forked from products/PackageHub
Compare commits
17 Commits
maintenanc
...
add_doomsd
| Author | SHA256 | Date | |
|---|---|---|---|
| a75756a1dd | |||
| a5e36132b4 | |||
|
93d5c851b6 | ||
| 735cc2c65c | |||
|
|
50931b6594 | ||
| f0977f2467 | |||
|
|
c7f5c5003b | ||
|
|
1c6a2a337d | ||
| 32bc2761d5 | |||
|
|
255b0dece9 | ||
| eb62b13642 | |||
|
|
8c4efc438b | ||
| b2bd4b1f94 | |||
|
|
4cfc011cfb | ||
| c10ac83930 | |||
| b32cb083da | |||
| fae13248f7 |
8
.gitmodules
vendored
8
.gitmodules
vendored
@@ -3070,6 +3070,10 @@
|
||||
path = dom2-core-tests
|
||||
url = ../../pool/dom2-core-tests
|
||||
branch = leap-16.0
|
||||
[submodule "doomsday"]
|
||||
path = doomsday
|
||||
url = ../../pool/doomsday
|
||||
branch = leap-16.0
|
||||
[submodule "dosbox"]
|
||||
path = dosbox
|
||||
url = ../../pool/dosbox
|
||||
@@ -13754,6 +13758,10 @@
|
||||
path = perl-Mojolicious-Plugin-OAuth2
|
||||
url = ../../pool/perl-Mojolicious-Plugin-OAuth2
|
||||
branch = leap-16.0
|
||||
[submodule "perl-Mojolicious-Plugin-OpenAPI"]
|
||||
path = perl-Mojolicious-Plugin-OpenAPI
|
||||
url = ../../pool/perl-Mojolicious-Plugin-OpenAPI
|
||||
branch = leap-16.0
|
||||
[submodule "perl-Mojolicious-Plugin-Webpack"]
|
||||
path = perl-Mojolicious-Plugin-Webpack
|
||||
url = ../../pool/perl-Mojolicious-Plugin-Webpack
|
||||
|
||||
2
chromium
2
chromium
Submodule chromium updated: 3f92896b06...ff3414e963
1
doomsday
Submodule
1
doomsday
Submodule
Submodule doomsday added at 259fda21db
Submodule evolution updated: 5caf1853e4...49eb134ec6
30
patchinfo.20260204115012215375.93181000773252/_patchinfo
Normal file
30
patchinfo.20260204115012215375.93181000773252/_patchinfo
Normal file
@@ -0,0 +1,30 @@
|
||||
<patchinfo incident="packagehub-113">
|
||||
<issue tracker="bnc" id="1257403">VUL-0: CVE-2025-14550: python-Django,python3-Django,python-Django6: Potential denial-of-service vulnerability via repeated headers when using ASGI</issue>
|
||||
<issue tracker="bnc" id="1257406">VUL-0: CVE-2026-1285: python-Django,python3-Django,python-Django6: Potential denial-of-service vulnerability in django.utils.text.Truncator HTML methods</issue>
|
||||
<issue tracker="bnc" id="1257405">VUL-0: CVE-2026-1207: python-Django,python3-Django,python-Django6: Potential SQL injection via raster lookups on PostGIS</issue>
|
||||
<issue tracker="cve" id="2026-1207"/>
|
||||
<issue tracker="cve" id="2026-1312"/>
|
||||
<issue tracker="cve" id="2026-1287"/>
|
||||
<issue tracker="bnc" id="1257407">VUL-0: CVE-2026-1287: python-Django,python3-Django,python-Django6: Potential SQL injection in column aliases via control characters</issue>
|
||||
<issue tracker="cve" id="2025-13473"/>
|
||||
<issue tracker="bnc" id="1257401">VUL-0: CVE-2025-13473: python-Django,python3-Django,python-Django6: Username enumeration through timing difference in mod_wsgi authentication handler</issue>
|
||||
<issue tracker="bnc" id="1257408">VUL-0: CVE-2026-1312: python-Django,python3-Django,python-Django6: Potential SQL injection via QuerySet.order_by and FilteredRelation</issue>
|
||||
<issue tracker="cve" id="2025-14550"/>
|
||||
<issue tracker="cve" id="2026-1285"/>
|
||||
<packager>mcalabkova</packager>
|
||||
<rating>important</rating>
|
||||
<category>security</category>
|
||||
<summary>Security update for python-Django</summary>
|
||||
<description>This update for python-Django fixes the following issues:
|
||||
|
||||
Changes in python-Django:
|
||||
|
||||
- CVE-2026-1312: Fixed potential SQL injection via QuerySet.order_by and FilteredRelation (bsc#1257408).
|
||||
- CVE-2026-1287: Fixed potential SQL injection in column aliases via control characters (bsc#1257407).
|
||||
- CVE-2026-1207: Fixed potential SQL injection via raster lookups on PostGIS (bsc#1257405).
|
||||
- CVE-2026-1285: Fixed potential denial-of-service in django.utils.text.Truncator HTML methods (bsc#1257406).
