[cyber] I: p9/branch packages: +8 (18058)

[QA Team Robot]

	8 UPDATED packages

chromium-gost - An open source web browser developed by Google  	[1000M]
* Tue Jul 21 2020 Fr. Br. George <george на altlinux> 83.0.4103.61-alt2.M90P.1
- Build GOST version
* Mon Jun 29 2020 Andrey Cherepanov <cas на altlinux> 83.0.4103.61-alt2
- Prevent ignored null byte warning in Flash plugin version detection.
- Add default parameters to system-wide variable $CHROMIUM_FLAGS.
- Use Chromium name in GenericName in desktop file (ALT #36815).
- Exclude armh from build.
* Thu May 21 2020 Alexey Gladkov <legion на altlinux> 83.0.4103.61-alt1
- New version (83.0.4103.61).
- Security fixes:
  - CVE-2020-6465: Use after free in reader mode.
  - CVE-2020-6466: Use after free in media.
  - CVE-2020-6467: Use after free in WebRTC.
  - CVE-2020-6468: Type Confusion in V8.
  - CVE-2020-6469: Insufficient policy enforcement in developer tools.
  - CVE-2020-6470: Insufficient validation of untrusted input in clipboard.
  - CVE-2020-6471: Insufficient policy enforcement in developer tools.
  - CVE-2020-6472: Insufficient policy enforcement in developer tools.
  - CVE-2020-6473: Insufficient policy enforcement in Blink.
  - CVE-2020-6474: Use after free in Blink.
  - CVE-2020-6475: Incorrect security UI in full screen.
  - CVE-2020-6476: Insufficient policy enforcement in tab strip.
  - CVE-2020-6477: Inappropriate implementation in installer.
  - CVE-2020-6478: Inappropriate implementation in full screen.
  - CVE-2020-6479: Inappropriate implementation in sharing.
  - CVE-2020-6480: Insufficient policy enforcement in enterprise.
  - CVE-2020-6481: Insufficient policy enforcement in URL formatting.
  - CVE-2020-6482: Insufficient policy enforcement in developer tools.
  - CVE-2020-6483: Insufficient policy enforcement in payments.
  - CVE-2020-6484: Insufficient data validation in ChromeDriver.
  - CVE-2020-6485: Insufficient data validation in media router.
  - CVE-2020-6486: Insufficient policy enforcement in navigations.
  - CVE-2020-6487: Insufficient policy enforcement in downloads.
  - CVE-2020-6488: Insufficient policy enforcement in downloads.
  - CVE-2020-6489: Inappropriate implementation in developer tools.
  - CVE-2020-6490: Insufficient data validation in loader.
  - CVE-2020-6491: Incorrect security UI in site information.
* Wed May 13 2020 Alexey Gladkov <legion на altlinux> 81.0.4044.138-alt1
- New version (81.0.4044.138).
- Security fixes:
  - CVE-2020-6464: Type Confusion in Blink.
  - CVE-2020-6831: Stack buffer overflow in SCTP.
  - CVE-2020-6461: Use after free in storage.
  - CVE-2020-6462: Use after free in task scheduling.
  - CVE-2020-6458: Out of bounds read and write in PDFium.
  - CVE-2020-6459: Use after free in payments.
  - CVE-2020-6460: Insufficient data validation in URL formatting.
  - CVE-2020-6463: Use after free in ANGLE.
* Thu Apr 23 2020 Fr. Br. George <george на altlinux> 80.0.3987.132-alt3
- Fix startup script
* Fri Mar 06 2020 Alexey Gladkov <legion на altlinux> 80.0.3987.132-alt1
- New version (80.0.3987.132).
- Security fixes:
  - CVE-2019-18197: Multiple vulnerabilities in XML.
  - CVE-2019-19923: Out of bounds memory access in SQLite.
  - CVE-2019-19925: Multiple vulnerabilities in SQLite.
  - CVE-2019-19926: Inappropriate implementation in SQLite.
  - CVE-2020-6381: Integer overflow in JavaScript.
  - CVE-2020-6382: Type Confusion in JavaScript.
  - CVE-2020-6383: Type confusion in V8.
  - CVE-2020-6384: Use after free in WebAudio.
  - CVE-2020-6385: Insufficient policy enforcement in storage.
  - CVE-2020-6386: Use after free in speech.
  - CVE-2020-6387: Out of bounds write in WebRTC.
  - CVE-2020-6388: Out of bounds memory access in WebAudio.
  - CVE-2020-6389: Out of bounds write in WebRTC.
  - CVE-2020-6390: Out of bounds memory access in streams.
  - CVE-2020-6391: Insufficient validation of untrusted input in Blink.
  - CVE-2020-6392: Insufficient policy enforcement in extensions.
  - CVE-2020-6393: Insufficient policy enforcement in Blink.
  - CVE-2020-6394: Insufficient policy enforcement in Blink.
