slackware-current

1427 commits 8 branches 2371 tags 482 MiB

Author	SHA1	Message	Date
Patrick J Volkerding	52e9abcddc	Sat Sep 14 18:15:34 UTC 2024 patches/packages/libarchive-3.7.5-x86_64-1_slack15.0.txz: Upgraded. This update fixes the following security issues: fix multiple vulnerabilities identified by SAST (#2251, #2256) cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing (#2258) lzop: prevent integer overflow (#2174) rar4: protect copy_from_lzss_window_to_unp() (#2172, CVE-2024-20696) rar4: fix CVE-2024-26256 (#2269) rar4: fix OOB in delta and audio filter (#2148, #2149) rar4: fix out of boundary access with large files (#2179) rar4: add boundary checks to rgb filter (#2210) rar4: fix OOB access with unicode filenames (#2203) rar5: clear 'data ready' cache on window buffer reallocs (#2265) rpm: calculate huge header sizes correctly (#2158) unzip: unify EOF handling (#2175) util: fix out of boundary access in mktemp functions (#2160) uu: stop processing if lines are too long (#2168) For more information, see: https://www.cve.org/CVERecord?id=CVE-2024-20696 https://www.cve.org/CVERecord?id=CVE-2024-26256 (* Security fix *)	2024-09-15 13:30:43 +02:00
Patrick J Volkerding	1163276b19	Thu Apr 25 17:58:17 UTC 2024 patches/packages/libarchive-3.7.3-x86_64-2_slack15.0.txz: Rebuilt. Patched an out-of-bound error in the rar e8 filter that could allow for the execution of arbitrary code. Thanks to gmgf for the heads-up. For more information, see: https://github.com/advisories/GHSA-2jc9-36w4-pmqw https://www.cve.org/CVERecord?id=CVE-2024-26256 (* Security fix *)	2024-04-26 13:30:48 +02:00

Author

SHA1

Message

Date

Patrick J Volkerding

52e9abcddc

Sat Sep 14 18:15:34 UTC 2024

patches/packages/libarchive-3.7.5-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes the following security issues:
  fix multiple vulnerabilities identified by SAST (#2251, #2256)
  cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing (#2258)
  lzop: prevent integer overflow (#2174)
  rar4: protect copy_from_lzss_window_to_unp() (#2172, CVE-2024-20696)
  rar4: fix CVE-2024-26256 (#2269)
  rar4: fix OOB in delta and audio filter (#2148, #2149)
  rar4: fix out of boundary access with large files (#2179)
  rar4: add boundary checks to rgb filter (#2210)
  rar4: fix OOB access with unicode filenames (#2203)
  rar5: clear 'data ready' cache on window buffer reallocs (#2265)
  rpm: calculate huge header sizes correctly (#2158)
  unzip: unify EOF handling (#2175)
  util: fix out of boundary access in mktemp functions (#2160)
  uu: stop processing if lines are too long (#2168)
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-20696
    https://www.cve.org/CVERecord?id=CVE-2024-26256
  (* Security fix *)

2024-09-15 13:30:43 +02:00

Patrick J Volkerding

1163276b19

Thu Apr 25 17:58:17 UTC 2024

patches/packages/libarchive-3.7.3-x86_64-2_slack15.0.txz:  Rebuilt.
  Patched an out-of-bound error in the rar e8 filter that could allow for
  the execution of arbitrary code.
  Thanks to gmgf for the heads-up.
  For more information, see:
    https://github.com/advisories/GHSA-2jc9-36w4-pmqw
    https://www.cve.org/CVERecord?id=CVE-2024-26256
  (* Security fix *)

2024-04-26 13:30:48 +02:00

Renamed from patches/packages/libarchive-3.7.3-x86_64-1_slack15.0.txt (Browse further)

2 commits