Wed Apr 6 20:23:46 UTC 2022
a/haveged-1.9.17-x86_64-2.txz: Rebuilt.
Install /etc/rc.d/rc.haveged as non-executable. For existing installations
running a recent kernel, it is safe to turn this off.
Back when we added the haveged package we were using the 4.4 kernel, but
since Linux 5.4 this same entropy generating algorithm has been built into
the kernel, so there's no reason to also run it in userspace. We'll keep
the package around (for now, anyway) in case someone might be running an
old kernel. Thanks to Jason A. Donenfeld.
a/sysvinit-scripts-15.0-noarch-10.txz: Rebuilt.
rc.S, rc.6: use the seedrng utility to seed and initialize the kernel
random number generator and generate a new seed.
If seedrng is missing, we'll attempt to do these things with scripting.
Thanks to Jason A. Donenfeld for hints about how to make a modest
improvement in that regard (blame me for any problems with my own changes),
but because you can't force the kernel RNG to initialize with a script
(it needs an ioctl), you won't get the same guarantees that you do when
using the new seedrng utility.
a/util-linux-2.38-x86_64-2.txz: Rebuilt.
Added seedrng utility, used to seed and initialize the kernel random number
generator and to generate new seeds for carrying entropy across reboots.
Thanks to Jason A. Donenfeld.
n/libmnl-1.0.5-x86_64-1.txz: Upgraded.
n/libnfnetlink-1.0.2-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-91.8.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.8.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2022-15/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289
(* Security fix *)
2022-04-06 22:23:46 +02:00
|
|
|
https://www.netfilter.org/projects/libmnl/files
|