[cyber] I: p10/branch packages: +1! +2 (19074)

[cyber] I: p10/branch packages: +1! +2 (19074)

[QA Team Robot]

	1 ADDED package

openbao - Secure secrets and encryption management system       	[34M]
* Mon Dec 29 2025 Maxim Tulskiy <tulskijms@altlinux> 2.4.4-alt1
- Updated to new version v2.4.4.
- Support building package with bundled web ui (Closes: #56797).
* Sun Jun 08 2025 Maxim Tulskiy <tulskijms@altlinux> 2.2.2-alt1

	2 UPDATED packages

firefox-esr - The Mozilla Firefox project is a redesign of Mozilla's browser	[640M]
* Wed Mar 25 2026 Pavel Vasenkov <pav@altlinux> 140.8.0-alt0.p10.1
- Backport new version.
* Tue Mar 10 2026 Pavel Vasenkov <pav@altlinux> 140.8.0-alt2
- Fix "Thunderbird and Firefox accounts are reset." (Closes: #58172)
* Mon Mar 02 2026 Pavel Vasenkov <pav@altlinux> 140.8.0-alt1
- New ESR version.
- Security fixes:
  + CVE-2026-2757 Incorrect boundary conditions in the WebRTC: Audio/Video component
  + CVE-2026-2758 Use-after-free in the JavaScript: GC component
  + CVE-2026-2759 Incorrect boundary conditions in the Graphics: ImageLib component
  + CVE-2026-2760 Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component
  + CVE-2026-2761 Sandbox escape in the Graphics: WebRender component
  + CVE-2026-2762 Integer overflow in the JavaScript: Standard Library component
  + CVE-2026-2763 Use-after-free in the JavaScript Engine component
  + CVE-2026-2764 JIT miscompilation, use-after-free in the JavaScript Engine: JIT component
  + CVE-2026-2765 Use-after-free in the JavaScript Engine component
  + CVE-2026-2766 Use-after-free in the JavaScript Engine: JIT component
  + CVE-2026-2767 Use-after-free in the JavaScript: WebAssembly component
  + CVE-2026-2768 Sandbox escape in the Storage: IndexedDB component
  + CVE-2026-2769 Use-after-free in the Storage: IndexedDB component
  + CVE-2026-2770 Use-after-free in the DOM: Bindings (WebIDL) component
  + CVE-2026-2771 Undefined behavior in the DOM: Core & HTML component
  + CVE-2026-2772 Use-after-free in the Audio/Video: Playback component
  + CVE-2026-2773 Incorrect boundary conditions in the Web Audio component
  + CVE-2026-2774 Integer overflow in the Audio/Video component
  + CVE-2026-2775 Mitigation bypass in the DOM: HTML Parser component
  + CVE-2026-2776 Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software
  + CVE-2026-2777 Privilege escalation in the Messaging System component
  + CVE-2026-2778 Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component
  + CVE-2026-2779 Incorrect boundary conditions in the Networking: JAR component
  + CVE-2026-2780 Privilege escalation in the Netmonitor component
  + CVE-2026-2781 Integer overflow in the Libraries component in NSS
  + CVE-2026-2782 Privilege escalation in the Netmonitor component
  + CVE-2026-2783 Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component
  + CVE-2026-2784 Mitigation bypass in the DOM: Security component
  + CVE-2026-2785 Invalid pointer in the JavaScript Engine component
  + CVE-2026-2786 Use-after-free in the JavaScript Engine component
  + CVE-2026-2787 Use-after-free in the DOM: Window and Location component
  + CVE-2026-2788 Incorrect boundary conditions in the Audio/Video: GMP component
  + CVE-2026-2789 Use-after-free in the Graphics: ImageLib component
  + CVE-2026-2790 Same-origin policy bypass in the Networking: JAR component
  + CVE-2026-2791 Mitigation bypass in the Networking: Cache component
  + CVE-2026-2792 Memory safety bugs fixed in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148
  + CVE-2026-2793 Memory safety bugs fixed in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148
* Wed Feb 18 2026 Pavel Vasenkov <pav@altlinux> 140.7.1-alt1
- New ESR version.
- Security fixes:
  + CVE-2026-2447 Heap buffer overflow in libvpx
* Thu Jan 22 2026 Michael Shigorin <mike@altlinux> 140.7.0-alt3
- Fix "new version means new blank profile" (Closes: #57602)
  + thanks NixOS guys, see http://github.com/NixOS/nixpkgs/pull/119849
* Thu Jan 22 2026 Michael Shigorin <mike@altlinux> 140.7.0-alt2
- Get yandex search back through default policy
  (Closes: #45190; see also: #43516; thanks Ruslan Gilfanov).
* Wed Jan 14 2026 Pavel Vasenkov <pav@altlinux> 140.7.0-alt1
- New ESR version.
- Security fixes:
  + CVE-2026-0877 Mitigation bypass in the DOM: Security component
  + CVE-2026-0878 Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component
  + CVE-2026-0879 Sandbox escape due to incorrect boundary conditions in the Graphics component
  + CVE-2026-0880 Sandbox escape due to integer overflow in the Graphics component
  + CVE-2026-0882 Use-after-free in the IPC component
  + CVE-2025-14327 Spoofing issue in the Downloads Panel component
  + CVE-2026-0883 Information disclosure in the Networking component
  + CVE-2026-0884 Use-after-free in the JavaScript Engine component
  + CVE-2026-0885 Use-after-free in the JavaScript: GC component
  + CVE-2026-0886 Incorrect boundary conditions in the Graphics component
  + CVE-2026-0887 Clickjacking issue, information disclosure in the PDF Viewer component
  + CVE-2026-0890 Spoofing issue in the DOM: Copy & Paste and Drag & Drop component
  + CVE-2026-0891 Memory safety bugs fixed in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147
* Wed Dec 10 2025 Pavel Vasenkov <pav@altlinux> 140.6.0-alt1
- New ESR version.
- Security fixes:
  + CVE-2025-14321 Use-after-free in the WebRTC: Signaling component
  + CVE-2025-14322 Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component
  + CVE-2025-14323 Privilege escalation in the DOM: Notifications component
  + CVE-2025-14324 JIT miscompilation in the JavaScript Engine: JIT component
  + CVE-2025-14325 JIT miscompilation in the JavaScript Engine: JIT component
  + CVE-2025-14328 Privilege escalation in the Netmonitor component
  + CVE-2025-14329 Privilege escalation in the Netmonitor component
  + CVE-2025-14330 JIT miscompilation in the JavaScript Engine: JIT component
  + CVE-2025-14331 Same-origin policy bypass in the Request Handling component
  + CVE-2025-14333 Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146
* Fri Nov 14 2025 Pavel Vasenkov <pav@altlinux> 140.5.0-alt1
Note: changelog entry for 140.6.0-alt0.p10.1 not found.

