[Sisyphus-mipsel-reports] I: Sisyphus-20200827 packages: -13 +20 (10664)

iv at basalt.office.basealt.ru iv at basalt.office.basealt.ru
Thu Aug 27 07:55:24 MSK 2020


	13 REMOVED packages

firefox-esr-l10n	52.8.0-alt1.0.mips1
fonts-ttf-astloch	1.00-alt1_8.41528389c445hg
fonts-ttf-carterone	1.00-alt1_8.716ff965e2b0hg
fonts-ttf-cyreal-wireone	1.000-alt1_0.6.20140916hg
fonts-ttf-kranky	1.00-alt1_8.716ff965e2b0hg
fonts-ttf-labelleaurore	1.001-alt1_0.6.20140913hg
fonts-ttf-monofett	1.000-alt1_0.7.20140913hg
fonts-ttf-reeniebeanie	1.000-alt1_0.8.20140913hg
fonts-ttf-shadowsintolight	1.000-alt1_0.8.20140913hg
fonts-ttf-specialelite	1.000-alt1_0.6.20140913hg
fonts-ttf-vt323	1.002-alt1_0.4.20140916hg
fonts-ttf-wallpoet	1.000-alt1_0.4.20140916hg
kinit-utils	1.5.25-alt5

	20 UPDATED packages

alterator-l10n - translations for all alterator modules
* Tue Aug 25 2020 Ivan Razzhivin <underwit at altlinux> 2.9.71-alt1
- alterator-secsetup: fix translation
* Mon Aug 24 2020 Ivan Razzhivin <underwit at altlinux> 2.9.70-alt1

alterator-secsetup - alterator module for managing security settings
* Tue Aug 25 2020 Ivan Razzhivin <underwit at altlinux> 1.18-alt1
- fix translation
* Mon Aug 24 2020 Ivan Razzhivin <underwit at altlinux> 1.17-alt1

