1 - New version (110.0.5481.77). - Upstream disallow to chromium build with system libwayland (crbug.com/1385736). - Add more parameters to Yandex search url (ALT#45192). - Security fixes: - CVE-2023-0696: Type Confusion in V8. - CVE-2023-0697: Inappropriate implementation in Full screen mode. - CVE-2023-0698: Out of bounds read in WebRTC. - CVE-2023-0699: Use after free in GPU. - CVE-2023-0700: Inappropriate implementation in Download. - CVE-2023-0701: Heap buffer overflow in WebUI. - CVE-2023-0702: Type Confusion in Data Transfer. - CVE-2023-0703: Type Confusion in DevTools. - CVE-2023-0704: Insufficient policy enforcement in DevTools. - CVE-2023-0705: Integer overflow in Core. * Mon Jan 30 2023 Alexey Gladkov 109.0.5414.119-alt1 - New version (109.0.5414.119). - Add a workaround to make the https_proxy environment variable work (ALT#44986). - Security fixes: - CVE-2023-0471: Use after free in WebTransport. - CVE-2023-0472: Use after free in WebRTC. - CVE-2023-0473: Type Confusion in ServiceWorker API. - CVE-2023-0474: Use after free in GuestView. * Thu Jan 12 2023 Alexey Gladkov 109.0.5414.74-alt1 - New version (109.0.5414.74). - Security fixes: - CVE-2023-0128: Use after free in Overview Mode. - CVE-2023-0129: Heap buffer overflow in Network Service. - CVE-2023-0130: Inappropriate implementation in Fullscreen API. - CVE-2023-0131: Inappropriate implementation in iframe Sandbox. - CVE-2023-0132: Inappropriate implementation in Permission prompts. - CVE-2023-0133: Inappropriate implementation in Permission prompts. - CVE-2023-0134: Use after free in Cart. - CVE-2023-0135: Use after free in Cart. - CVE-2023-0136: Inappropriate implementation in Fullscreen API. - CVE-2023-0137: Heap buffer overflow in Platform Apps. - CVE-2023-0138: Heap buffer overflow in libphonenumber. - CVE-2023-0139: Insufficient validation of untrusted input in Downloads. - CVE-2023-0140: Inappropriate implementation in File System API. - CVE-2023-0141: Insufficient policy enforcement in CORS. * Fri Dec 02 2022 Alexey Gladkov 108.0.5359.71-alt1 - New version (108.0.5359.71). - Use LLVM 15. - Security fixes: - CVE-2022-4174: Type Confusion in V8. - CVE-2022-4175: Use after free in Camera Capture. - CVE-2022-4176: Out of bounds write in Lacros Graphics. - CVE-2022-4177: Use after free in Extensions. - CVE-2022-4178: Use after free in Mojo. - CVE-2022-4179: Use after free in Audio. - CVE-2022-4180: Use after free in Mojo. - CVE-2022-4181: Use after free in Forms. - CVE-2022-4182: Inappropriate implementation in Fenced Frames. - CVE-2022-4183: Insufficient policy enforcement in Popup Blocker. - CVE-2022-4184: Insufficient policy enforcement in Autofill. - CVE-2022-4185: Inappropriate implementation in Navigation. - CVE-2022-4186: Insufficient validation of untrusted input in Downloads. - CVE-2022-4187: Insufficient policy enforcement in DevTools. - CVE-2022-4188: Insufficient validation of untrusted input in CORS. - CVE-2022-4189: Insufficient policy enforcement in DevTools. - CVE-2022-4190: Insufficient data validation in Directory. - CVE-2022-4191: Use after free in Sign-In. - CVE-2022-4192: Use after free in Live Caption. - CVE-2022-4193: Insufficient policy enforcement in File System API. - CVE-2022-4194: Use after free in Accessibility. - CVE-2022-4195: Insufficient policy enforcement in Safe Browsing. * Fri Nov 18 2022 Alexey Gladkov 107.0.5304.110-alt1 - New version (107.0.5304.110). - Security fixes: - CVE-2022-3885: Use after free in V8. - CVE-2022-3886: Use after free in Speech Recognition. - CVE-2022-3887: Use after free in Web Workers. - CVE-2022-3888: Use after free in WebCodecs. - CVE-2022-3889: Type Confusion in V8. - CVE-2022-3890: Heap buffer overflow in Crashpad. * Fri Nov 11 2022 Fr. Br. George 107.0.5304.87-alt1 - GOST version * Tue Nov 01 2022 Alexey Gladkov 107.0.5304.87-alt1 - New version (107.0.5304.87). - Security fixes: - CVE-2022-3723: Type Confusion in V8. - CVE-2022-3652: Type Confusion in V8. - CVE-2022-3653: Heap buffer overflow in Vulkan. - CVE-2022-3654: Use after free in Layout. - CVE-2022-3655: Heap buffer overflow in Media Galleries. - CVE-2022-3656: Insufficient data validation in File System. - CVE-2022-3657: Use after free in Extensions. - CVE-2022-3658: Use after free in Feedback service on Chrome OS. - CVE-2022-3659: Use after free in Accessibility. - CVE-2022-3660: Inappropriate implementation in Full screen mode. - CVE-2022-3661: Insufficient data validation in Extensions. * Sat Oct 29 2022 Fr. Br. George 106.0.5249.119-alt1 - GOST version * Thu Oct 13 2022 Alexey Gladkov 106.0.5249.119-alt1 - New version (106.0.5249.119). - Security fixes: - CVE-2022-3445: Use after free in Skia. - CVE-2022-3446: Heap buffer overflow in WebSQL. - CVE-2022-3447: Inappropriate implementation in Custom Tabs. - CVE-2022-3448: Use after free in Permissions API. - CVE-2022-3449: Use after free in Safe Browsing. - CVE-2022-3450: Use after free in Peer Connection. * Thu Oct 13 2022 Fr. Br. George 106.0.5249.103-alt1 - GOST version * Mon Oct 10 2022 Alexey Gladkov 106.0.5249.103-alt1 - New version (106.0.5249.103). - Security fixes: - CVE-2022-3370: Use after free in Custom Elements. - CVE-2022-3373: Out of bounds write in V8. * Wed Sep 28 2022 Alexey Gladkov 106.0.5249.61-alt1 - New version (106.0.5249.61). - Security fixes: - CVE-2022-3201: Insufficient validation of untrusted input in Developer Tools. - CVE-2022-3304: Use after free in CSS. - CVE-2022-3305: Use after free in Survey. - CVE-2022-3306: Use after free in Survey. - CVE-2022-3307: Use after free in Media. - CVE-2022-3308: Insufficient policy enforcement in Developer Tools. - CVE-2022-3309: Use after free in Assistant. - CVE-2022-3310: Insufficient policy enforcement in Custom Tabs. - CVE-2022-3311: Use after free in Import. - CVE-2022-3312: Insufficient validation of untrusted input in VPN. - CVE-2022-3313: Incorrect security UI in Full Screen. - CVE-2022-3314: Use after free in Logging. - CVE-2022-3315: Type confusion in Blink. - CVE-2022-3316: Insufficient validation of untrusted input in Safe Browsing. - CVE-2022-3317: Insufficient validation of untrusted input in Intents. - CVE-2022-3318: Use after free in ChromeOS Notifications. * Mon Sep 05 2022 Alexey Gladkov 