[cyber] I: p10/branch packages: +18 (17902)

QA Team Robot qa на altlinux.org
Пт Ноя 11 03:17:12 MSK 2022


	18 UPDATED packages

NetworkManager - Install NetworkManager daemon and plugins
* Wed Oct 26 2022 Mikhail Efremov <sem на altlinux> 1.32.13-alt2.gdc39b9a364
- nm-drivers.rules: Fixed sed path.
- Upstream git snapshot (nm-1-32 branch).
* Tue Aug 30 2022 Mikhail Efremov <sem на altlinux> 1.32.13-alt1.g966d45bc7d
- Fixed format string for printing list size.
- Updated Vcs tag.
- Upstream git snapshot (nm-1-32 branch).
* Tue Dec 28 2021 Mikhail Efremov <sem на altlinux> 1.32.12-alt2

alternatives - alternatives support
* Sat May 28 2022 Alexey Gladkov <legion на altlinux> 0.5.2-alt1
- Replaced "fgrep" with "grep -F".
* Sun Mar 10 2019 Dmitry V. Levin <ldv на altlinux> 0.5.1-alt1

apt - Debian's Advanced Packaging Tool with RPM support
* Fri Sep 02 2022 Ivan Zakharyaschev <imz на altlinux> 0.5.15lorg2-alt82
- tests:
  + Enhanced to be able to work with test packages containing some files.
    (This will be useful for testing the work with large RPM archives.)
  + Shortened the run time of apt-xxtra-heavy-load-checkinstall.
  + Shortened the run time of other *-checkinstall scripts
    (by shortening the the test with zillion packages).
* Wed Aug 03 2022 Ivan Zakharyaschev <imz на altlinux> 0.5.15lorg2-alt81
- Fixed bad behavior when satisfying "Conflicts" or "Obsoletes" dependencies
  (discovered in ALT#42415), namely:
  + "Obsoletes" causing the deletion of its "virtual" targets (i.e.,
    providing packages) whereas this behavior is expected for Conflicts only;
  + versioned "Conflicts" (or "Obsoletes") causing the deletion of packages
    with non-matching version.
- Enriched the output of Debug::pkgMarkInstall with the versions of
  the dependency targets and the targets being considered during the search.
- Complemented it with new options (Debug::pkgMarkAllCalls,
  Debug::pkgMarkShallow) -- to understand better why the result of
  resolving a broken dep is unexpected in some cases.
* Thu Jun 02 2022 Ivan Zakharyaschev <imz на altlinux> 0.5.15lorg2-alt80
- Fixed the new compilation warnings by simplifying the ALT-specific code
  in pkgcache.cc (AllTargets) from 0.5.15lorg2-alt31. (Discovered by gcc12.)
* Mon Apr 18 2022 Vitaly Chikunov <vt на altlinux> 0.5.15lorg2-alt79
- wrapper: Undo sub-reaper and provide post-update hook instead.
* Sat Mar 26 2022 Vitaly Chikunov <vt на altlinux> 0.5.15lorg2-alt78
- Fix apt-get wrapper under non-systemd systems by turning reaping off.
* Tue Mar 22 2022 Vitaly Chikunov <vt на altlinux> 0.5.15lorg2-alt77
- Add wrapper to apt-shell too (closes: #42201).
* Sun Mar 13 2022 Vitaly Chikunov <vt на altlinux> 0.5.15lorg2-alt76
- Add apt-get guarding wrapper that will prevent apt-get from exiting before
  all tasks are finished.
* Thu Jan 27 2022 Ivan Zakharyaschev <imz на altlinux> 0.5.15lorg2-alt75

firefox - The Mozilla Firefox project is a redesign of Mozilla's browser	[509M]
* Thu Oct 27 2022 Andrey Cherepanov <cas на altlinux> 106.0.1-alt0.p10.1
- Backport new version to p10 branch.
* Fri Oct 21 2022 Alexey Gladkov <legion на altlinux> 106.0.1-alt1
- New release (106.0.1).
* Tue Oct 18 2022 Alexey Gladkov <legion на altlinux> 106.0-alt1
- New release (106.0).
- Security fixes:
  + CVE-2022-42927: Same-origin policy violation could have leaked cross-origin URLs
  + CVE-2022-42928: Memory Corruption in JS Engine
  + CVE-2022-42929: Denial of Service via window.print
  + CVE-2022-42930: Race condition in DOM Workers
  + CVE-2022-42931: Username saved to a plaintext file on disk
  + CVE-2022-42932: Memory safety bugs fixed in Firefox 106 and Firefox ESR 102.4
* Sat Oct 08 2022 Alexey Gladkov <legion на altlinux> 105.0.3-alt1
- New release (105.0.3).
* Thu Oct 06 2022 Alexey Gladkov <legion на altlinux> 105.0.2-alt1
- New release (105.0.2).
* Mon Oct 03 2022 Andrey Cherepanov <cas на altlinux> 105.0.1-alt0.p10.1

