github.com/QubesOS/qubes-rpm commits | Ecosyste.ms: Open Collective

version 4.14.2.1-5

9b89ed4c5a54100cc0d24eb2c8d80d864f5f291e authored about 4 years ago

Fix recently published RPM vulnerabilities

These are not exploitable because of rpmcanon, but should still be
fixed.

0e646b043b914492dbaa63eeb65e4bca3270f069 authored about 4 years ago

version 4.14.2.1-4

0c970ffb45be3cd20e5ab5ba3e479d96ee39f221 authored over 4 years ago

ci: add simple smoke test

Run `rpm -qpi` and `rpmkeys -Kv` on packages (classes) we need to work.

6696fcd34e420a8d06bf49beb7eb1fb2025442de authored over 4 years ago

More RPM hardening patches

See individual patches for details.

d414cddeb7bee54441ac25264cb20c8bec9715c9 authored over 4 years ago

Fix integer overflows and reduce attack surface

This fixes CVE-2021-20248 and CVE-2021-20249, as well as generally
reducing attack surface. Spe...

943e597aef4f9e15b006e23846c2bdfb25b13c85 authored over 4 years ago

version 4.14.2.1-3

38788e1519c8906165ebef581177d5c8baf0e6a3 authored over 4 years ago

Merge remote-tracking branch 'origin/pr/1' into release4.0

* origin/pr/1:
Verify lengths in hdrblobInit()
Incorporate fix for SigBug and DBCorrupt

3757b3629fbfe25c1c671682ca457e08468f7d18 authored over 4 years ago

Verify lengths in hdrblobInit()

This is upstream commit aa963fa5121dfe270adad92038b064637a2db0b3.

Fixes CVE-2021-20266

7685fc0e3503d8fc8dafc6ce9df1a5a963ecb16c authored over 4 years ago

Incorporate fix for SigBug and DBCorrupt

The former is CVE-2021-20271 and the latter is CVE-2021-3421.

58bed979bc58162f4e3a1c2d39667a2e52dbd2bc authored over 4 years ago

Add gitlab-ci

17b45cdfcbd1da5f5af7b1329553e214326622b5 authored over 4 years ago

Disable libimaevm

8c010d970df8adb0b7bd50d5c767a377c89d0f1b authored over 4 years ago

Add qubes-builder integration

adb3e58a4cee318b6110a9710729f8509ea90a7b authored over 4 years ago

Import unmodified rpm-4.14.2.1-2.fc28.src.rpm

2383c3849d845cb8448aaf4aa331fcd174b72591 authored over 4 years ago

ecosyste.ms