From: QA Team Robot <qa@altlinux.org> To: sisyphus-cybertalk@lists.altlinux.org Subject: [cyber] I: p10/branch packages: +2 (19061) Date: Thu, 14 Aug 2025 00:21:21 +0000 Message-ID: <aJ0sAfvtGzuGlldQ@beehive.mskdc.altlinux.org> (raw) 2 UPDATED packages containerd - A daemon to control runC * Tue Nov 12 2024 Vladimir Didenko <cow@altlinux> 2.0.0-alt1 - 2.0.0 * Thu Oct 03 2024 Alexey Shabalin <shaba@altlinux> 2.0.0-alt0.rc5 - v2.0.0-rc.5 * Thu Sep 12 2024 Vladimir Didenko <cow@altlinux> 1.7.22-alt1 - 1.7.22 * Wed Aug 28 2024 Vladimir Didenko <cow@altlinux> 1.7.21-alt1 - 1.7.21 * Mon Jul 22 2024 Vladimir Didenko <cow@altlinux> 1.7.20-alt1 glpi - IT and asset management software [55M] * Wed Jul 16 2025 Pavel Zilke <zidex@altlinux> 10.0.19-alt0.p10.1 - New version 10.0.19 - This release fixes a security issue that has been recently discovered. Update is recommended! - Security fixes: + CVE-2025-27514 : Stored XSS on projects kanban + CVE-2025-52567 : Blind SSRF in RSS feeds and planning + CVE-2025-52897 : XSS and open redirection in planning + CVE-2025-53008 : Mail receiver credentials exfiltration + CVE-2025-53357 : Reservations modification by unauthorized user + CVE-2025-53113 : Access to unallowed items information through external links + CVE-2025-53111 : Data exposure to non allowed users + CVE-2025-53112 : Data removal from allowed users + CVE-2025-53105 : Unauthorized rules execution order update * Wed Feb 12 2025 Pavel Zilke <zidex@altlinux> 10.0.18-alt1 - New version 10.0.18 - This release fixes a security issue that has been recently discovered. Update is recommended! - Security fixes: + CVE-2025-24799 : Unauthenticated SQL injection through the inventory endpoint + CVE-2025-24801 : Authenticated Remote code execution + CVE-2025-21619 : SQL injection through the rules configuration + CVE-2024-11955 : Open Redirection + CVE-2025-21627 : Reflected XSS in search page + CVE-2025-21626 : Exposure of sensitive information in the status.php endpoint + CVE-2025-23024 : Plugins disabled by unauthenticated user + CVE-2025-23046 : Unauthorized authentication by email using the OAuthIMAP plugin + CVE-2025-25192 : Unauthorized access to debug mode * Fri Nov 08 2024 Pavel Zilke <zidex@altlinux> 10.0.17-alt1 - New version 10.0.17 - Added glpi-php8.3 - This release fixes a security issue that has been recently discovered. Update is recommended! - Security fixes: + CVE-2024-50339 : Unauthenticated session hijacking + CVE-2024-40638 : Account takeover through SQL injection + CVE-2024-43416 : Users email enumeration by unauthenticated user + CVE-2024-47758 : Account takeover without privilege escalation through the API + CVE-2024-47761 : Account takeover via the password reset feature + CVE-2024-47760 : Account takeover via API + CVE-2024-48912 : Insecure account deletion by authenticated user + CVE-2024-45608 : Authenticated SQL Injection + CVE-2024-41679 : Authenticated SQL injection in ticket form + CVE-2024-45611 : Stored XSS in RSS feeds + CVE-2024-47759 : Stored XSS via document upload + CVE-2024-43417 : Reflected XSS + CVE-2024-43418 : Reflected XSS + CVE-2024-45609 : Reflected XSS + CVE-2024-45610 : Reflected XSS + CVE-2024-41678 : Reflected XSS * Wed Jul 03 2024 Pavel Zilke <zidex@altlinux> 10.0.16-alt1 Total 19061 source packages.
reply other threads:[~2025-08-14 0:21 UTC|newest] Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=aJ0sAfvtGzuGlldQ@beehive.mskdc.altlinux.org \ --to=qa@altlinux.org \ --cc=devel@lists.altlinux.org \ --cc=sisyphus-cybertalk@lists.altlinux.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
ALT Linux Sisyphus cybertalk This inbox may be cloned and mirrored by anyone: git clone --mirror http://lore.altlinux.org/sisyphus-cybertalk/0 sisyphus-cybertalk/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 sisyphus-cybertalk sisyphus-cybertalk/ http://lore.altlinux.org/sisyphus-cybertalk \ sisyphus-cybertalk@lists.altlinux.org sisyphus-cybertalk@lists.altlinux.ru sisyphus-cybertalk@lists.altlinux.com public-inbox-index sisyphus-cybertalk Example config snippet for mirrors. Newsgroup available over NNTP: nntp://lore.altlinux.org/org.altlinux.lists.sisyphus-cybertalk AGPL code for this site: git clone https://public-inbox.org/public-inbox.git