chromium - An open source web browser developed by Google       	[1042M]
* Sat Aug 22 2020 Ivan A. Melnikov <iv at altlinux> 84.0.4147.105-alt0.mips1
- Build on mipsel.
* Tue Jul 28 2020 Alexey Gladkov <legion at altlinux> 84.0.4147.105-alt1
- New version (84.0.4147.105).
- Security fixes:
  - CVE-2020-6532: Use after free in SCTP.
  - CVE-2020-6537: Type Confusion in V8.
  - CVE-2020-6538: Inappropriate implementation in WebView.
  - CVE-2020-6539: Use after free in CSS.
  - CVE-2020-6540: Heap buffer overflow in Skia.
  - CVE-2020-6541: Use after free in WebUSB.
* Wed Jul 15 2020 Alexey Gladkov <legion at altlinux> 84.0.4147.89-alt1
- New version (84.0.4147.89).
- Fix compilation with system ffmpeg 4.3 (ALT#38716)
- Security fixes:
  - CVE-2020-6510: Heap buffer overflow in background fetch.
  - CVE-2020-6511: Side-channel information leakage in content security policy.
  - CVE-2020-6512: Type Confusion in V8.
  - CVE-2020-6513: Heap buffer overflow in PDFium.
  - CVE-2020-6514: Inappropriate implementation in WebRTC.
  - CVE-2020-6515: Use after free in tab strip.
  - CVE-2020-6516: Policy bypass in CORS.
  - CVE-2020-6517: Heap buffer overflow in history.
  - CVE-2020-6518: Use after free in developer tools.
  - CVE-2020-6519: Policy bypass in CSP.
  - CVE-2020-6520: Heap buffer overflow in Skia.
  - CVE-2020-6521: Side-channel information leakage in autofill.
  - CVE-2020-6522: Inappropriate implementation in external protocol handlers.
  - CVE-2020-6523: Out of bounds write in Skia.
  - CVE-2020-6524: Heap buffer overflow in WebAudio.
  - CVE-2020-6525: Heap buffer overflow in Skia.
  - CVE-2020-6526: Inappropriate implementation in iframe sandbox.
  - CVE-2020-6527: Insufficient policy enforcement in CSP.
  - CVE-2020-6528: Incorrect security UI in basic auth.
  - CVE-2020-6529: Inappropriate implementation in WebRTC.
  - CVE-2020-6530: Out of bounds memory access in developer tools.
  - CVE-2020-6531: Side-channel information leakage in scroll to text.
  - CVE-2020-6533: Type Confusion in V8.
  - CVE-2020-6534: Heap buffer overflow in WebRTC.
  - CVE-2020-6535: Insufficient data validation in WebUI.
  - CVE-2020-6536: Incorrect security UI in PWAs.
* Mon Jun 29 2020 Andrey Cherepanov <cas at altlinux> 83.0.4103.61-alt2
- Prevent ignored null byte warning in Flash plugin version detection.
- Add default parameters to system-wide variable $CHROMIUM_FLAGS.
- Use Chromium name in GenericName in desktop file (ALT #36815).
- Exclude armh from build.
* Thu May 21 2020 Alexey Gladkov <legion at altlinux> 83.0.4103.61-alt1
- New version (83.0.4103.61).
- Security fixes:
  - CVE-2020-6465: Use after free in reader mode.
  - CVE-2020-6466: Use after free in media.
  - CVE-2020-6467: Use after free in WebRTC.
  - CVE-2020-6468: Type Confusion in V8.
  - CVE-2020-6469: Insufficient policy enforcement in developer tools.
  - CVE-2020-6470: Insufficient validation of untrusted input in clipboard.
  - CVE-2020-6471: Insufficient policy enforcement in developer tools.
  - CVE-2020-6472: Insufficient policy enforcement in developer tools.
  - CVE-2020-6473: Insufficient policy enforcement in Blink.
  - CVE-2020-6474: Use after free in Blink.
  - CVE-2020-6475: Incorrect security UI in full screen.
  - CVE-2020-6476: Insufficient policy enforcement in tab strip.
  - CVE-2020-6477: Inappropriate implementation in installer.
  - CVE-2020-6478: Inappropriate implementation in full screen.
  - CVE-2020-6479: Inappropriate implementation in sharing.
  - CVE-2020-6480: Insufficient policy enforcement in enterprise.
  - CVE-2020-6481: Insufficient policy enforcement in URL formatting.
  - CVE-2020-6482: Insufficient policy enforcement in developer tools.
  - CVE-2020-6483: Insufficient policy enforcement in payments.
  - CVE-2020-6484: Insufficient data validation in ChromeDriver.
  - CVE-2020-6485: Insufficient data validation in media router.
  - CVE-2020-6486: Insufficient policy enforcement in navigations.
  - CVE-2020-6487: Insufficient policy enforcement in downloads.
  - CVE-2020-6488: Insufficient policy enforcement in downloads.
  - CVE-2020-6489: Inappropriate implementation in developer tools.
  - CVE-2020-6490: Insufficient data validation in loader.
  - CVE-2020-6491: Incorrect security UI in site information.
* Wed May 13 2020 Alexey Gladkov <legion at altlinux> 81.0.4044.138-alt1
- New version (81.0.4044.138).
- Security fixes:
  - CVE-2020-6464: Type Confusion in Blink.
  - CVE-2020-6831: Stack buffer overflow in SCTP.
  - CVE-2020-6461: Use after free in storage.
