Commit graph

1431 commits

Author SHA1 Message Date
Patrick J Volkerding
53f7d421db Mon Sep 23 20:01:35 UTC 2024
patches/packages/libarchive-3.7.6-x86_64-1_slack15.0.txz:  Upgraded.
  This release fixes a tar regression introduced in libarchive 3.7.5.
2024-09-24 13:30:38 +02:00
Patrick J Volkerding
d1483d2e62 Fri Sep 20 19:25:40 UTC 2024
patches/packages/bind-9.18.30-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
2024-09-21 13:30:35 +02:00
Patrick J Volkerding
cf77f89919 Wed Sep 18 21:23:19 UTC 2024
patches/packages/curl-8.10.1-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
2024-09-19 13:30:42 +02:00
Patrick J Volkerding
02beedc910 Mon Sep 16 19:58:49 UTC 2024
patches/packages/netatalk-3.2.9-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
2024-09-17 13:30:44 +02:00
Patrick J Volkerding
52e9abcddc Sat Sep 14 18:15:34 UTC 2024
patches/packages/libarchive-3.7.5-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes the following security issues:
  fix multiple vulnerabilities identified by SAST (#2251, #2256)
  cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing (#2258)
  lzop: prevent integer overflow (#2174)
  rar4: protect copy_from_lzss_window_to_unp() (#2172, CVE-2024-20696)
  rar4: fix CVE-2024-26256 (#2269)
  rar4: fix OOB in delta and audio filter (#2148, #2149)
  rar4: fix out of boundary access with large files (#2179)
  rar4: add boundary checks to rgb filter (#2210)
  rar4: fix OOB access with unicode filenames (#2203)
  rar5: clear 'data ready' cache on window buffer reallocs (#2265)
  rpm: calculate huge header sizes correctly (#2158)
  unzip: unify EOF handling (#2175)
  util: fix out of boundary access in mktemp functions (#2160)
  uu: stop processing if lines are too long (#2168)
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-20696
    https://www.cve.org/CVERecord?id=CVE-2024-26256
  (* Security fix *)
2024-09-15 13:30:43 +02:00
Patrick J Volkerding
ced6fa47ab Fri Sep 13 01:32:33 UTC 2024
patches/packages/libssh2-1.11.0-x86_64-1_slack15.0.txz:  Upgraded.
  This update adds support for rsa-sha2-512 and rsa-sha2-256, which are needed
  to connect to servers that use a recent version of OpenSSH.
  Thanks to Jonathan Woithe.
2024-09-13 13:30:46 +02:00
Patrick J Volkerding
6b496a06b1 Wed Sep 11 17:47:14 UTC 2024
patches/packages/curl-8.10.0-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
2024-09-12 13:30:43 +02:00
Patrick J Volkerding
c438a3c0d9 Mon Sep 9 17:27:00 UTC 2024
patches/packages/netatalk-3.2.8-x86_64-1_slack15.0.txz:  Upgraded.
  Bump bundled WolfSSL library to stable version 5.7.2, GitHub #1433.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-1544
    https://www.cve.org/CVERecord?id=CVE-2024-5288
    https://www.cve.org/CVERecord?id=CVE-2024-5991
    https://www.cve.org/CVERecord?id=CVE-2024-5814
  (* Security fix *)
2024-09-10 13:30:45 +02:00
Patrick J Volkerding
8039a5b124 Mon Sep 9 00:53:17 UTC 2024
patches/packages/python3-3.9.20-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes security issues:
  Bundled libexpat was updated to 2.6.3.
  Fix quadratic complexity in parsing "-quoted cookie values with backslashes
  by http.cookies.
  Fixed various false positives and false negatives in IPv4Address.is_private,
  IPv4Address.is_global, IPv6Address.is_private, IPv6Address.is_global.
  Fix urllib.parse.urlunparse() and urllib.parse.urlunsplit() for URIs with
  path starting with multiple slashes and no authority.
  Remove backtracking from tarfile header parsing for hdrcharset, PAX, and
  GNU sparse headers.
  email.utils.getaddresses() and email.utils.parseaddr() now return ('', '')
  2-tuples in more situations where invalid email addresses are encountered
  instead of potentially inaccurate values. Add optional strict parameter to
  these two functions: use strict=False to get the old behavior, accept
  malformed inputs. getattr(email.utils, 'supports_strict_parsing', False) can
  be used to check if the strict paramater is available.
  Sanitize names in zipfile.Path to avoid infinite loops (gh-122905) without
  breaking contents using legitimate characters.
  Email headers with embedded newlines are now quoted on output. The generator
  will now refuse to serialize (write) headers that are unsafely folded or
  delimited; see verify_generated_headers.
