From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: DKIM-Filter: OpenDKIM Filter v2.11.0 mskdc-relay.altlinux.org 5BF2660161 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=altlinux.org; s=relay-alt2025; t=1768954857; bh=VFGQvtleNXrPB4WHsQwXjfCAQCDUOQGaqcoM1CJLj4E=; h=Date:From:To:Subject:From; b=fvp0hoq+PeANpBnV2FAqfR0rfKjc7+wKQ1rHWPBL2z0O8o/uP6dwaHbP+tknAlND7 xp0Qgn7a4uOLAdZMz8uBrOzSE8Yc/zedkIcOKKZQj8DrSvzSDDCN3/zPSg6pm/s0L7 fApk59pPRGGBgx1KCFjUrFOfUNnxz6vZ/6hUPO9o= Date: Wed, 21 Jan 2026 00:20:57 +0000 From: QA Team Robot To: sisyphus-cybertalk@lists.altlinux.org Message-ID: Mail-Followup-To: sisyphus-cybertalk@lists.altlinux.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Subject: [cyber] I: p10/branch packages: -1 +19 (19076) X-BeenThere: sisyphus-cybertalk@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: devel@lists.altlinux.org List-Id: ALT Linux Sisyphus cybertalk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jan 2026 00:20:57 -0000 Archived-At: List-Archive: 1 REMOVED package chromium-gost 125.0.6422.112-alt0.c10.1 19 UPDATED packages 389-ds-base - 389 Directory Server (base) [43M] * Thu Dec 25 2025 Andrey Cherepanov 2.2.10-alt2.p10.2 - Built with Rust 1.89. * Thu Oct 02 2025 Stanislav Levin 2.2.10-alt2.p10.1 certmonger - Certificate status monitor and PKI enrollment client * Tue Dec 30 2025 Andrey Cherepanov 0.79.21-alt0.p10.1 - Backport new version to p10 branch. * Thu Oct 02 2025 Stanislav Levin 0.79.21-alt1 - 0.79.20 -> 0.79.21. * Tue Sep 02 2025 Stanislav Levin 0.79.20-alt3 - Fixed FTBFS (temporarily xfail nss dbm tests). * Mon Jun 24 2024 Stanislav Levin 0.79.20-alt2 - Fixes FTBFS (latest rpm-macros-systemd). * Tue Jun 11 2024 Stanislav Levin 0.79.20-alt1 - 0.79.19 -> 0.79.20. * Thu Dec 21 2023 Stanislav Levin 0.79.19-alt1 drbd-reactor - React to DRBD events via plugins. * Wed Dec 24 2025 Andrey Cherepanov 1.9.0-alt1.p10.1 - Backport new version to p10 branch. * Fri Sep 19 2025 Andrew A. Vasilyev 1.9.0-alt2 - fix FTBFS (Closes: #55722) * Thu Jul 10 2025 Andrew A. Vasilyev 1.9.0-alt1 - v1.9.0 * Wed Feb 12 2025 Andrew A. Vasilyev 1.8.0-alt1 - v1.8.0 * Sat Dec 21 2024 Andrew A. Vasilyev 1.7.0-alt1 - v1.7.0 * Sun Nov 24 2024 Andrew A. Vasilyev 1.6.0-alt1 - v1.6.0 * Sun Oct 06 2024 Andrew A. Vasilyev 1.5.0-alt1 - v1.5.0 * Sun Aug 18 2024 Andrew A. Vasilyev 1.4.2-alt1 - v1.4.2 * Mon Jun 24 2024 Andrew A. Vasilyev 1.4.1-alt1.2 - FTBFS: fix systemd path * Wed May 08 2024 Alexey Sheplyakov 1.4.1-alt1.1 - NMU: build for LoongArch * Tue May 07 2024 Andrew A. Vasilyev 1.4.1-alt1 - v1.4.1 * Fri Dec 01 2023 Andrew A. Vasilyev 1.4.0-alt1 - v1.4.0 * Wed Oct 11 2023 Andrew A. Vasilyev 1.3.0-alt1 - v1.3.0 * Wed May 31 2023 Andrew A. Vasilyev 1.2.0-alt1 drbd-utils - DRBD user-land tools and scripts * Thu Dec 25 2025 Andrey Cherepanov 9.29.0-alt0.p10.1 - Backport new version to p10 branch. * Tue Oct 29 2024 Andrew A. Vasilyev 9.29.0-alt1 - 9.29.0 * Mon Jun 24 2024 Andrew A. Vasilyev 9.28.0-alt1.2 - FTBFS: fix udev.d path, change /lib to /usr/lib * Sat Jun 08 2024 Michael Shigorin 9.28.0-alt1.1 - fix build on Elbrus through respecting CXXFLAGS (proposed upstream) * Mon May 06 2024 Andrew A. Vasilyev 9.28.0-alt1 - 9.28.0 * Fri Dec 22 2023 Andrew A. Vasilyev 9.27.0-alt1 - 9.27.0 * Mon Oct 30 2023 Andrew A. Vasilyev 9.26.0-alt1 - 9.26.0 * Wed Jul 26 2023 Andrew A. Vasilyev 9.25.0-alt1 - 9.25.0 * Thu Jun 15 2023 Andrew A. Vasilyev 9.24.0-alt1 firecracker - Virtual Machine Monitor for creating microVMs [33M] * Thu Dec 26 2024 Alexander Burmatov 1.10.1-alt1 - new version 1.10.1 * Fri Dec 18 2020 Alexey Shabalin 0.23.1-alt1 freeipa - The Identity, Policy and Audit system * Tue Dec 30 2025 Andrey Cherepanov 4.9.14-alt5.p10.2 - Rebuilt with nss-3.117. * Mon Oct 06 2025 Stanislav Levin 4.9.14-alt5.p10.1 golang - The Go Programming Language [20M] * Mon Jan 19 2026 Alexey Shabalin 1.24.12-alt1 - 1.24.12 (Fixes: CVE-2025-61727, CVE-2025-61729, CVE-2025-68121, CVE-2025-61728, CVE-2025-61726, CVE-2025-61731, CVE-2025-68119, CVE-2025-61730). * Wed Oct 15 2025 Alexey Shabalin 1.24.9-alt1 highway - Efficient and performance-portable SIMD wrapper libraries * Mon Dec 29 2025 Andrey Cherepanov 1.1.0-alt0.p10.1 - Backport new version to p10 branch. * Mon Feb 19 2024 Yuri N. Sedunov 1.1.0-alt1 - 1.1.0 * Thu Aug 31 2023 Yuri N. Sedunov 1.0.7-alt1 - updated to 1.0.7-2-gfed142a * Sun Jan 29 2023 Yuri N. Sedunov 1.0.3-alt1 mozldap - Mozilla LDAP C SDK * Mon Dec 29 2025 Andrey Cherepanov 6.0.7-alt6.p10.1 - Ignore some warnings from nss includes built with -std=c90. * Sat Dec 26 2020 Alexey Gladkov 6.0.7-alt6 nss - Netscape Network Security Services(NSS) [52M] * Sat Oct 11 2025 Ajrat Makhmutov 3.117-alt1 - New version (3.117). - Fix FTBFS in mozilla products. - Certificate Authority Changes: + Add CN=OISTE Client Root ECC G1 + Add CN=OISTE Client Root RSA G1 + Add CN=OISTE Server Root ECC G1 + Add CN=OISTE Server Root RSA G1 * Sat Sep 20 2025 Ajrat Makhmutov 3.116-alt1 - New version (3.116). * Mon Sep 08 2025 Ajrat Makhmutov 3.115.1-alt1 - New version (3.115.1). - Certificate Authority Changes: + Remove CN=DigiNotar Root CA * Tue Jul 29 2025 Ajrat Makhmutov 3.114-alt1 - New version (3.114). - Certificate Authority Changes: + Remove CN=Baltimore CyberTrust Root,OU=CyberTrust + Add CN=SwissSign RSA SMIME Root CA 2022 - 1 + Add CN=SwissSign RSA TLS Root CA 2022 - 1 + Add CN=TrustAsia SMIME ECC Root CA + Add CN=TrustAsia SMIME RSA Root CA + Add CN=TrustAsia TLS ECC Root CA + Add CN=TrustAsia TLS RSA Root CA * Sat Jul 05 2025 Ajrat Makhmutov 3.113.1-alt1 - New version (3.113.1). * Thu Jun 26 2025 Ajrat Makhmutov 3.113-alt1 proxmox-backup - Proxmox Backup Server daemon with tools and GUI [42M] * Wed Dec 24 2025 Andrey Cherepanov 1:3.2.8.1-alt0.p10.4 - Fixed build with Rust 1.89 * Fri Mar 21 2025 Sergey Konev 1:3.2.8.1-alt0.p10.3 rpm-build-rust - RPM build enviroment to build rust packages * Tue Nov 11 2025 Andrey Cherepanov 0.1.2-alt1.p10.1 - Exclude armh due to missing support in llvm20.1. * Fri Aug 20 2021 Mikhail Gordeev 0.1.2-alt1 ruby - An Interpreted Object-Oriented Scripting Language [11M] * Wed Dec 24 2025 Andrey Cherepanov 3.1.4-alt2.p10.2 - NMU: built with /proc. * Wed Feb 07 2024 Pavel Skrylev 3.1.4-alt2.p10.1 rust - The Rust Programming Language [1191M] * Tue Oct 07 2025 Andrey Cherepanov 1:1.89.0-alt0.p10.1 - Backport new version to p10 branch (bootstrapped). * Fri