  - CVE-2020-6395: Out of bounds read in JavaScript.
  - CVE-2020-6396: Inappropriate implementation in Skia.
  - CVE-2020-6397: Incorrect security UI in sharing.
  - CVE-2020-6398: Uninitialized use in PDFium.
  - CVE-2020-6399: Insufficient policy enforcement in AppCache.
  - CVE-2020-6400: Inappropriate implementation in CORS.
  - CVE-2020-6401: Insufficient validation of untrusted input in Omnibox.
  - CVE-2020-6402: Insufficient policy enforcement in downloads.
  - CVE-2020-6403: Incorrect security UI in Omnibox.
  - CVE-2020-6404: Inappropriate implementation in Blink.
  - CVE-2020-6405: Out of bounds read in SQLite.
  - CVE-2020-6406: Use after free in audio.
  - CVE-2020-6407: Out of bounds memory access in streams.
  - CVE-2020-6408: Insufficient policy enforcement in CORS.
  - CVE-2020-6409: Inappropriate implementation in Omnibox.
  - CVE-2020-6410: Insufficient policy enforcement in navigation.
  - CVE-2020-6411: Insufficient validation of untrusted input in Omnibox.
  - CVE-2020-6412: Insufficient validation of untrusted input in Omnibox.
  - CVE-2020-6413: Inappropriate implementation in Blink.
  - CVE-2020-6414: Insufficient policy enforcement in Safe Browsing.
  - CVE-2020-6415: Inappropriate implementation in JavaScript.
  - CVE-2020-6416: Insufficient data validation in streams.
  - CVE-2020-6417: Inappropriate implementation in installer.
  - CVE-2020-6418: Type confusion in V8.
  - CVE-2020-6420: Insufficient policy enforcement in media.
* Mon Feb 03 2020 Alexey Gladkov <legion на altlinux> 79.0.3945.130-alt1
- New version (79.0.3945.130).
- Security fixes:
  - CVE-2019-13767: Use after free in media picker.
  - CVE-2020-6377: Use after free in audio.
  - CVE-2020-6378: Use-after-free in speech recognizer.
  - CVE-2020-6379: Use-after-free in speech recognizer.
  - CVE-2020-6380: Extension message verification error.
* Mon Dec 16 2019 Alexey Gladkov <legion на altlinux> 79.0.3945.79-alt1
- New version (79.0.3945.79).
- Security fixes:
  - CVE-2019-13725: Use after free in Bluetooth.
  - CVE-2019-13726: Heap buffer overflow in password manager.
  - CVE-2019-13727: Insufficient policy enforcement in WebSockets.
  - CVE-2019-13728: Out of bounds write in V8.
  - CVE-2019-13729: Use after free in WebSockets.
  - CVE-2019-13730: Type Confusion in V8.
  - CVE-2019-13732: Use after free in WebAudio.
  - CVE-2019-13734: Out of bounds write in SQLite.
  - CVE-2019-13735: Out of bounds write in V8.
  - CVE-2019-13736: Integer overflow in PDFium.
  - CVE-2019-13737: Insufficient policy enforcement in autocomplete.
  - CVE-2019-13738: Insufficient policy enforcement in navigation.
  - CVE-2019-13739: Incorrect security UI in Omnibox.
  - CVE-2019-13740: Incorrect security UI in sharing.
  - CVE-2019-13741: Insufficient validation of untrusted input in Blink.
  - CVE-2019-13742: Incorrect security UI in Omnibox.
  - CVE-2019-13743: Incorrect security UI in external protocol handling.
  - CVE-2019-13744: Insufficient policy enforcement in cookies.
  - CVE-2019-13745: Insufficient policy enforcement in audio.
  - CVE-2019-13746: Insufficient policy enforcement in Omnibox.
  - CVE-2019-13747: Uninitialized Use in rendering.
  - CVE-2019-13748: Insufficient policy enforcement in developer tools.
  - CVE-2019-13749: Incorrect security UI in Omnibox.
  - CVE-2019-13750: Insufficient data validation in SQLite.
  - CVE-2019-13751: Uninitialized Use in SQLite.
  - CVE-2019-13752: Out of bounds read in SQLite.
  - CVE-2019-13753: Out of bounds read in SQLite.
  - CVE-2019-13754: Insufficient policy enforcement in extensions.
  - CVE-2019-13755: Insufficient policy enforcement in extensions.
  - CVE-2019-13756: Incorrect security UI in printing.
  - CVE-2019-13757: Incorrect security UI in Omnibox.
  - CVE-2019-13758: Insufficient policy enforcement in navigation.
  - CVE-2019-13759: Incorrect security UI in interstitials.
  - CVE-2019-13761: Incorrect security UI in Omnibox.
  - CVE-2019-13762: Insufficient policy enforcement in downloads.
  - CVE-2019-13763: Insufficient policy enforcement in payments.
  - CVE-2019-13764: Type Confusion in V8.