  For more information, see:
    https://pythoninsider.blogspot.com/2024/09/python-3130rc2-3126-31110-31015-3920.html
    https://www.cve.org/CVERecord?id=CVE-2024-28757
    https://www.cve.org/CVERecord?id=CVE-2024-45490
    https://www.cve.org/CVERecord?id=CVE-2024-45491
    https://www.cve.org/CVERecord?id=CVE-2024-45492
    https://www.cve.org/CVERecord?id=CVE-2024-7592
    https://www.cve.org/CVERecord?id=CVE-2024-4032
    https://www.cve.org/CVERecord?id=CVE-2015-2104
    https://www.cve.org/CVERecord?id=CVE-2024-6232
    https://www.cve.org/CVERecord?id=CVE-2023-27043
    https://www.cve.org/CVERecord?id=CVE-2024-8088
    https://www.cve.org/CVERecord?id=CVE-2024-6923
  (* Security fix *)
2024-09-09 13:30:45 +02:00
Patrick J Volkerding
382f07b69c Sat Sep 7 18:16:12 UTC 2024
patches/packages/glibc-zoneinfo-2024b-noarch-1_slack15.0.txz:  Upgraded.
  This package provides the latest timezone updates.
2024-09-08 13:30:53 +02:00
Patrick J Volkerding
a782e78272 Fri Sep 6 19:22:57 UTC 2024
testing/packages/rust-1.81.0-x86_64-1_slack15.0.txz:  Upgraded.
2024-09-07 13:30:46 +02:00
Patrick J Volkerding
b684b4dc4a Thu Sep 5 22:14:23 UTC 2024
patches/packages/mozilla-thunderbird-115.15.0-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/115.15.0esr/releasenotes/
  (* Security fix *)
2024-09-06 13:30:49 +02:00
Patrick J Volkerding
91fbde5fb9 Wed Sep 4 23:37:27 UTC 2024
patches/packages/expat-2.6.3-x86_64-1_slack15.0.txz:  Upgraded.
  This update addresses security issues with impact ranging from denial of
  service to potentially artitrary code execution.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-45490
    https://www.cve.org/CVERecord?id=CVE-2024-45491
    https://www.cve.org/CVERecord?id=CVE-2024-45492
  (* Security fix *)
2024-09-05 13:30:37 +02:00
Patrick J Volkerding
3637e85ebe Tue Sep 3 21:07:09 UTC 2024
patches/packages/mozilla-firefox-115.15.0esr-x86_64-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/115.15.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2024-41/
    https://www.cve.org/CVERecord?id=CVE-2024-8381
    https://www.cve.org/CVERecord?id=CVE-2024-8382
    https://www.cve.org/CVERecord?id=CVE-2024-8383
    https://www.cve.org/CVERecord?id=CVE-2024-8384
  (* Security fix *)
patches/packages/seamonkey-2.53.19-x86_64-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.seamonkey-project.org/releases/seamonkey2.53.19
  (* Security fix *)
2024-09-04 13:39:55 +02:00
Patrick J Volkerding
a55d5c5151 Sat Aug 31 18:26:20 UTC 2024
patches/packages/libpcap-1.10.5-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes security issues:
  Clean up sock_initaddress() and its callers to avoid double frees
  in some cases.
  Fix pcap_findalldevs_ex() not to crash if passed a file:// URL with a
  path to a directory that cannot be opened.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-7256
    https://www.cve.org/CVERecord?id=CVE-2024-8006
  (* Security fix *)
2024-09-01 13:31:05 +02:00
Patrick J Volkerding
b13ab22fec Fri Aug 30 17:52:19 UTC 2024
patches/packages/ca-certificates-20240830-noarch-1_slack15.0.txz:  Upgraded.
  This update provides the latest CA certificates to check for the
  authenticity of SSL connections.
2024-08-31 13:30:59 +02:00
Patrick J Volkerding
e472158ace Tue Aug 27 19:24:48 UTC 2024
patches/packages/kcron-21.12.3-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes a security issue:
  kcron: Invalid temporary file handling.
  Thanks to pbslxw for the heads-up.
  For more information, see:
    https://kde.org/info/security/advisory-20220216-1.txt
    https://www.cve.org/CVERecord?id=CVE-2022-24986
  (* Security fix *)
patches/packages/plasma-workspace-5.23.5-x86_64-4_slack15.0.txz:  Rebuilt.
  This update patches a security issue:
  ksmserver: Unauthorized users can access session manager.
  Thanks to pbslxw for the heads-up.
  For more information, see:
    https://kde.org/info/security/advisory-20240531-1.txt
    https://www.cve.org/CVERecord?id=CVE-2024-36041
  (* Security fix *)
2024-08-28 13:30:50 +02:00
Patrick J Volkerding
1246cf6d34 Thu Aug 22 19:10:18 UTC 2024
patches/packages/bind-9.18.29-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
patches/packages/ffmpeg-4.4.5-x86_64-1_slack15.0.txz:  Upgraded.