firefox-esr - The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)	[486M]
* Mon Oct 24 2022 Pavel Vasenkov <pav на altlinux> 102.4.0-alt1
- New ESR version.
- Security fixes:
  + CVE-2022-42927 Same-origin policy violation could have leaked cross-origin URLs
  + CVE-2022-42928 Memory Corruption in JS Engine
  + CVE-2022-42929 Denial of Service via window.print
  + CVE-2022-42932 Memory safety bugs fixed in Firefox 106 and Firefox ESR 102.4
* Mon Oct 10 2022 Pavel Vasenkov <pav на altlinux> 102.3.0-alt1
- New ESR version.
- Security fixes:
  + CVE-2022-3266 Out of bounds read when decoding H264
  + CVE-2022-40959 Bypassing FeaturePolicy restrictions on transient pages
  + CVE-2022-40960 Data-race when parsing non-UTF-8 URLs in threads
  + CVE-2022-40958 Bypassing Secure Context restriction for cookies with __Host and __Secure prefix
  + CVE-2022-40956 Content-Security-Policy base-uri bypass
  + CVE-2022-40957 Incoherent instruction cache when building WASM on ARM64
  + CVE-2022-40962 Memory safety bugs fixed in Firefox 105 and Firefox ESR 102.3
* Thu Sep 15 2022 Pavel Vasenkov <pav на altlinux> 102.2.0-alt2

guestfs-tools - Tools to access and modify virtual machine disk images
* Mon Sep 05 2022 Egor Ignatov <egori на altlinux> 1.48.2-alt1
- 1.48.0 -> 1.48.2
* Wed Mar 16 2022 Anton Farygin <rider на altlinux> 1.48.0-alt1
- 1.47.5 -> 1.48.0
* Wed Mar 16 2022 Anton Farygin <rider на altlinux> 1.47.5-alt1
- 1.47.3 -> 1.47.5
* Tue Dec 07 2021 Anton Farygin <rider на altlinux> 1.47.3-alt1

libguestfs - Library for accessing and modifying virtual machine disk images
* Mon Sep 12 2022 Egor Ignatov <egori на altlinux> 1.48.4-alt2
- enable basic tests
* Mon Sep 05 2022 Egor Ignatov <egori на altlinux> 1.48.4-alt1
- 1.48.4
- update libguestfs-1.46.0-alt-fixes patch
* Sat Feb 05 2022 Anton Farygin <rider на altlinux> 1.46.2-alt2

packagekit - Package management service
* Wed Aug 24 2022 Ivan Zakharyaschev <imz на altlinux> 1.2.5-alt7
- Rewritten a tiny piece of code to fix build with lcc.
- Adapted to ALT's apt API a bit further by dropping an unused parameter of
  MarkInstall(). (In apt, it either has a default value or will be eliminated.)
* Wed Aug 17 2022 Oleg Solovyov <mcpain на altlinux> 1.2.5-alt6

pcre2 - Perl-compatible regular expression library
* Sat Apr 16 2022 Yuri N. Sedunov <aris на altlinux> 10.40-alt1
- 10.40
* Sun Oct 31 2021 Yuri N. Sedunov <aris на altlinux> 10.39-alt1

rust - The Rust Programming Language                            	[124M]
* Thu Oct 27 2022 Andrey Cherepanov <cas на altlinux> 1:1.64.0-alt0.p10.2
- End of bootstrapping.
* Fri Oct 07 2022 Andrey Cherepanov <cas на altlinux> 1:1.64.0-alt0.p10.1

samba - The Samba4 CIFS and AD client and server suite          	[26M]
* Mon Nov 07 2022 Evgeny Sinelnikov <sin на altlinux> 4.16.6-alt2
- Don't treat a missing include file as an error in handle_include().
  This behavior differs between the source3 and source4 parts of Samba.
  So, it should be the same and just not an error (Closes #44214).
* Thu Oct 27 2022 Evgeny Sinelnikov <sin на altlinux> 4.16.6-alt1
- Update to maintenance release of Samba 4.16 (Samba#15134)
- Security fixes:
  + CVE-2022-3437: There is a limited write heap buffer overflow in the GSSAPI
                   unwrap_des() and unwrap_des3() routines of Heimdal (included
                   in Samba).
                   https://www.samba.org/samba/security/CVE-2022-3437.html
- Add samba-usershares package for support for non-root user shares.
- Default smb.conf simplified - homes, printers and print$ shares enabled by
  default. Original large default example smb.conf replaced to smb.conf.example.
* Mon Sep 12 2022 Evgeny Sinelnikov <sin на altlinux> 4.16.5-alt1

