[no description] https://git.osdyson.ru/mirror/pkgsrc/atom?h=pkgsrc-2014Q2 2014-09-13T18:04:50Z 2014-09-13T18:04:50Z tron tron@pkgsrc.org 2014-09-13T18:04:50Z urn:sha1:c2933c6e70c0e0131d7e1cf58af65e4e6c2ebd4b 2014-09-11T19:16:33Z tron tron@pkgsrc.org 2014-09-11T19:16:33Z urn:sha1:45bafdd4ff75d5774f9cec84f34ee1fbc7c0c2a4 emulators/suse131_base: security update Revisions pulled up: - emulators/suse131_base/Makefile 1.9 via patch - emulators/suse131_base/distinfo 1.7 --- Module Name: pkgsrc Committed By: obache Date: Thu Sep 11 09:28:51 UTC 2014 Modified Files: pkgsrc/emulators/suse131_base: Makefile distinfo Log Message: Bump suse131_base to nb5. openSUSE Security Update: glibc ___________________________________________________________________________ ___ Announcement ID: openSUSE-SU-2014:1115-1 Rating: important References: #887022 #892073 #894553 Cross-References: CVE-2014-0475 CVE-2014-5119 CVE-2014-6040 Affected Products: openSUSE 13.1 openSUSE 12.3 ___________________________________________________________________________ ___ An update that fixes three vulnerabilities is now available. Description: glibc was updated to fix three security issues: - A directory traversal in locale environment handling was fixed (CVE-2014-0475, bnc#887022, GLIBC BZ #17137) - Disable gconv transliteration module loading which could be used for code execution (CVE-2014-5119, bnc#892073, GLIBC BZ #17187) - Fix crashes on invalid input in IBM gconv modules (CVE-2014-6040, bnc#894553, BZ #17325) 2014-08-22T17:29:35Z tron tron@pkgsrc.org 2014-08-22T17:29:35Z urn:sha1:80d93a53557bb91f637562ae77f39077aaf0d5af emulators/suse131_krb5: security update Revisions pulled up: - emulators/suse131_krb5/Makefile 1.2 - emulators/suse131_krb5/distinfo 1.2 --- Module Name: pkgsrc Committed By: obache Date: Fri Aug 22 09:01:56 UTC 2014 Modified Files: pkgsrc/emulators/suse131_krb5: Makefile distinfo Log Message: openSUSE Security Update: krb5 ___________________________________________________________________________ ___ Announcement ID: openSUSE-SU-2014:0977-1 Rating: low References: #886016 #888697 Cross-References: CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 CVE-2014-4344 Affected Products: openSUSE 13.1 openSUSE 12.3 ___________________________________________________________________________ ___ An update that fixes four vulnerabilities is now available. Description: The following security isses are fixed in this update: CVE-2014-4341 CVE-2014-4342: denial of service flaws when handling RFC 1964 tokens (bnc#886016) CVE-2014-4343 CVE-2014-4344: multiple flaws in SPNEGO (bnc#888697) 2014-08-22T17:27:48Z tron tron@pkgsrc.org 2014-08-22T17:27:48Z urn:sha1:d6f21dc523ed75028dd61f575c73c39aaadc3d7e emulators/suse131_libtiff: security update Revisions pulled up: - emulators/suse131_libtiff/Makefile 1.2 - emulators/suse131_libtiff/distinfo 1.2 --- Module Name: pkgsrc Committed By: obache Date: Fri Aug 22 08:54:08 UTC 2014 Modified Files: pkgsrc/emulators/suse131_libtiff: Makefile distinfo Log Message: openSUSE Security Update: update for jbigkit ___________________________________________________________________________ ___ Announcement ID: openSUSE-SU-2014:0978-1 Rating: moderate References: #870855 Cross-References: CVE-2013-6369 Affected Products: openSUSE 13.1 openSUSE 12.3 ___________________________________________________________________________ ___ An update that fixes one vulnerability is now available. Description: The