[cyber] I: p10/branch packages: +3! +11 (18678)

[cyber] I: p10/branch packages: +3! +11 (18678)

[QA Team Robot]

	3 ADDED packages

branding-alt-platform-builder - System/Base
* Wed Nov 29 2023 Andrey Cherepanov <cas@altlinux> 10-alt0.3
- Rename to alt-platform-builder
- Modernizate ahttpd theme (thanks arbars@)
* Sun Nov 26 2023 Anton Midyukov <antohami@altlinux> 10-alt0.2

edk2-loongarch64 - UEFI firmware for loongarch virtual machines 	[69M]
* Mon Nov 13 2023 Alexey Sheplyakov <asheplyakov@altlinux> 202308-alt1
- Initial build

modbus-utils - CLI utilities to work with Modbus devices
* Tue Aug 10 2021 Aleksey Saprunov <sav@altlinux> 1.0.0-alt1
- Initial release

	11 UPDATED packages

alterator-mirror - local mirrors setup and maintainance
* Mon Dec 04 2023 Andrey Cherepanov <cas@altlinux> 0.4.10-alt1
- Supported allowed repo names in /etc/alterator/mirror/allowed.
- Fixed regexp for custom url (ALT #43503).
- Added alterator-mirror-allowed package with allowed repositories.
* Tue Apr 07 2020 Andrey Cherepanov <cas@altlinux> 0.4.9-alt1

