[cyber] I: p6/branch packages: +2 (11679)

Пт Сен 19 08:51:23 MSK 2014

	2 UPDATED packages

chromium - An open source web browser developed by Google       	[523M]
* Fri Sep 12 2014 Andrey Cherepanov <cas на altlinux> 37.0.2062.94-alt0.M60P.1
- Backport new version to p6 branch
* Fri Aug 29 2014 Andrey Cherepanov <cas на altlinux> 37.0.2062.94-alt0.M70P.1
- Backport new version to p7 branch
* Wed Aug 27 2014 Andrey Cherepanov <cas на altlinux> 37.0.2062.94-alt1
- New version
- Security fixes:
  - Critical CVE-2014-3176, CVE-2014-3177: A special reward to
    lokihardt на asrt for a combination of bugs in V8, IPC, sync, and
    extensions that can lead to remote code execution outside of the
    sandbox.
  - High CVE-2014-3168: Use-after-free in SVG.
  - High CVE-2014-3169: Use-after-free in DOM.
  - High CVE-2014-3170: Extension permission dialog spoofing.
  - High CVE-2014-3171: Use-after-free in bindings.
  - Medium CVE-2014-3172: Issue related to extension debugging.
  - Medium CVE-2014-3173: Uninitialized memory read in WebGL.
  - Medium CVE-2014-3174: Uninitialized memory read in Web Audio.
* Fri Aug 22 2014 Andrey Cherepanov <cas на altlinux> 36.0.1985.143-alt0.M70P.1
- Backport new version to p7 branch
* Mon Aug 18 2014 Andrey Cherepanov <cas на altlinux> 36.0.1985.143-alt1
- New version
- Security fixes:
  - High CVE-2014-3165: Use-after-free in web sockets.
  - High CVE-2014-3166: Information disclosure in SPDY.
* Fri Jul 25 2014 Andrey Cherepanov <cas на altlinux> 36.0.1985.125-alt1.M70P.1
- Backport new version to p7 branch
* Fri Jul 25 2014 Andrey Cherepanov <cas на altlinux> 36.0.1985.125-alt2
- Fix small user interface fonts (see https://code.google.com/p/chromium/issues/detail?id=375824)
* Fri Jul 25 2014 Andrey Cherepanov <cas на altlinux> 36.0.1985.125-alt0.M70P.1
- Backport new version to p7 branch
* Thu Jul 17 2014 Andrey Cherepanov <cas на altlinux> 36.0.1985.125-alt1
- New version
- Security fixes:
  - Medium CVE-2014-3160: Same-Origin-Policy bypass in SVG.
- Fix wrong Russian translation (ALT #30182)
- Add flags to avoid memory exhaustion while linking on i586
- Use internal version of v8 library
* Mon Jul 14 2014 Andrey Cherepanov <cas на altlinux> 35.0.1916.153-alt1
- New version
- Security fixes:
  - High CVE-2014-3154: Use-after-free in filesystem api.
  - High CVE-2014-3155: Out-of-bounds read in SPDY.
  - Medium CVE-2014-3156: Buffer overflow in clipboard.
  - CVE-2014-3157: Heap overflow in media.
* Wed May 21 2014 Andrey Cherepanov <cas на altlinux> 35.0.1916.114-alt1
- New version
- Security fixes:
  - High CVE-2014-1743: Use-after-free in styles.
  - High CVE-2014-1744: Integer overflow in audio.
  - High CVE-2014-1745: Use-after-free in SVG.
  - Medium CVE-2014-1746: Out-of-bounds read in media filters.
  - Medium CVE-2014-1747: UXSS with local MHTML file.
  - Medium CVE-2014-1748: UI spoofing with scrollbar.
* Wed May 14 2014 Andrey Cherepanov <cas на altlinux> 34.0.1847.137-alt0.M60P.1
- Backport new version to p6 branch
- Add support for playing mp3 and mpeg4
- Revert use new Gnome Keyring API
* Wed May 14 2014 Andrey Cherepanov <cas на altlinux> 34.0.1847.137-alt1
- New version
- Security fixes:
  - High CVE-2014-1740: Use-after-free in WebSockets.
  - High CVE-2014-1741: Integer overflow in DOM ranges.
  - High CVE-2014-1742: Use-after-free in editing.
