[cyber] I: p10/branch packages: -1 +18 (18722)

[cyber] I: p10/branch packages: -1 +18 (18722)

[QA Team Robot]

	1 REMOVED package

telegram-desktop	3.2.5-alt1.1

	18 UPDATED packages

bind - ISC BIND - DNS server
* Tue Feb 13 2024 Stanislav Levin <slev@altlinux> 9.16.48-alt1
- 9.16.44 -> 9.16.48.
* Wed Sep 20 2023 Stanislav Levin <slev@altlinux> 9.16.44-alt1

bind-dyndb-ldap - LDAP back-end plug-in for BIND
* Wed Feb 14 2024 Stanislav Levin <slev@altlinux> 11.10-alt5
- Fixed build with bind 9.18.24.
* Tue Oct 24 2023 Stanislav Levin <slev@altlinux> 11.10-alt4
- Fixed build with bind 9.18.19.
* Mon Jan 16 2023 Stanislav Levin <slev@altlinux> 11.10-alt3

branding-alt-workstation - System/Base
* Wed Feb 14 2024 Mikhail Efremov <sem@altlinux> 10.2-alt1
- slideshow: Fix Telegram link.
- indexhtml: Fix Telegram link.
- indexhtml: Add mail lists link.
* Tue Dec 26 2023 Mikhail Efremov <sem@altlinux> 10.1.990-alt1

glpi - IT and asset management software                         	[55M]
* Fri Feb 02 2024 Pavel Zilke <zidex@altlinux> 10.0.12-alt1
- New version 10.0.12
- This release fixes a security issue that has been recently discovered. Update is recommended!
- Security fixes:
 + CVE-2024-23645 : Reflected XSS in reports pages
 + CVE-2023-51446 : LDAP Injection during authentication ()
* Tue Dec 19 2023 Pavel Zilke <zidex@altlinux> 10.0.11-alt2

libldb - A schema-less, ldap like, API and database
* Mon Nov 06 2023 Evgeny Sinelnikov <sin@altlinux> 2.8.0-alt1
- Update to the 2.8.0 for samba-4.19.x releases
* Tue Jul 11 2023 Evgeny Sinelnikov <sin@altlinux> 2.7.2-alt1
- Update to the 2.7.2 for samba-4.18.x releases
* Wed Mar 29 2023 Evgeny Sinelnikov <sin@altlinux> 2.6.2-alt1

libtalloc - The talloc library
* Mon Nov 06 2023 Evgeny Sinelnikov <sin@altlinux> 1:2.4.1-alt1
- Update to latest release for samba-4.19
* Tue Sep 26 2023 Ivan A. Melnikov <iv@altlinux> 1:2.4.0-alt1.1
- NMU: drop python2 from BR
* Mon May 29 2023 Grigory Ustinov <grenka@altlinux> 1:2.4.0-alt1
- Build new version for python3.11 (release for samba-4.18).
* Sat Sep 17 2022 Evgeny Sinelnikov <sin@altlinux> 1:2.3.4-alt1

libtdb - A trivial database system
* Mon Nov 06 2023 Evgeny Sinelnikov <sin@altlinux> 1.4.9-alt1
- Update to release for samba-4.19
* Mon May 29 2023 Grigory Ustinov <grenka@altlinux> 1.4.8-alt1
- Build new version for python3.11 (release for samba-4.18).
* Sat Sep 17 2022 Evgeny Sinelnikov <sin@altlinux> 1.4.7-alt1

libtevent - The tevent library
* Mon Nov 06 2023 Evgeny Sinelnikov <sin@altlinux> 0.15.0-alt1
- New version for samba-4.19
* Wed Nov 01 2023 Evgeny Sinelnikov <sin@altlinux> 0.14.1-alt1
- New version for samba-4.18
* Mon Aug 07 2023 Ivan A. Melnikov <iv@altlinux> 0.14.0-alt2
- NMU: fix and re-enable checks
* Mon May 29 2023 Grigory Ustinov <grenka@altlinux> 0.14.0-alt1
- Build new version for python3.11.
- Build without check.
* Sat Sep 17 2022 Evgeny Sinelnikov <sin@altlinux> 0.13.0-alt1