|
||||
- CVE-2025-13473: Fixed username enumeration through timing difference in mod_wsgi authentication handler (bsc#1257401).
|
||||
- CVE-2025-14550: Fixed potential denial-of-service via repeated headers when using ASGI (bsc#1257403).
|
||||
</description>
|
||||
<package>python-Django</package>
|
||||
</patchinfo>
|
||||
22
patchinfo.20260204115510991084.93181000773252/_patchinfo
Normal file
22
patchinfo.20260204115510991084.93181000773252/_patchinfo
Normal file
@@ -0,0 +1,22 @@
|
||||
<patchinfo incident="packagehub-112">
|
||||
<issue tracker="cve" id="2026-1862"/>
|
||||
<issue tracker="cve" id="2026-1861"/>
|
||||
<issue tracker="bnc" id="1257650">VUL-0: chromium: release 144.0.7559.132</issue>
|
||||
<packager>oertel</packager>
|
||||
<rating>important</rating>
|
||||
<category>security</category>
|
||||
<summary>Security update for chromium</summary>
|
||||
<description>This update for chromium fixes the following issues:
|
||||
|
||||
Changes in chromium:
|
||||
|
||||
- Chromium 144.0.7559.132 (boo#1257650)
|
||||
* CVE-2026-1861: Heap buffer overflow in libvpx in Google Chrome
|
||||
prior to 144.0.7559.132 allowed a remote attacker to potentially
|
||||
exploit heap corruption via a crafted HTML page.
|
||||
* CVE-2026-1862: Type Confusion in V8 in Google Chrome prior to
|
||||
144.0.7559.132 allowed a remote attacker to potentially exploit
|
||||
heap corruption via a crafted HTML page.
|
||||
</description>
|
||||
<package>chromium</package>
|
||||
</patchinfo>
|
||||
@@ -1,4 +1,4 @@
|
||||
<patchinfo>
|
||||
<patchinfo incident="packagehub-109">
|
||||
<packager>letsfindaway</packager>
|
||||
<rating>moderate</rating>
|
||||
<category>recommended</category>
|
||||
@@ -11,4 +11,4 @@ Changes in OpenBoard:
|
||||
- update to release version 1.7.5
|
||||
</description>
|
||||
<package>OpenBoard</package>
|
||||
</patchinfo>
|
||||
</patchinfo>
|
||||
11
patchinfo.20260204120853139168.93181000773252/_patchinfo
Normal file
11
patchinfo.20260204120853139168.93181000773252/_patchinfo
Normal file
@@ -0,0 +1,11 @@
|
||||
<patchinfo incident="packagehub-111">
|
||||
<packager>eroca</packager>
|
||||
<rating>moderate</rating>
|
||||
<category>recommended</category>
|
||||
<summary>Recommended update for perl-Mojolicious-Plugin-OpenAPI</summary>
|
||||
<description>This update for perl-Mojolicious-Plugin-OpenAPI fixes the following issues:
|
||||
|
||||
Introduce perl-Mojolicious-Plugin-OpenAPI.
|
||||
</description>
|
||||
<package>perl-Mojolicious-Plugin-OpenAPI</package>
|
||||
</patchinfo>
|
||||
14
patchinfo.20260204160351183292.93181000773252/_patchinfo
Normal file
14
patchinfo.20260204160351183292.93181000773252/_patchinfo
Normal file
@@ -0,0 +1,14 @@
|
||||
<patchinfo incident="packagehub-110">
|
||||
<issue tracker="bnc" id="1256465">Week numbers are off by one in Evolution's calendar (Year view)</issue>
|
||||
<packager>mgorse</packager>
|
||||
<rating>moderate</rating>
|
||||
<category>recommended</category>
|
||||
<summary>Recommended update for evolution</summary>
|
||||
<description>This update for evolution fixes the following issues:
|
||||
|
||||
Changes in evolution:
|
||||
|
||||
- Fix incorrect week numbers in calendar year view (bsc#1256465).
|
||||
</description>
|
||||
<package>evolution</package>
|
||||
</patchinfo>
|
||||
11
patchinfo.20260209123942988001.93181000773252/_patchinfo
Normal file
11
patchinfo.20260209123942988001.93181000773252/_patchinfo
Normal file
@@ -0,0 +1,11 @@
|
||||
<patchinfo>
|
||||
<packager>eroca</packager>
|
||||
<rating>moderate</rating>
|
||||
<category>recommended</category>
|
||||
<summary>Recommended update for doomsday</summary>
|
||||
<description>This update for doomsday fixes the following issues:
|
||||
|
||||
Introduce doomsday.
|
||||
</description>
|
||||
<package>doomsday</package>
|
||||
</patchinfo>
|
||||
1
perl-Mojolicious-Plugin-OpenAPI
Submodule
1
perl-Mojolicious-Plugin-OpenAPI
Submodule
Submodule perl-Mojolicious-Plugin-OpenAPI added at 7e594b9987
Submodule python-Django updated: 58adc28d1a...53638080fd
Reference in New Issue
Block a user