* Fri May 02 2014 Andrey Cherepanov <cas на altlinux> 34.0.1847.132-alt2
- Add support for playing mp3 and mpeg4 (ALT #27863)
- Package icudtl.dat
* Wed Apr 30 2014 Andrey Cherepanov <cas на altlinux> 34.0.1847.132-alt1
- New version
- Security fixes:
  - High CVE-2014-1731: Type confusion in DOM.
  - Medium CVE-2014-1732: Use-after-free in Speech Recognition.
  - Medium CVE-2014-1733: Compiler bug in Seccomp-BPF.
* Tue Apr 15 2014 Andrey Cherepanov <cas на altlinux> 34.0.1847.116-alt1
- New version
- Security fixes:
  - High CVE-2014-1718: Integer overflow in compositor.
  - High CVE-2014-1719: Use-after-free in web workers.
  - High CVE-2014-1720: Use-after-free in DOM.
  - High CVE-2014-1722: Use-after-free in rendering.
  - High CVE-2014-1723: Url confusion with RTL characters.
  - High CVE-2014-1724: Use-after-free in speech.
  - Medium CVE-2014-1725: OOB read with window property.
  - Medium CVE-2014-1726: Local cross-origin bypass.
  - Medium CVE-2014-1727: Use-after-free in forms.
- Package depot-tools to correct build
- Do not show apps shortcut button on bookmark bar by default
- Switch build from make to ninja-build
* Wed Mar 19 2014 Andrey Cherepanov <cas на altlinux> 33.0.1750.152-alt0.M70P.1
- Backport new version to p7 branch
* Tue Mar 18 2014 Andrey Cherepanov <cas на altlinux> 33.0.1750.152-alt1
- New version
- Security fixes:
  - High CVE-2014-1713: Use-after-free in Blink bindings
  - High CVE-2014-1705: Memory corruption in V8
  - High CVE-2014-1715: Directory traversal issue
* Thu Mar 13 2014 Andrey Cherepanov <cas на altlinux> 33.0.1750.149-alt0.M70P.1
- Backport new version to p7 branch
* Wed Mar 12 2014 Andrey Cherepanov <cas на altlinux> 33.0.1750.149-alt1
- New version
- Security fixes:
  - High CVE-2014-1700: Use-after-free in speech.
  - High CVE-2014-1701: UXSS in events.
  - High CVE-2014-1702: Use-after-free in web database.
* Tue Mar 04 2014 Andrey Cherepanov <cas на altlinux> 33.0.1750.146-alt1
- New version
- Security fixes:
  - High CVE-2013-6663: Use-after-free in svg images.
  - High CVE-2013-6664: Use-after-free in speech recognition.
  - High CVE-2013-6665: Heap buffer overflow in software rendering.
  - Medium CVE-2013-6666: Chrome allows requests in flash header request.
* Fri Feb 21 2014 Andrey Cherepanov <cas на altlinux> 33.0.1750.117-alt1
- New version
- Security fixes:
  - High CVE-2013-6653: Use-after-free related to web contents.
  - High CVE-2013-6654: Bad cast in SVG.
  - High CVE-2013-6655: Use-after-free in layout.
  - High CVE-2013-6656: Information leak in XSS auditor.
  - Medium CVE-2013-6657: Information leak in XSS auditor.
  - Medium CVE-2013-6658: Use-after-free in layout.
  - Medium CVE-2013-6659: Issue with certificates validation in TLS handshake.
  - Low CVE-2013-6660: Information leak in drag and drop.
- Update patches from SUSE, Debian and Arch
* Wed Jan 29 2014 Andrey Cherepanov <cas на altlinux> 32.0.1700.102-alt0.M70P.1
- Backport new version to p7 branch
* Tue Jan 28 2014 Andrey Cherepanov <cas на altlinux> 32.0.1700.102-alt1
- New version
- Security fixes:
  - High CVE-2013-6649: Use-after-free in SVG images.
- Fixes:
  - Mouse Pointer disappears after exiting full-screen mode. (317496)
  - Drag and drop files into Chrome may not work properly. (332579)
  - Quicktime Plugin crashes in Chrome. (308466)
  - Chrome becomes unresponsive. (335248)
  - Trackpad users may not be able to scroll horizontally. (332797)
  - Scrolling does not work in combo box. (334454)
  - Chrome does not work with all CSS minifiers such as whitespace
    around a media query's `and` keyword. (333035)
* Fri Jan 24 2014 Andrey Cherepanov <cas на altlinux> 32.0.1700.77-alt0.M70P.1
- Backport to p7 branch
* Tue Jan 21 2014 Andrey Cherepanov <cas на altlinux> 32.0.1700.77-alt1
- New version
- Security fixes:
  - High CVE-2013-6646: Use-after-free in web workers.