netcmdplus - Extended samba-tool (netcmd) version
* Mon Feb 19 2024 Evgeny Sinelnikov <sin@altlinux> 0.1.3-alt1
- Add compatibility with stable releases of samba-4.18 and later (closes: 49404).
- Replace python3 build to new pyproject_build process.
* Sat Nov 13 2021 Evgeny Sinelnikov <sin@altlinux> 0.1.2-alt2

nss_wrapper - A wrapper for the user, group and hosts NSS API
* Fri Mar 24 2023 Evgeny Sinelnikov <sin@altlinux> 1.1.15-alt2
- Fix cmocka >= 1.1.6 find_package()
* Fri Mar 24 2023 Evgeny Sinelnikov <sin@altlinux> 1.1.15-alt1
- Fixed linking issue in tests
- Fixed a memory leak in tests
- Fixed implementation of initgroups()
- Fixed implementation of getgrouplist()
- Avoid dclose(RTLD_NEXT)
- Fixed possible mutex and threading issues
* Sat Sep 17 2022 Evgeny Sinelnikov <sin@altlinux> 1.1.12-alt1

polkit - PolicyKit Authorization Framework
* Thu Feb 08 2024 Valery Inozemtsev <shrek@altlinux> 0.120-alt3
- new subpackage polkit-default-rules containing 50-default.rules
* Tue Dec 05 2023 Valery Inozemtsev <shrek@altlinux> 0.120-alt2

python3-module-os-ken - A component-based software defined networking framework for OpenStack
* Thu Feb 15 2024 Ilfat Aminov <aminov@altlinux> 2.6.0-alt2.p10
- AutoReqProv: yes
* Fri Jan 26 2024 Ilfat Aminov <aminov@altlinux> 2.6.0-alt1.p10

resolv_wrapper - A wrapper for dns name resolving or dns faking
* Fri Mar 24 2023 Evgeny Sinelnikov <sin@altlinux> 1.1.8-alt2
- Fix cmocka >= 1.1.6 find_package()
* Fri Mar 24 2023 Evgeny Sinelnikov <sin@altlinux> 1.1.8-alt1
- Fix issues with glibc >= 2.34
* Thu Jan 27 2022 Evgeny Sinelnikov <sin@altlinux> 1.1.7-alt2
- Fix detection of a fully seperate libresolv. With glibc 2.24 all res_
  symbols moved from libresolv to libc, so only DNS faking avaialble now.
* Wed Apr 28 2021 Arseny Maslennikov <arseny@altlinux> 1.1.7-alt1.1

rpm-macros-features - RPM macros to check if can build with a feature
* Sun Feb 18 2024 Vitaly Lipatov <lav@altlinux> 20240217-alt0.p10.1
- add if_notfeature
- add python3, wine features
* Tue Feb 06 2024 Vitaly Lipatov <lav@altlinux> 20240206-alt0.p10.1