  This update addresses several vulnerabilities in FFmpeg which could result
  in denial of service, or potentially the execution of arbitrary code if
  malformed files/streams are processed.
  Thanks to pbslxw for the heads-up.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-1475
    https://www.cve.org/CVERecord?id=CVE-2022-48434
    https://www.cve.org/CVERecord?id=CVE-2022-3109
    https://www.cve.org/CVERecord?id=CVE-2022-3341
    https://www.cve.org/CVERecord?id=CVE-2022-3964
    https://www.cve.org/CVERecord?id=CVE-2024-7055
    https://www.cve.org/CVERecord?id=CVE-2023-47342
  (* Security fix *)
2024-08-23 13:31:07 +02:00
Patrick J Volkerding
20718db5e4 Thu Aug 15 20:07:37 UTC 2024
patches/packages/libX11-1.8.10-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bug fix release, correcting an empty XKeysymDB file.
  Thanks to Jonathan Woithe for the bug report.
2024-08-16 13:31:00 +02:00
Patrick J Volkerding
5edf138e9c Wed Aug 14 19:36:01 UTC 2024
patches/packages/dovecot-2.3.21.1-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes security issues:
  A large number of address headers in email resulted in excessive CPU usage.
  Abnormally large email headers are now truncated or discarded, with a limit
  of 10MB on a single header and 50MB for all the headers of all the parts of
  an email.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-23184
    https://www.cve.org/CVERecord?id=CVE-2024-23185
  (* Security fix *)
2024-08-15 13:30:54 +02:00
Patrick J Volkerding
690d923d27 Sun Aug 11 19:00:08 UTC 2024
These are needed to build Chromium. Thanks to alienBOB.
We'll probably move them to /extra once the Mozilla stuff needs it.
Please note that if upgrading to the new llvm, you'll need the llvm13-compat
package from /extra.
testing/packages/llvm-18.1.8-x86_64-1_slack15.0.txz:  Added.
testing/packages/rust-1.80.1-x86_64-1_slack15.0.txz:  Added.
testing/packages/rust-bindgen-0.69.4-x86_64-1_slack15.0.txz:  Added.
2024-08-12 13:30:50 +02:00
Patrick J Volkerding
a2bba28e56 Fri Aug 9 21:22:03 UTC 2024
patches/packages/mariadb-10.5.26-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://mariadb.com/kb/en/mariadb-10-5-26-release-notes/
2024-08-10 13:30:53 +02:00
Patrick J Volkerding
d6bbed4a7d Wed Aug 7 04:03:09 UTC 2024
patches/packages/curl-8.9.1-x86_64-2_slack15.0.txz:  Rebuilt.
  This is a bugfix release.
  [PATCH] sigpipe: init the struct so that first apply ignores.
  Thanks to ponce.
patches/packages/mozilla-firefox-115.14.0esr-x86_64-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/115.14.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2024-34/
    https://www.cve.org/CVERecord?id=CVE-2024-7519
    https://www.cve.org/CVERecord?id=CVE-2024-7521
    https://www.cve.org/CVERecord?id=CVE-2024-7522
    https://www.cve.org/CVERecord?id=CVE-2024-7524
    https://www.cve.org/CVERecord?id=CVE-2024-7525
    https://www.cve.org/CVERecord?id=CVE-2024-7526
    https://www.cve.org/CVERecord?id=CVE-2024-7527
    https://www.cve.org/CVERecord?id=CVE-2024-7529
    https://www.cve.org/CVERecord?id=CVE-2024-7531
  (* Security fix *)
patches/packages/mozilla-thunderbird-115.14.0-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/115.14.0esr/releasenotes/
2024-08-08 13:30:52 +02:00
Patrick J Volkerding
56b509117f Mon Aug 5 21:58:24 UTC 2024
patches/packages/ksh93-1.0.10-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
2024-08-06 13:30:53 +02:00
Patrick J Volkerding
c6614b91d7 Wed Jul 31 18:35:06 UTC 2024
patches/packages/curl-8.9.1-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes a security issue:
  ASN.1 date parser overread.
  For more information, see:
    https://curl.se/docs/CVE-2024-7264.html
    https://www.cve.org/CVERecord?id=CVE-2024-7264
  (* Security fix *)
2024-08-01 13:30:48 +02:00
Patrick J Volkerding
a44e6a9f0b Thu Jul 25 02:39:18 UTC 2024
patches/packages/curl-8.9.0-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
patches/packages/htdig-3.2.0b6-x86_64-10_slack15.0.txz:  Rebuilt.
  Patch XSS vulnerability. Thanks to jayjwa.