  - High CVE-2013-6641: Use-after-free related to forms.
  - High CVE-2013-6643: Unprompted sync with an attacker's Google account.
  - Medium CVE-2013-6645 Use-after-free related to speech input elements.
- Set interpreter /bin/bash for main executable for correct ulimit call
* Mon Dec 09 2013 Andrey Cherepanov <cas на altlinux> 31.0.1650.63-alt0.M70P.1
- Backport to p7 branch
* Thu Dec 05 2013 Andrey Cherepanov <cas на altlinux> 31.0.1650.63-alt1
- New version
- Security fixes:
  - Medium CVE-2013-6634: Session fixation in sync related to 302 redirects.
  - High CVE-2013-6635: Use-after-free in editing.
  - Medium CVE-2013-6636: Address bar spoofing related to modal dialogs.
- Increase default nproc limit from 1024 to 1536
- Remove SVN commit from release number
* Sat Nov 16 2013 Andrey Cherepanov <cas на altlinux> 31.0.1650.57-alt0.r235101.M70P.1
- Backport to p7 branch
* Fri Nov 15 2013 Andrey Cherepanov <cas на altlinux> 31.0.1650.57-alt1.r235101
- New version
- Security fixes:
  - Critical CVE-2013-6632: Multiple memory corruption issues
* Thu Nov 14 2013 Andrey Cherepanov <cas на altlinux> 31.0.1650.48-alt0.r233213.M70P.1
- Backport to p7 branch
* Wed Nov 13 2013 Andrey Cherepanov <cas на altlinux> 31.0.1650.48-alt1.r233213
- New version
- Security fixes:
  - Medium CVE-2013-6621: Use after free related to speech input elements.
  - High CVE-2013-6622: Use after free related to media elements.
  - High CVE-2013-6623: Out of bounds read in SVG.
  - High CVE-2013-6624: Use after free related to "id" attribute strings.
  - High CVE-2013-6625: Use after free in DOM ranges.
  - Low CVE-2013-6626: Address bar spoofing related to interstitial warnings.
  - High CVE-2013-6627: Out of bounds read in HTTP parsing.
  - Medium CVE-2013-6628: Issue with certificates not being checked during TLS renegotiation.
* Fri Oct 25 2013 Andrey Cherepanov <cas на altlinux> 30.0.1599.114-alt1.r229842
- New version
- Move chrome_sandbox to %_libdir/chromium/chrome-sandbox
* Fri Oct 11 2013 Andrey Cherepanov <cas на altlinux> 30.0.1599.66-alt1.r225456
- New version
- Security fixes:
  - Medium CVE-2013-2906: Races in Web Audio.
  - Medium CVE-2013-2907: Out of bounds read in Window.prototype object.
  - Medium CVE-2013-2908: Address bar spoofing related to the "204 No Content" status code.
  - High CVE-2013-2909: Use after free in inline-block rendering.
  - Medium CVE-2013-2910: Use-after-free in Web Audio.
  - High CVE-2013-2911: Use-after-free in XSLT.
  - High CVE-2013-2912: Use-after-free in PPAPI.
  - High CVE-2013-2913: Use-after-free in XML document parsing.
  - Low CVE-2013-2915: Address bar spoofing via a malformed scheme.
  - High CVE-2013-2916: Address bar spoofing related to the "204 No Content" status code.
  - Medium CVE-2013-2917: Out of bounds read in Web Audio.
  - High CVE-2013-2918: Use-after-free in DOM.
  - High CVE-2013-2919: Memory corruption in V8.
  - Medium CVE-2013-2920: Out of bounds read in URL parsing.
  - High CVE-2013-2921: Use-after-free in resource loader.
  - High CVE-2013-2922: Use-after-free in template element.
  - CVE-2013-2923: Various fixes from internal audits, fuzzing and other initiatives.
* Fri Sep 27 2013 Andrey Cherepanov <cas на altlinux> 29.0.1547.76-alt1.r223446.M70P.1
- Backport to p7 branch
* Wed Sep 25 2013 Andrey Cherepanov <cas на altlinux> 29.0.1547.76-alt2.r223446
- New version 29.0.1547.76
* Tue Sep 03 2013 Andrey Cherepanov <cas на altlinux> 29.0.1547.65-alt1.r220622
- New version 29.0.1547.62
- Security fixes:
  - High CVE-2013-2900: Incomplete path sanitization in file handling.
