ALT Linux Sisyphus cybertalk
 help / color / mirror / Atom feed
* [cyber] I: p10/branch packages: +9 (18948)
@ 2024-11-03  0:19 QA Team Robot
  0 siblings, 0 replies; only message in thread
From: QA Team Robot @ 2024-11-03  0:19 UTC (permalink / raw)
  To: sisyphus-cybertalk

	9 UPDATED packages

MySQL - A very fast and reliable SQL database engine            	[425M]
* Fri Oct 18 2024 Nikolai Kostrigin <nickel@altlinux> 8.0.40-alt1
- new version
  + (fixes: CVE-2024-21193, CVE-2024-21194, CVE-2024-21196, CVE-2024-21197)
  + (fixes: CVE-2024-21198, CVE-2024-21199, CVE-2024-21200, CVE-2024-21201)
  + (fixes: CVE-2024-21203, CVE-2024-21207, CVE-2024-21212, CVE-2024-21213)
  + (fixes: CVE-2024-21218, CVE-2024-21219, CVE-2024-21230, CVE-2024-21231)
  + (fixes: CVE-2024-21236, CVE-2024-21237, CVE-2024-21238, CVE-2024-21239)
  + (fixes: CVE-2024-21241, CVE-2024-21247)
- update mysql-shell 8.0.38 -> 8.0.40
* Tue Oct 15 2024 Andrey Cherepanov <cas@altlinux> 8.0.39-alt1.1
- disable use Faster TLS model (ALT #45499).
* Tue Aug 27 2024 Nikolai Kostrigin <nickel@altlinux> 8.0.39-alt1

blender - 3D modeling, animation, rendering and post-production 	[42M]
* Tue Oct 22 2024 L.A. Kostis <lakostis@altlinux> 3.3.21-alt0.p10.1
- 3.3.21.
- Build back with gcc (closes #51768).
* Thu Jun 27 2024 L.A. Kostis <lakostis@altlinux> 3.3.20-alt0.p10.1

gtkhash - A cross-platform desktop utility for computing message digests or checksums
* Tue Oct 08 2024 Andrey Cherepanov <cas@altlinux> 1.5-alt2
- Disabled libnettle support.
- Used GOST R 34.11-2012 (Stribog) hash function.
* Tue Apr 16 2024 Andrey Cherepanov <cas@altlinux> 1.5-alt1

kde5-dolphin - The file manager for KDE
* Mon Oct 28 2024 Oleg Solovyov <mcpain@altlinux> 23.08.5-alt4
- Skip MIME guessing on network-mounted file systems when listing dir
* Tue Oct 08 2024 Sergey V Turchin <zerg@altlinux> 23.08.5-alt3
- add nfs:/ handler
* Thu Jul 25 2024 Sergey V Turchin <zerg@altlinux> 23.08.5-alt2
- temporary build without baloo
* Fri Feb 16 2024 Sergey V Turchin <zerg@altlinux> 23.08.5-alt1

kf5-kio - KDE Frameworks 5 network transparent access to files and data
* Wed Oct 23 2024 Oleg Solovyov <mcpain@altlinux> 5.116.0-alt7
- move patch to Dolphin: Skip MIME guessing on network-mounted file systems
* Thu Oct 10 2024 Sergey V Turchin <zerg@altlinux> 5.116.0-alt6
- rename kcm_trash.desktop
* Mon Aug 12 2024 Sergey V Turchin <zerg@altlinux> 5.116.0-alt5

lazarus - Lazarus Component Library and IDE                     	[162M]
* Sat Sep 28 2024 Andrey Cherepanov <cas@altlinux> 1:3.6-alt1
- New version.
* Sat May 25 2024 Andrey Cherepanov <cas@altlinux> 1:3.4-alt1
- New version.
* Mon Mar 18 2024 Andrey Cherepanov <cas@altlinux> 1:3.2-alt2

qgis3 - A user friendly Open Source Geographic Information System	[102M]
* Fri Nov 01 2024 Andrey Cherepanov <cas@altlinux> 3.20.3-alt3.p10.2
- Do not use developer map from external untrusted resource.
* Mon Aug 28 2023 Andrey Cherepanov <cas@altlinux> 3.20.3-alt3.p10.1

task-edu - Educational software (base set)
* Fri Nov 01 2024 Andrey Cherepanov <cas@altlinux> 1.5.9-alt13.p10.2
- task-edu-kde5: added kde5-autofs-shares.
- task-edu-server-apps: returned installed-db-mediawiki.
* Sun Sep 29 2024 Andrey Cherepanov <cas@altlinux> 1.5.9-alt13.p10.1