  - CVE-2020-6462: Use after free in task scheduling.
  - CVE-2020-6458: Out of bounds read and write in PDFium.
  - CVE-2020-6459: Use after free in payments.
  - CVE-2020-6460: Insufficient data validation in URL formatting.
  - CVE-2020-6463: Use after free in ANGLE.
* Thu Apr 16 2020 Alexey Gladkov <legion at altlinux> 81.0.4044.113-alt1
- New version (81.0.4044.113).
- Security fixes:
  - CVE-2020-6457: Use after free in speech recognizer.
* Wed Apr 08 2020 Alexey Gladkov <legion at altlinux> 81.0.4044.92-alt1
- New version (81.0.4044.92).
- Security fixes:
  - CVE-2020-6423: Use after free in audio.
  - CVE-2020-6430: Type Confusion in V8.
  - CVE-2020-6431: Insufficient policy enforcement in full screen.
  - CVE-2020-6432: Insufficient policy enforcement in navigations.
  - CVE-2020-6433: Insufficient policy enforcement in extensions.
  - CVE-2020-6434: Use after free in devtools.
  - CVE-2020-6435: Insufficient policy enforcement in extensions.
  - CVE-2020-6436: Use after free in window management.
  - CVE-2020-6437: Inappropriate implementation in WebView.
  - CVE-2020-6438: Insufficient policy enforcement in extensions.
  - CVE-2020-6439: Insufficient policy enforcement in navigations.
  - CVE-2020-6440: Inappropriate implementation in extensions.
  - CVE-2020-6441: Insufficient policy enforcement in omnibox.
  - CVE-2020-6442: Inappropriate implementation in cache.
  - CVE-2020-6443: Insufficient data validation in developer tools.
  - CVE-2020-6444: Uninitialized Use in WebRTC.
  - CVE-2020-6445: Insufficient policy enforcement in trusted types.
  - CVE-2020-6446: Insufficient policy enforcement in trusted types.
  - CVE-2020-6447: Inappropriate implementation in developer tools.
  - CVE-2020-6448: Use after free in V8.
  - CVE-2020-6454: Use after free in extensions.
  - CVE-2020-6455: Out of bounds read in WebSQL.
  - CVE-2020-6456: Insufficient validation of untrusted input in clipboard.
* Fri Mar 06 2020 Alexey Gladkov <legion at altlinux> 80.0.3987.132-alt1
- New version (80.0.3987.132).
- Security fixes:
  - CVE-2019-18197: Multiple vulnerabilities in XML.
  - CVE-2019-19923: Out of bounds memory access in SQLite.
  - CVE-2019-19925: Multiple vulnerabilities in SQLite.
  - CVE-2019-19926: Inappropriate implementation in SQLite.
  - CVE-2020-6381: Integer overflow in JavaScript.
  - CVE-2020-6382: Type Confusion in JavaScript.
  - CVE-2020-6383: Type confusion in V8.
  - CVE-2020-6384: Use after free in WebAudio.
  - CVE-2020-6385: Insufficient policy enforcement in storage.
  - CVE-2020-6386: Use after free in speech.
  - CVE-2020-6387: Out of bounds write in WebRTC.
  - CVE-2020-6388: Out of bounds memory access in WebAudio.
  - CVE-2020-6389: Out of bounds write in WebRTC.
  - CVE-2020-6390: Out of bounds memory access in streams.
  - CVE-2020-6391: Insufficient validation of untrusted input in Blink.
  - CVE-2020-6392: Insufficient policy enforcement in extensions.
  - CVE-2020-6393: Insufficient policy enforcement in Blink.
  - CVE-2020-6394: Insufficient policy enforcement in Blink.
  - CVE-2020-6395: Out of bounds read in JavaScript.
  - CVE-2020-6396: Inappropriate implementation in Skia.
  - CVE-2020-6397: Incorrect security UI in sharing.
  - CVE-2020-6398: Uninitialized use in PDFium.
  - CVE-2020-6399: Insufficient policy enforcement in AppCache.
  - CVE-2020-6400: Inappropriate implementation in CORS.
  - CVE-2020-6401: Insufficient validation of untrusted input in Omnibox.
  - CVE-2020-6402: Insufficient policy enforcement in downloads.
  - CVE-2020-6403: Incorrect security UI in Omnibox.
  - CVE-2020-6404: Inappropriate implementation in Blink.
  - CVE-2020-6405: Out of bounds read in SQLite.
  - CVE-2020-6406: Use after free in audio.
  - CVE-2020-6407: Out of bounds memory access in streams.
  - CVE-2020-6408: Insufficient policy enforcement in CORS.
  - CVE-2020-6409: Inappropriate implementation in Omnibox.
  - CVE-2020-6410: Insufficient policy enforcement in navigation.
  - CVE-2020-6411: Insufficient validation of untrusted input in Omnibox.
  - CVE-2020-6412: Insufficient validation of untrusted input in Omnibox.
  - CVE-2020-6413: Inappropriate implementation in Blink.
  - CVE-2020-6414: Insufficient policy enforcement in Safe Browsing.
  - CVE-2020-6415: Inappropriate implementation in JavaScript.
  - CVE-2020-6416: Insufficient data validation in streams.
  - CVE-2020-6417: Inappropriate implementation in installer.
  - CVE-2020-6418: Type confusion in V8.
  - CVE-2020-6420: Insufficient policy enforcement in media.
