[cyber] I: p11/branch packages: +10 (19766)

[cyber] I: p11/branch packages: +10 (19766)

[QA Team Robot]

	10 UPDATED packages

aardvark-dns - Authoritative DNS server for A/AAAA container records	[22M]
* Mon Aug 18 2025 Alexey Shabalin <shaba@altlinux> 1.16.0-alt1
- New version 1.16.0.
* Mon May 19 2025 Alexey Shabalin <shaba@altlinux> 1.15.0-alt1

firefox - The Mozilla Firefox project is a redesign of Mozilla's browser	[640M]
* Wed Aug 06 2025 Ajrat Makhmutov <rauty@altlinux> 141.0.2-alt1
- New version (141.0.2).
* Tue Jul 29 2025 Ajrat Makhmutov <rauty@altlinux> 141.0-alt1
- New version (141.0).
- Fixes:
  + CVE-2025-8027: JavaScript engine only wrote partial return value to stack
  + CVE-2025-8028: Large branch table could lead to truncated instruction
  + CVE-2025-8041: Incorrect URL truncation in Firefox for Android
  + CVE-2025-8042: Sandboxed iframe could start downloads
  + CVE-2025-8029: javascript: URLs executed on object and embed tags
  + CVE-2025-8036: DNS rebinding circumvents CORS
  + CVE-2025-8037: Nameless cookies shadow secure cookies
  + CVE-2025-8030: Potential user-assisted code execution in "Copy as cURL" command
  + CVE-2025-8043: Incorrect URL truncation
  + CVE-2025-8031: Incorrect URL stripping in CSP reports
  + CVE-2025-8032: XSLT documents could bypass CSP
  + CVE-2025-8038: CSP frame-src was not correctly enforced for paths
  + CVE-2025-8039: Search terms persisted in URL bar
  + CVE-2025-8033: Incorrect JavaScript state machine for generators
  + CVE-2025-8044: Memory safety bugs fixed in Firefox 141 and Thunderbird 141
  + CVE-2025-8034: Memory safety bugs fixed in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141
  + CVE-2025-8040: Memory safety bugs fixed in Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141
  + CVE-2025-8035: Memory safety bugs fixed in Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141
* Thu Jul 10 2025 Ajrat Makhmutov <rauty@altlinux> 140.0.4-alt1
- New version (140.0.4).
- Terminate buggy unfinished D&D operation as DragDrop (closes: 54713).
* Sat Jun 28 2025 Ajrat Makhmutov <rauty@altlinux> 140.0.2-alt1

gambit - Gambit-C Scheme programming system                     	[11M]
* Sat Aug 30 2025 Paul Wolneykien <manowar@altlinux> 4.9.7-alt4
- Extract C-precompiled files into the separate 'modules-C' package.
- List all module files and directories using a script.
* Fri Aug 29 2025 Paul Wolneykien <manowar@altlinux> 4.9.7-alt3
- Build with --enable-trust-c-tco configure option.
* Fri Aug 29 2025 Paul Wolneykien <manowar@altlinux> 4.9.7-alt2
- Applied 1e6655c upstream fix for executable-path test (thx Marc Feeley).
* Thu Aug 28 2025 Paul Wolneykien <manowar@altlinux> 4.9.7-alt1
- New version 4.9.7.
- Don't require /proc for building.
- Disable pre-compilation of the Emacs module.
- Skip executable-path test as it depends on /proc (patch).
- Delete unused patches.
* Fri Dec 01 2023 Paul Wolneykien <manowar@altlinux> 4.9.5-alt4
- Move gsc to 'devel' package, extract the 'modules' package and
  place *.js in 'modules-js' package.
- Place module demos to examples/ (package 'docs').
- Add compilation options that seem to workaround compliation
  of srfi/42.
- Add `--enable-moduledir=` option and install Gambit modules
  in /usr/lib64/gambit.
- Remove AC_LANG(C++) from configure.ac and build with autoreconf.
- Disable duplicate-var-message patch (needs bootstrap to apply).
* Wed Nov 29 2023 Paul Wolneykien <manowar@altlinux> 4.9.5-alt3
- Make bootstrap in order to compile changes made by
  gambit-4.9.5-duplicate-var-message.patch.
- Make the "duplicate pattern variable" message more informative
  (patch).
- Switch to build from git.
- Remove target directory on module compilation error (patch).
* Mon Sep 11 2023 Paul Wolneykien <manowar@altlinux> 4.9.5-alt2
- Remove UTF-8 patch for docs (fixed in upstream).
* Mon Sep 11 2023 Paul Wolneykien <manowar@altlinux> 4.9.5-alt1
- New version 4.9.5.
* Sun Apr 09 2023 Michael Shigorin <mike@altlinux> 4.9.4-alt3