glpi - IT and asset management software                         	[55M]
* Sun Oct 01 2023 Pavel Zilke <zidex@altlinux> 10.0.10-alt1
- New version 10.0.10
- This release fixes a security issue that has been recently discovered. Update is recommended!
- Security fixes:
 + CVE-2023-42802 : Unallowed PHP script execution
 + CVE-2023-41320 : Account takeover via SQL Injection in UI layout preferences
 + CVE-2023-41326 : Account takeover via Kanban feature
 + CVE-2023-41324 : Account takeover through API
 + CVE-2023-42462 : File deletion through document upload process
 + CVE-2023-41321 : Sensitive fields enumeration through API
 + CVE-2023-41322 : Privilege Escalation from technician to super-admin
 + CVE-2023-41323 : Users login enumeration by unauthenticated user
 + CVE-2023-41888 : Phishing through a login page malicious URL
 + CVE-2023-42461 : SQL injection in ITIL actors
* Thu Jul 13 2023 Pavel Zilke <zidex@altlinux> 10.0.9-alt1
- New version 10.0.9
- This release fixes several security issues that has been recently discovered. Update is recommended!
- Security fixes:
 + CVE-2023-37278 : SQL injection in dashboard administration
- Deleted glpi-php7
* Thu Jul 13 2023 Pavel Zilke <zidex@altlinux> 10.0.8-alt1
- New version 10.0.8
- This release fixes several security issues that has been recently discovered. Update is recommended!
- Security fixes:
 + CVE-2023-35924 : SQL injection via inventory agent request
 + CVE-2023-36808 : SQL injection through Computer Virtual Machine information
 + CVE-2023-35939 : Unauthorized access to Dashboard data
 + CVE-2023-35940 : Unauthenticated access to Dashboard data
 + CVE-2023-34244 : Reflected XSS in search pages
 + CVE-2023-34107 : Unauthorized access to knowledge base items
 + CVE-2023-34106 : Unauthorized access to user data
* Sat May 13 2023 Pavel Zilke <zidex@altlinux> 10.0.7-alt1
- New version 10.0.7
- This release fixes several security issues that has been recently discovered. Update is recommended!
- Security fixes:
 + CVE-2023-28849 : SQL injection and Stored XSS via inventory agent request
 + CVE-2023-28632 : Account takeover by authenticated user
 + CVE-2023-28838 : SQL injection through dynamic reports
 + CVE-2023-28852 : Stored XSS through dashboard administration
 + CVE-2023-28636 : Stored XSS on external links
 + CVE-2023-28639 : Reflected XSS in search pages
 + CVE-2023-28634 : Privilege Escalation from technician to super-admin
 + CVE-2023-28633 : Blind Server-Side Request Forgery (SSRF) in RSS feeds
* Tue Jan 24 2023 Pavel Zilke <zidex@altlinux> 10.0.6-alt1
- New version 10.0.6
- This release fixes several security issues that has been recently discovered. Update is recommended!
- Security fixes:
 + CVE-2023-22500 : Unauthorized access to inventory files
 + CVE-2023-22722 : XSS on browse views
 + CVE-2023-22725 : XSS on external links
 + CVE-2023-22724 : XSS in RSS Description Link
 + CVE-2023-23610 : Unauthorized access to data export
 + CVE-2022-41941 : Stored XSS inside Standard Interface Help Link href attribute
- Added glpi-php8.2
* Fri Nov 04 2022 Pavel Zilke <zidex@altlinux> 10.0.5-alt1
- New version 10.0.5
- This release fixes several security issues that has been recently discovered. Update is recommended!
- Security fixes:
 + CVE-2022-39276 : Blind SSRF in RSS feeds and planning
 + CVE-2022-39372 : Stored XSS in user information
 + CVE-2022-39373 : Stored XSS in entity name
 + CVE-2022-39376 : Improper input validation on emails links
 + CVE-2022-39370 : Improper access to debug panel
 + CVE-2022-39234 : User's session persist after permanently deleting his account
 + CVE-2022-39262 : Stored XSS on login page
 + CVE-2022-39277 : XSS in external links
 + CVE-2022-39375 : XSS through public RSS feed
 + CVE-2022-39323 : SQL Injection on REST API
 + CVE-2022-39371 : Stored XSS through asset inventory
* Wed Sep 14 2022 Pavel Zilke <zidex@altlinux> 10.0.3-alt1
- New version 10.0.3
- This release fixes several critical security issues that has been recently discovered. Update is strongly recommended!
- Security fixes:
 + CVE-2022-35945 : XSS through registration API
 + CVE-2022-31143 : Leak of sensitive information through login page error
 + CVE-2022-31187 : Stored XSS through global search (CVE-2022-31187)
 + CVE-2022-35914 : [critical] Command injection using a third-party library script
 + CVE-2022-35946 : SQL injection through plugin controller
 + CVE-2022-35947 : [critical] Authentication via SQL injection
 + CVE-2022-36112 : Blind Server-Side Request Forgery (SSRF) in RSS feeds and planning
* Fri Jul 22 2022 Pavel Zilke <zidex@altlinux> 10.0.2-alt1
- New version 10.0.2
- This is a security release, upgrading is recommended
- Security fixes:
 + CVE-2022-31061 : Unauthenticated SQL injection on login page
 + CVE-2022-31056 : SQL injection on actor part in assistance forms
 + CVE-2022-31068 : Unauthenticated Sensitive Data Exposure on Refused Inventory Files
* Fri Jun 10 2022 Pavel Zilke <zidex@altlinux> 10.0.1-alt1
- New version 10.0.1
- This is a security release, upgrading is recommended
- The GLPI licence has been moved to GPLv3+
* Wed Apr 20 2022 Pavel Zilke <zidex@altlinux> 10.0.0-alt1
- New version 10.0.0
- Added glpi-php8.0
- Added glpi-php8.1
* Thu Jan 27 2022 Pavel Zilke <zidex@altlinux> 9.5.7-alt1
Note: changelog entry for 9.5.13-alt1 not found.

glpi-agent - GLPI Agent
* Tue Nov 21 2023 Andrey Cherepanov <cas@altlinux> 1.6.1-alt1
- New version.
* Thu Nov 16 2023 Andrey Cherepanov <cas@altlinux> 1.6-alt1
- New version.
- Added EnvironmentFile to service.
* Sat Jun 24 2023 Andrey Cherepanov <cas@altlinux> 1.5-alt1
- New version.
* Mon Feb 06 2023 Andrey Cherepanov <cas@altlinux> 1.4-alt2

