| Date | Platform | Package | Version | Description |
|---|
| 2023-11-29 11:46:15 | x64 | jmail | 239 | smtpd - filter sender address - set category
smtpd - filter dns - dont overwrite category if already set
|
| 2023-11-29 11:40:23 | x64 | clamav | 1.0.4 | CVE-2023-20197 - possible denial of service vulnerability in the HFS+ file parser
CVE-2023-20212 - possible denial of service vulnerability in the AutoIt file parser
Libclamunrar 6.2.10 |
| 2023-11-28 11:38:43 | x64 | wordpress | 6.4.1 | Plugin Jcloud enabled via seperate package |
| 2023-11-27 17:00:00 | x64 | wordpress-plugin-jcloud | 3 | Support for UTM tracking on orders when using WooCommerce |
| 2023-11-23 16:25:42 | x64 | jcomsuite | 11 | Admin telephony - queue edit - added on keypress dropdown voicemail list
Admin telephony - account - device delete fix
App phone - numpad fix
Admin ticket - statistics
Accounting - misc fixes
App newsletter - support for data-sources. Dont create delivery report for larger distributions |
| 2023-11-23 16:13:55 | x64 | jticket | 15 | Statistics added |
| 2023-11-22 10:36:22 | x64 | openssl | 3.1.4 | Low severity fixes
* CVE-2023-5678 - Fix excessive time spent in DH check / generation with large Q parameter value
* CVE-2023-3817 - Fix excessive time spent checking DH q parameter value
* CVE-2023-3446 - Fix DH_check() excessive time with over sized modulus
* Do not ignore empty associated data entries with AES-SIV
* Mitigate for the time it takes for `OBJ_obj2txt` to translate gigantic OBJECT IDENTIFIER sub-identifiers to canonical numeric text form
* CVE-2023-0464 - Limited the number of nodes created in a policy tree |
| 2023-11-21 15:30:00 | x64 | freetds | 1.4 | src/tds/tls.c BIO bugfix for unsupported method error. TLS now works with OpenSSL 3.1 |
| 2023-11-20 15:48:54 | x64 | jwebapp | 131 | Regex - new page for validating regex
Smlquery - more information in json lookup, including local routing
Websuck - logo adjustments
S3_fs and s3_sql - Support for both file based and sql based. Default to file. |
| 2023-11-20 15:30:33 | x64 | j | 234 | distribution 14 - Peppol Line item price allowancecharge. Lookup - support for description |
| 2023-11-16 09:50:09 | x64 | jvoucher | 123 | Remove postcopy code (Energi.ai)
Circumvent mysql bug/feature and use incremental date_created instead of primary key for sorting merged vouchers. |
| 2023-11-07 12:46:10 | x64 | oyacallrouter | 46 | Increase rtp_timeout to 2 hours. Unfortunately some devices dont send rtp data for a longer period during normal operation. |
| 2023-11-06 15:32:25 | x64 | jcomsuite | 10 | Core - Support page hints in skin login templates when no page is set in URI
Skin Oyatel - Set page hint to telephony
Admin Telephony - Show button for device deletion on account edit
Accounting Distribution - Support single- and multiframe documents in order to circumvent pending feature in libavif
Accounting Invoice - Support create invoice from base
App newsletter - image size adjustment. Use longer CID-names for Outlook workaround. New page to display live log of failed recipients
Accounting Tax - Button for downloading Skattemelding from Skatteettaten |
| 2023-11-06 15:05:59 | x64 | jaccounting | 23 | Altinn - Skattemelding fixes |
| 2023-11-06 13:12:12 | x64 | j | 233 | dns - add tc test to host, txt, ns, ns2 and svcb |
| 2023-11-03 15:24:31 | x64 | joyatel | 34 | Customer::ivr_get - don't throw on invalid destination data |
| 2023-11-03 13:18:09 | x64 | jvoucher | 122 | Autoaccounting - dont add post for accountingcosts if 100% are charges |
| 2023-11-01 14:44:36 | x64 | jvoucher | 121 | JDist - Support singlepage image formats depending on endpoint type |
| 2023-11-01 11:35:18 | x64 | libpng | 1.6.40 | Changed the error handler of oversized chunks (i.e. larger than PNG_USER_CHUNK_MALLOC_MAX) from png_chunk_error to png_benign_error
Fixed the eXIf chunk multiplicity checks.
Fixed a memory leak in pCAL processing
Corrected the validity report about tRNS inside png_get_valid()
|
| 2023-10-31 12:28:38 | x64 | samba | 4.19.2 | CVE-2023-3961: Unsanitized pipe names allow SMB clients to connect as root to
existing unix domain sockets on the file system.
https://www.samba.org/samba/security/CVE-2023-3961.html
CVE-2023-4091: SMB client can truncate files to 0 bytes by opening files with
OVERWRITE disposition when using the acl_xattr Samba VFS
module with the smb.conf setting
"acl_xattr:ignore system acls = yes"
https://www.samba.org/samba/security/CVE-2023-4091.html
CVE-2023-4154: An RODC and a user with the GET_CHANGES right can view all
attributes, including secrets and passwords. Additionally,
the access check fails open on error conditions.
https://www.samba.org/samba/security/CVE-2023-4154.html
CVE-2023-42669: Calls to the rpcecho server on the AD DC can request that the
server block for a user-defined amount of time, denying
service.
https://www.samba.org/samba/security/CVE-2023-42669.html
CVE-2023-42670: Samba can be made to start multiple incompatible RPC
listeners, disrupting service on the AD DC.
https://www.samba.org/samba/security/CVE-2023-42670.html
|