setup - Initial set of configuration files
* Tue Apr 26 2022 Dmitry V. Levin <ldv на altlinux> 2.2.17-alt1
- /etc/hosts: added ::1.
- /etc/profile.d/proxy.sh: replaced "egrep" with "grep -E".
* Tue Nov 05 2019 Alexey Shabalin <shaba на altlinux> 2.2.16-alt1

sway - i3wm drop-in replacement for Wayland
* Wed Oct 26 2022 Sergey Bolshakov <sbolshakov на altlinux> 1:1.7.0-alt0.p10.1
- backported to p10
* Sun Jan 23 2022 Alexey Gladkov <legion на altlinux> 1:1.7.0-alt2
- New version (1.7.0)
* Sat Jan 15 2022 Alexey Gladkov <legion на altlinux> 1:1.7.0-alt1.rc2
- New version (1.7-rc2)
* Sat Dec 25 2021 Alexey Gladkov <legion на altlinux> 1:1.7.0-alt1.rc1
- New version (1.7-rc1)
* Sat Jul 17 2021 Alexey Gladkov <legion на altlinux> 1:1.6.1-alt1

swaybg - Wallpaper tool for Wayland compositors
* Thu Mar 10 2022 Alexey Gladkov <legion на altlinux> 1.1.1-alt1
- New version (1.1.1).
* Sat Jan 15 2022 Alexey Gladkov <legion на altlinux> 1.1-alt1
- New version (1.1).
* Wed May 22 2019 Alexey Gladkov <legion на altlinux> 1.0-alt1

swayidle - Idle management daemon for Wayland
* Sat Jan 15 2022 Alexey Gladkov <legion на altlinux> 1.7.1-alt1
- New version (1.7.1)
* Fri Mar 27 2020 Alexey Gladkov <legion на altlinux> 1.6-alt1

thunderbird - Thunderbird is Mozilla's e-mail client            	[507M]
* Mon Oct 24 2022 Pavel Vasenkov <pav на altlinux> 102.4.0-alt1
- New version.
* Mon Oct 10 2022 Pavel Vasenkov <pav на altlinux> 102.3.2-alt1
- New version.
* Mon Oct 10 2022 Pavel Vasenkov <pav на altlinux> 102.3.1-alt1
- New version.
- Security fixes:
  + CVE-2022-39249 Matrix SDK bundled with Thunderbird vulnerable to an impersonation attack by malicious server administrators
  + CVE-2022-39250 Matrix SDK bundled with Thunderbird vulnerable to a device verification attack
  + CVE-2022-39251 Matrix SDK bundled with Thunderbird vulnerable to an impersonation attack
  + CVE-2022-39236 Matrix SDK bundled with Thunderbird vulnerable to a data corruption issue
* Sun Oct 09 2022 Pavel Vasenkov <pav на altlinux> 102.3.0-alt1
- New version.
- Security fixes:
  + CVE-2022-3266 Out of bounds read when decoding H264
  + CVE-2022-40959 Bypassing FeaturePolicy restrictions on transient pages
  + CVE-2022-40960 Data-race when parsing non-UTF-8 URLs in threads
  + CVE-2022-40958 Bypassing Secure Context restriction for cookies with __Host and __Secure prefix
  + CVE-2022-40956 Content-Security-Policy base-uri bypass
  + CVE-2022-40957 Incoherent instruction cache when building WASM on ARM64
  + CVE-2022-3155 Attachment files saved to disk on macOS could be executed without warning
  + CVE-2022-40962 Memory safety bugs fixed in Thunderbird 102.3
* Tue Sep 06 2022 Pavel Vasenkov <pav на altlinux> 102.2.1-alt1

vixie-cron - The Vixie cron daemon for executing specified programs at set times
* Thu Jun 30 2022 Anton Midyukov <antohami на altlinux> 4.1.20060426-alt10.3
- NMU: crond.init: replace egrep with grep -E
* Mon Aug 03 2020 Aleksei Nikiforov <darktemplar на altlinux> 4.1.20060426-alt10.2

wlroots - Modular Wayland compositor library
* Tue Feb 08 2022 Alexey Gladkov <legion на altlinux> 0.15.1-alt1
- New version (0.15.1)
* Sat Dec 25 2021 Alexey Gladkov <legion на altlinux> 0.15.0-alt1
- New version (0.15.0)
* Sat Jul 17 2021 Alexey Gladkov <legion на altlinux> 0.14.1-alt1

Total 17902 source packages.


Подробная информация о списке рассылки Sisyphus-cybertalk