* Mon Feb 03 2020 Alexey Gladkov <legion at altlinux> 79.0.3945.130-alt1
- New version (79.0.3945.130).
- Security fixes:
  - CVE-2019-13767: Use after free in media picker.
  - CVE-2020-6377: Use after free in audio.
  - CVE-2020-6378: Use-after-free in speech recognizer.
  - CVE-2020-6379: Use-after-free in speech recognizer.
  - CVE-2020-6380: Extension message verification error.
* Mon Dec 16 2019 Alexey Gladkov <legion at altlinux> 79.0.3945.79-alt1
- New version (79.0.3945.79).
- Security fixes:
  - CVE-2019-13725: Use after free in Bluetooth.
  - CVE-2019-13726: Heap buffer overflow in password manager.
  - CVE-2019-13727: Insufficient policy enforcement in WebSockets.
  - CVE-2019-13728: Out of bounds write in V8.
  - CVE-2019-13729: Use after free in WebSockets.
  - CVE-2019-13730: Type Confusion in V8.
  - CVE-2019-13732: Use after free in WebAudio.
  - CVE-2019-13734: Out of bounds write in SQLite.
  - CVE-2019-13735: Out of bounds write in V8.
  - CVE-2019-13736: Integer overflow in PDFium.
  - CVE-2019-13737: Insufficient policy enforcement in autocomplete.
  - CVE-2019-13738: Insufficient policy enforcement in navigation.
  - CVE-2019-13739: Incorrect security UI in Omnibox.
  - CVE-2019-13740: Incorrect security UI in sharing.
  - CVE-2019-13741: Insufficient validation of untrusted input in Blink.
  - CVE-2019-13742: Incorrect security UI in Omnibox.
  - CVE-2019-13743: Incorrect security UI in external protocol handling.
  - CVE-2019-13744: Insufficient policy enforcement in cookies.
  - CVE-2019-13745: Insufficient policy enforcement in audio.
  - CVE-2019-13746: Insufficient policy enforcement in Omnibox.
  - CVE-2019-13747: Uninitialized Use in rendering.
  - CVE-2019-13748: Insufficient policy enforcement in developer tools.
  - CVE-2019-13749: Incorrect security UI in Omnibox.
  - CVE-2019-13750: Insufficient data validation in SQLite.
  - CVE-2019-13751: Uninitialized Use in SQLite.
  - CVE-2019-13752: Out of bounds read in SQLite.
  - CVE-2019-13753: Out of bounds read in SQLite.
  - CVE-2019-13754: Insufficient policy enforcement in extensions.
  - CVE-2019-13755: Insufficient policy enforcement in extensions.
  - CVE-2019-13756: Incorrect security UI in printing.
  - CVE-2019-13757: Incorrect security UI in Omnibox.
  - CVE-2019-13758: Insufficient policy enforcement in navigation.
  - CVE-2019-13759: Incorrect security UI in interstitials.
  - CVE-2019-13761: Incorrect security UI in Omnibox.
  - CVE-2019-13762: Insufficient policy enforcement in downloads.
  - CVE-2019-13763: Insufficient policy enforcement in payments.
  - CVE-2019-13764: Type Confusion in V8.
* Mon Dec 02 2019 Alexey Gladkov <legion at altlinux> 78.0.3904.108-alt1
- New version (78.0.3904.108).
- Security fixes:
  - CVE-2019-13723: Use-after-free in Bluetooth.
  - CVE-2019-13724: Out-of-bounds access in Bluetooth.
* Sat Nov 09 2019 Alexey Gladkov <legion at altlinux> 78.0.3904.97-alt1
- New version (78.0.3904.97).
- Security fixes:
  - CVE-2019-13720: Use-after-free in audio.
  - CVE-2019-13721: Use-after-free in PDFium.
* Thu Oct 24 2019 Alexey Gladkov <legion at altlinux> 78.0.3904.70-alt1
- New version (78.0.3904.70).
- Security fixes:
  - CVE-2019-13699: Use-after-free in media.
  - CVE-2019-13700: Buffer overrun in Blink.
  - CVE-2019-13701: URL spoof in navigation.
  - CVE-2019-13702: Privilege elevation in Installer.
  - CVE-2019-13703: URL bar spoofing.
  - CVE-2019-13704: CSP bypass.
  - CVE-2019-13705: Extension permission bypass.
  - CVE-2019-13706: Out-of-bounds read in PDFium.
  - CVE-2019-13707: File storage disclosure.
  - CVE-2019-13708: HTTP authentication spoof.
  - CVE-2019-13709: File download protection bypass.
  - CVE-2019-13710: File download protection bypass.
  - CVE-2019-13711: Cross-context information leak.
  - CVE-2019-13713: Cross-origin data leak.
  - CVE-2019-13714: CSS injection.
  - CVE-2019-13715: Address bar spoofing.
  - CVE-2019-13716: Service worker state error.
  - CVE-2019-13717: Notification obscured.
  - CVE-2019-13718: IDN spoof.
  - CVE-2019-13719: Notification obscured.
  - CVE-2019-15903: Buffer overflow in expat.
* Mon Oct 21 2019 Alexey Gladkov <legion at altlinux> 77.0.3865.120-alt1
- New version (77.0.3865.120).
- Security fixes:
  - CVE-2019-13693: Use-after-free in IndexedDB.
  - CVE-2019-13694: Use-after-free in WebRTC.
  - CVE-2019-13695: Use-after-free in audio.
  - CVE-2019-13696: Use-after-free in V8.
  - CVE-2019-13697: Cross-origin size leak.
* Wed Sep 25 2019 Alexey Gladkov <legion at altlinux> 77.0.3865.90-alt1