105.0.5195.102-alt1 - New version (105.0.5195.102). - Security fixes: - CVE-2022-3075: Insufficient data validation in Mojo. * Thu Sep 01 2022 Alexey Gladkov 105.0.5195.52-alt1 - New version (105.0.5195.52). - Security fixes: - CVE-2022-3038: Use after free in Network Service. - CVE-2022-3039: Use after free in WebSQL. - CVE-2022-3040: Use after free in Layout. - CVE-2022-3041: Use after free in WebSQL. - CVE-2022-3042: Use after free in PhoneHub. - CVE-2022-3043: Heap buffer overflow in Screen Capture. - CVE-2022-3044: Inappropriate implementation in Site Isolation. - CVE-2022-3045: Insufficient validation of untrusted input in V8. - CVE-2022-3046: Use after free in Browser Tag. - CVE-2022-3047: Insufficient policy enforcement in Extensions API. - CVE-2022-3048: Inappropriate implementation in Chrome OS lockscreen. - CVE-2022-3049: Use after free in SplitScreen. - CVE-2022-3050: Heap buffer overflow in WebUI. - CVE-2022-3051: Heap buffer overflow in Exosphere. - CVE-2022-3052: Heap buffer overflow in Window Manager. - CVE-2022-3053: Inappropriate implementation in Pointer Lock. - CVE-2022-3054: Insufficient policy enforcement in DevTools. - CVE-2022-3055: Use after free in Passwords. - CVE-2022-3056: Insufficient policy enforcement in Content Security Policy. - CVE-2022-3057: Inappropriate implementation in iframe Sandbox. - CVE-2022-3058: Use after free in Sign-In Flow. - CVE-2022-3071: Use after free in Tab Strip. * Sat Jun 25 2022 Alexey Gladkov 103.0.5060.53-alt1 - New version (103.0.5060.53). - Security fixes: - CVE-2022-2156: Use after free in Base. - CVE-2022-2157: Use after free in Interest groups. - CVE-2022-2158: Type Confusion in V8. - CVE-2022-2160: Insufficient policy enforcement in DevTools. - CVE-2022-2161: Use after free in WebApp Provider. - CVE-2022-2162: Insufficient policy enforcement in File System API. - CVE-2022-2163: Use after free in Cast UI and Toolbar. - CVE-2022-2164: Inappropriate implementation in Extensions API. - CVE-2022-2165: Insufficient data validation in URL formatting. * Wed Jun 15 2022 Slava Aseev 102.0.5005.61-alt1.p10.1 crystal-open - Sketch Engine web interface [37M] * Sun Nov 14 2021 Kirill Maslinsky 2.14-alt6 - fix build: repackage node_modules - update dependency on sass-loader to ^11.1.0 * Mon Dec 21 2020 Kirill Maslinsky 2.14-alt5 dotnet-aspnetcore-3.1 - ASP.NET Core is a cross-platform .NET framework for building modern cloud-based web application * Mon Mar 13 2023 Vitaly Lipatov 3.1.32-alt1 - ASP.NET Core 3.1.32 - CVE-2022-38013: .NET Denial of Service Vulnerability * Sun Oct 16 2022 Vitaly Lipatov 3.1.26-alt1 dotnet-aspnetcore-5.0 - ASP.NET is a cross-platform .NET framework for building modern cloud-based web application * Mon Mar 13 2023 Vitaly Lipatov 5.0.17-alt1 - ASP.NET 5.0.17 * Sat Apr 02 2022 Vitaly Lipatov 5.0.15-alt1 - ASP.NET 5.0.15 * Sat Feb 12 2022 Vitaly Lipatov 5.0.14-alt1 dotnet-aspnetcore-7.0 - ASP.NET is a cross-platform .NET framework for building modern cloud-based web application * Mon Mar 13 2023 Vitaly Lipatov 7.0.3-alt1 - ASP.NET 7.0.3 * Tue Dec 27 2022 Vitaly Lipatov 7.0.1-alt1 