[cyber] I: p10/branch packages: +4 (19078)

[cyber] I: p10/branch packages: +4 (19078)

[QA Team Robot]

	4 UPDATED packages

freerdp3 - Remote Desktop Protocol functionality
* Sun Apr 12 2026 Andrey Cherepanov <cas@altlinux> 3.24.2-alt1
- New version (fixes: CVE-2026-33995, CVE-2026-33987, CVE-2026-33986,
  CVE-2026-33985, CVE-2026-33984, CVE-2026-33983, CVE-2026-33982,
  CVE-2026-33977, CVE-2026-33952).
* Thu Mar 19 2026 Andrey Cherepanov <cas@altlinux> 3.24.1-alt1
- New version (fixes: CVE-2026-29774, CVE-2026-29775, CVE-2026-29776,
  CVE-2026-31806, CVE-2026-31883, CVE-2026-31884, CVE-2026-31885,
  CVE-2026-31897).
* Thu Feb 26 2026 Alexander Danilov <admsasha@altlinux> 3.23.0-alt1
- New version (fixes: CVE-2026-26965, CVE-2026-26955, CVE-2026-26271,
  CVE-2026-25997, CVE-2026-25959, CVE-2026-25955, CVE-2026-25954,
  CVE-2026-25953 CVE-2026-25952 CVE-2026-25942 CVE-2026-25941).
* Tue Feb 10 2026 Alexander Danilov <admsasha@altlinux> 3.22.0-alt1
- New version (fixes: CVE-2026-23948, CVE-2026-24491, CVE-2026-24675,
  CVE-2026-24676, CVE-2026-24677, CVE-2026-24678, CVE-2026-24679,
  CVE-2026-24680, CVE-2026-24681, CVE-2026-24682, CVE-2026-24683,
  CVE-2026-24684).
* Wed Jan 21 2026 Andrey Cherepanov <cas@altlinux> 3.21.0-alt1

jansson - C library for encoding, decoding and manipulating JSON data
* Wed Dec 04 2024 Anton Farygin <rider@altlinux> 2.14-alt4
- fixed libdir location in pkgconfig file
* Mon Dec 02 2024 Anton Farygin <rider@altlinux> 2.14-alt3
- dependencies for the building of documentation changed from
  python3-module-sphinx to /usr/bin/sphinx-build to simplify the backport in stable branches
* Mon Dec 02 2024 Anton Farygin <rider@altlinux> 2.14-alt2
- built with cmake
* Fri Nov 29 2024 Anton Farygin <rider@altlinux> 2.14-alt1
- 2.13.1 -> 2.14
- updated homepage URL
- renamed according to SharedLibsPolicy
* Tue May 18 2021 Slava Aseev <ptrnine@altlinux> 2.13.1-alt2

json-c - JSON implementation in C
* Thu Apr 09 2026 Andrey Cherepanov <cas@altlinux> 0.18-alt0.c10.1
- Backported to c10 branch.
* Wed Sep 25 2024 Alexey Shabalin <shaba@altlinux> 0.18-alt1
- Updated to 0.18
- Not relocate shared libraries to /lib.
* Thu Oct 19 2023 Alexey Shabalin <shaba@altlinux> 0.17-alt1

sudo - Allows command execution as another user
* Tue Apr 28 2026 Evgeny Sinelnikov <sin@altlinux> 1:1.9.17p2-alt2
- Security release (fixes: CVE-2026-35535):
 + Privilege escalation via ignored setuid/setgid/setgroups failures during
   mailer privilege drop (sudo before 3e474c2).
- Add check section with make check to run test suite during package build.
* Wed Oct 22 2025 Evgeny Sinelnikov <sin@altlinux> 1:1.9.17p2-alt1
- Update to latest stable bugfix release:
- Major fixes from upstream:
 + Fixed a rare bug causing system-wide SIGHUP signals (GitHub#458).
 + Fixed a crash when using 'intercept' options with large arguments or
   environment (GitHub#453).
* Tue Jul 01 2025 Evgeny Sinelnikov <sin@altlinux> 1:1.9.17p1-alt1
- Update to latest stable bugfix and security release
  (upstream fix of CVE-2025-32462, CVE-2025-32463 applied in 1.9.16p2-alt3):
 + Fixed a crash in sudo which could occur if there was a fatal error after the
   user was validated but before the command was actually run.
 + Fixed a problem with the pwfeedback option where an initial backspace would
   reduce the maximum length allowed for the password (GitHub#439).
 + Fixed a bug where a user could avoid entering a password for sudo -l command
   if they specified their own user or group name via the -u or -g options.
 + Avoid potential password guessing based on timing attacks on the strcmp()
   function on systems without PAM or a crypt() function where plaintext
   passwords are stored in the shadow password file.
 + Fixed a potential information leak where sudo -l command could be used to
   determine whether an executable exists in a directory that they do not have
   search access to.
 + Fixed a problem running sudo from a serial console on Linux when the command
   is run in a pseudo-terminal (the default).
 + Fixed a bug where the ALL command in a sudoers rule would override a previous
   NOSETENV tag. Command tags are inherited from previous Cmnds in a
   Cmnd_Spec_List. There is a special case for the SETENV tag with the ALL
   command, where SETENV is implied if no explicit SETENV or NOSETENV tag is
   specified. This special case did not take into account that a NOSETENV tag
   that was inherited should override this behavior.
- Fixes in behavior:
 + The ignore_dot sudoers setting is now on by default.
 + If sudo is run via ssh without a terminal and a password is required, it now
   suggest using ssh's -t option.
 + Sudo uses TCSAFLUSH, not TCSADRAIN, when disabling echo once again. A long
   time ago sudo changed from using TCSAFLUSH to TCSADRAIN due to some systems
   having bugs related to TCSAFLUSH. That should no longer be a concern. Using
   TCSAFLUSH ensures that password input that has been received by the kernel,
   but not yet read by sudo, will be discarded and not echoed.
 + Added the SUDO_TTY environment variable if the user has a terminal. This can
   be used to find the user's original tty device when sudo runs the command in
   its own pseudo-terminal (GitHub#447).
* Tue Jul 01 2025 Evgeny Sinelnikov <sin@altlinux> 1:1.9.16p2-alt3

Total 19078 source packages.