- New version (77.0.3865.90).
- Security fixes:
  - CVE-2019-13685: Use-after-free in UI.
  - CVE-2019-13686: Use-after-free in offline pages.
  - CVE-2019-13687: Use-after-free in media.
  - CVE-2019-13688: Use-after-free in media.
* Mon Sep 23 2019 Alexey Gladkov <legion at altlinux> 77.0.3865.75-alt1
- New version (77.0.3865.75).
- Security fixes:
  - CVE-2019-13659: URL spoof.
  - CVE-2019-13660: Full screen notification overlap.
  - CVE-2019-13661: Full screen notification spoof.
  - CVE-2019-13662: CSP bypass.
  - CVE-2019-13663: IDN spoof.
  - CVE-2019-13664: CSRF bypass.
  - CVE-2019-13665: Multiple file download protection bypass.
  - CVE-2019-13666: Side channel using storage size estimate.
  - CVE-2019-13667: URI bar spoof when using external app URIs.
  - CVE-2019-13668: Global window leak via console.
  - CVE-2019-13669: HTTP authentication spoof.
  - CVE-2019-13670: V8 memory corruption in regex.
  - CVE-2019-13671: Dialog box fails to show origin.
  - CVE-2019-13673: Cross-origin information leak using devtools.
  - CVE-2019-13674: IDN spoofing.
  - CVE-2019-13675: Extensions can be disabled by trailing slash.
  - CVE-2019-13676: Google URI shown for certificate warning.
  - CVE-2019-13677: Chrome web store origin needs to be isolated.
  - CVE-2019-13678: Download dialog spoofing.
  - CVE-2019-13679: User gesture needed for printing.
  - CVE-2019-13680: IP address spoofing to servers.
  - CVE-2019-13681: Bypass on download restrictions.
  - CVE-2019-13682: Site isolation bypass.
  - CVE-2019-13683: Exceptions leaked by devtools.
  - CVE-2019-5870: Use-after-free in media.
  - CVE-2019-5871: Heap overflow in Skia.
  - CVE-2019-5872: Use-after-free in Mojo.
  - CVE-2019-5873: URL bar spoofing on iOS.
  - CVE-2019-5874: External URIs may trigger other browsers.
  - CVE-2019-5875: URL bar spoof via download redirect.
  - CVE-2019-5876: Use-after-free in media.
  - CVE-2019-5877: Out-of-bounds access in V8.
  - CVE-2019-5878: Use-after-free in V8.
  - CVE-2019-5879: Extensions can read some local files.
  - CVE-2019-5880: SameSite cookie bypass.
  - CVE-2019-5881: Arbitrary read in SwiftShader.
* Fri Aug 02 2019 Alexey Gladkov <legion at altlinux> 76.0.3809.87-alt1
- New version (76.0.3809.87).
- Security fixes:
  - CVE-2019-5850: Use-after-free in offline page fetcher.
  - CVE-2019-5851: Use-after-poison in offline audio context.
  - CVE-2019-5852: Object leak of utility functions.
  - CVE-2019-5853: Memory corruption in regexp length check.
  - CVE-2019-5854: Integer overflow in PDFium text rendering.
  - CVE-2019-5855: Integer overflow in PDFium.
  - CVE-2019-5856: Insufficient checks on filesystem: URI permissions.
  - CVE-2019-5857: Comparison of -0 and null yields crash.
  - CVE-2019-5858: Insufficient filtering of Open URL service parameters.
  - CVE-2019-5859: res: URIs can load alternative browsers.
  - CVE-2019-5860: Use-after-free in PDFium.
  - CVE-2019-5861: Click location incorrectly checked.
  - CVE-2019-5862: AppCache not robust to compromised renderers.
  - CVE-2019-5863: Use-after-free in WebUSB on Windows.
  - CVE-2019-5864: Insufficient port filtering in CORS for extensions.
  - CVE-2019-5865: Site isolation bypass from compromised renderer.
* Fri May 03 2019 Alexey Gladkov <legion at altlinux> 74.0.3729.131-alt1
- New version (74.0.3729.131).
- Security fixes:
  - CVE-2019-5805: Use after free in PDFium.
  - CVE-2019-5806: Integer overflow in Angle.
  - CVE-2019-5807: Memory corruption in V8.
  - CVE-2019-5808: Use after free in Blink.
  - CVE-2019-5809: Use after free in Blink.
  - CVE-2019-5810: User information disclosure in Autofill.
  - CVE-2019-5811: CORS bypass in Blink.
  - CVE-2019-5812: URL spoof in Omnibox on iOS.
  - CVE-2019-5813: Out of bounds read in V8.
  - CVE-2019-5814: CORS bypass in Blink.
  - CVE-2019-5815: Heap buffer overflow in Blink.
  - CVE-2019-5816: Exploit persistence extension on Android.
  - CVE-2019-5817: Heap buffer overflow in Angle on Windows.
  - CVE-2019-5818: Uninitialized value in media reader.
  - CVE-2019-5819: Incorrect escaping in developer tools.
  - CVE-2019-5820: Integer overflow in PDFium.
  - CVE-2019-5821: Integer overflow in PDFium.
  - CVE-2019-5822: CORS bypass in download manager.
  - CVE-2019-5823: Forced navigation from service worker.
  - CVE-2019-5824: Parameter passing error in media player.
  - CVE-2019-5825: Out-of-bounds write in V8
  - CVE-2019-5826: Use-after-free in IndexedDB
  - CVE-2019-5827: Out-of-bounds access in SQLite.
