slackware-current

Miroirs/slackware-current

Fork 0

mirror of git://slackware.nl/current.git synced 2024-12-31 10:28:29 +01:00

Commit graph

Author	SHA1	Message	Date
Patrick J Volkerding	837c3ac795	Fri Mar 24 19:42:46 UTC 2023 a/glibc-zoneinfo-2023b-noarch-1.txz: Upgraded. This package provides the latest timezone updates. a/libbytesize-2.8-x86_64-1.txz: Upgraded. a/tar-1.34-x86_64-3.txz: Rebuilt. GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters. Thanks to marav for the heads-up. For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-48303 (* Security fix *) ap/sqlite-3.41.2-x86_64-1.txz: Upgraded. d/mercurial-6.4-x86_64-1.txz: Upgraded. n/openvpn-2.6.2-x86_64-1.txz: Upgraded. x/xorg-server-xwayland-23.1.0-x86_64-1.txz: Upgraded.	2023-03-24 21:33:23 +01:00

Author

SHA1

Message

Date

Patrick J Volkerding

837c3ac795

Fri Mar 24 19:42:46 UTC 2023

a/glibc-zoneinfo-2023b-noarch-1.txz:  Upgraded.
  This package provides the latest timezone updates.
a/libbytesize-2.8-x86_64-1.txz:  Upgraded.
a/tar-1.34-x86_64-3.txz:  Rebuilt.
  GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use
  of uninitialized memory for a conditional jump. Exploitation to change the
  flow of control has not been demonstrated. The issue occurs in from_header
  in list.c via a V7 archive in which mtime has approximately 11 whitespace
  characters.
  Thanks to marav for the heads-up.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-48303
  (* Security fix *)
ap/sqlite-3.41.2-x86_64-1.txz:  Upgraded.
d/mercurial-6.4-x86_64-1.txz:  Upgraded.
n/openvpn-2.6.2-x86_64-1.txz:  Upgraded.
x/xorg-server-xwayland-23.1.0-x86_64-1.txz:  Upgraded.

2023-03-24 21:33:23 +01:00

1 commit