gambit-dsock - UNIX domain sockets for Gambit-C Scheme programming system
* Sat Aug 30 2025 Paul Wolneykien <manowar@altlinux> 1.2.3-alt1
- Fixed library symlinks.
* Sat Aug 30 2025 Paul Wolneykien <manowar@altlinux> 1.2.2-alt1
- Run gsc with -warnings and check for undefined symbols.
- Fix: Generate an incremental link file.
- Build so-named library and install it into /usr/lib64/.
* Thu Aug 28 2025 Paul Wolneykien <manowar@altlinux> 1.2.1-alt1
- Rebuild with a new version of Gambit.
- Use ___return() instead of ___result.
* Thu Jan 09 2025 Paul Wolneykien <manowar@altlinux> 1.2-alt4
- Ignore some compilation warnings to fix the build with GCC14.
- Build with the standard %optflags.
- Honor CFLAGS for compilation.
* Mon Feb 11 2019 Paul Wolneykien <manowar@altlinux> 1.2-alt3

gambit-signal - UNIX signal handling library for Gambit-C Scheme programming system
* Sat Aug 30 2025 Paul Wolneykien <manowar@altlinux> 1.2.3-alt1
- Fixed library symlinks.
* Sat Aug 30 2025 Paul Wolneykien <manowar@altlinux> 1.2.2-alt1
- Build so-named library and install it into /usr/lib64/.
- Run gsc with -warnings and check for undefined symbols.
- Fix: Generate an incremental link file.
* Thu Aug 28 2025 Paul Wolneykien <manowar@altlinux> 1.2.1-alt1
- Rebuild with a new version of Gambit.
- Use ___return() instead of ___result.
* Thu Jan 09 2025 Paul Wolneykien <manowar@altlinux> 1.2-alt5
- Ignore some compilation warnings to fix the build with GCC14.
- Build with the standard %optflags.
- Honor CFLAGS for compilation.
* Mon Feb 11 2019 Michael Shigorin <mike@altlinux> 1.2-alt4

gambit-sqlite3 - SQLite3 database library for Gambit-C Scheme programming system
* Sat Aug 30 2025 Paul Wolneykien <manowar@altlinux> 1.3.4-alt1
- Fixed library symlinks.
* Sat Aug 30 2025 Paul Wolneykien <manowar@altlinux> 1.3.3-alt1
- Run gsc with -warnings and check for undefined symbols.
- Fix: Generate an incremental link file.
- Build so-named library and install it into /usr/lib64/.
* Thu Aug 28 2025 Paul Wolneykien <manowar@altlinux> 1.3.2-alt1
- Rebuild with a new version of Gambit.
- Use ___return() instead of ___result.
* Thu Jan 09 2025 Paul Wolneykien <manowar@altlinux> 1.3.1-alt2
- Ignore some compilation warnings to fix the build with GCC14.
- Build with the standard %optflags.
- Honor CFLAGS for compilation.
* Mon Feb 13 2023 Paul Wolneykien <manowar@altlinux> 1.3.1-alt1

libwmf - A library to convert wmf files
* Sat Apr 05 2025 Anton Farygin <rider@altlinux> 0.2.13-alt1
- 0.2.8.4 -> 0.2.13
* Wed Sep 27 2017 Anton V. Boyarshinov <boyarsh@altlinux> 0.2.8.4-alt13

netavark - OCI network stack                                    	[23M]
* Tue Sep 02 2025 Alexey Shabalin <shaba@altlinux> 1.16.1-alt1
- New version 1.16.1.
* Mon Aug 18 2025 Alexey Shabalin <shaba@altlinux> 1.16.0-alt1
- New version 1.16.0.
- Fixes a compatibility problem with nftables v1.1.4.
* Tue Jun 17 2025 Alexey Shabalin <shaba@altlinux> 1.15.2-alt1