samba - The Samba4 CIFS and AD client and server suite          	[32M]
* Tue Jan 16 2024 Evgeny Sinelnikov <sin@altlinux> 4.19.4-alt1
- Update to stable release of Samba 4.19
- Fixes from upstream:
  + net changesecretpw cannot set the machine account password if secrets.tdb
    is empty (Samba#13577).
  + Following intermediate abolute share-local symlinks is broken (Samba#15505).
    ctdb RELEASE_IP causes a crash in release_ip if a connection to a non-public
    address disconnects first (Samba#15523).
  + shadow_copy2 broken when current fileset's directories are removed (Samba#15544).
  + 'force user = localunixuser' doesn't work if 'allow trusted domains = no'
    is set (Samba#15469).
  + smbget: debug logging doesn't work (Samba#15525), username in the smburl and
    interactive password entry doesn't work (Samba#15532), auth function doesn't
    set values for password prompt correctly (Samba#15538).
  + Unable to copy and write files from clients to Ceph cluster via SMB Linux
    gateway with Ceph VFS module (Samba#15440).
  + Multichannel refresh network information (Samba#15547).
* Tue Dec 12 2023 Evgeny Sinelnikov <sin@altlinux> 4.19.3-alt2
- Replace samba service pam config to samba-common due regression with password
  authentication in security = user mode with obey pam restrictions = yes.
* Tue Dec 05 2023 Evgeny Sinelnikov <sin@altlinux> 4.19.3-alt1
- Update to stable release of Samba 4.19 with fixes of the Samba CVE for
  Deleted Object tombstones visible in AD LDAP to normal users (CVE-2018-14628).
- Security fixes:
  + CVE-2018-14628: Wrong ntSecurityDescriptor values for "CN=Deleted Objects"
                    allow read of object tombstones over LDAP
                    (Administrator action required!)
                    https://www.samba.org/samba/security/CVE-2018-14628.html
* Mon Nov 06 2023 Evgeny Sinelnikov <sin@altlinux> 4.19.2-alt1
- Update to stable release of Samba 4.19 with latest bugfixes and new features:
 + Migrated smbget to use common command line parser. This has some advantages
   as you get all the feature it provides like Kerberos authentication. The
   support for smbgetrc has been removed.
 + gpupdate changes: The libgpo.get_gpo_list function has been deprecated in
   favor of an implementation written in python,  connects to Active Directory
   using the SamDB module, instead of ADS (which is what libgpo uses).
 + Improved winbind logging and a new tool for parsing the winbind logs. Winbind
   logs (if smb.conf 'winbind debug traceid = yes' is set) contain new trace
   header fields 'traceid' and 'depth'.
 + AD database prepared to Functional Level 2016 standards for new domains.
   While Samba still provides only Functional Level 2008R2 by default, Samba as
   an AD DC will now, in provision ensure that the blank database is already
   prepared for Functional Level 2016, with AD Schema 2019.
 + Kerberos Claims, Authentication Silos and NTLM authentication policies.
   The primary limitation is that while Samba can read and write claims
   in the directory, and populate the PAC, Samba does not yet use them
   for access control decisions.
 + Improved KDC Auditing now provides Samba-style JSON audit logging of all
   issued Kerberos tickets, including if they would fail a policy that is not
   yet enforced. Additionally most failures are audited.
 + Kerberos Armoring (FAST) Support for Windows clients. In domains where the
   domain controller functional level is set to 2012, 2012_R2 or 2016, Windows
   clients will, if configured via GPO, use FAST to protect user passwords
   between (in particular) a workstation and the KDC on the AD DC. This is a
   significant security improvement, as weak passwords in an AS-REQ are no
   longer available for offline attack.
 + Claims compression in the AD PAC. Samba as an AD DC will compress "AD claims"
   using the same compression algorithm as Microsoft Windows.
 + Resource SID compression in the AD PAC. Samba as an AD DC will now correctly
   populate the various PAC group membership buffers, splitting global and local
   groups correctly.
 + Resource Based Constrained Delegation (RBCD) support in both MIT and Heimdal.
   Samba 4.17 added to samba-tool delegation the 'add-principal' and
   'del-principal' subcommands in order to manage RBCD, and the database changes
   made by these tools are now honoured by the Heimdal KDC once Samba is upgraded.
 + New samba-tool support for silos, claims, sites and subnets.
   samba-tool can now list, show, add and manipulate Authentication Silos
   (silos) and Active Directory Authentication Claims (claims).
 + Updated Heimdal import. Samba's Heimdal branch (known as lorikeet-heimdal)
   has been updated to the current pre-8.0 (master) tree from upstream Heimdal,
   ensuring that this vendored copy, included in our release remains as close as
   possible to the current upstream code.
 + Revocation support in Heimdal KDC for PKINIT certificates. Samba will now
   correctly honour the revocation of 'smart card' certificates used for PKINIT
   Kerberos authentication.
 + Require encrypted connection to modify unicodePwd on the AD DC.
 + Samba AD TLS Certificates can be reloaded. The TLS certificates used for
   Samba's AD DC LDAP server were previously only read on startup, and this
   meant that when then expired it was required to restart Samba, disrupting
   service to other users (smbcontrol ldap_server reload-certs).
* Wed Nov 01 2023 Evgeny Sinelnikov <sin@altlinux> 4.18.8-alt1
- Update to maintenance release of Samba 4.18 with latest bugfixes and new features:
 + SMB Server performance improvements. The locking overhead for contended path
   based operations is reduced by an additional factor of ~ 3 compared to 4.17.
 + More succinct samba-tool error messages.
 + Accessing the old samba-tool messages with full Python stack trace by using
   the argument '-d3'.
 + New samba-tool dsacl subcommand for deleting ACES
 + Colour output with samba-tool --color and
 + No colour with NO_COLOR environment variable
 + New wbinfo option --change-secret-at which forces the trust account password
   to be changed at a specified domain controller.
 + New option acl_xattr:security_acl_name to change the NT ACL default protected
   location security.NTACL not accessible from normal users outside of Samba.
 + New option server addresses as per-share parameter to limit share visibility
   and accessibility to specific server IP addresses. This option can offer a
   different set of shares per interface.
 + Azure Active Directory / Office365 synchronisation improvements with the
   Azure AD Connect cloud sync tool which now supported for password hash
   synchronisation, allowing Samba AD Domains to synchronise passwords with this
   popular cloud environment.
* Sun Oct 22 2023 Evgeny Sinelnikov <sin@altlinux> 4.17.12-alt2
Note: changelog entry for 4.17.12-alt4 not found.