dotnet-bootstrap-3.1 - .NET Core SDK binaries [150M] * Sun Mar 12 2023 Vitaly Lipatov 3.1.32-alt1 - .NET Core 3.1.32 and .NET Core SDK 3.1.426 releases - CVE-2022-41089: .NET Remote Code Execution Vulnerability - CVE-2022-41032: .NET Elevation of Privilege Vulnerability - CVE-2022-38013: .NET Denial of Service Vulnerability - CVE-2022-34716: .NET Information Disclosure Vulnerability * Fri Aug 05 2022 Vitaly Lipatov 3.1.26-alt1 dotnet-bootstrap-5.0 - .NET Core SDK binaries [173M] * Sun Mar 12 2023 Vitaly Lipatov 5.0.17-alt1 - new version (5.0.17) with rpmgs script - CVE-2022-29117: .NET Denial of Service Vulnerability - CVE-2022-29145: .NET Denial of Service Vulnerability - CVE-2022-23267: .NET Denial of Service Vulnerability * Sat Apr 02 2022 Vitaly Lipatov 5.0.15-alt1 - The .NET 5.0.15 and .NET 5.0.406 SDK releases - CVE-2022-24464 : .NET Denial of Service Vulnerability - CVE-2022-24512 : .NET Remote Code Execution Vulnerability - CVE-2020-8927 : .NET Remote Code Execution Vulnerability * Sat Feb 12 2022 Vitaly Lipatov 5.0.14-alt1 dotnet-bootstrap-7.0 - .NET Core SDK binaries [236M] * Mon Mar 13 2023 Vitaly Lipatov 7.0.3-alt1 - The .NET 7.0.3 and .NET SDK 7.0.103 releases - CVE-2023-21808: .NET Remote Code Execution Vulnerability * Tue Dec 27 2022 Vitaly Lipatov 7.0.1-alt1 dotnet-coreclr-3.1 - .NET Core runtime, called CoreCLR, and the base library, called mscorlib [22M] * Sun Mar 12 2023 Vitaly Lipatov 3.1.32-alt1 - .NET Core 3.1.32 - CVE-2022-41089: .NET Remote Code Execution Vulnerability - CVE-2022-41032: .NET Elevation of Privilege Vulnerability - CVE-2022-34716: .NET Information Disclosure Vulnerability * Thu Oct 13 2022 Vitaly Lipatov 3.1.26-alt1 dotnet-corefx-3.1 - .NET Core foundational libraries, called CoreFX [18M] * Sun Mar 12 2023 Vitaly Lipatov 3.1.32-alt1 - .NET Core 3.1.32 * Sun Oct 16 2022 Vitaly Lipatov 3.1.26-alt1 dotnet-hostfxr-3.1 - Installer packages for the .NET Core runtime and libraries * Sun Mar 12 2023 Vitaly Lipatov 3.1.32-alt1 - .NET Core 3.1.32 * Sun Oct 16 2022 Vitaly Lipatov 3.1.26-alt1 dotnet-runtime-5.0 - Microsoft .NET Runtime and Microsoft.NETCore.App [43M] * Mon Mar 13 2023 Vitaly Lipatov 5.0.17-alt1 - new version (5.0.17) with rpmgs script - CVE-2022-29117: .NET Denial of Service Vulnerability - CVE-2022-29145: .NET Denial of Service Vulnerability - CVE-2022-23267: .NET Denial of Service Vulnerability * Sat Apr 02 2022 Vitaly Lipatov 5.0.15-alt1 - new version (5.0.15) with rpmgs script - CVE-2022-24464 : .NET Denial of Service Vulnerability - CVE-2022-24512 : .NET Remote Code Execution Vulnerability - CVE-2020-8927 : .NET Remote Code Execution Vulnerability * Sat Feb 12 2022 Vitaly Lipatov 5.0.14-alt1 dotnet-runtime-7.0 - Microsoft .NET Runtime and Microsoft.NETCore.App [47M] * Mon Mar 13 2023 Vitaly Lipatov 7.0.3-alt1 - .NET 7.0.1 - CVE-2023-21808: .NET Remote Code Execution Vulnerability - restore build and pack singlefilehost * Tue Dec 27 2022 Vitaly Lipatov 7.0.1-alt1 dotnet-sdk-3.1 - SDK for the .NET Core 3.1 * Sun Mar 12 2023 Vitaly Lipatov 3.1.426-alt1 - .NET Core SDK 3.1.426 - remove Conflicts: dotnet-sdk * Sun Oct 16 