Closed
Milestone
expired on May 1, 2017
3.6.0
Stable 3.6 release
(from redmine: created on 2016-12-22)
Unstarted Issues (open and unassigned)
0
Ongoing Issues (open and assigned)
0
Completed Issues (closed)
66
- [3.6] dropbear: Multiple vulnerabilities (CVE-2017-9078, CVE-2017-9079)
- [3.6] xen: Multiple issues (CVE-2017-8903, CVE-2017-8904)
- [3.6] gst-plugins-ugly1: Multiple issues (CVE-2017-5846, CVE-2017-5847)
- [3.6] icu: multiple issues (CVE-2017-7867, CVE-2017-7868)
- [3.6] binutils: NULL pointer dereference in bfd_elf_final_link function (CVE-2017-7614)
- [3.6] elfutils: Multiple issues (CVE-2017-7607, CVE-2017-7608)
- [3.6] bind: Multiple vulnerabilities (CVE-2017-3136, CVE-2017-3137, CVE-2017-3138)
- [3.6] curl: write-out out of buffer read (CVE-2017-7407)
- [3.6] tiff: Multiple vulnerabilities (CVE-2017-7592, CVE-2017-7593, CVE-2017-7594, CVE-2017-7595, CVE-2017-7596, CVE-2017-7597, CVE-2017-7598, CVE-2017-7599, CVE-2017-7600, CVE-2017-7601, CVE-2017-7602)
- [3.6] py-django: security issues (CVE-2017-7233, CVE-2017-7234)
- [3.6] wget: CRLF injection in the url_parse function in url.c (CVE-2017-6508)
- [3.6] libxslt: integer overflow in xsltAddTextString (CVE-2017-5029)
- [3.6] samba: Symlink race allows access outside share definition (CVE-2017-2619)
- [3.6] gtk-vnc: two input validation flaws (CVE-2017-5884, CVE-2017-5885)
- [3.6] wireshark: Multiple issues (CVE-2017-6467, CVE-2017-6468, CVE-2017-6469, CVE-2017-6470, CVE-2017-6471, CVE-2017-6472, CVE-2017-6473, CVE-2017-6474)
- [3.6] podofo: Multiple vulnerabilities (CVE-2017-6840, CVE-2017-6841, CVE-2017-6842, CVE-2017-6848)
- [3.6] mariadb: Multiple vulnerabilities (CVE-2017-3313, CVE-2017-3302)
- [3.6] pidgin: Out-of-bounds write when stripping xml (CVE-2017-2640)
- [3.6] munin: Local file write vulnerability with CGI graphs enabled (CVE-2017-6188)
- [3.6] xen: Multiple issues (XSA-207, CVE-2017-2615, CVE-2017-2620)
- [3.6] webkit2gtk: Several vulnerabilities (CVE-2017-2350, CVE-2017-2354, CVE-2017-2355, CVE-2017-2356, CVE-2017-2362, CVE-2017-2363, CVE-2017-2364, CVE-2017-2365, CVE-2017-2366, CVE-2017-2369, CVE-2017-2371, CVE-2017-2373)
- [3.6] ffmpeg: heap overflows (CVE-2017-5024, CVE-2017-5025)
- [3.6] vim: Tree length values not validated properly when handling a spell file (CVE-2017-5953)
- [3.6] postfixadmin: allows to delete protected aliases (CVE-2017-5930)
- [3.6] bind: Combination of DNS64 and RPZ Can Lead to Crash (CVE-2017-3135)
- [3.6] wavpack: multiple out of bounds memory reads (CVE-2016-10169, CVE-2016-10170, CVE-2016-10171, CVE-2016-10172)
- [3.6] libevent: Multiple issues (CVE-2016-10195, CVE-2016-10196, CVE-2016-10197)
- [3.6] libarchive: Out of bounds read in lha_read_file_header_1() function (CVE-2017-5601)
- [3.6] chromium: Multiple vulnerabilities (CVE-2017-5006, CVE-2017-5007, CVE-2017-5008, CVE…CVE-2017-5019, CVE-2017-5020, CVE-2017-5021, CVE-2017-5022, CVE-2017-5023, CVE-2017-5024, CVE-2017-5025, CVE-2017-5026)
- [3.6] lcms2: Out-of-bounds read in Type_MLU_Read() (CVE-2016-10165)
- [3.6] libxpm: Out-of-bounds write in XPM extension parsing (CVE-2016-10164)
- [3.6] firefox-esr: Security vulnerabilities (CVE-2017-5373, CVE-2017-5375, CVE-2017-5376, CVE-2017-5378, CVE-2017-5380, CVE-2017-5383, CVE-2017-5386, CVE-2017-5390, CVE-2017-5396)
- [3.6] libgit2: Multiple vulnerabilities (CVE-2016-10128, CVE-2016-10129, CVE-2016-10130)
- [3.6] tiff: Heap-buffer overflow in tools/tiffcp via crafted BitsPerSample value (CVE-2017-5225)
- [3.6] Screen: root exploit 4.5.0
- [3.6] mariadb: Multiple vulnerabilities (CVE-2016-6664, CVE-2017-3238, CVE-2017-3243, CVE-2017-3244, CVE-2017-3257, CVE-2017-3258, CVE-2017-3265, CVE-2017-3291, CVE-2017-3312, CVE-2017-3317, CVE-2017-3318)
- [3.6] bind: Multiple security issues (CVE-2016-9131, CVE-2016-9147, CVE-2016-9444)
- [3.6] bash: popd controlled free (CVE-2016-9401)
- [3.6] libvncserver: heap buffer overflows (CVE-2016-9941, CVE-2016-9942)
- [3.6] phpmyadmin: Multiple vulnerabilities (Various CVEs)
- Privacy and security patches for Chromium
- zabbix-webif needs php-xmlwriter
- zabbix issue with php 7.1
- Bump openjdk8 to 8u131 to fix multiple CVEs
- xenqemu crashed
- nextcloud-11.0.3-r1 missing dependencies - php7-session php7-mbstring
- [setup-alpine] wifi script doesn't allow spaces on password
- Update llvm-libunwind and add libc++abi and libc++
- nextcloud-mysql depends on php7-mysql
- gearmand: update to 1.1.15
- Problem is php7-pdo_mysql (PHP Startup: Unable to load dynamic library)
- Please enable CONFIG_CROS_KBD_LED_BACKLIGHT for the -grsec kernel
- [3.6] xorg-server: timing attack against MIT Cookie (CVE-2017-2624)
- [3.6] libice: weak entropy usage in session keys (CVE-2017-2626)
- dnsmasq does not support DNSSEC
- [3.6] qemu: Multiple vulnerabilities (CVE-2016-7994, CVE…. CVE-2017-5857, CVE-2017-5898, CVE-2017-5931, CVE-2017-2615, CVE-2017-2620)
- [3.6] wireshark: Memory exhaustion/infinite loop via malformed STANAG 4607 capture file (CVE-2017-6014)
- [3.6] jasper: Multiple vulnerabilities (CVE-2016-1867, CVE-2016-8654, CVE-2016-8691, CVE-2016-8692, CVE-2016-8693, CVE-2016-8882, CVE-2016-8883, CVE-2016-9560)
- PHP7 gd library broken
- CUPS error after update
- setup-apkrepos fails
- etcd not building properly
- virtualbox guest additions (virtualbox-guest-modules-grsec) - vboxsf cannot mount shared folder
- asterisk: voicemail-imap
- Alpine Linux support for IBM ThinkPad T20
- Package request: elfutils
Loading
Loading
Loading