  Get this out of cgi-bin. Thanks to LuckyCyborg.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2007-6110
  (* Security fix *)
patches/packages/libxml2-2.11.9-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes a security issue:
  Fix XXE protection in downstream code.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-40896
  (* Security fix *)
2024-07-26 13:30:58 +02:00
Patrick J Volkerding
75a92ded1e Tue Jul 23 18:54:25 UTC 2024
patches/packages/bind-9.18.28-x86_64-1_slack15.0.txz:  Upgraded.
  Please note that we have moved to the 9.18 branch, as 9.16 is EOL.
  This update fixes security issues:
  Remove SIG(0) support from named as a countermeasure for CVE-2024-1975.
  qctx-zversion was not being cleared when it should have been leading to
  an assertion failure if it needed to be reused.
  An excessively large number of rrtypes per owner can slow down database query
  processing, so a limit has been placed on the number of rrtypes that can be
  stored per owner (node) in a cache or zone database. This is configured with
  the new "max-rrtypes-per-name" option, and defaults to 100.
  Excessively large rdatasets can slow down database query processing, so a
  limit has been placed on the number of records that can be stored per
  rdataset in a cache or zone database. This is configured with the new
  "max-records-per-type" option, and defaults to 100.
  Malicious DNS client that sends many queries over TCP but never reads
  responses can cause server to respond slowly or not respond at all for other
  clients.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-1975
    https://www.cve.org/CVERecord?id=CVE-2024-4076
    https://www.cve.org/CVERecord?id=CVE-2024-1737
    https://www.cve.org/CVERecord?id=CVE-2024-0760
  (* Security fix *)
patches/packages/aaa_glibc-solibs-2.33-x86_64-7_slack15.0.txz:  Rebuilt.
patches/packages/glibc-2.33-x86_64-7_slack15.0.txz:  Rebuilt.
  This update fixes security issues:
  nscd: Stack-based buffer overflow in netgroup cache.
  nscd: Null pointer crash after notfound response.
  nscd: netgroup cache may terminate daemon on memory allocation failure.
  nscd: netgroup cache assumes NSS callback uses in-buffer strings.
  These vulnerabilities were only present in the nscd binary.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-33599
    https://www.cve.org/CVERecord?id=CVE-2024-33600
    https://www.cve.org/CVERecord?id=CVE-2024-33601
    https://www.cve.org/CVERecord?id=CVE-2024-33602
  (* Security fix *)
patches/packages/glibc-i18n-2.33-x86_64-7_slack15.0.txz:  Rebuilt.
patches/packages/glibc-profile-2.33-x86_64-7_slack15.0.txz:  Rebuilt.
patches/packages/mozilla-thunderbird-115.13.0-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/115.13.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2024-31/
    https://www.cve.org/CVERecord?id=CVE-2024-6600
    https://www.cve.org/CVERecord?id=CVE-2024-6601
    https://www.cve.org/CVERecord?id=CVE-2024-6602
    https://www.cve.org/CVERecord?id=CVE-2024-6603
    https://www.cve.org/CVERecord?id=CVE-2024-6604
  (* Security fix *)
2024-07-24 13:31:01 +02:00
Patrick J Volkerding
39cc109e67 Thu Jul 18 20:01:18 UTC 2024
patches/packages/httpd-2.4.62-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  The first CVE is for Windows, but the second one is an additional fix for
  the source code disclosure regression when using AddType.
  Users are recommended to upgrade to version 2.4.62 which fixes this issue.
  For more information, see:
    https://downloads.apache.org/httpd/CHANGES_2.4.62
    https://www.cve.org/CVERecord?id=CVE-2024-40898
    https://www.cve.org/CVERecord?id=CVE-2024-40725
  (* Security fix *)
2024-07-19 13:31:06 +02:00
Patrick J Volkerding
0e307de269 Wed Jul 17 19:29:24 UTC 2024
patches/packages/openssl-1.1.1za-x86_64-1_slack15.0.txz:  Upgraded.
  Apply patches to fix CVEs that were fixed by the 1.1.1{x,y,za} releases that
  were only available to subscribers to OpenSSL's premium extended support.
  These patches were prepared by backporting commits from the OpenSSL-3.0 repo.
  The reported version number has been updated so that vulnerability scanners
  calm down. All of these issues were considered to be of low severity.
  Thanks to Ken Zalewski for the patches!
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-5678
    https://www.cve.org/CVERecord?id=CVE-2024-0727
    https://www.cve.org/CVERecord?id=CVE-2024-2511
    https://www.cve.org/CVERecord?id=CVE-2024-4741
    https://www.cve.org/CVERecord?id=CVE-2024-5535
  (* Security fix *)
patches/packages/openssl-solibs-1.1.1za-x86_64-1_slack15.0.txz:  Upgraded.