following security issue is fixed in this update - [bnc#870855] - CVE-2013-6369: jbigkit buffer overflow 2014-08-22T17:13:34Z tron tron@pkgsrc.org 2014-08-22T17:13:34Z urn:sha1:3582c4fcdfca303c86a35a5efc984985c90af966 emulators/suse131_openssl: security update Revisions pulled up: - emulators/suse131_openssl/Makefile 1.10 - emulators/suse131_openssl/distinfo 1.10 --- Module Name: pkgsrc Committed By: obache Date: Fri Aug 22 08:43:09 UTC 2014 Modified Files: pkgsrc/emulators/suse131_openssl: Makefile distinfo Log Message: openSUSE Security Update: update for openssl ___________________________________________________________________________ ___ Announcement ID: openSUSE-SU-2014:1052-1 Rating: moderate References: #890764 #890765 #890766 #890767 #890768 #890769 #890770 #890771 #890772 Cross-References: CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-5139 Affected Products: openSUSE 13.1 openSUSE 12.3 ___________________________________________________________________________ ___ An update that fixes 9 vulnerabilities is now available. Description: This openssl update fixes the following security issues: - openssl 1.0.1i * Information leak in pretty printing functions (CVE-2014-3508) * Crash with SRP ciphersuite in Server Hello message (CVE-2014-5139) * Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509) * Double Free when processing DTLS packets (CVE-2014-3505) * DTLS memory exhaustion (CVE-2014-3506) * DTLS memory leak from zero-length fragments (CVE-2014-3507) * OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510) * OpenSSL TLS protocol downgrade attack (CVE-2014-3511) * SRP buffer overrun (CVE-2014-3512) 2014-08-02T12:22:57Z tron tron@pkgsrc.org 2014-08-02T12:22:57Z urn:sha1:ce476ddc178be933ace52c5bc953e67d9b8be13a emulators/suse131_mozilla-nss: security update Revisions pulled up: - emulators/suse131_mozilla-nss/Makefile 1.4 - emulators/suse131_mozilla-nss/distinfo 1.4 --- Module Name: pkgsrc Committed By: obache Date: Fri Aug 1 09:28:47 UTC 2014 Modified Files: pkgsrc/emulators/suse131_mozilla-nss: Makefile distinfo Log Message: Appy openSUSE-SU-2014:0939-1, fixes CVE-2014-1544. Bump PKGREVISION. 2014-07-26T10:08:16Z tron tron@pkgsrc.org 2014-07-26T10:08:16Z urn:sha1:6f5280dc0b5ac9a40f6831ed0de548e1006efeea emulators/suse131_libdbus: security update Revisions pulled up: - emulators/suse131_libdbus/Makefile 1.4 - emulators/suse131_libdbus/distinfo 1.3 --- Module Name: pkgsrc Committed By: obache Date: Mon Jul 21 08:18:11 UTC 2014 Modified Files: pkgsrc/emulators/suse131_libdbus: Makefile distinfo Log Message: Apply security update for suse131_libdbus. Bump PKGREVISION. openSUSE Security Update: dbus-1: fixes several issues ___________________________________________________________________________ ___ Announcement ID: openSUSE-SU-2014:0926-1 Rating: moderate References: #885241 Affected Products: openSUSE 13.1 ___________________________________________________________________________ ___ An update that contains security fixes can now be installed. Description: CVE-2014-3532 CVE-2014-3533 bnc#885241 fdo#80163 fdo#79694 fdo#80469 2014-06-29T18:11:32Z dholland dholland@pkgsrc.org 2014-06-29T18:11:32Z urn:sha1:a25b285571cb136fa392775bfeb7744a3147f0c9 2014-06-28T21:20:06Z dholland dholland@pkgsrc.org 2014-06-28T21:20:06Z urn:sha1:72a8c6a8a47d5f81f1f877c9dd6f6ef622873453 2014-06-27T00:07:27Z asau asau@pkgsrc.org 2014-06-27T00:07:27Z urn:sha1:a5160769fe4d7b7e538bf7d75ab9a99afc59685d