* Mon Dec 02 2019 Alexey Gladkov <legion на altlinux> 78.0.3904.108-alt1
- New version (78.0.3904.108).
- Security fixes:
  - CVE-2019-13723: Use-after-free in Bluetooth.
  - CVE-2019-13724: Out-of-bounds access in Bluetooth.
* Sat Nov 09 2019 Alexey Gladkov <legion на altlinux> 78.0.3904.97-alt1
- New version (78.0.3904.97).
- Security fixes:
  - CVE-2019-13720: Use-after-free in audio.
  - CVE-2019-13721: Use-after-free in PDFium.
* Thu Oct 24 2019 Alexey Gladkov <legion на altlinux> 78.0.3904.70-alt1
- New version (78.0.3904.70).
- Security fixes:
  - CVE-2019-13699: Use-after-free in media.
  - CVE-2019-13700: Buffer overrun in Blink.
  - CVE-2019-13701: URL spoof in navigation.
  - CVE-2019-13702: Privilege elevation in Installer.
  - CVE-2019-13703: URL bar spoofing.
  - CVE-2019-13704: CSP bypass.
  - CVE-2019-13705: Extension permission bypass.
  - CVE-2019-13706: Out-of-bounds read in PDFium.
  - CVE-2019-13707: File storage disclosure.
  - CVE-2019-13708: HTTP authentication spoof.
  - CVE-2019-13709: File download protection bypass.
  - CVE-2019-13710: File download protection bypass.
  - CVE-2019-13711: Cross-context information leak.
  - CVE-2019-13713: Cross-origin data leak.
  - CVE-2019-13714: CSS injection.
  - CVE-2019-13715: Address bar spoofing.
  - CVE-2019-13716: Service worker state error.
  - CVE-2019-13717: Notification obscured.
  - CVE-2019-13718: IDN spoof.
  - CVE-2019-13719: Notification obscured.
  - CVE-2019-15903: Buffer overflow in expat.
* Mon Oct 21 2019 Alexey Gladkov <legion на altlinux> 77.0.3865.120-alt1
- New version (77.0.3865.120).
- Security fixes:
  - CVE-2019-13693: Use-after-free in IndexedDB.
  - CVE-2019-13694: Use-after-free in WebRTC.
  - CVE-2019-13695: Use-after-free in audio.
  - CVE-2019-13696: Use-after-free in V8.
  - CVE-2019-13697: Cross-origin size leak.
* Wed Sep 25 2019 Alexey Gladkov <legion на altlinux> 77.0.3865.90-alt1
- New version (77.0.3865.90).
- Security fixes:
  - CVE-2019-13685: Use-after-free in UI.
  - CVE-2019-13686: Use-after-free in offline pages.
  - CVE-2019-13687: Use-after-free in media.
  - CVE-2019-13688: Use-after-free in media.
* Mon Sep 23 2019 Alexey Gladkov <legion на altlinux> 77.0.3865.75-alt1
- New version (77.0.3865.75).
- Security fixes:
  - CVE-2019-13659: URL spoof.
  - CVE-2019-13660: Full screen notification overlap.
  - CVE-2019-13661: Full screen notification spoof.
  - CVE-2019-13662: CSP bypass.
  - CVE-2019-13663: IDN spoof.
  - CVE-2019-13664: CSRF bypass.
  - CVE-2019-13665: Multiple file download protection bypass.
  - CVE-2019-13666: Side channel using storage size estimate.
  - CVE-2019-13667: URI bar spoof when using external app URIs.
  - CVE-2019-13668: Global window leak via console.
  - CVE-2019-13669: HTTP authentication spoof.
  - CVE-2019-13670: V8 memory corruption in regex.
  - CVE-2019-13671: Dialog box fails to show origin.
  - CVE-2019-13673: Cross-origin information leak using devtools.
  - CVE-2019-13674: IDN spoofing.
  - CVE-2019-13675: Extensions can be disabled by trailing slash.
  - CVE-2019-13676: Google URI shown for certificate warning.
  - CVE-2019-13677: Chrome web store origin needs to be isolated.
  - CVE-2019-13678: Download dialog spoofing.
  - CVE-2019-13679: User gesture needed for printing.
  - CVE-2019-13680: IP address spoofing to servers.
  - CVE-2019-13681: Bypass on download restrictions.
  - CVE-2019-13682: Site isolation bypass.
  - CVE-2019-13683: Exceptions leaked by devtools.
  - CVE-2019-5870: Use-after-free in media.
  - CVE-2019-5871: Heap overflow in Skia.
  - CVE-2019-5872: Use-after-free in Mojo.
  - CVE-2019-5873: URL bar spoofing on iOS.
  - CVE-2019-5874: External URIs may trigger other browsers.
  - CVE-2019-5875: URL bar spoof via download redirect.
  - CVE-2019-5876: Use-after-free in media.
  - CVE-2019-5877: Out-of-bounds access in V8.
  - CVE-2019-5878: Use-after-free in V8.
  - CVE-2019-5879: Extensions can read some local files.
  - CVE-2019-5880: SameSite cookie bypass.
  - CVE-2019-5881: Arbitrary read in SwiftShader.
* Wed Sep 18 2019 Fr. Br. George <george на altlinux> 76.0.3809.87-alt2