2024-07-18 13:31:00 +02:00
Patrick J Volkerding
b4086e535f Sun Jul 14 18:22:30 UTC 2024
patches/packages/netatalk-3.2.3-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
2024-07-15 13:30:51 +02:00
Patrick J Volkerding
0656746e99 Sat Jul 13 20:26:06 UTC 2024
patches/packages/mozilla-thunderbird-115.12.2-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/115.12.2/releasenotes/
2024-07-14 13:30:55 +02:00
Patrick J Volkerding
93bc5ad87d Wed Jul 10 21:02:41 UTC 2024
patches/packages/xorg-server-1.20.14-x86_64-13_slack15.0.txz:  Rebuilt.
  This is a bugfix update to fix X server crashes:
  [PATCH] render: Avoid possible double-free in ProcRenderAddGlyphs()
  Thanks to typbigoh and Petri Kaukasoina.
patches/packages/xorg-server-xephyr-1.20.14-x86_64-13_slack15.0.txz:  Rebuilt.
patches/packages/xorg-server-xnest-1.20.14-x86_64-13_slack15.0.txz:  Rebuilt.
patches/packages/xorg-server-xvfb-1.20.14-x86_64-13_slack15.0.txz:  Rebuilt.
2024-07-11 13:30:37 +02:00
Patrick J Volkerding
343c8c7b5e Mon Jul 8 18:00:35 UTC 2024
patches/packages/netatalk-3.2.2-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
patches/packages/openssh-9.8p1-x86_64-3_slack15.0.txz:  Rebuilt.
  As upstream refactors this into smaller binaries, we could easily run into
  another update that causes an sshd lockout if the listener process isn't
  restarted. So, let's try to prevent that. After the package is upgraded,
  we'll use "sshd -t" to make sure that we have a sane configuration, and if
  so then we'll restart the listener process automatically.
  If you don't like this idea, you may turn it off in /etc/default/sshd.
2024-07-09 13:30:39 +02:00
Patrick J Volkerding
7b9fb4996b Wed Jul 3 22:27:28 UTC 2024
patches/packages/openssh-9.8p1-x86_64-2_slack15.0.txz:  Rebuilt.
  rc.sshd: also shut down sshd-session processes with "stop" function.
  This shuts down connections cleanly instead of them having to time out.
  Thanks to Petri Kaukasoina.
2024-07-04 13:30:57 +02:00
Patrick J Volkerding
b9a3a17045 Tue Jul 2 19:31:00 UTC 2024
patches/packages/httpd-2.4.60-x86_64-2_slack15.0.txz:  Rebuilt.
  This update is to fix a regression and to note security issues that were not
  listed in the CHANGES file included with the source code.
  Fixed a regression where a config file using AddType rather than AddHandler
  could cause raw PHP files to be downloaded rather than processed.
  Thanks to Nobby6.
  For more information, see:
    https://downloads.apache.org/httpd/CHANGES_2.4.60
    https://www.cve.org/CVERecord?id=CVE-2024-39573
    https://www.cve.org/CVERecord?id=CVE-2024-38477
    https://www.cve.org/CVERecord?id=CVE-2024-38476
    https://www.cve.org/CVERecord?id=CVE-2024-38475
    https://www.cve.org/CVERecord?id=CVE-2024-38474
    https://www.cve.org/CVERecord?id=CVE-2024-38473
    https://www.cve.org/CVERecord?id=CVE-2024-38472
    https://www.cve.org/CVERecord?id=CVE-2024-36387
  (* Security fix *)
patches/packages/ksh93-1.0.9-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
2024-07-03 13:30:51 +02:00
Patrick J Volkerding
6c760751d7 Mon Jul 1 20:12:46 UTC 2024
patches/packages/httpd-2.4.60-x86_64-1_slack15.0.txz:  Upgraded.
  This is the latest release from the Apache HTTP Server 2.4.x stable branch.
patches/packages/openssh-9.8p1-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes a security issue:
  Fix race condition resulting in potential remote code execution.
  For more information, see:
    https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt
    https://www.cve.org/CVERecord?id=CVE-2024-6387
  (* Security fix *)
2024-07-02 13:30:50 +02:00
Patrick J Volkerding
2ad12f43bc Wed Jun 26 20:06:09 UTC 2024
patches/packages/bluez-5.71-x86_64-3_slack15.0.txz:  Rebuilt.
  Fix a regression in bluez-5.71:
  [PATCH] audio: transport: Fix crash on A2DP suspend.
  Thanks to coltfire.
patches/packages/xcb-util-cursor-0.1.5-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  Thanks to Lockywolf.
2024-06-27 13:30:48 +02:00
Patrick J Volkerding
46995c4798 Sat Jun 22 20:05:28 UTC 2024
patches/packages/emacs-29.4-x86_64-1_slack15.0.txz:  Upgraded.
