From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: DKIM-Filter: OpenDKIM Filter v2.11.0 mskdc-relay.altlinux.org 65EC16019D DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=altlinux.org; s=relay-alt2025; t=1775089629; bh=uUQ9940Fgl0iSiQn0ImH37KZE51c1WiR0uLozqgEGMA=; h=Date:From:To:Subject:From; b=JJU3+nGWC4gclOa4CFxrFXyN2gy4JaociH7End6eLgF9a656ZMs6cwWPXtTZBAyt9 e11SosJ5jXhIDz8Z0pF1lX46RLasDibmEt37fJYwy2nvG7yIezfdZ1leFSAwBYBn++ wZms45wrcUwZf2oQwok+JKGl5lrsrxnmtbV1L4nQ= Date: Thu, 2 Apr 2026 00:27:09 +0000 From: QA Team Robot To: sisyphus-cybertalk@lists.altlinux.org Message-ID: Mail-Followup-To: sisyphus-cybertalk@lists.altlinux.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Subject: [cyber] I: p10/branch packages: +1! +2 (19074) X-BeenThere: sisyphus-cybertalk@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: devel@lists.altlinux.org List-Id: ALT Linux Sisyphus cybertalk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Apr 2026 00:27:09 -0000 Archived-At: List-Archive: 1 ADDED package openbao - Secure secrets and encryption management system [34M] * Mon Dec 29 2025 Maxim Tulskiy 2.4.4-alt1 - Updated to new version v2.4.4. - Support building package with bundled web ui (Closes: #56797). * Sun Jun 08 2025 Maxim Tulskiy 2.2.2-alt1 2 UPDATED packages firefox-esr - The Mozilla Firefox project is a redesign of Mozilla's browser [640M] * Wed Mar 25 2026 Pavel Vasenkov 140.8.0-alt0.p10.1 - Backport new version. * Tue Mar 10 2026 Pavel Vasenkov 140.8.0-alt2 - Fix "Thunderbird and Firefox accounts are reset." (Closes: #58172) * Mon Mar 02 2026 Pavel Vasenkov 140.8.0-alt1 - New ESR version. - Security fixes: + CVE-2026-2757 Incorrect boundary conditions in the WebRTC: Audio/Video component + CVE-2026-2758 Use-after-free in the JavaScript: GC component + CVE-2026-2759 Incorrect boundary conditions in the Graphics: ImageLib component + CVE-2026-2760 Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component + CVE-2026-2761 Sandbox escape in the Graphics: WebRender component + CVE-2026-2762 Integer overflow in the JavaScript: Standard Library component + CVE-2026-2763 Use-after-free in the JavaScript Engine component + CVE-2026-2764 JIT miscompilation, use-after-free in the JavaScript Engine: JIT component + CVE-2026-2765 Use-after-free in the JavaScript Engine component + CVE-2026-2766 Use-after-free in the JavaScript Engine: JIT component + CVE-2026-2767 Use-after-free in the JavaScript: WebAssembly component + CVE-2026-2768 Sandbox escape in the Storage: IndexedDB component + CVE-2026-2769 Use-after-free in the Storage: IndexedDB component + CVE-2026-2770 Use-after-free in the DOM: Bindings (WebIDL) component + CVE-2026-2771 Undefined behavior in the DOM: Core & HTML component + CVE-2026-2772 Use-after-free in the Audio/Video: Playback component + CVE-2026-2773 Incorrect boundary conditions in the Web Audio component + CVE-2026-2774 Integer overflow in the Audio/Video component + CVE-2026-2775 Mitigation bypass in the DOM: HTML Parser component + CVE-2026-2776 Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software + CVE-2026-2777 Privilege escalation in the Messaging System component + CVE-2026-2778 Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component + CVE-2026-2779 Incorrect boundary conditions in the Networking: JAR component + CVE-2026-2780 Privilege escalation in the Netmonitor component + CVE-2026-2781 Integer overflow in the Libraries component in NSS + CVE-2026-2782 Privilege escalation in the Netmonitor component + CVE-2026-2783 Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component + CVE-2026-2784 Mitigation bypass in the DOM: Security component + CVE-2026-2785 Invalid pointer in the JavaScript Engine component + CVE-2026-2786 Use-after-free in the JavaScript Engine component + CVE-2026-2787 Use-after-free in the DOM: Window and Location component + CVE-2026-2788 Incorrect boundary conditions in the Audio/Video: GMP component + CVE-2026-2789 Use-after-free in the Graphics: ImageLib component + CVE-2026-2790 Same-origin policy bypass in the Networking: JAR component + CVE-2026-2791 Mitigation bypass in the Networking: Cache component + CVE-2026-2792 Memory safety bugs fixed in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148 + CVE-2026-2793 Memory safety bugs fixed in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148 * Wed Feb 18 2026 Pavel Vasenkov 140.7.1-alt1 - New ESR version. - Security fixes: + CVE-2026-2447 Heap buffer overflow in libvpx * Thu Jan 22 2026 Michael Shigorin 140.7.0-alt3 - Fix "new version means new blank profile" (Closes: #57602) + thanks NixOS guys, see http://github.com/NixOS/nixpkgs/pull/119849 * Thu Jan 22 2026 Michael Shigorin 140.7.0-alt2 - Get yandex search back through default policy (Closes: #45190; see