Ike.ninja

– Rebase radare2 to 3.9.0 – Rebase cutter-re to 1.9.0 – fix CVE-2019-14745 in radare2 on F30

Fix KDC crash when logging PKINIT enctypes (CVE-2019-14844) This is a purely denial-of-service issue, though it is unauthenticated, and is unlikely to trigger by accident.

This is a bugfix release where some of the bugs fixed are security bugs. Please update.

Chromium 77.0.3865.90 update. See the official announcement on https://chromereleases.googleblog.com/2019/09/stable-channel-update-for- desktop.html and https://chromereleases.googleblog.com/2019/09/stable-channel- update-for-desktop_18.html

Linux 5.3.4

– Update to 2.16.3 – Side channel attack on deterministic ECDSA (CVE-2019-16910) Release notes: https://tls.mbed.org/tech- updates/releases/mbedtls-2.16.3-and-2.7.12-released Security Advisory: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security- advisory-2019-10

bugfix bump to version 2.4.3

1.6.7 Fix potential crash when reloading config. Client library: * Don’t use / in autogenerated client ids, to avoid confusing with topics. * Fix mosquitto_max_inflight_messages_set() and mosquitto_int_option(…, MOSQ_OPT_*_MAX, …) behaviour. * Fix regression on use of

Security fix for CVE-2019-15026

**GLPI version 9.4.4** This is a **security release**, upgrading is highly recommended Non exhaustive list of changes: * [security] Prevent account takeover vulnerability , * [security] Prevent execution of XSS on rich text, * fix cache key lenght issues, * fix user picture removal at login, * several fixes on recurring tickets, * fix some transfer errors related to

Upstream announcement: Welcome to **phpMyAdmin 4.9.1**, a bugfix release. This is a regularly-schedule bugfix release that also includes some security hardening measures. We wish to point out that this also includes a routine fix for an issue that has been reported as CVE-2019-12922. The fix for this has been in our release queue to be part of this release, however it is the opinion of

Upstream announcement: Welcome to **phpMyAdmin 4.9.1**, a bugfix release. This is a regularly-schedule bugfix release that also includes some security hardening measures. We wish to point out that this also includes a routine fix for an issue that has been reported as CVE-2019-12922. The fix for this has been in our release queue to be part of this release, however it is the opinion of

This update includes the latest release of the Apache HTTP Server, version `2.4.41`, fixing various security issues. Several major enhancements are also included in this update: * `mod_md` is now packaged from upstream *github* releases. * `mod_cgid` stderr handling has been improved See http://www.apache.org/dist/httpd/CHANGES_2.4.41 for a full list of changes since

– double free due to subsequent call of realloc() (CVE-2019-5481) – fix heap buffer overflow in function tftp_receive_packet() (CVE-2019-5482)

– rebase to latest upstream version 9.27 – security fixes added for: – CVE-2019-14811 (bug #1747908) – CVE-2019-14812 (bug #1747907) – CVE-2019-14813 (bug #1747906) – CVE-2019-14817 (bug #1747909)