2022 Vitaly Lipatov 3.1.420-alt1 dotnet-sdk-5.0 - SDK for the .NET * Mon Mar 13 2023 Vitaly Lipatov 5.0.408-alt1 - .NET SDK 5.0.408 * Sat Apr 02 2022 Vitaly Lipatov 5.0.406-alt1 - .NET SDK 5.0.406 * Sat Feb 12 2022 Vitaly Lipatov 5.0.405-alt1 dotnet-sdk-7.0 - SDK for the .NET * Mon Mar 13 2023 Vitaly Lipatov 7.0.103-alt1 - .NET SDK 7.0.103 * Tue Dec 27 2022 Vitaly Lipatov 7.0.101-alt1 fuse-sshfs - SSH filesystem using FUSE * Sat Apr 16 2022 Vladimir D. Seleznev 3.7.2.0.7.gita2054a2-alt2 - Drop rst2man patch, see https://bugzilla.altlinux.org/41784. * Mon Jan 24 2022 Vladimir D. Seleznev 3.7.2.0.7.gita2054a2-alt1 - Updated to sshfs-3.7.2-7-ga2054a2. * Sun Apr 04 2021 Vladimir D. Seleznev 3.7.1.0.3.git6c1b92d-alt1 gyp - A fork of the GYP build system for use in the Node.js projects * Mon Jan 24 2022 Vitaly Lipatov 0.10.1-alt1 - new version 0.10.1 (with rpmrb script) * Fri Dec 17 2021 Vitaly Lipatov 0.10.0-alt1 - switch to gyp-next (a maintained fork of gyp) * Thu Jan 16 2020 Vitaly Lipatov 0.1.h.e87d37d6-alt1 imagescan - EPSON Image Scan v3 front-end for scanners and all-in-ones [12M] * Sun Dec 25 2022 Andrey Cherepanov 3.65.0-alt3 - FTBFS: fixed build with new version of sane package. * Sat Jan 16 2021 Ilya Kurdyukov 3.65.0-alt2 - Added fix for Elbrus build. * Sat Jan 16 2021 Andrey Cherepanov 3.65.0-alt1 libcamera - A complex camera support library for Linux * Sun Feb 05 2023 Yuri N. Sedunov 1:0.0.4-alt1 - 0.0.4 * Mon Dec 26 2022 Yuri N. Sedunov 1:0.0.3-alt1 - updated to v0.0.3-10-g0a8ac1ee * Thu Nov 24 2022 Yuri N. Sedunov 1:0.0.2-alt1 - 0.0.2 * Mon Oct 17 2022 Yuri N. Sedunov 1:0.0.1-alt1 - v0.0.1 release * Thu Sep 16 2021 Ilya Kurdyukov 0.0.20210204-alt3 - fixes for Elbrus build * Fri Apr 02 2021 Sergey Bolshakov 0.0.20210204-alt2 libuv - Evented I/O for NodeJS * Thu Mar 09 2023 Andrey Cherepanov 1.44.2-alt0.p10.1 - Backported new version to p10 branch without tests. * Sun Jul 17 2022 Vitaly Lipatov 1.44.2-alt1 - new version 1.44.2 (with rpmrb script) * Sun Apr 03 2022 Vitaly Lipatov 1.44.1-alt1 - new version 1.44.1 (with rpmrb script) * Sun Feb 13 2022 Vitaly Lipatov 1.43.0-alt1 - new version 1.43.0 (with rpmrb script) * Sat Aug 14 2021 Vitaly Lipatov 1.42.0-alt1 node - Evented I/O for V8 Javascript [38M] * Wed Nov 23 2022 Vitaly Lipatov 16.18.1-alt1 - new version 16.18.1 (with rpmrb script) - CVE-2022-43548: DNS rebinding in --inspect via invalid octal IP address (Medium) * Sun Oct 16 2022 Vitaly Lipatov 16.18.0-alt1 - new version 16.18.0 (with rpmrb script) - set npm >= 8.19.2 * Fri Sep 30 2022 Vitaly Lipatov 16.17.1-alt1 - new version 16.17.1 (with rpmrb script) - set npm >= 8.15.0 - CVE-2022-32212: DNS rebinding in --inspect on macOS (High) - CVE-2022-32213: bypass via obs-fold mechanic (Medium) - CVE-2022-35255: Weak randomness in WebCrypto keygen - CVE-2022-35256: HTTP Request Smuggling - Incorrect Parsing of Header Fields (Medium) * Tue Jul 12 2022 Vitaly Lipatov 16.16.0-alt1 - new version 16.16.0 (with rpmrb script) - set openssl >= 1.1.1q - set npm >= 8.11.0 * Wed Apr 27 2022 Vitaly Lipatov 16.15.0-alt1 - new version 16.15.0 (with rpmrb script) - set