java-17-openjdk - OpenJDK 17 Runtime Environment                	[63M]
* Tue Dec 05 2023 Andrey Cherepanov <cas@altlinux> 0:17.0.9.0.9-alt1
- New version (fixes CVE-2023-22081 and CVE-2023-22025).
* Mon Sep 04 2023 Andrey Cherepanov <cas@altlinux> 0:17.0.8.0.7-alt2
- Replaced %majorver by %featurever in desktop files (ALT #47000).
- Fixed %priotity.
* Thu Aug 24 2023 Andrey Cherepanov <cas@altlinux> 0:17.0.8.0.7-alt1

nextcloud - Cloud platform                                      	[124M]
* Mon Dec 04 2023 Andrey Cherepanov <cas@altlinux> 26.0.9-alt0.p10.1
- New version (fixes CVE-2023-48306, CVE-2023-48305, CVE-2023-48304,
  CVE-2023-48303, CVE-2023-48302, CVE-2023-48301, CVE-2023-48239,
  CVE-2023-45148, CVE-2023-39963, CVE-2023-39962, CVE-2023-39961,
  CVE-2023-39960, CVE-2023-39959, CVE-2023-39958, CVE-2023-39952,
  CVE-2023-35928, CVE-2023-35927, CVE-2023-35172, CVE-2023-35171,
  CVE-2023-32320, CVE-2023-32319, CVE-2023-32318)
* Mon Mar 27 2023 Andrey Cherepanov <cas@altlinux> 26.0.0-alt1

papirus-icon-theme - All Papirus icon themes                    	[21M]
* Sat Dec 02 2023 Kirill Izmestev <felixz@altlinux> 20231201-alt1
- New version.
* Thu Nov 16 2023 Kirill Izmestev <felixz@altlinux> 20231101-alt2

plasma5-polkit-kde-agent - KDE Workspace 5 PolicyKit authentication agent
* Thu Nov 30 2023 Sergey V Turchin <zerg@altlinux> 1:5.27.9-alt3
- select any user if not selected by default
* Thu Nov 02 2023 Sergey V Turchin <zerg@altlinux> 1:5.27.9-alt2
- dont force alternate placement
* Thu Oct 26 2023 Sergey V Turchin <zerg@altlinux> 1:5.27.9-alt1

portproton - Installer for PortProton
* Fri Nov 24 2023 Mikhail Tergoev <fidel@altlinux> 1.3-alt1
- updated to v1.3
* Sat Nov 11 2023 Mikhail Tergoev <fidel@altlinux> 1.2-alt1
- updated to v1.2
- updated icon file (png to svg)
* Fri Nov 10 2023 Mikhail Tergoev <fidel@altlinux> 1.1-alt1
- updated to v1.1
- added gitlab.eterfund.ru for download scripts
- added installation path selection
- update desktop file
* Fri May 19 2023 Vitaly Lipatov <lav@altlinux> 1.0-alt3

python3-module-simple-term-menu - A Python package which creates simple interactive menus on the command line
* Fri Dec 01 2023 Alexander Makeenkov <amakeenk@altlinux> 1.6.3-alt1
- Updated to version 1.6.3.
* Mon Mar 27 2023 Alexander Makeenkov <amakeenk@altlinux> 1.6.1-alt1

rpm-macros-branding - RPM helper macros to build branding packages
* Thu Nov 23 2023 Anton Midyukov <antohami@altlinux> 1.0.9-alt1
- Added alt-platform-builder
* Fri Jun 09 2023 Roman Alifanov <ximper@altlinux> 1.0.8-alt1
- NMU: Added etersoft-ximper (ALT bug 47384)
* Fri Jul 29 2022 Andrey Cherepanov <cas@altlinux> 1.0.7-alt1

xfce4-power-manager - Power management for the Xfce desktop environment
* Thu Nov 30 2023 Mikhail Efremov <sem@altlinux> 4.18.3-alt1
- Dropped %xfce4_drop_gitvtag macro.
- Required libxfce4ui >= 4.18.4.
- Updated to 4.18.3.
* Tue May 30 2023 Mikhail Efremov <sem@altlinux> 4.18.2-alt1

Total 18678 source packages.