* Mon Mar 18 2019 Alexey Gladkov <legion at altlinux> 73.0.3683.75-alt1
- New version (73.0.3683.75).
- Security fixes:
  - CVE-2019-5787: Use after free in Canvas.
  - CVE-2019-5788: Use after free in FileAPI.
  - CVE-2019-5789: Use after free in WebMIDI.
  - CVE-2019-5790: Heap buffer overflow in V8.
  - CVE-2019-5791: Type confusion in V8.
  - CVE-2019-5792: Integer overflow in PDFium.
  - CVE-2019-5793: Excessive permissions for private API in Extensions.
  - CVE-2019-5794: Security UI spoofing.
  - CVE-2019-5795: Integer overflow in PDFium.
  - CVE-2019-5796: Race condition in Extensions.
  - CVE-2019-5797: Race condition in DOMStorage.
  - CVE-2019-5798: Out of bounds read in Skia.
  - CVE-2019-5799: CSP bypass with blob URL.
  - CVE-2019-5800: CSP bypass with blob URL.
  - CVE-2019-5801: Incorrect Omnibox display on iOS.
  - CVE-2019-5802: Security UI spoofing.
  - CVE-2019-5803: CSP bypass with Javascript URLs'.
  - CVE-2019-5804: Command line command injection on Windows.
* Sun Mar 03 2019 Alexey Gladkov <legion at altlinux> 72.0.3626.121-alt1
- New version (72.0.3626.121).
* Mon Feb 04 2019 Alexey Gladkov <legion at altlinux> 72.0.3626.81-alt1
- New version (72.0.3626.81).
- Security fixes:
  - CVE-2019-5754: Inappropriate implementation in QUIC Networking.
  - CVE-2019-5755: Inappropriate implementation in V8.
  - CVE-2019-5756: Use after free in PDFium.
  - CVE-2019-5757: Type Confusion in SVG.
  - CVE-2019-5758: Use after free in Blink.
  - CVE-2019-5759: Use after free in HTML select elements.
  - CVE-2019-5760: Use after free in WebRTC.
  - CVE-2019-5761: Use after free in SwiftShader.
  - CVE-2019-5762: Use after free in PDFium.
  - CVE-2019-5763: Insufficient validation of untrusted input in V8.
  - CVE-2019-5764: Use after free in WebRTC.
  - CVE-2019-5765: Insufficient policy enforcement in the browser.
  - CVE-2019-5766: Insufficient policy enforcement in Canvas.
  - CVE-2019-5767: Incorrect security UI in WebAPKs.
  - CVE-2019-5768: Insufficient policy enforcement in DevTools.
  - CVE-2019-5769: Insufficient validation of untrusted input in Blink.
  - CVE-2019-5770: Heap buffer overflow in WebGL.
  - CVE-2019-5771: Heap buffer overflow in SwiftShader.
  - CVE-2019-5772: Use after free in PDFium.
  - CVE-2019-5773: Insufficient data validation in IndexedDB.
  - CVE-2019-5774: Insufficient validation of untrusted input in SafeBrowsing.
  - CVE-2019-5775: Insufficient policy enforcement in Omnibox.
  - CVE-2019-5776: Insufficient policy enforcement in Omnibox.
  - CVE-2019-5777: Insufficient policy enforcement in Omnibox.
  - CVE-2019-5778: Insufficient policy enforcement in Extensions.
  - CVE-2019-5779: Insufficient policy enforcement in ServiceWorker.
  - CVE-2019-5780: Insufficient policy enforcement.
  - CVE-2019-5781: Insufficient policy enforcement in Omnibox.
  - CVE-2019-5782: Inappropriate implementation in V8.
  - CVE-2019-5783: Insufficient validation of untrusted input in DevTools.
* Fri Dec 14 2018 Alexey Gladkov <legion at altlinux> 71.0.3578.98-alt1
- New version (71.0.3578.98).
- Security fixes:
  - CVE-2018-17481: Use after free in PDFium.
* Wed Nov 07 2018 Alexey Gladkov <legion at altlinux> 70.0.3538.77-alt1
- New version (70.0.3538.77).
* Mon Oct 22 2018 Alexey Gladkov <legion at altlinux> 70.0.3538.67-alt1
- New version (70.0.3538.67).
- Security fixes:
  - CVE-2018-17462: Sandbox escape in AppCache.
  - CVE-2018-17463: Remote code execution in V8.
  - CVE to be assigned: Heap buffer overflow in Little CMS in PDFium.
  - CVE-2018-17464: URL spoof in Omnibox.
  - CVE-2018-17465: Use after free in V8.
  - CVE-2018-17466: Memory corruption in Angle.
  - CVE-2018-17467: URL spoof in Omnibox.
  - CVE-2018-17468: Cross-origin URL disclosure in Blink.
  - CVE-2018-17469: Heap buffer overflow in PDFium.
  - CVE-2018-17470: Memory corruption in GPU Internals.
  - CVE-2018-17471: Security UI occlusion in full screen mode.
  - CVE-2018-17472: iframe sandbox escape on iOS.
  - CVE-2018-17473: URL spoof in Omnibox.
  - CVE-2018-17474: Use after free in Blink.
  - CVE-2018-17475: URL spoof in Omnibox.
  - CVE-2018-17476: Security UI occlusion in full screen mode.
  - CVE-2018-5179: Lack of limits on update() in ServiceWorker.
  - CVE-2018-17477: UI spoof in Extensions.
* Thu Oct 11 2018 Alexey Gladkov <legion at altlinux> 69.0.3497.100-alt1
- New version (69.0.3497.100).
- Add symlink /usr/bin/chromium -> chromium-browser.
* Wed Sep 05 2018 Alexey Gladkov <legion at altlinux> 69.0.3497.81-alt1
Note: changelog entry for 69.0.3497.100-alt0.mips1 not found.

