[cyber] I: p10/branch packages: +7 (17655)

QA Team Robot qa на altlinux.org
Ср Дек 22 03:15:18 MSK 2021 

	7 UPDATED packages

desktop-file-utils - Utilities for manipulating .desktop files
* Tue Dec 07 2021 Igor Vlasenko <viy на altlinux> 0.26-alt2
- added support for DesktopNames in xsessions and wayland-sessions
* Fri Sep 17 2021 Sergey V Turchin <zerg на altlinux> 0.26-alt1

firefox - The Mozilla Firefox project is a redesign of Mozilla's browser	[396M]
* Fri Dec 17 2021 Alexey Gladkov <legion на altlinux> 95.0.1-alt1
- New release (95.0.1).
* Wed Dec 08 2021 Alexey Gladkov <legion на altlinux> 95.0-alt1
- New release (95.0).
- Security fixes:
  + CVE-2021-43536: URL leakage when navigating while executing asynchronous function
  + CVE-2021-43537: Heap buffer overflow when using structured clone
  + CVE-2021-43538: Missing fullscreen and pointer lock notification when requesting both
  + CVE-2021-43539: GC rooting failure when calling wasm instance methods
  + MOZ-2021-0010: Use-after-free in fullscreen objects on MacOS
  + CVE-2021-43540: WebExtensions could have installed persistent ServiceWorkers
  + CVE-2021-43541: External protocol handler parameters were unescaped
  + CVE-2021-43542: XMLHttpRequest error codes could have leaked the existence of an external protocol handler
  + CVE-2021-43543: Bypass of CSP sandbox directive when embedding
  + CVE-2021-43544: Receiving a malicious URL as text through a SEND intent could have led to XSS
  + CVE-2021-43545: Denial of Service when using the Location API in a loop
  + CVE-2021-43546: Cursor spoofing could overlay user interface when native cursor is zoomed
  + MOZ-2021-0009: Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4
* Fri Nov 19 2021 Alexey Gladkov <legion на altlinux> 94.0.2-alt1
- New release (94.0.2).
* Tue Nov 02 2021 Alexey Gladkov <legion на altlinux> 94.0-alt1

kernel-image-rpi-un - The Linux kernel (the core of the Linux operating system)
* Fri Dec 17 2021 Dmitry Terekhin <jqt4 на altlinux> 1:5.15.6-alt1
- Updated to 5.15.6
- https://github.com/raspberrypi/linux.git rpi-5.15.y
- commit be49bc5cd53b095fbbc9dde271adf580025e5adc
- Add TF307 revision D and ROCK PI 4 Model C support from
- https://github.com/altlinux/linux-arm/tree/rpi-baikalm-5.15.y
- Replaced config-aarch64 file based on baikal_rpi_rockpi4_defconfig
- Move v4l and staging modules to kernel-image package
- Remove package dependencies rpi4-boot-switch
  and rpi4-boot-nouboot-filetrigger
* Fri Jul 23 2021 Dmitry Terekhin <jqt4 на altlinux> 1:5.12.17-alt1

python3-module-clickhouse-driver - ClickHouse Python Driver with native interface support.
* Tue Dec 14 2021 Anton Farygin <rider на altlinux> 0.2.2-alt2
- make pandas requires optional
* Wed Sep 29 2021 Anton Farygin <rider на altlinux> 0.2.2-alt1

python3-module-numdifftools - Solves automatic numerical differentiation problems in one or more variables
* Fri Jul 30 2021 Aleksei Nikiforov <darktemplar на altlinux> 0.9.39-alt2
- Updated build dependencies.
* Thu Nov 05 2020 Vitaly Lipatov <lav на altlinux> 0.9.39-alt1

python3-module-numpy - NumPy: array processing for numbers, strings, records, and objects
* Tue Dec 14 2021 Anton Farygin <rider на altlinux> 1:1.21.4-alt2
- relaxed tests on ppc64le due to fall in
  "test_linalg.py::TestCholesky::test_basic_property" in the build for p10
* Wed Dec 08 2021 Anton Farygin <rider на altlinux> 1:1.21.4-alt1
- 1.21.1 -> 1.21.4
- moved recfunctions.py from tests to main package
- added a patch to recfunctions.py for remove dependency to testing
- added a patch from the upstream for fix _GenericAlias tests
- enabled tests
* Wed Sep 01 2021 Aleksei Nikiforov <darktemplar на altlinux> 1:1.21.1-alt2
- Disabled LTO.
* Wed Jul 28 2021 Aleksei Nikiforov <darktemplar на altlinux> 1:1.21.1-alt1
- Updated to upstream version 1.21.1.
* Tue Jun 15 2021 Aleksei Nikiforov <darktemplar на altlinux> 1:1.20.3-alt1

thunderbird - Thunderbird is Mozilla's e-mail client            	[412M]
* Fri Dec 10 2021 Andrey Cherepanov <cas на altlinux> 91.4.0-alt1
- New version.
- Security fixes:
  + CVE-2021-43536 URL leakage when navigating while executing asynchronous function
  + CVE-2021-43537 Heap buffer overflow when using structured clone
  + CVE-2021-43538 Missing fullscreen and pointer lock notification when requesting both
  + CVE-2021-43539 GC rooting failure when calling wasm instance methods
  + CVE-2021-43541 External protocol handler parameters were unescaped
  + CVE-2021-43542 XMLHttpRequest error codes could have leaked the existence of an external protocol handler
  + CVE-2021-43543 Bypass of CSP sandbox directive when embedding
  + CVE-2021-43545 Denial of Service when using the Location API in a loop
  + CVE-2021-43546 Cursor spoofing could overlay user interface when native cursor is zoomed
  + CVE-2021-43528 JavaScript unexpectedly enabled for the composition area
* Fri Nov 19 2021 Andrey Cherepanov <cas на altlinux> 91.3.2-alt1

Total 17655 source packages.

Подробная информация о списке рассылки Sisyphus-cybertalk