winehelper - Program for easy installation of Windows applications.
* Wed Mar 18 2026 Mikhail Tergoev <fidel@altlinux> 0.10.0-alt1
- updated to version 0.10.0
- updated installation scripts: emias, ctm-service (ALT bug: 58046)
- added installation scripts: apropos-z, olimp
- added wine-cx support (fork crossover)
- GUI: fixes and improvements
* Fri Feb 13 2026 Mikhail Tergoev <fidel@altlinux> 0.9.0-alt1
- updated to version 0.9.0
- added wine-wow64 support
- added wine-cpcsp_proxy support for wine-wow64
- added an option to skip 32-bit dependency checking if wine-wow64 is used
- added installation scripts: dialux 4, ksamu, emias
- updated the ved-control installation script
- tax programs have been migrated to 64-bit prefixes and wine-wow64
- t-flex programs have been migrated to use wine-wow64
- arm-kt programs have been migrated to use wine-wow64
- improved base prefix creation
- improved creation and unpacking of prefix backups
- system winetricks is used
- GUI: main functions fixed/improved
- GUI: icon display fixed for shortcuts (desktop files)
- GUI: added the ability to launch the "Wine Control Panel"
- GUI: moved file association, ESYNC, FSYNC, DXVK, and VK3D to "Advanced Settings"
- GUI: removed unused Wine versions
- GUI: added a filter to limit Wine version usage based on prefix
* Fri Oct 24 2025 Mikhail Tergoev <fidel@altlinux> 0.8.0-alt1
- updated to version 0.8.0
- added autodetection of .reg and .dll files to add them to the prefix registry
- added links to certificate pages to the "Help" tab
- other minor improvements and optimizations to scripts and the graphical interface
* Mon Oct 20 2025 Mikhail Tergoev <fidel@altlinux> 0.7.0-alt1
- updated to version 0.7.0
- GUI: added a button to open a directory with backups and logs
- GUI: added a button to open a directory with a prefix
- GUI: added a button to block buttons for an installed application if it is already running
- GUI: added a display of the installation process for third-party components using winetricks
- GUI: added the ability to display and install test scripts (disabled by default)
- added installation scripts for t-flex version 18
- added a list of test software installation scripts to the CLI
- added the ability to associate files for transfer to applications launched in WineHelper
* Wed Oct 01 2025 Mikhail Tergoev <fidel@altlinux> 0.6.0-alt1
- updated to version 0.6.0
- fixed typos (ALT bug: 55538)
- added Qt5 graphics mode
- added tray icon for Qt5 graphics mode
- updated installation scripts for t-flex-*
- updated installation script for scadoffice
- added manual installation of NetTest (demo version)
- added ARM-KT installation scripts
- winehelper killall - kills only processes running in WinwHelper
- other minor script improvements and optimizations
* Mon Jul 14 2025 Mikhail Tergoev <fidel@altlinux> 0.5.0-alt1

Total 19074 source packages.