edid-decode - EDID decoder and conformance tester
* Wed Aug 26 2020 Sergey Bolshakov <sbolshakov at altlinux> 20200720-alt1
- updated from git.56dd103
* Thu Mar 15 2018 Igor Vlasenko <viy at altlinux> 20170207-alt1.1

featherpad - A lightweight Qt5 plain-text editor for Linux
* Wed Aug 26 2020 Leontiy Volodin <lvol at altlinux> 0.15.0-alt1
- new version 0.15.0
* Sun Jun 14 2020 Leontiy Volodin <lvol at altlinux> 0.14.2-alt1

firmware-linux - Firmware files used by the Linux kernel        	[116M]
* Wed Aug 26 2020 Cronbuild Service <cronbuild at altlinux> 20200819-alt1
- upstream changes (GIT 74bd44f):
  + amdgpu: add navi12 firmware from 20.30 (thx Alex Deucher)
  + amdgpu: update navi10 firmware for 20.30 (thx Alex Deucher)
* Tue Aug 18 2020 Cronbuild Service <cronbuild at altlinux> 20200817-alt1

foomatic-db - Foomatic printer database
* Wed Aug 26 2020 Cronbuild Service <cronbuild at altlinux> 4.0.20200826-alt1
- repocop cronbuild 20200826. At your service.
* Wed May 27 2020 Cronbuild Service <cronbuild at altlinux> 4.0.20200527-alt1