also: #43516; thanks Ruslan Gilfanov). * Wed Jan 14 2026 Pavel Vasenkov 140.7.0-alt1 - New ESR version. - Security fixes: + CVE-2026-0877 Mitigation bypass in the DOM: Security component + CVE-2026-0878 Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component + CVE-2026-0879 Sandbox escape due to incorrect boundary conditions in the Graphics component + CVE-2026-0880 Sandbox escape due to integer overflow in the Graphics component + CVE-2026-0882 Use-after-free in the IPC component + CVE-2025-14327 Spoofing issue in the Downloads Panel component + CVE-2026-0883 Information disclosure in the Networking component + CVE-2026-0884 Use-after-free in the JavaScript Engine component + CVE-2026-0885 Use-after-free in the JavaScript: GC component + CVE-2026-0886 Incorrect boundary conditions in the Graphics component + CVE-2026-0887 Clickjacking issue, information disclosure in the PDF Viewer component + CVE-2026-0890 Spoofing issue in the DOM: Copy & Paste and Drag & Drop component + CVE-2026-0891 Memory safety bugs fixed in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147 * Wed Dec 10 2025 Pavel Vasenkov 140.6.0-alt1 - New ESR version. - Security fixes: + CVE-2025-14321 Use-after-free in the WebRTC: Signaling component + CVE-2025-14322 Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component + CVE-2025-14323 Privilege escalation in the DOM: Notifications component + CVE-2025-14324 JIT miscompilation in the JavaScript Engine: JIT component + CVE-2025-14325 JIT miscompilation in the JavaScript Engine: JIT component + CVE-2025-14328 Privilege escalation in the Netmonitor component + CVE-2025-14329 Privilege escalation in the Netmonitor component + CVE-2025-14330 JIT miscompilation in the JavaScript Engine: JIT component + CVE-2025-14331 Same-origin policy bypass in the Request Handling component + CVE-2025-14333 Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 * Fri Nov 14 2025 Pavel Vasenkov 140.5.0-alt1 Note: changelog entry for 140.6.0-alt0.p10.1 not found. winehelper - Program for easy installation of Windows applications. * Wed Mar 18 2026 Mikhail Tergoev 0.10.0-alt1 - updated to version 0.10.0 - updated installation scripts: emias, ctm-service (ALT bug: 58046) - added installation scripts: apropos-z, olimp - added wine-cx support (fork crossover) - GUI: fixes and improvements * Fri Feb 13 2026 Mikhail Tergoev 0.9.0-alt1 - updated to version 0.9.0 - added wine-wow64 support - added wine-cpcsp_proxy support for wine-wow64 - added an option to skip 32-bit dependency checking if wine-wow64 is used - added installation scripts: dialux 4, ksamu, emias - updated the ved-control installation script - tax programs have been migrated to 64-bit prefixes and wine-wow64 - t-flex programs have been migrated to use wine-wow64 - arm-kt programs have been migrated to use wine-wow64 - improved base prefix creation - improved creation and unpacking of prefix backups - system winetricks is used - GUI: main functions fixed/improved - GUI: icon display fixed for shortcuts (desktop files) - GUI: added the ability to launch the "Wine Control Panel" - GUI: moved file association, ESYNC, FSYNC, DXVK, and VK3D to "Advanced Settings" - GUI: removed unused Wine versions - GUI: added a filter to limit Wine version usage based on prefix * Fri Oct 24 2025 Mikhail Tergoev 0.8.0-alt1 - updated to version 0.8.0 - added autodetection of .reg and .dll files to add them to the prefix registry - added links to certificate pages to the "Help" tab - other minor improvements and optimizations to scripts and the graphical interface * Mon Oct 20 2025 Mikhail Tergoev 0.7.0-alt1 - updated to version 0.7.0 - GUI: added a button to open a directory with backups and logs - GUI: added a button to open a directory with a prefix - GUI: added a button to block buttons for an installed application if it is already running - GUI: added a display of the installation process for third-party components using winetricks - GUI: added the ability to display and install test scripts (disabled by default) - added installation scripts for t-flex version 18 - added a list of test software installation scripts to the CLI - added the ability to associate files for transfer to applications launched in WineHelper * Wed Oct 01 2025 Mikhail Tergoev 0.6.0-alt1 - updated to version 0.6.0 - fixed typos (ALT bug: 55538) - added Qt5 graphics mode - added tray icon for Qt5 graphics mode - updated installation scripts for t-flex-* - updated installation script for scadoffice - added manual installation of NetTest (demo version) - added ARM-KT installation scripts - winehelper killall - kills only processes running in WinwHelper - other minor script improvements and optimizations * Mon Jul 14 2025 Mikhail Tergoev 0.5.0-alt1 Total 19074 source packages.