[cyber] I: p9/branch packages: -1 +4 (18138)

QA Team Robot qa на altlinux.org
Ср Фев 3 03:17:20 MSK 2021 

	1 REMOVED package

code	1.51.1-alt1

	4 UPDATED packages

chromium - An open source web browser developed by Google       	[1015M]
* Tue Jan 26 2021 Andrey Cherepanov <cas на altlinux> 88.0.4324.96-alt0.1.p9
- Backport new version to p9 branch.
* Sun Jan 24 2021 Alexey Gladkov <legion на altlinux> 88.0.4324.96-alt1
- New version (88.0.4324.96).
- Security fixes:
  - CVE-2020-16044: Use after free in WebRTC.
  - CVE-2021-21117: Insufficient policy enforcement in Cryptohome.
  - CVE-2021-21118: Insufficient data validation in V8.
  - CVE-2021-21119: Use after free in Media.
  - CVE-2021-21120: Use after free in WebSQL.
  - CVE-2021-21121: Use after free in Omnibox.
  - CVE-2021-21122: Use after free in Blink.
  - CVE-2021-21123: Insufficient data validation in File System API.
  - CVE-2021-21124: Potential user after free in Speech Recognizer.
  - CVE-2021-21125: Insufficient policy enforcement in File System API.
  - CVE-2021-21126: Insufficient policy enforcement in extensions.
  - CVE-2021-21127: Insufficient policy enforcement in extensions.
  - CVE-2021-21128: Heap buffer overflow in Blink.
  - CVE-2021-21129: Insufficient policy enforcement in File System API.
  - CVE-2021-21130: Insufficient policy enforcement in File System API.
  - CVE-2021-21131: Insufficient policy enforcement in File System API.
  - CVE-2021-21132: Inappropriate implementation in DevTools.
  - CVE-2021-21133: Insufficient policy enforcement in Downloads.
  - CVE-2021-21134: Incorrect security UI in Page Info.
  - CVE-2021-21135: Inappropriate implementation in Performance API.
  - CVE-2021-21136: Insufficient policy enforcement in WebView.
  - CVE-2021-21137: Inappropriate implementation in DevTools.
  - CVE-2021-21138: Use after free in DevTools.
  - CVE-2021-21139: Inappropriate implementation in iframe sandbox.
  - CVE-2021-21140: Uninitialized Use in USB.
  - CVE-2021-21141: Insufficient policy enforcement in File System API.
* Fri Jan 15 2021 Alexey Gladkov <legion на altlinux> 87.0.4280.141-alt2
- Fix ServiceWorkerRegistrationObjectHost double free
* Mon Jan 11 2021 Andrey Cherepanov <cas на altlinux> 87.0.4280.141-alt0.1.p9

kernel-image-std-debug - The Linux kernel (the core of the Linux operating system)
* Mon Feb 01 2021 Kernel Bot <kernelbot на altlinux> 2:5.4.94-alt1
- v5.4.94
* Thu Jan 28 2021 Kernel Bot <kernelbot на altlinux> 2:5.4.93-alt1

nagios - Services and network monitoring system
* Wed Jan 27 2021 Paul Wolneykien <manowar на altlinux> 3.0.6-alt15
- Fixes:
  + CVE-2017-12847 Kill arbitrary processes by leveraging access to PID file.
- Don't install the PID file.
* Wed Jan 27 2021 Paul Wolneykien <manowar на altlinux> 3.0.6-alt14
- Fixes:
  + CVE-2016-8641 Privilege escalation via symbolic links.
  + CVE-2016-9566 Gaining root privileges via a symlink attack on the log file.
  + CVE-2014-1878 Possible segfault in cmd.cgi.
* Wed May 13 2020 Paul Wolneykien <manowar на altlinux> 3.0.6-alt13

xpdf - The PDF viewer and tools
* Sat Jan 30 2021 Andrew Savchenko <bircoph на altlinux> 4.03-alt1
- Version bump
- Many bugfixes, including security, including, but not limited to:
  Fixes: CVE-2020-25725, CVE-2020-35376
* Mon Nov 09 2020 Andrew Savchenko <bircoph на altlinux> 4.02-alt2
- Switch from inkscape to rsvg-convert for svg->png generation.
* Sun Mar 08 2020 Andrey Savchenko <bircoph на altlinux> 4.02-alt1

Total 18138 source packages.

Подробная информация о списке рассылки Sisyphus-cybertalk