4 UPDATED packages freerdp3 - Remote Desktop Protocol functionality * Sun Apr 12 2026 Andrey Cherepanov <cas@altlinux> 3.24.2-alt1 - New version (fixes: CVE-2026-33995, CVE-2026-33987, CVE-2026-33986, CVE-2026-33985, CVE-2026-33984, CVE-2026-33983, CVE-2026-33982, CVE-2026-33977, CVE-2026-33952). * Thu Mar 19 2026 Andrey Cherepanov <cas@altlinux> 3.24.1-alt1 - New version (fixes: CVE-2026-29774, CVE-2026-29775, CVE-2026-29776, CVE-2026-31806, CVE-2026-31883, CVE-2026-31884, CVE-2026-31885, CVE-2026-31897). * Thu Feb 26 2026 Alexander Danilov <admsasha@altlinux> 3.23.0-alt1 - New version (fixes: CVE-2026-26965, CVE-2026-26955, CVE-2026-26271, CVE-2026-25997, CVE-2026-25959, CVE-2026-25955, CVE-2026-25954, CVE-2026-25953 CVE-2026-25952 CVE-2026-25942 CVE-2026-25941). * Tue Feb 10 2026 Alexander Danilov <admsasha@altlinux> 3.22.0-alt1 - New version (fixes: CVE-2026-23948, CVE-2026-24491, CVE-2026-24675, CVE-2026-24676, CVE-2026-24677, CVE-2026-24678, CVE-2026-24679, CVE-2026-24680, CVE-2026-24681, CVE-2026-24682, CVE-2026-24683, CVE-2026-24684). * Wed Jan 21 2026 Andrey Cherepanov <cas@altlinux> 3.21.0-alt1
jansson - C library for encoding, decoding and manipulating JSON data * Wed Dec 04 2024 Anton Farygin <rider@altlinux> 2.14-alt4 - fixed libdir location in pkgconfig file * Mon Dec 02 2024 Anton Farygin <rider@altlinux> 2.14-alt3 - dependencies for the building of documentation changed from python3-module-sphinx to /usr/bin/sphinx-build to simplify the backport in stable branches * Mon Dec 02 2024 Anton Farygin <rider@altlinux> 2.14-alt2 - built with cmake * Fri Nov 29 2024 Anton Farygin <rider@altlinux> 2.14-alt1 - 2.13.1 -> 2.14 - updated homepage URL - renamed according to SharedLibsPolicy * Tue May 18 2021 Slava Aseev <ptrnine@altlinux> 2.13.1-alt2 json-c - JSON implementation in C * Thu Apr 09 2026 Andrey Cherepanov <cas@altlinux> 0.18-alt0.c10.1 - Backported to c10 branch. * Wed Sep 25 2024 Alexey Shabalin <shaba@altlinux> 0.18-alt1 - Updated to 0.18 - Not relocate shared libraries to /lib. * Thu Oct 19 2023 Alexey Shabalin <shaba@altlinux> 0.17-alt1 sudo - Allows command execution as another user * Tue Apr 28 2026 Evgeny Sinelnikov <sin@altlinux> 1:1.9.17p2-alt2 - Security release (fixes: CVE-2026-35535): + Privilege escalation via ignored setuid/setgid/setgroups failures during mailer privilege drop (sudo before 3e474c2). - Add check section with make check to run test suite during package build. * Wed Oct 22 2025 Evgeny Sinelnikov <sin@altlinux> 1:1.9.17p2-alt1 - Update to latest stable bugfix release: - Major fixes from upstream: + Fixed a rare bug causing system-wide SIGHUP signals (GitHub#458). + Fixed a crash when using 'intercept' options with large arguments or environment (GitHub#453). * Tue Jul 01 2025 Evgeny Sinelnikov <sin@altlinux> 1:1.9.17p1-alt1 - Update to latest stable bugfix and security release (upstream fix of CVE-2025-32462, CVE-2025-32463 applied in 1.9.16p2-alt3): + Fixed a crash in sudo which could occur if there was a fatal error after the user was validated but before the command was actually run. + Fixed a problem with the pwfeedback option where an initial backspace would reduce the maximum length allowed for the password (GitHub#439). + Fixed a bug where a user could avoid entering a password for sudo -l command if they specified their own user or group name via the -u or -g options. + Avoid potential password guessing based on timing attacks on the strcmp() function on systems without PAM or a crypt() function where plaintext passwords are stored in the shadow password file. + Fixed a potential information leak where sudo -l command could be used to determine whether an executable exists in a directory that they do not have search access to. + Fixed a problem running sudo from a serial console on Linux when the command is run in a pseudo-terminal (the default). + Fixed a bug where the ALL command in a sudoers rule would override a previous NOSETENV tag. Command tags are inherited from previous Cmnds in a Cmnd_Spec_List. There is a special case for the SETENV tag with the ALL command, where SETENV is implied if no explicit SETENV or NOSETENV tag is specified. This special case did not take into account that a NOSETENV tag that was inherited should override this behavior. - Fixes in behavior: + The ignore_dot sudoers setting is now on by default. + If sudo is run via ssh without a terminal and a password is required, it now suggest using ssh's -t option. + Sudo uses TCSAFLUSH, not TCSADRAIN, when disabling echo once again. A long time ago sudo changed from using TCSAFLUSH to TCSADRAIN due to some systems having bugs related to TCSAFLUSH. That should no longer be a concern. Using TCSAFLUSH ensures that password input that has been received by the kernel, but not yet read by sudo, will be discarded and not echoed. + Added the SUDO_TTY environment variable if the user has a terminal. This can be used to find the user's original tty device when sudo runs the command in its own pseudo-terminal (GitHub#447). * Tue Jul 01 2025 Evgeny Sinelnikov <sin@altlinux> 1:1.9.16p2-alt3 Total 19078 source packages. _______________________________________________ Sisyphus-cybertalk mailing list [email protected] https://lists.altlinux.org/mailman/listinfo/sisyphus-cybertalk