  - Low CVE-2013-2905: Information leak via overly broad permissions on
    shared memory files.
  - High CVE-2013-2901: Integer overflow in ANGLE.
  - High CVE-2013-2902: Use after free in XSLT.
  - High CVE-2013-2903: Use after free in media element.
  - High CVE-2013-2904: Use after free in document parsing.
- Improved Omnibox suggestions based on the recency of sites you have
  visited
- Ability to reset your profile back to its original state
- Many new apps and extensions APIs
- Lots of stability and performance improvements
- Fix an issue with printing from Google Docs applications
- Fix an issue with Sync
* Wed Jul 31 2013 Dmitriy Kulik <lnkvisitor на altlinux> 28.0.1500.95-alt2.r213514
- rebuild with versioned v8
* Wed Jul 31 2013 Andrey Cherepanov <cas на altlinux> 28.0.1500.95-alt1.r213514
- New version 28.0.1500.95
- Security fixes:
  - Medium CVE-2013-2881: Origin bypass in frame handling.
  - High CVE-2013-2883: Use-after-free in MutationObserver.
  - High CVE-2013-2884: Use-after-free in DOM.
  - High CVE-2013-2885: Use-after-free in input handling.
* Wed Jul 24 2013 Andrey Cherepanov <cas на altlinux> 28.0.1500.71-alt1.r209842
- New version 28.0.1500.71
- Security fixes:
  - High CVE-2013-2879: Confusion setting up sign-in and sync.
  - Medium CVE-2013-2868: Incorrect sync of NPAPI extension component.
  - Medium CVE-2013-2869: Out-of-bounds read in JPEG2000 handling.
  - Critical CVE-2013-2870: Use-after-free with network sockets.
  - Medium CVE-2013-2853: Man-in-the-middle attack against HTTP in SSL.
  - High CVE-2013-2871: Use-after-free in input handling.
  - High CVE-2013-2873: Use-after-free in resource loading.
  - Medium CVE-2013-2875: Out-of-bounds-read in SVG.
  - Medium CVE-2013-2876: Extensions permissions confusion with interstitials.
  - Low CVE-2013-2877: Out-of-bounds read in XML parsing.
  - None: Remove the "viewsource" attribute on iframes.
  - Medium CVE-2013-2878: Out-of-bounds read in text handling.
  - High CVE-2013-2880: Various fixes from internal audits, fuzzing and other initiatives
* Wed Jun 05 2013 Andrey Cherepanov <cas на altlinux> 27.0.1453.110-alt1.r202711
- New version 27.0.1453.110
- Security fixes:
  - Critical CVE-2013-2863: Memory corruption in SSL socket handling.
  - High CVE-2013-2856: Use-after-free in input handling.
  - High CVE-2013-2857: Use-after-free in image handling.
  - High CVE-2013-2858: Use-after-free in HTML5 Audio.
  - High CVE-2013-2859: Cross-origin namespace pollution.
  - High CVE-2013-2860: Use-after-free with workers accessing database APIs.
  - High CVE-2013-2861: Use-after-free with SVG.
  - High CVE-2013-2862: Memory corruption in Skia GPU handling.
  - High CVE-2013-2864: Bad free in PDF viewer.
  - High CVE-2013-2865: Various fixes from internal audits, fuzzing and other initiatives. 
  - Medium CVE-2013-2855: Memory corruption in dev tools API.
* Thu May 30 2013 Andrey Cherepanov <cas на altlinux> 27.0.1453.93-alt1.r200836
Note: changelog entry for 27.0.1453.110-alt0.M60P.1.r202711 not found.

quagga - Quagga routing suite (a fork of the GNU Zebra)
* Wed Sep 03 2014 Sergey Y. Afonin <asy на altlinux> 0.99.23.1-alt0.M60T.1
- branch t6 backport
* Mon Sep 01 2014 Sergey Y. Afonin <asy на altlinux> 0.99.23.1-alt1
- new version
* Fri Apr 12 2013 Sergey Y. Afonin <asy на altlinux> 0.99.22.1-alt1
- new version
* Sat Mar 02 2013 Sergey Y. Afonin <asy на altlinux> 0.99.22-alt1
Note: changelog entry for 0.99.22.1-alt0.M60P.1 not found.

Total 11679 source packages.