npm >= 8.5.5 * Tue Apr 26 2022 Alexey Shabalin 16.14.2-alt2 - build with system brotli - add corepack package, but build without * Sat Apr 23 2022 Vitaly Lipatov 16.14.2-alt1 - new version 16.14.2 (with rpmrb script) - set openssl >= 1.1.1n - CVE-2022-0778: Infinite loop in BN_mod_sqrt() reachable when parsing certificates (High) * Sat Apr 23 2022 Vitaly Lipatov 16.14.1-alt1 - new version 16.14.1 (with rpmrb script) - set npm >= 8.5.0 * Fri Mar 18 2022 Vitaly Lipatov 16.13.2-alt1 - new version 16.13.2 (with rpmrb script) - set npm >= 8.3.1 - set libuv >= 1.43.0 - CVE-2021-44531: Improper handling of URI Subject Alternative Names (Medium) - CVE-2021-44532: Certificate Verification Bypass via String Injection (Medium) - CVE-2021-44533: Incorrect handling of certificate subject and issuer fields (Medium) - CVE-2022-21824: Prototype pollution via console.table properties (Low) * Fri Dec 17 2021 Vitaly Lipatov 16.13.1-alt1 - new LTS version 16.13.1 (with rpmrb script) * Fri Dec 17 2021 Vitaly Lipatov 14.18.2-alt1 Note: changelog entry for 14.21.1-alt1 not found. node-canvas - node-canvas is a Cairo-backed Canvas implementation for Node.js [11M] * Mon Dec 20 2021 Vitaly Lipatov 2.8.0-alt1 - new version 2.8.0 (with rpmrb script) * Mon Oct 12 2020 Vitaly Lipatov 2.7.0-alt1 node-nan - Native Abstractions for Node.js * Thu Aug 04 2022 Vitaly Lipatov 2.16.0-alt1 - new version 2.16.0 (with rpmrb script) * Sun Dec 19 2021 Vitaly Lipatov 2.15.0-alt1 - new version 2.15.0 (with rpmrb script) * Wed Oct 28 2020 Vitaly Lipatov 2.14.2-alt3 node-nyc - The Istanbul command line interface * Fri Aug 26 2022 Vitaly Lipatov 15.1.0-alt2 - use production node_modules instead of prune development one * Thu Dec 23 2021 Vitaly Lipatov 15.1.0-alt1 - new version 15.1.0 (with rpmrb script) * Fri May 29 2020 Vitaly Lipatov 15.0.1-alt1 node-sass - Node.js bindings to libsass * Thu Mar 31 2022 Vitaly Lipatov 7.0.0-alt2 - update node_modules, fix build * Fri Mar 18 2022 Vitaly Lipatov 7.0.0-alt1 - new version 7.0.0 (with rpmrb script) * Fri Sep 03 2021 Vitaly Lipatov 6.0.1-alt1 - new version 6.0.1 (with rpmrb script) * Thu Nov 12 2020 Vitaly Lipatov 4.14.1-alt3 node-uglify-js - JavaScript parser, minifier, compressor and beautifier toolkit * Fri Aug 26 2022 Vitaly Lipatov 3.17.0-alt1 - new version 3.17.0 (with rpmrb script) - disable node_modules packing (no extra deps as for 3.17) * Fri May 29 2020 Vitaly Lipatov 3.9.4-alt1 npm - A package manager for node [65M] * Fri Oct 21 2022 Vitaly Lipatov 8.19.2-alt2 - fix npm config get user-agent output (ALT bug 43430) * Sun Oct 16 2022 Vitaly Lipatov 8.19.2-alt1 - new version 8.19.2 (with rpmrb script) * Fri Sep 30 2022 Vitaly Lipatov 8.15.0-alt1 - new version 8.15.0 (with rpmrb script) * Wed Aug 03 2022 Vitaly Lipatov 8.11.0-alt2 - drop node-gyp deps (ALT bug 42036) - remove unused scripts makes extra deps * Tue Jul 12 2022 Vitaly Lipatov 8.11.0-alt1 - new version 8.11.0 (with rpmrb script) * Wed Apr 27 2022 Vitaly Lipatov 8.5.5-alt1 - new version 8.5.5 (with rpmrb script) * Sat Apr 23 2022 Vitaly Lipatov 8.5.0-alt1 - new version 8.5.0 (with rpmrb