etcnet - /etc/net network configuration system
* Fri Jul 10 2020 Anton Farygin <rider на altlinux> 0.9.19-alt1
- added openvswitch support from the our openvswitch package
- fixed OVS_OPTIONS and OVS_EXTRA usage for interfaces with TYPE=ovsbr
* Tue Sep 24 2019 Alexey Shabalin <shaba на altlinux> 0.9.18-alt4

freerdp - Remote Desktop Protocol functionality
* Tue Jul 21 2020 Andrey Cherepanov <cas на altlinux> 2.2.0-alt1
- New version.
- Fixes:
  + CVE-2020-15103 - Integer overflow due to missing input sanitation in rdpegfx channel
* Wed Jul 01 2020 Andrey Cherepanov <cas на altlinux> 2.1.2-alt2

grantlee5 - Qt string template engine based on the Django template system
* Wed Jul 22 2020 Sergey V Turchin <zerg на altlinux> 5.2.0-alt1
- new version
* Tue Oct 22 2019 Sergey V Turchin <zerg на altlinux> 5.1.0-alt4

iperf3 - A TCP, UDP, and SCTP network bandwidth measurement tool
* Wed Jul 22 2020 Sergey Y. Afonin <asy на altlinux> 3.8.1-alt1
- New version
- Removed Vcs tag (unsupported in p8 branch)
- Removed --disable-profiling (disabled by default in 3.8)
* Fri Apr 10 2020 Vitaly Chikunov <vt на altlinux> 3.7-alt4
- Further systemd iperf3.service hardening
* Mon Dec 09 2019 Vitaly Chikunov <vt на altlinux> 3.7-alt3
- Fix systemd iperf3.service type making it forking
- Systemd iperf3.service hardening
- Update package License
* Sat Aug 31 2019 Sergey Y. Afonin <asy на altlinux> 3.7-alt2

kernel-image-rpi-def - The Linux kernel (the core of the Linux operating system)
* Wed Jul 22 2020 Dmitry Terekhin <jqt4 на altlinux> 1:5.4.51-alt2
- CONFIG_DEBUG_INFO is off, because p9 packages is huge
* Sat Jul 18 2020 Dmitry Terekhin <jqt4 на altlinux> 1:5.4.51-alt1
- updated to 5.4.51 (still RPi-specific)
* Fri Nov 08 2019 Dmitry Terekhin <jqt4 на altlinux> 1:4.19.71-alt0.6

kernel-image-rpi-un - The Linux kernel (the core of the Linux operating system)
* Wed Jul 22 2020 Dmitry Terekhin <jqt4 на altlinux> 1:5.7.8-alt2
- CONFIG_DEBUG_INFO is off, because p9 packages is huge
* Sat Jul 18 2020 Dmitry Terekhin <jqt4 на altlinux> 1:5.7.8-alt1
- Updated to 5.7.8 (still RPi-specific)
- CONFIG_DEBUG_INFO=y
* Mon Jun 08 2020 Dmitry Terekhin <jqt4 на altlinux> 1:5.6.16-alt1

openvswitch - An open source, production quality, multilayer virtual switch
* Fri Jul 10 2020 Anton Farygin <rider на altlinux> 2.12.0-alt4.M90P.1
- openvswitch support for etcnet has been moved to etcnet package
* Thu Jun 18 2020 Alexey Shabalin <shaba на altlinux> 2.12.0-alt3.M90P.1

Total 18058 source packages.