Aug 22 2025 Sergey Zhidkih 1:1.89.0-alt1 - New version (1.89.0). - Add wasm32-unknown-unknown target support (Closes: 55591). * Fri Jun 27 2025 Ajrat Makhmutov 1:1.88.0-alt1 - New version (1.88.0). * Tue May 20 2025 Ajrat Makhmutov 1:1.87.0-alt1 - New version (1.87.0). * Fri Apr 18 2025 Ajrat Makhmutov 1:1.86.0-alt1 - New version (1.86.0). * Fri Apr 11 2025 Andrey Cherepanov 1:1.82.0-alt0.p10.1 rvm - Ruby enVironment Manager (RVM) * Wed Jun 04 2025 Pavel Skrylev 1.29.12.126-alt0.1 - * swapped functions of rvm and rvm-devel packages - > use version passed as arg for rubygem installation procedure instrad of dropping to version_default - - removed rvm group usage in favor of .rvm at user home - ! fixed ruby installatiion procedure, closing: + ALT #53866 + ALT #49776 + ALT #49775 + ALT #49774 * Tue Aug 06 2024 Pavel Skrylev 1.29.12.125-alt0.4 - ! log link to %_logdir from %_localstatedir - * rollback group rvm to use the rvm ruby installations * Fri May 17 2024 Pavel Skrylev 1.29.12.125-alt0.3 - ! fixed dep to true binary for devel in per section (closes #50385) * Thu Apr 25 2024 Pavel Skrylev 1.29.12.125-alt0.2 - - removed PATH variable from bashrc * Wed Feb 07 2024 Pavel Skrylev 1.29.12.125-alt0.1 - ^ 1.29.12 -> 1.29.12p125 - ! clean up pre script - ! minor fixed * Thu Dec 14 2023 Pavel Skrylev 1.29.12-alt2 systray-x - A system tray extension for Thunderbird * Thu Aug 28 2025 Andrey Cherepanov 0.9.11-alt5 - Set maximum supported version to 200 (ALT #55745). * Wed Jun 04 2025 Ajrat Makhmutov 0.9.11-alt4 thunderbird - Thunderbird is Mozilla's e-mail client [776M] * Wed Dec 24 2025 Andrey Cherepanov 145.0-alt0.p10.1 - Backported new version to p10 branch. * Mon Nov 17 2025 Ajrat Makhmutov 145.0-alt1 - New version. - Fixes: + CVE-2025-13021: Incorrect boundary conditions in the Graphics: WebGPU component + CVE-2025-13022: Incorrect boundary conditions in the Graphics: WebGPU component + CVE-2025-13012: Race condition in the Graphics component + CVE-2025-13023: Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component + CVE-2025-13016: Incorrect boundary conditions in the JavaScript: WebAssembly component + CVE-2025-13024: JIT miscompilation in the JavaScript Engine: JIT component + CVE-2025-13025: Incorrect boundary conditions in the Graphics: WebGPU component + CVE-2025-13026: Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component + CVE-2025-13017: Same-origin policy bypass in the DOM: Notifications component + CVE-2025-13018: Mitigation bypass in the DOM: Security component + CVE-2025-13019: Same-origin policy bypass in the DOM: Workers component + CVE-2025-13013: Mitigation bypass in the DOM: Core & HTML component + CVE-2025-13020: Use-after-free in the WebRTC: Audio/Video component + CVE-2025-13014: Use-after-free in the Audio/Video component + CVE-2025-13015: Spoofing issue in Thunderbird + CVE-2025-13027: Memory safety bugs fixed in Firefox 145 and Thunderbird 145 * Fri Oct 17 2025 Ajrat Makhmutov 144.0.1-alt1 - New version. - Fix the new_argv to match the standard argv format in the wrapper. * Wed Oct 15 2025 Ajrat Makhmutov 144.0-alt1 - New version. - Fixes: + CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance() + CVE-2025-11709: Out of bounds read/write in a privileged process triggered by WebGL textures + CVE-2025-11710: Cross-process information leaked due to malicious IPC messages + CVE-2025-11711: Some non-writable Object properties could be modified + CVE-2025-11716: Sandboxed iframes allowed links to open in external apps (Android only) + CVE-2025-11712: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type + CVE-2025-11713: Potential user-assisted code execution in "Copy as cURL" command + CVE-2025-11719: Use-after-free caused by the native messaging web extension API on Windows + CVE-2025-11714: Memory safety bugs fixed in Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 + CVE-2025-11715: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 + CVE-2025-11721: Memory safety bug fixed in Firefox 144 and Thunderbird 144 * Sun Oct 12 2025 Ajrat Makhmutov 143.0.1-alt1 - New version. * Wed Sep 17 2025 Ajrat Makhmutov 143.0-alt1 - New version. - Fixes: + CVE-2025-10527: Sandbox escape due to use-after-free in the Graphics: Canvas2D component + CVE-2025-10528: Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component + CVE-2025-10529: Same-origin policy bypass in the Layout component + CVE-2025-10530: Spoofing issue in the WebAuthn component in Firefox for Android + CVE-2025-10531: Mitigation bypass in the Web Compatibility: Tooling component + CVE-2025-10532: Incorrect boundary conditions in the JavaScript: GC component + CVE-2025-10533: Integer overflow in the SVG component + CVE-2025-10534: Spoofing issue in the Site Permissions component + CVE-2025-10536: Information disclosure in the Networking: Cache component + CVE-2025-10537: Memory safety bugs fixed in Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143 * Wed Aug 20 2025 Ajrat Makhmutov 142.0-alt1 - New version. - Fixes: + CVE-2025-9179: Sandbox escape due to invalid pointer in the Audio/Video: GMP component + CVE-2025-9180: Same-origin policy bypass in the Graphics: Canvas2D component + CVE-2025-9181: Uninitialized memory in the JavaScript Engine component + CVE-2025-9182: Denial-of-service due to out-of-memory in the Graphics: WebRender component + CVE-2025-9187: Memory safety bugs fixed in Firefox 142 and Thunderbird 142 + CVE-2025-9184: Memory safety bugs fixed in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142 + CVE-2025-9185: Memory safety bugs fixed in Firefox ESR 115.27, Firefox ESR 128.14, Thunderbird ESR 128.14, Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142 * Wed Aug 06 2025 Ajrat Makhmutov 141.0-alt0.p10.1 vector - A lightweight and ultra-fast tool for building observability pipelines [122M] * Sun Sep 28 2025 Ilya Muhamadeev 0.49.0-alt1 - New version. * Fri Aug 08 2025 Ilya Muhamadeev 0.48.0-alt1 - New version. - Get rid of cumulative patch. - Fix systemd unit (closes: 55217): + Add environment variables to command calls. + Change EnvironmentFile path. * Tue Jan 14 2025 Ajrat Makhmutov 0.44.0-alt1 websocat - Netcat, curl and socat for WebSockets [16M] * Mon Dec 29 2025 Andrey Cherepanov 1.11.0-alt1.p10.1 - Fixed build with Rust 1.89. - Disabled %check for armh. * Sun Sep 25 2022 Vladimir D. Seleznev 1.11.0-alt1 Total 19076 source packages.