iputils - Utilities for IPv4/IPv6 networking
* Tue Aug 25 2020 Mikhail Efremov <sem at altlinux> 20200821-alt1
- Dropped libsysfs-devel from BR.
- Dropped libssl-devel from BR.
- 20190709 -> 20200821.
* Wed Nov 27 2019 Mikhail Efremov <sem at altlinux> 20190709-alt2

libvncserver - An easy API to write one's own VNC server
* Tue Aug 25 2020 Sergey V Turchin <zerg at altlinux> 0.9.13-alt1
- new version
- security (fixes: CVE-2018-21247, CVE-2019-20839, CVE-2019-20840,
	CVE-2020-14396, CVE-2020-14397, CVE-2020-14398, CVE-2020-14399,
	CVE-2020-14400, CVE-2020-14401, CVE-2020-14402, CVE-2020-14403,
	CVE-2020-14404, CVE-2020-14405)
* Fri Aug 30 2019 Sergey V Turchin <zerg at altlinux> 0.9.12-alt2

mlt - Multimedia framework designed for television broadcasting
* Tue Aug 25 2020 Sergey V Turchin <zerg at altlinux> 6.22.1-alt1
- new version
* Thu Jun 11 2020 Sergey V Turchin <zerg at altlinux> 6.20.0-alt1

nagwad - Nagios watch daemon
* Mon Aug 24 2020 Paul Wolneykien <manowar at altlinux> 0.9.12-alt1
- Fixed the 'device' NRPE command.
- Fix: Really add print.regexp.
* Wed Aug 19 2020 Paul Wolneykien <manowar at altlinux> 0.9.11-alt1

pciids - Repository of PCI IDs (pci.ids database)
* Tue Aug 25 2020 Cronbuild Service <cronbuild at altlinux> 20200825-alt1
- repocop cronbuild 20200825. At your service.
* Tue Aug 18 2020 Cronbuild Service <cronbuild at altlinux> 20200818-alt1

python3-module-PySide2 - Python bindings for the Qt 5 cross-platform application and UI framework
* Tue Aug 25 2020 Sergey V Turchin <zerg at altlinux> 5.15.0-alt2
- use g++ on p9
* Tue Aug 11 2020 Sergey V Turchin <zerg at altlinux> 5.15.0-alt1

python3-module-pyftpdlib - Python FTP server library
* Tue Aug 25 2020 Grigory Ustinov <grenka at altlinux> 1.5.6-alt2
- Fix obsoletes tag.
* Thu Feb 27 2020 Grigory Ustinov <grenka at altlinux> 1.5.6-alt1

python3-module-radon - Various code metrics for Python code
* Wed Aug 26 2020 Grigory Ustinov <grenka at altlinux> 4.2.0-alt1
- Automatically updated to 4.2.0.
* Wed Feb 12 2020 Grigory Ustinov <grenka at altlinux> 4.1.0-alt1

sddm - Lightweight QML-based display manager
* Wed Aug 26 2020 Sergey V Turchin <zerg at altlinux> 0.18.1-alt8
- enable virtual keyboard by default
* Tue Aug 25 2020 Sergey V Turchin <zerg at altlinux> 0.18.1-alt7
- don't force disable virtual keyboard
* Thu Feb 27 2020 Oleg Solovyov <mcpain at altlinux> 0.18.1-alt6

sisyphus_check - package checker for Sisyphus
* Wed Aug 26 2020 Dmitry V. Levin <ldv at altlinux> 0.8.58-alt1
- 100-check-deps: changed the wording of the error diagnostics
  introduced in the previous release.
* Mon Aug 24 2020 Dmitry V. Levin <ldv at altlinux> 0.8.57-alt1

tracker - Tracker is a powerfull desktop-oriented search tool and indexer
* Tue Aug 25 2020 Yuri N. Sedunov <aris at altlinux> 2.3.5-alt1
- 2.3.5
* Tue Mar 10 2020 Yuri N. Sedunov <aris at altlinux> 2.3.4-alt1

tracker-miners - Tracker is a powerfull desktop-oriented search tool and indexer
* Tue Aug 25 2020 Yuri N. Sedunov <aris at altlinux> 2.3.4-alt1
- 2.3.4
* Tue Mar 10 2020 Yuri N. Sedunov <aris at altlinux> 2.3.3-alt1

vulkan - Khronos group Vulkan API SDK
* Tue Aug 25 2020 Ivan A. Melnikov <iv at altlinux> 1.2.141-alt1.1.0.mips1
- Link with libatomic on %mips32.
* Tue Jul 14 2020 L.A. Kostis <lakostis at altlinux> 1.2.141-alt1.1
- Applied fix for e2k (by @mike):
  + E2K: ftbfs workaround (selective -Wno-error).
* Fri Jun 05 2020 L.A. Kostis <lakostis at altlinux> 1.2.141-alt1
Note: changelog entry for 1.2.141-alt1.0.mips1 not found.

Total 10664 source packages.


More information about the Sisyphus-mipsel-reports mailing list