[cyber] I: p8/branch packages: +10 (17938)

QA Team Robot qa на altlinux.org
Пт Фев 16 07:44:03 MSK 2018 

	10 UPDATED packages

firefox - The Mozilla Firefox project is a redesign of Mozilla's browser	[241M]
* Tue Feb 13 2018 Andrey Cherepanov <cas на altlinux> 58.0.2-alt0.M80P.1
- Backport new version to p8 branch.
* Sun Feb 11 2018 Alexey Gladkov <legion на altlinux> 58.0.2-alt1
- New release (58.0.2).
- Fixed:
  + CVE-2018-5091: Use-after-free with DTMF timers
  + CVE-2018-5092: Use-after-free in Web Workers
  + CVE-2018-5093: Buffer overflow in WebAssembly during Memory/Table resizing
  + CVE-2018-5094: Buffer overflow in WebAssembly with garbage collection on uninitialized memory
  + CVE-2018-5095: Integer overflow in Skia library during edge builder allocation
  + CVE-2018-5097: Use-after-free when source document is manipulated during XSLT
  + CVE-2018-5098: Use-after-free while manipulating form input elements
  + CVE-2018-5099: Use-after-free with widget listener
  + CVE-2018-5100: Use-after-free when IsPotentiallyScrollable arguments are freed from memory
  + CVE-2018-5101: Use-after-free with floating first-letter style elements
  + CVE-2018-5102: Use-after-free in HTML media elements
  + CVE-2018-5103: Use-after-free during mouse event handling
  + CVE-2018-5104: Use-after-free during font face manipulation
  + CVE-2018-5105: WebExtensions can save and execute files on local file system without user prompts
  + CVE-2018-5106: Developer Tools can expose style editor information cross-origin through service worker
  + CVE-2018-5107: Printing process will follow symlinks for local file access
  + CVE-2018-5108: Manually entered blob URL can be accessed by subsequent private browsing tabs
  + CVE-2018-5109: Audio capture prompts and starts with incorrect origin attribution
  + CVE-2018-5110: Cursor can be made invisible on OS X
  + CVE-2018-5111: URL spoofing in addressbar through drag and drop
  + CVE-2018-5112: Extension development tools panel can open a non-relative URL in the panel
  + CVE-2018-5113: WebExtensions can load non-HTTPS pages with browser.identity.launchWebAuthFlow
  + CVE-2018-5114: The old value of a cookie changed to HttpOnly remains accessible to scripts
  + CVE-2018-5115: Background network requests can open HTTP authentication in unrelated foreground tabs
  + CVE-2018-5116: WebExtension ActiveTab permission allows cross-origin frame content access
  + CVE-2018-5117: URL spoofing with right-to-left text aligned left-to-right
  + CVE-2018-5118: Activity Stream images can attempt to load local content through file:
  + CVE-2018-5119: Reader view will load cross-origin content in violation of CORS headers
  + CVE-2018-5121: OS X Tibetan characters render incompletely in the addressbar
  + CVE-2018-5122: Potential integer overflow in DoCrypt
  + CVE-2018-5090: Memory safety bugs fixed in Firefox 58
  + CVE-2018-5089: Memory safety bugs fixed in Firefox 58 and Firefox ESR 52.6
  + CVE-2018-5124: Sanitize HTML fragments created for chrome-privileged documents
* Wed Jan 10 2018 Andrey Cherepanov <cas на altlinux> 57.0.4-alt0.M80P.1

firefox-kk - Kazakh (KZ) Language Pack for Firefox
* Mon Feb 12 2018 Alexey Gladkov <legion на altlinux> 58.0.2-alt1
- New version (58.0.2).
* Mon Dec 04 2017 Alexey Gladkov <legion на altlinux> 57.0.1-alt1

firefox-ru - Russian (RU) Language Pack for Firefox
* Mon Feb 12 2018 Alexey Gladkov <legion на altlinux> 58.0.2-alt1
- New version (58.0.2).
* Mon Dec 04 2017 Alexey Gladkov <legion на altlinux> 57.0.1-alt1

firefox-uk - Ukrainian (UA) Language Pack for Firefox
* Mon Feb 12 2018 Alexey Gladkov <legion на altlinux> 58.0.2-alt1
- New version (58.0.2).
* Mon Dec 04 2017 Alexey Gladkov <legion на altlinux> 57.0.1-alt1

golang - The Go Programming Language                            	[11M]
* Thu Feb 15 2018 Alexey Shabalin <shaba на altlinux> 1.8.7-alt0.M80P.1
- Build 1.8.7 to p8 branch
* Mon Aug 28 2017 Alexey Shabalin <shaba на altlinux> 1.8.3-alt0.M80P.1

grafana - Metrics dashboard and graph editor                    	[54M]
* Wed Feb 14 2018 Alexey Shabalin <shaba на altlinux> 4.6.3-alt1.M80P.1
- 4.6.3
* Mon Dec 04 2017 Alexey Shabalin <shaba на altlinux> 4.6.2-alt1.M80P.1
- 4.6.2
* Mon Oct 30 2017 Alexey Shabalin <shaba на altlinux> 4.6.0-alt1.M80P.1

nss - Netscape Network Security Services(NSS)
* Thu Feb 15 2018 Andrey Cherepanov <cas на altlinux> 3.34.1-alt0.M80P.1
- Backport new version to p8 branch.
* Fri Jan 12 2018 Alexey Gladkov <legion на altlinux> 3.34.1-alt3
- Fix the alteranatives file.
* Fri Dec 29 2017 Alexey Gladkov <legion на altlinux> 3.34.1-alt2
- Add the alteranatives file for libnssckbi.so.
- Add libnss-nssckbi-checkinstall subpackage.
* Sat Dec 23 2017 Alexey Gladkov <legion на altlinux> 3.34.1-alt1
- New version (3.34.1).
- Remove obsolete nss-alt-ssl-addon-certs.txt.
* Tue Oct 17 2017 Andrey Cherepanov <cas на altlinux> 3.33.0-alt0.M80P.1

rust - The Rust Programming Language                            	[18M]
* Thu Feb 15 2018 Andrey Cherepanov <cas на altlinux> 1.21.0-alt0.M80P.1
- backport new version to p8 branch
* Wed Feb 14 2018 Andrey Cherepanov <cas на altlinux> 1.20.0-alt0.M80P.1

rust-cargo - The Rust package manager
* Thu Feb 15 2018 Andrey Cherepanov <cas на altlinux> 0.22.0-alt0.M80P.1
- backport new version to p8 branch
* Wed Feb 14 2018 Andrey Cherepanov <cas на altlinux> 0.21.1-alt0.M80P.1

telegraf - The plugin-driven server agent for collecting and reporting metrics	[29M]
* Wed Feb 14 2018 Alexey Shabalin <shaba на altlinux> 1.5.2-alt2.M80P.1
- fix "commit"
* Thu Feb 01 2018 Alexey Shabalin <shaba на altlinux> 1.5.2-alt1.M80P.1
- 1.5.2
* Mon Oct 30 2017 Alexey Shabalin <shaba на altlinux> 1.4.3-alt1.M80P.1

Total 17938 source packages.

Подробная информация о списке рассылки Sisyphus-cybertalk