From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <qa@altlinux.org>
DKIM-Filter: OpenDKIM Filter v2.11.0 mskdc-relay.altlinux.org D988D6012C
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=altlinux.org;
 s=relay-alt2025; t=1751501983;
 bh=7zmsojHYroizpL+7iftEJxx7WefgkDpdCVOQsgGQYRE=;
 h=Date:From:To:Subject:From;
 b=maZRatH1FJrOorcBeE5mR36uVfNq5nzYpvmNL4azxmXC2qkYRj/EugjTRIcDcCkSy
 bTh8SFRB9AYhwOEAgmL4QTA1HhqrKomwvqlPZcasRu6Ry3HMRiCobh38uHv1X91tDw
 RiCnAQvz7b1HQpBFeE/JBXpXhUJfZZwJau+q0KZA=
Date: Thu, 3 Jul 2025 00:19:43 +0000
From: QA Team Robot <qa@altlinux.org>
To: sisyphus-cybertalk@lists.altlinux.org
Message-ID: <aGXMn745fBEUClCq@beehive.mskdc.altlinux.org>
Mail-Followup-To: sisyphus-cybertalk@lists.altlinux.org
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Subject: [cyber] I: p11/branch packages: -1 +5 (19694)
X-BeenThere: sisyphus-cybertalk@lists.altlinux.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: devel@lists.altlinux.org
List-Id: ALT Linux Sisyphus cybertalk <sisyphus-cybertalk.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/options/sisyphus-cybertalk>, 
 <mailto:sisyphus-cybertalk-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/sisyphus-cybertalk>
List-Post: <mailto:sisyphus-cybertalk@lists.altlinux.org>
List-Help: <mailto:sisyphus-cybertalk-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/sisyphus-cybertalk>, 
 <mailto:sisyphus-cybertalk-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Jul 2025 00:19:44 -0000
Archived-At: <http://lore.altlinux.org/sisyphus-cybertalk/aGXMn745fBEUClCq@beehive.mskdc.altlinux.org/>
List-Archive: <http://lore.altlinux.org/sisyphus-cybertalk/>

	1 REMOVED package

qmmp1	1.6.5-alt2

	5 UPDATED packages

chromium - An open source web browser developed by Google       	[2222M]
* Mon Jun 23 2025 Andrey Cherepanov <cas@altlinux> 137.0.7151.119-alt0.p11.1
- Backport new version to p11 branch.
* Wed Jun 18 2025 Andrew A. Vasilyev <andy@altlinux> 137.0.7151.119-alt1
- New version (137.0.7151.119).
- Security fixes:
  + CVE-2025-6191: Integer overflow in V8
  + CVE-2025-6192: Use after free in Profiler
* Wed Jun 11 2025 Andrew A. Vasilyev <andy@altlinux> 137.0.7151.103-alt1
- New version (137.0.7151.103).
- Security fixes:
  + CVE-2025-5958: Use after free in Media
  + CVE-2025-5959: Type Confusion in V8
* Wed Jun 11 2025 Andrey Cherepanov <cas@altlinux> 137.0.7151.68-alt0.p11.1
- Backport new version to p11 branch.
* Tue Jun 03 2025 Andrew A. Vasilyev <andy@altlinux> 137.0.7151.68-alt1
- New version (137.0.7151.68).
- Security fixes:
  + CVE-2025-5419: Out of bounds read and write in V8
  + CVE-2025-5068: Use after free in Blink
* Sat May 31 2025 Andrey Cherepanov <cas@altlinux> 137.0.7151.55-alt0.p11.1
- Backport new version to p11 branch.
* Wed May 28 2025 Andrew A. Vasilyev <andy@altlinux> 137.0.7151.55-alt1
- New version (137.0.7151.55).
- Security fixes:
  + CVE-2025-5063: Use after free in Compositing
  + CVE-2025-5280: Out of bounds write in V8
  + CVE-2025-5064: Inappropriate implementation in Background Fetch API
  + CVE-2025-5065: Inappropriate implementation in FileSystemAccess API
  + CVE-2025-5066: Inappropriate implementation in Messages
  + CVE-2025-5281: Inappropriate implementation in BFCache
  + CVE-2025-5283: Use after free in libvpx
  + CVE-2025-5067: Inappropriate implementation in Tab Strip
- Enable FontationsFontBackend by default.
* Fri May 16 2025 Andrey Cherepanov <cas@altlinux> 136.0.7103.113-alt0.p11.1

libavif - Implementation of the AV1 Image File Format           	[12M]
* Tue May 27 2025 Sergey Bolshakov <sbolshakov@altlinux> 1.3.0-alt2
- rebuilt with system codecs
* Mon May 12 2025 Sergey Bolshakov <sbolshakov@altlinux> 1.3.0-alt1
- 1.3.0 released
* Tue Mar 18 2025 Sergey Bolshakov <sbolshakov@altlinux> 1.2.1-alt1
- 1.2.1 released
* Wed Feb 26 2025 Sergey Bolshakov <sbolshakov@altlinux> 1.2.0-alt1
- 1.2.0 released
* Wed Sep 04 2024 Sergey Bolshakov <sbolshakov@altlinux> 1.1.1-alt1
- 1.1.1 released
* Fri Feb 09 2024 Sergey Bolshakov <sbolshakov@altlinux> 1.0.4-alt1

llvm19.1 - The LLVM Compiler Infrastructure                     	[130M]
* Thu May 15 2025 L.A. Kostis <lakostis@altlinux> 19.1.7-alt0.2
- Disable OpenMP/Offload (to coexist with new llvm).
* Wed Jan 29 2025 Arseny Maslennikov <arseny@altlinux> 19.1.7-alt0.1
- Update to 19.1.7.
* Mon Dec 09 2024 L.A. Kostis <lakostis@altlinux> 19.1.5-alt0.1

qt5-speech - Qt5 - QtSpeech component
* Mon Jun 02 2025 Sergey V Turchin <zerg@altlinux> 5.15.16-alt2
- build without flite
* Thu Dec 12 2024 Sergey V Turchin <zerg@altlinux> 5.15.16-alt1

sudo - Allows command execution as another user
* Tue Jul 01 2025 Evgeny Sinelnikov <sin@altlinux> 1:1.9.16p2-alt3
- Security release (fixes: CVE-2025-32462, CVE-2025-32463) (closes: 55007):
 + Sudo's -h (--host) option could be specified when running a command or
   editing a file. This could enable a local privilege escalation attack if the
   sudoers file allows the user to run commands on a different host.
   For more information, see Local Privilege Escalation via host option:
   https://www.sudo.ws/security/advisories/host_any/
 + An attacker can leverage sudo's -R (--chroot) option to run arbitrary
   commands as root, even if they are not listed in the sudoers file. The chroot
   support has been deprecated an will be removed entirely in a future release.
   For more information, see Local Privilege Escalation via chroot option:
   https://www.sudo.ws/security/advisories/chroot_bug/
* Tue Apr 15 2025 Evgeny Sinelnikov <sin@altlinux> 1:1.9.16p2-alt2

Total 19694 source packages.