From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on sa.local.altlinux.org X-Spam-Level: X-Spam-Status: No, score=-3.3 required=5.0 tests=BAYES_00,RP_MATCHES_RCVD autolearn=ham autolearn_force=no version=3.4.1 Date: Sun, 21 Jul 2024 00:14:15 +0000 From: QA Team Robot To: sisyphus-cybertalk@lists.altlinux.org Message-ID: Mail-Followup-To: sisyphus-cybertalk@lists.altlinux.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Subject: [cyber] I: Sisyphus-20240721 packages: +1! -16 +15 (19550) X-BeenThere: sisyphus-cybertalk@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: devel@lists.altlinux.org List-Id: ALT Linux Sisyphus cybertalk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Jul 2024 00:14:18 -0000 Archived-At: List-Archive: 1 ADDED package hyprland-legacyrenderer - Hyprland is a dynamic tiling Wayland compositor (legacy renderer) [50M] * Sat Jul 20 2024 Kirill Unitsaev 0.41.2-alt2 - Initial build of hyprland with legacy renderer * Thu Jul 04 2024 Roman Alifanov 0.41.2-alt1 16 REMOVED packages mosh 1.4.0-alt1 mysqltuner 1.7.2-alt1 perl-Digest-Haval256 1.0.5-alt3.2 perl-Net-Patricia 1.22-alt1.2 perl-Padre 1.02-alt2 scim 1.4.18-alt1 scim-anthy 1.3.2-alt1 scim-array 1.0.1-alt1.qa2 scim-chewing 0.5.1-alt1 scim-fcitx 3.1.1-alt1.1.qa1 scim-hangul 0.4.0-alt1 scim-m17n 0.2.3-alt3_31 scim-pinyin 0.5.92-alt2.qa1 scim-sayura 0.3.3-alt1 scim-tables 0.5.14.1-alt1 scim-thai 0.1.3-alt1_5 15 UPDATED packages branding-alt-education - System/Base [12M] * Sat Jul 20 2024 Andrey Cherepanov 11.0-alt0.2.alpha - Used licenses from distro-licenses. * Fri Apr 19 2024 Andrey Cherepanov 11.0-alt0.1.alpha cinnamon-session - The cinnamon session programs for the Cinnamon GUI desktop environment * Sat Jul 20 2024 Anton Midyukov 6.2.1-alt1 - 6.2.1 * Fri Jun 14 2024 Anton Midyukov 6.2.0-alt1 errands - Todo application for GNOME * Sat Jul 20 2024 Yuri N. Sedunov 46.2.4-alt1 - 46.2.4 * Thu Jun 20 2024 Yuri N. Sedunov 46.2.3-alt1 freerdp - Remote Desktop Protocol functionality * Fri Jul 19 2024 Andrey Cherepanov 2.11.7-alt3 - freerdp-shadow-cli: use preferred PAM module freerdp-server. * Tue May 21 2024 Andrey Cherepanov 2.11.7-alt2 gajim - a Jabber client written in PyGTK * Sat Jul 20 2024 Ilya Mashkin 1.9.2-alt1 - 1.9.2 * Mon Jun 24 2024 Ilya Mashkin 1.9.1-alt1 gimagereader - A graphical GTK frontend to tesseract-ocr * Sat Jul 20 2024 Vitaly Lipatov 3.4.2-alt2 - add patch to fix build with enchant 2.7 * Sun Feb 18 2024 Vitaly Lipatov 3.4.2-alt1 orc - The Oil Runtime Compiler * Sat Jul 20 2024 Yuri N. Sedunov 0.4.39-alt1 - 0.4.39 (fixed CVE-2024-40897) * Wed Feb 28 2024 Yuri N. Sedunov 0.4.38-alt1 python3-module-nbxmpp - Python library for non-blocking use of Jabber/XMPP * Sat Jul 20 2024 Ilya Mashkin 5.0.2-alt1 - 5.0.2 * Mon Jun 24 2024 Ilya Mashkin 5.0.1-alt1 python3-module-pytest-httpserver - HTTP server for pytest * Sat Jul 20 2024 Yuri N. Sedunov 1.0.11-alt1 - 1.0.11 * Sun Feb 25 2024 Yuri N. Sedunov 1.0.10-alt1 qgis - A user friendly Open Source Geographic Information System [134M] * Sat Jul 20 2024 Andrey Cherepanov 3.38.1-alt1 - New version. * Wed Jul 17 2024 Ivan A. Melnikov 3.38.0-alt2 qt3 - Shared library for the Qt3 GUI toolkit [13M] * Sat Jul 20 2024 Ivan A. Melnikov 3.3.8d-alt16.2 - Drop BR: libssl to fix FTBFS * Sat Jan 29 2022 Alexei Takaseev 3.3.8d-alt16.1 recoll - A personal full text search package * Sat Jul 20 2024 Ilya Mashkin 1.39.3-alt1 - 1.39.3 * Wed Jul 17 2024 Ilya Mashkin 1.39.2-alt1 samba - The Samba4 CIFS and AD client and server suite [33M] * Fri Jul 19 2024 Evgeny Sinelnikov 4.20.2-alt2 - New option 'idmap reverse cache update' to control reverse name to sid cache behaviour that Winbind's idmap interface additionally saved to namemap cache, when found unknown sid during sid to name query. This option solves the compatibility problem of foreign SIDs getting stuck in trust relationships from the SIDHistory attribute. By default, this option is disabled (so, compatibility behaviour is enabled). * Thu Jul 18 2024 Evgeny Sinelnikov 4.20.2-alt1 thunderbird - Thunderbird is Mozilla's e-mail client [672M] * Fri Jul 19 2024 Ajrat Makhmutov 128.0-alt1 - New version. - Security fixes: + CVE-2024-3852: GetBoundName in the JIT returned the wrong object + CVE-2024-3854: Out-of-bounds-read after mis-optimized switch statement + CVE-2024-3857: Incorrect JITting of arguments led to use-after-free during garbage collection + CVE-2024-2609: Permission prompt input delay could expire when not in focus + CVE-2024-3859: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer + CVE-2024-3861: Potential use-after-free due to AlignedBuffer self-move + CVE-2024-3863: Download Protections were bypassed by .xrm-ms files on Windows + CVE-2024-3302: Denial of Service using HTTP/2 CONTINUATION frames + CVE-2024-3864: Memory safety bug fixed in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10 + CVE-2024-4367: Arbitrary JavaScript execution in PDF.js + CVE-2024-4767: IndexedDB files retained in private browsing mode + CVE-2024-4768: Potential permissions request bypass via clickjacking + CVE-2024-4769: Cross-origin responses could be distinguished between script and non-script content-types + CVE-2024-4770: Use-after-free could occur when printing to PDF + CVE-2024-4777: Memory safety bugs fixed in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11 + CVE-2024-5702: Use-after-free in networking + CVE-2024-5688: Use-after-free in JavaScript object transplant + CVE-2024-5690: External protocol handlers leaked by timing attack + CVE-2024-5691: Sandboxed iframes were able to bypass sandbox restrictions to open a new window + CVE-2024-5692: Bypass of file name restrictions during saving + CVE-2024-5693: Cross-Origin Image leak via Offscreen Canvas + CVE-2024-5696: Memory Corruption in Text Fragments + CVE-2024-5700: Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12 + CVE-2024-6606: Out-of-bounds read in clipboard component + CVE-2024-6607: Leaving pointerlock by pressing the escape key could be prevented + CVE-2024-6608: Cursor could be moved out of the viewport using pointerlock. + CVE-2024-6609: Memory corruption in NSS + CVE-2024-6610: Form validation popups could block exiting full-screen mode + CVE-2024-6600: Memory corruption in WebGL API + CVE-2024-6601: Race condition in permission assignment + CVE-2024-6602: Memory corruption in NSS + CVE-2024-6603: Memory corruption in thread creation + CVE-2024-6611: Incorrect handling of SameSite cookies + CVE-2024-6612: CSP violation leakage when using devtools + CVE-2024-6613: Incorrect listing of stack frames + CVE-2024-6614: Incorrect listing of stack frames + CVE-2024-6604: Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, Thunderbird 128, and Thunderbird 115.13 + CVE-2024-6615: Memory safety bugs fixed in Firefox 128 and Thunderbird 128 * Wed Apr 03 2024 Pavel Vasenkov 115.9.0-alt1 wxsvg - wxSVG is viewer SVG files * Sat Jul 20 2024 Anton Farygin 1:1.5.25-alt1 - 1.5.24 -> 1.5.25 * Fri Jun 23 2023 Anton Midyukov 1:1.5.24-alt1 Total 19550 source packages.