script) * Thu Mar 31 2022 Vitaly Lipatov 8.3.1-alt3 - disable update notifier * Thu Mar 17 2022 Vitaly Lipatov 8.3.1-alt2 - drop tests from new workspaces libs (ALT bug 42037) - don't pack symlinks (ALT bug 42000) * Sun Feb 13 2022 Vitaly Lipatov 8.3.1-alt1 - new version 8.3.1 (with rpmrb script) * Sun Dec 19 2021 Vitaly Lipatov 8.1.2-alt1 - new version 8.1.2 for node 16 LTS (with rpmrb script) * Wed Sep 01 2021 Vitaly Lipatov 6.14.15-alt1 Note: changelog entry for 6.14.17-alt1 not found. ocaml-luv - Binding to libuv for ocaml: cross-platform asynchronous I/O * Sun Feb 20 2022 Anton Farygin 0.5.11-alt1 - 0.5.11 * Mon Aug 16 2021 Anton Farygin 0.5.10-alt1 pipewire - Media Sharing Server * Mon Feb 27 2023 Yuri N. Sedunov 0.3.66-alt2 - updated media-session to 0.4.2 (ALT #45411) * Thu Feb 16 2023 Yuri N. Sedunov 0.3.66-alt1 - 0.3.66 * Thu Jan 26 2023 Yuri N. Sedunov 0.3.65-alt1 - updated to 0.3.65 + media-session-0.4.1-22-g8ca57ad13 * Thu Dec 15 2022 Yuri N. Sedunov 0.3.63-alt1 - updated to 0.3.63-2-gf7c49bbdd * Fri Dec 09 2022 Yuri N. Sedunov 0.3.62-alt1 - 0.3.62 * Thu Nov 24 2022 Yuri N. Sedunov 0.3.61-alt1 - 0.3.61 * Thu Nov 10 2022 Yuri N. Sedunov 0.3.60-alt1 - 0.3.60-2-g518ccdf62 + media-session-0.4.1-15-ge380ca4d7 * Mon Oct 17 2022 Yuri N. Sedunov 0.3.59-alt2 - enabled libcamera support again - enabled LC3 BT codec support * Fri Sep 30 2022 Yuri N. Sedunov 0.3.59-alt1 - 0.3.59 * Fri Sep 02 2022 Yuri N. Sedunov 0.3.57-alt1 - updated to 0.3.57-3-g3f6fe3920 * Tue Jul 19 2022 Yuri N. Sedunov 0.3.56-alt1 - 0.3.56 * Tue Jul 12 2022 Yuri N. Sedunov 0.3.55-alt1 - 0.3.55 * Thu Jul 07 2022 Yuri N. Sedunov 0.3.54-alt1 - 0.3.54 * Thu Jun 30 2022 Yuri N. Sedunov 0.3.53-alt1 - 0.3.53 * Thu Jun 09 2022 Yuri N. Sedunov 0.3.52-alt1 - 0.3.52 * Thu Apr 28 2022 Yuri N. Sedunov 0.3.51-alt1 - updated to 0.3.51-2-gb7845bd70 * Wed Apr 13 2022 Yuri N. Sedunov 0.3.50-alt1 - updated to 0.3.50-2-g339c22dce * Tue Mar 29 2022 Yuri N. Sedunov 0.3.49-alt1.1 - 0.3.49 + media-session-0.4.1-10-gf71506321 * Sat Mar 05 2022 Yuri N. Sedunov 0.3.48-alt1.1 - pw-reserve is a tool, not example * Thu Mar 03 2022 Yuri N. Sedunov 0.3.48-alt1 - updated to 0.3.48-3-gce2f1b373 * Wed Mar 02 2022 Yuri N. Sedunov 0.3.47-alt1 - 0.3.47 * Thu Jan 27 2022 Yuri N. Sedunov 0.3.44-alt1 - updated to 0.3.44-4-gbb5c43b5b + media-session-0.4.1-8-gc0d036ebd * Wed Jan 05 2022 Yuri N. Sedunov 0.3.43-alt1 - updated to 0.3.43-3-gaf11fb480 * Tue Dec 14 2021 Yuri N. Sedunov 0.3.41-alt1 - 0.3.41 * Fri Nov 12 2021 Yuri N. Sedunov 0.3.40-alt1 python3-module-flask-restx - Flask-RESTX is a community driven fork of Flask-RESTPlus * Mon Mar 13 2023 Danil Shein 1.1.0-alt1 - new version 1.1.0 + update SwaggerUI * Wed Nov 30 2022 Danil Shein 1.0.3-alt1 sane - This package contains the SANE docs and utils * Thu Dec 29 2022 Nikolai Kostrigin 1.1.1-alt2 - add alt-update-ru-translation patch + refer to https://gitlab.com/sane-project/backends/-/merge_requests/775 * Mon Dec 19 2022 Vitaly Lipatov 1.1.1-alt1 - new version 1.1.1 (with rpmrb script) (closes: #42408) * Mon Jun 27 2022 Nikolai Kostrigin 1.0.32-alt4 Total 18052 source packages.