From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on sa.local.altlinux.org X-Spam-Level: X-Spam-Status: No, score=-3.3 required=5.0 tests=BAYES_00,RP_MATCHES_RCVD autolearn=ham autolearn_force=no version=3.4.1 Date: Thu, 15 Aug 2024 00:19:22 +0000 From: QA Team Robot To: sisyphus-cybertalk@lists.altlinux.org Message-ID: Mail-Followup-To: sisyphus-cybertalk@lists.altlinux.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Subject: [cyber] I: p10/branch packages: -1 +4 (18936) X-BeenThere: sisyphus-cybertalk@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: devel@lists.altlinux.org List-Id: ALT Linux Sisyphus cybertalk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Aug 2024 00:19:26 -0000 Archived-At: List-Archive: 1 REMOVED package zabbix34-agent 3.4.15-alt3 4 UPDATED packages mongo5.0 - mongo client shell and tools [34M] * Tue Aug 06 2024 Alexei Takaseev 5.0.28-alt0.p10.1 - 5.0.28 - Fixes: CVE-2024-6375 * Thu Feb 29 2024 Alexei Takaseev 5.0.25-alt0.p10.1 openvpn - a full-featured SSL VPN solution * Thu Aug 01 2024 Nikolay A. Fetisov 2.6.12-alt1 - New version - Fixes: + CVE-2024-5594: filter control channel messages with nonprintable chars + CVE-2024-28882: only call schedule_exit() once (on a given peer) + CVE-2024-4877: Windows: harden interactive service pipe + Fix bug preventing Http-proxy credentials caching * Wed Mar 27 2024 Nikolay A. Fetisov 2.6.10-alt1 - New version - Fixes (all CVE are Windows-specific): + CVE-2024-27459: Windows: fix a possible stack overflow + CVE-2024-24974: Windows: disallow remote access to the service pipe + CVE-2024-27903: Windows: disallow loading of plugins from untrusted dirs + CVE-2023-7235: Windows: local privilege escalation via Windows Installer * Fri Nov 17 2023 Nikolay A. Fetisov 2.6.8-alt1 - New version - Fix SIGSEGV crash sometimes after an unsuccessful TLS handshake * Sun Nov 12 2023 Nikolay A. Fetisov 2.6.7-alt1 - New version - Fixes: + CVE-2023-46850 Incorrectly use a send buffer after it has been free()d + CVE-2023-46849 Division by zero when "--fragment" is used * Sun Oct 29 2023 Nikolay A. Fetisov 2.6.6-alt1 - New version (Closes: 46933) - certificate pinning/verify peer fingerprint authentification for small setups without the need for a PKI - static key mode (non-TLS) has been deprecated - TLS 1.0 and 1.1 are deprecated - built-in packet filtering functionality has been removed - compatibility mode (--compat-mode) to work with older servers * Sun Jan 15 2023 Nikolay A. Fetisov 2.5.8-alt1 - New version * Mon May 16 2022 Nikolay A. Fetisov 2.5.6-alt1 tuned - A dynamic adaptive system tuning daemon * Thu Feb 29 2024 Vitaly Chikunov 2.22.1-alt1 - Update to v2.22.1 (2024-02-22). * Tue Feb 20 2024 Vitaly Chikunov 2.22.0-alt1 - Update to v2.22.0 (2024-02-16). * Sun Sep 03 2023 Vitaly Chikunov 2.21.0-alt1 - Update to v2.21.0 (2023-08-29). * Wed May 24 2023 Vitaly Chikunov 2.16.0-alt2 uwsgi - fast (pure C), self-healing, developer-friendly WSGI server * Wed Nov 22 2023 Oleg Solovyov 2.0.23-alt1 - update to 2.0.23 (Fixes: CVE-2023-27522) * Thu Dec 22 2022 Oleg Solovyov 2.0.21-alt1 - update to 2.0.21 * Tue Dec 07 2021 Oleg Solovyov 2.0.20-alt1 Total 18936 source packages.