  Emacs 29.4 is an emergency bugfix release intended to fix a
  security vulnerability:
  Arbitrary shell commands are no longer run when turning on Org mode.
  This is for security reasons, to avoid running malicious commands.
  (* Security fix *)
2024-06-23 13:30:49 +02:00
Patrick J Volkerding
c60f8dd577 Tue Jun 18 21:05:48 UTC 2024
patches/packages/cups-2.4.10-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
2024-06-19 13:30:49 +02:00
Patrick J Volkerding
8b116857fe Sun Jun 16 21:32:49 UTC 2024
patches/packages/linux-5.15.161/*:  Upgraded.
  These updates fix regressions with the 5.15.160 packages.
  Hopefully we do not get any new ones. :-)
  Be sure to upgrade your initrd after upgrading the kernel packages.
  If you use lilo to boot your machine, be sure lilo.conf points to the correct
  kernel and initrd and run lilo as root to update the bootloader.
  If you use elilo to boot your machine, you should run eliloconfig to copy the
  kernel and initrd to the EFI System Partition.
2024-06-17 13:30:48 +02:00
Patrick J Volkerding
249e0a3900 Sat Jun 15 20:51:59 UTC 2024
patches/packages/ca-certificates-20240615-noarch-1_slack15.0.txz:  Upgraded.
  This update provides the latest CA certificates to check for the
  authenticity of SSL connections.
2024-06-16 13:30:48 +02:00
Patrick J Volkerding
0cec0ecfa1 Wed Jun 12 21:12:05 UTC 2024
patches/packages/mozilla-thunderbird-115.11.1-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/115.11.1/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2024-23/
    https://www.cve.org/CVERecord?id=CVE-2024-4367
    https://www.cve.org/CVERecord?id=CVE-2024-4767
    https://www.cve.org/CVERecord?id=CVE-2024-4768
    https://www.cve.org/CVERecord?id=CVE-2024-4769
    https://www.cve.org/CVERecord?id=CVE-2024-4770
    https://www.cve.org/CVERecord?id=CVE-2024-4777
  (* Security fix *)
2024-06-13 13:30:30 +02:00
Patrick J Volkerding
cfdd416e37 Tue Jun 11 21:09:01 UTC 2024
patches/packages/cups-2.4.9-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and a security issue:
  When starting the cupsd server with a Listen configuration item pointing
  to a symbolic link, the cupsd process can be caused to perform an arbitrary
  chmod of the provided argument, providing world-writable access to the
  target.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-35235
  (* Security fix *)
patches/packages/mozilla-firefox-115.12.0esr-x86_64-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/115.12.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2024-26/
    https://www.cve.org/CVERecord?id=CVE-2024-5702
    https://www.cve.org/CVERecord?id=CVE-2024-5688
    https://www.cve.org/CVERecord?id=CVE-2024-5690
    https://www.cve.org/CVERecord?id=CVE-2024-5691
    https://www.cve.org/CVERecord?id=CVE-2024-5692
    https://www.cve.org/CVERecord?id=CVE-2024-5693
    https://www.cve.org/CVERecord?id=CVE-2024-5696
    https://www.cve.org/CVERecord?id=CVE-2024-5700
  (* Security fix *)
2024-06-12 13:30:32 +02:00
Patrick J Volkerding
61eadccb16 Sat Jun 8 19:42:03 UTC 2024
patches/packages/kernel-firmware-20240606_90df68d-noarch-1.txz:  Upgraded.
  Updated to the latest kernel firmware.
patches/packages/linux-5.15.160/*:  Upgraded.
  These updates fix a regression with the first 5.15.160 packages:
  Subject: [PATCH] Revert "drm/amdgpu: init iommu after amdkfd device init"
  This reverts commit 56b522f4668167096a50c39446d6263c96219f5f.
  A user reported that this commit breaks the integrated gpu of his
  notebook, causing a black screen. He was able to bisect the problematic
  commit and verified that by reverting it the notebook works again.
  He also confirmed that kernel 6.8.1 also works on his device, so the
  upstream commit itself seems to be ok.
  An amdgpu developer (Alex Deucher) confirmed that this patch should
  have never been ported to 5.15 in the first place, so revert this
  commit from the 5.15 stable series.
  Thanks to fsLeg.
  Be sure to upgrade your initrd after upgrading the kernel packages.
  If you use lilo to boot your machine, be sure lilo.conf points to the correct
  kernel and initrd and run lilo as root to update the bootloader.
  If you use elilo to boot your machine, you should run eliloconfig to copy the
  kernel and initrd to the EFI System Partition.
2024-06-09 13:30:34 +02:00
Patrick J Volkerding
dfa4788e03 Thu Jun 6 19:44:49 UTC 2024
extra/php81/php81-8.1.29-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and security issues:
  Bypass of CVE-2012-1823, Argument Injection in PHP-CGI.