thunderbird - Thunderbird is Mozilla's e-mail client            	[538M]
* Tue Oct 29 2024 Pavel Vasenkov <pav@altlinux> 115.16.2-alt1
- New version.
- Security fixes:
  + CVE-2024-3852 GetBoundName in the JIT returned the wrong object
  + CVE-2024-3854 Out-of-bounds-read after mis-optimized switch statement
  + CVE-2024-3857 Incorrect JITting of arguments led to use-after-free during garbage collection
  + CVE-2024-2609 Permission prompt input delay could expire when not in focus
  + CVE-2024-3859 Integer-overflow led to out-of-bounds-read in the OpenType sanitizer
  + CVE-2024-3861 Potential use-after-free due to AlignedBuffer self-move
  + CVE-2024-3863 Download Protections were bypassed by .xrm-ms files on Windows
  + CVE-2024-3302 Denial of Service using HTTP/2 CONTINUATION frames
  + CVE-2024-3864 Memory safety bug fixed in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10
  + CVE-2024-4367 Arbitrary JavaScript execution in PDF.js
  + CVE-2024-4767 IndexedDB files retained in private browsing mode
  + CVE-2024-4768 Potential permissions request bypass via clickjacking
  + CVE-2024-4769 Cross-origin responses could be distinguished between script and non-script content-types
  + CVE-2024-4770 Use-after-free could occur when printing to PDF
  + CVE-2024-4777 Memory safety bugs fixed in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11
  + CVE-2024-5702 Use-after-free in networking
  + CVE-2024-5688 Use-after-free in JavaScript object transplant
  + CVE-2024-5690 External protocol handlers leaked by timing attack
  + CVE-2024-5691 Sandboxed iframes were able to bypass sandbox restrictions to open a new window
  + CVE-2024-5692 Bypass of file name restrictions during saving
  + CVE-2024-5693 Cross-Origin Image leak via Offscreen Canvas
  + CVE-2024-5696 Memory Corruption in Text Fragments
  + CVE-2024-5700 Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12
  + CVE-2024-7652 Type Confusion in Async Generators in Javascript Engine
  + CVE-2024-6600 Memory corruption in WebGL API
  + CVE-2024-6601 Race condition in permission assignment
  + CVE-2024-6602 Memory corruption in NSS
  + CVE-2024-6603 Memory corruption in thread creation
  + CVE-2024-6604 Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, Thunderbird 128, and Thunderbird 115.13
  + CVE-2024-7519 Out of bounds memory access in graphics shared memory handling
  + CVE-2024-7521 Incomplete WebAssembly exception handing
  + CVE-2024-7522 Out of bounds read in editor component
  + CVE-2024-7525 Missing permission check when creating a StreamFilter
  + CVE-2024-7526 Uninitialized memory used by WebGL
  + CVE-2024-7527 Use-after-free in JavaScript garbage collection
  + CVE-2024-7529 Document content could partially obscure security prompts
  + CVE-2024-7519 Out of bounds memory access in graphics shared memory handling
  + CVE-2024-7521 Incomplete WebAssembly exception handing
  + CVE-2024-7522 Out of bounds read in editor component
  + CVE-2024-7525 Missing permission check when creating a StreamFilter
  + CVE-2024-7526 Uninitialized memory used by WebGL
  + CVE-2024-7527 Use-after-free in JavaScript garbage collection
  + CVE-2024-7529 Document content could partially obscure security prompts
* Wed Apr 03 2024 Pavel Vasenkov <pav@altlinux> 115.9.0-alt1

Total 18948 source packages.


^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2024-11-03  0:19 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-11-03  0:19 [cyber] I: p10/branch packages: +9 (18948) QA Team Robot

ALT Linux Sisyphus cybertalk

This inbox may be cloned and mirrored by anyone:

	git clone --mirror http://lore.altlinux.org/sisyphus-cybertalk/0 sisyphus-cybertalk/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 sisyphus-cybertalk sisyphus-cybertalk/ http://lore.altlinux.org/sisyphus-cybertalk \
		sisyphus-cybertalk@lists.altlinux.org sisyphus-cybertalk@lists.altlinux.ru sisyphus-cybertalk@lists.altlinux.com
	public-inbox-index sisyphus-cybertalk

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://lore.altlinux.org/org.altlinux.lists.sisyphus-cybertalk


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git