socket_wrapper - A library passing all socket communications through Unix sockets
* Fri Oct 20 2023 Evgeny Sinelnikov <sin@altlinux> 1.4.2-alt1
- Fixed LFS issues on 32bit platforms
- Fixed issue with fnctl() on 32bit
- Added openat64() to detect stale fds
* Fri Mar 24 2023 Evgeny Sinelnikov <sin@altlinux> 1.4.0-alt3
- Fix cmocka >= 1.1.6 find_package()
* Fri Mar 24 2023 Evgeny Sinelnikov <sin@altlinux> 1.4.0-alt2
- Skip test_syscall_swrap for arm archicture
* Fri Mar 24 2023 Evgeny Sinelnikov <sin@altlinux> 1.4.0-alt1
- Added support for sendmmsg()/recvmmsg()
- Added support for handling close, recvmmsg and sendmmsg syscalls
- Added support to interact with uid_wrapper syscall()
- Improved IP address tracing output
- Inject O_LARGEFILE as needed on 32bit
- pkgconfig: Fix path to libsocket_wrapper.so
- Fix -Wcast-qual warnings
- Fix dclose(RTLD_NEXT)
* Fri Mar 24 2023 Evgeny Sinelnikov <sin@altlinux> 1.3.4-alt2

sssd - System Security Services Daemon
* Wed Jan 17 2024 Evgeny Sinelnikov <sin@altlinux> 2.9.4-alt1
- Update to latest 2.9 major release in long-term maintenance (LTM) phase.
- Fixes from upstream:
  + A crash when PAM passkey processing incorrectly handles non-passkey data.
  + A workaround was implemented to handle gracefully misbehaving applications
    that destroy internal state of SSSD client librarires.
  + An error when rotating KCM's logs was fixed.
  + Group membership handling when members are coming from different forest
    domains and using ldap token groups is prohibited.
  + Files provider was erroneously taking into consideration local_auth_policy
    config option, thus breaking smartcard authentication of local user in
    setups that didn't explicitly specify this option.
* Mon Nov 20 2023 Evgeny Sinelnikov <sin@altlinux> 2.9.3-alt1

uid_wrapper - A wrapper for privilege separation
* Fri Mar 24 2023 Evgeny Sinelnikov <sin@altlinux> 1.3.0-alt3
- Fix cmocka >= 1.1.6 find_package()
* Fri Mar 24 2023 Evgeny Sinelnikov <sin@altlinux> 1.3.0-alt2
- Skip test_syscall_swrap for arm archicture
* Fri Mar 24 2023 Evgeny Sinelnikov <sin@altlinux> 1.3.0-alt1
- Added support to interact with socket_wrapper syscall()
- Fixed deadlocks with threads
- Improved log output
* Sun Feb 27 2022 Evgeny Sinelnikov <sin@altlinux> 1.2.9-alt1
- Update to latest release with support for getgroups_chk()
* Wed Apr 28 2021 Arseny Maslennikov <arseny@altlinux> 1.2.8-alt1.1

Total 18722 source packages.