  Filter bypass in filter_var FILTER_VALIDATE_URL.
  Bypass of CVE-2024-1874.
  For more information, see:
    https://www.php.net/ChangeLog-8.php#8.1.29
    https://www.cve.org/CVERecord?id=CVE-2024-4577
    https://www.cve.org/CVERecord?id=CVE-2024-5458
    https://www.cve.org/CVERecord?id=CVE-2024-5585
  (* Security fix *)
2024-06-07 13:30:44 +02:00
Patrick J Volkerding
e53c2323e1 Wed Jun 5 19:06:36 UTC 2024
patches/packages/ca-certificates-20240604-noarch-1_slack15.0.txz:  Upgraded.
  This update provides the latest CA certificates to check for the
  authenticity of SSL connections.
patches/packages/kernel-firmware-20240604_22643bb-noarch-1.txz:  Upgraded.
  Updated to the latest kernel firmware.
patches/packages/linux-5.15.160/*:  Upgraded.
  These updates fix various bugs and security issues.
  Be sure to upgrade your initrd after upgrading the kernel packages.
  If you use lilo to boot your machine, be sure lilo.conf points to the correct
  kernel and initrd and run lilo as root to update the bootloader.
  If you use elilo to boot your machine, you should run eliloconfig to copy the
  kernel and initrd to the EFI System Partition.
  For more information, see:
    Fixed in 5.15.147:
    https://www.cve.org/CVERecord?id=CVE-2023-52340
    https://www.cve.org/CVERecord?id=CVE-2023-6040
    https://www.cve.org/CVERecord?id=CVE-2024-0646
    Fixed in 5.15.148:
    https://www.cve.org/CVERecord?id=CVE-2023-46838
    https://www.cve.org/CVERecord?id=CVE-2023-52436
    https://www.cve.org/CVERecord?id=CVE-2023-52438
    https://www.cve.org/CVERecord?id=CVE-2023-52439
    https://www.cve.org/CVERecord?id=CVE-2023-52443
    https://www.cve.org/CVERecord?id=CVE-2023-52444
    https://www.cve.org/CVERecord?id=CVE-2023-52445
    https://www.cve.org/CVERecord?id=CVE-2023-52448
    https://www.cve.org/CVERecord?id=CVE-2023-52449
    https://www.cve.org/CVERecord?id=CVE-2023-52451
    https://www.cve.org/CVERecord?id=CVE-2023-52454
    https://www.cve.org/CVERecord?id=CVE-2023-52456
    https://www.cve.org/CVERecord?id=CVE-2023-52458
    https://www.cve.org/CVERecord?id=CVE-2023-52463
    https://www.cve.org/CVERecord?id=CVE-2023-52464
    https://www.cve.org/CVERecord?id=CVE-2023-52467
    https://www.cve.org/CVERecord?id=CVE-2023-52469
    https://www.cve.org/CVERecord?id=CVE-2023-52470
    https://www.cve.org/CVERecord?id=CVE-2023-52609
    https://www.cve.org/CVERecord?id=CVE-2023-52610
    https://www.cve.org/CVERecord?id=CVE-2023-52612
    https://www.cve.org/CVERecord?id=CVE-2023-6356
    https://www.cve.org/CVERecord?id=CVE-2023-6536
    https://www.cve.org/CVERecord?id=CVE-2023-6915
    https://www.cve.org/CVERecord?id=CVE-2024-1085
    https://www.cve.org/CVERecord?id=CVE-2024-24860
    https://www.cve.org/CVERecord?id=CVE-2024-26586
    https://www.cve.org/CVERecord?id=CVE-2024-26589
    https://www.cve.org/CVERecord?id=CVE-2024-26591
    https://www.cve.org/CVERecord?id=CVE-2024-26597
    https://www.cve.org/CVERecord?id=CVE-2024-26598
    https://www.cve.org/CVERecord?id=CVE-2024-26631
    https://www.cve.org/CVERecord?id=CVE-2024-26633
    Fixed in 5.15.149:
    https://www.cve.org/CVERecord?id=CVE-2023-52429
    https://www.cve.org/CVERecord?id=CVE-2023-52435
    https://www.cve.org/CVERecord?id=CVE-2023-52486
    https://www.cve.org/CVERecord?id=CVE-2023-52489
    https://www.cve.org/CVERecord?id=CVE-2023-52491
    https://www.cve.org/CVERecord?id=CVE-2023-52492
    https://www.cve.org/CVERecord?id=CVE-2023-52493
    https://www.cve.org/CVERecord?id=CVE-2023-52494
    https://www.cve.org/CVERecord?id=CVE-2023-52498