squidmill - Squid proxy server access log collector with rounding support
* Sat Aug 30 2025 Paul Wolneykien <manowar@altlinux> 2.7.0-alt2
- Build without RPATH.
* Thu Aug 28 2025 Paul Wolneykien <manowar@altlinux> 2.7.0-alt1
- Added a special test with no debug messages in daemon log (closes: 30142).
- Make SysV-init script to remove the socket file on stop (closes: 29894).
- Also, add support to print the test main log on success (PRINT_LOG_OK).
- Repeat all tests 10 times when building.
- Fixed/improved C-interface functions with Gambit 4.9.7.
- Allow to select tests (RUN_TESTS) and to repeat them (TEST_COUNT).
- Reworked tests + more tests.
- Reworked top-level exception handling.
- Rewrote the file-follow machinery (in the hope it's more stable now).
* Fri Aug 22 2025 Paul Wolneykien <manowar@altlinux> 2.6.4-alt1
- Version 2.6.4.
- Replace SRFI-1 named getters with list-ref to avoid call
  to undefined symbols with some versions of Gambit (Fixes:
  OVE-20250822-0001).
- Run gsc with -warnings and check for undefined symbols.
- Fixed the extra log title in test output.
- Try to improve backtrace on error.
* Thu Aug 21 2025 Paul Wolneykien <manowar@altlinux> 2.6.3-alt1
- Output SQL statements to the log with debug level > 1 only (-D -D).
- Print test logs on test fail (PRINT_LOG=1).
- Improved tests.
* Tue Aug 19 2025 Paul Wolneykien <manowar@altlinux> 2.6.2-alt2
- Make [/var]/run/squidmill a ghost dir.
* Tue Aug 19 2025 Paul Wolneykien <manowar@altlinux> 2.6.2-alt1
- Use squidmill.service unit to configure some fragile options
  (closes: 50276, 55654, 29894).
* Wed Feb 19 2025 Paul Wolneykien <manowar@altlinux> 2.6.1-alt3
- Fixed build (drop rpm-macros-fillup).
* Thu Jan 09 2025 Paul Wolneykien <manowar@altlinux> 2.6.1-alt2
- Build with the standard %optflags.
- Honor CFLAGS for compilation.
* Tue Feb 14 2023 Paul Wolneykien <manowar@altlinux> 2.6.1-alt1

thunderbird - Thunderbird is Mozilla's e-mail client            	[752M]
* Tue Jul 29 2025 Ajrat Makhmutov <rauty@altlinux> 141.0-alt1
- New version.
- Fixes:
  + CVE-2025-8027: JavaScript engine only wrote partial return value to stack
  + CVE-2025-8028: Large branch table could lead to truncated instruction
  + CVE-2025-8029: javascript: URLs executed on object and embed tags
  + CVE-2025-8036: DNS rebinding circumvents CORS
  + CVE-2025-8037: Nameless cookies shadow secure cookies
  + CVE-2025-8030: Potential user-assisted code execution in "Copy as cURL" command
  + CVE-2025-8043: Incorrect URL truncation
  + CVE-2025-8031: Incorrect URL stripping in CSP reports
  + CVE-2025-8032: XSLT documents could bypass CSP
  + CVE-2025-8038: CSP frame-src was not correctly enforced for paths
  + CVE-2025-8039: Search terms persisted in URL bar
  + CVE-2025-8033: Incorrect JavaScript state machine for generators
  + CVE-2025-8044: Memory safety bugs fixed in Firefox 141 and Thunderbird 141
  + CVE-2025-8034: Memory safety bugs fixed in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141
  + CVE-2025-8040: Memory safety bugs fixed in Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141
  + CVE-2025-8035: Memory safety bugs fixed in Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141
* Thu Jul 10 2025 Ajrat Makhmutov <rauty@altlinux> 140.0.1-alt1
- New version.
* Mon Jul 07 2025 Ivan A. Melnikov <iv@altlinux> 140.0-alt2
- NMU: Disable crashreporter on loongarch64 and riscv64
  as it does not support these architectures yet (fixes FTBFS)
* Sat Jul 05 2025 Ajrat Makhmutov <rauty@altlinux> 140.0-alt1
- New version.
- Security fixes:
  + CVE-2025-6424: Use-after-free in FontFaceSet
  + CVE-2025-6425: The WebCompat WebExtension shipped exposed a persistent UUID
  + CVE-2025-6426: No warning when opening executable terminal files on macOS
  + CVE-2025-6427: connect-src Content Security Policy restriction could be bypassed
  + CVE-2025-6429: Incorrect parsing of URLs could have allowed embedding of youtube.com
  + CVE-2025-6430: Content-Disposition header ignored when a file is included in an embed or object tag
  + CVE-2025-6432: DNS Requests leaked outside of a configured SOCKS proxy
  + CVE-2025-6433: WebAuthn would allow a user to sign a challenge on a webpage with an invalid TLS certificate
  + CVE-2025-6434: HTTPS-Only exception screen lacked anti-clickjacking delay
  + CVE-2025-6435: Save as in Devtools could download files without sanitizing the extension
  + CVE-2025-6436: Memory safety bugs fixed in Firefox 140 and Thunderbird 140
* Wed Jun 11 2025 Ajrat Makhmutov <rauty@altlinux> 139.0.2-alt1

Total 19766 source packages.