    https://www.cve.org/CVERecord?id=CVE-2023-52583
    https://www.cve.org/CVERecord?id=CVE-2023-52587
    https://www.cve.org/CVERecord?id=CVE-2023-52588
    https://www.cve.org/CVERecord?id=CVE-2023-52594
    https://www.cve.org/CVERecord?id=CVE-2023-52595
    https://www.cve.org/CVERecord?id=CVE-2023-52597
    https://www.cve.org/CVERecord?id=CVE-2023-52598
    https://www.cve.org/CVERecord?id=CVE-2023-52599
    https://www.cve.org/CVERecord?id=CVE-2023-52600
    https://www.cve.org/CVERecord?id=CVE-2023-52601
    https://www.cve.org/CVERecord?id=CVE-2023-52602
    https://www.cve.org/CVERecord?id=CVE-2023-52603
    https://www.cve.org/CVERecord?id=CVE-2023-52604
    https://www.cve.org/CVERecord?id=CVE-2023-52606
    https://www.cve.org/CVERecord?id=CVE-2023-52607
    https://www.cve.org/CVERecord?id=CVE-2023-52608
    https://www.cve.org/CVERecord?id=CVE-2023-52614
    https://www.cve.org/CVERecord?id=CVE-2023-52615
    https://www.cve.org/CVERecord?id=CVE-2023-52616
    https://www.cve.org/CVERecord?id=CVE-2023-52617
    https://www.cve.org/CVERecord?id=CVE-2023-52618
    https://www.cve.org/CVERecord?id=CVE-2023-52619
    https://www.cve.org/CVERecord?id=CVE-2023-52622
    https://www.cve.org/CVERecord?id=CVE-2023-52623
    https://www.cve.org/CVERecord?id=CVE-2023-52627
    https://www.cve.org/CVERecord?id=CVE-2023-52630
    https://www.cve.org/CVERecord?id=CVE-2023-52631
    https://www.cve.org/CVERecord?id=CVE-2023-52633
    https://www.cve.org/CVERecord?id=CVE-2023-52635
    https://www.cve.org/CVERecord?id=CVE-2023-52637
    https://www.cve.org/CVERecord?id=CVE-2023-52638
    https://www.cve.org/CVERecord?id=CVE-2024-0340
    https://www.cve.org/CVERecord?id=CVE-2024-1086
    https://www.cve.org/CVERecord?id=CVE-2024-1151
    https://www.cve.org/CVERecord?id=CVE-2024-23849
    https://www.cve.org/CVERecord?id=CVE-2024-23850
    https://www.cve.org/CVERecord?id=CVE-2024-23851
    https://www.cve.org/CVERecord?id=CVE-2024-26592
    https://www.cve.org/CVERecord?id=CVE-2024-26593
    https://www.cve.org/CVERecord?id=CVE-2024-26594
    https://www.cve.org/CVERecord?id=CVE-2024-26600
    https://www.cve.org/CVERecord?id=CVE-2024-26602
    https://www.cve.org/CVERecord?id=CVE-2024-26606
    https://www.cve.org/CVERecord?id=CVE-2024-26608
    https://www.cve.org/CVERecord?id=CVE-2024-26610
    https://www.cve.org/CVERecord?id=CVE-2024-26614
    https://www.cve.org/CVERecord?id=CVE-2024-26615
    https://www.cve.org/CVERecord?id=CVE-2024-26625
    https://www.cve.org/CVERecord?id=CVE-2024-26627
    https://www.cve.org/CVERecord?id=CVE-2024-26635
    https://www.cve.org/CVERecord?id=CVE-2024-26636
    https://www.cve.org/CVERecord?id=CVE-2024-26640
    https://www.cve.org/CVERecord?id=CVE-2024-26641
    https://www.cve.org/CVERecord?id=CVE-2024-26644
    https://www.cve.org/CVERecord?id=CVE-2024-26645
    https://www.cve.org/CVERecord?id=CVE-2024-26660
    https://www.cve.org/CVERecord?id=CVE-2024-26663
    https://www.cve.org/CVERecord?id=CVE-2024-26664
    https://www.cve.org/CVERecord?id=CVE-2024-26665
    https://www.cve.org/CVERecord?id=CVE-2024-26668
    https://www.cve.org/CVERecord?id=CVE-2024-26671
    https://www.cve.org/CVERecord?id=CVE-2024-26673
    https://www.cve.org/CVERecord?id=CVE-2024-26675
    https://www.cve.org/CVERecord?id=CVE-2024-26676
    https://www.cve.org/CVERecord?id=CVE-2024-26679
    https://www.cve.org/CVERecord?id=CVE-2024-26684
    https://www.cve.org/CVERecord?id=CVE-2024-26685
    https://www.cve.org/CVERecord?id=CVE-2024-26689
    https://www.cve.org/CVERecord?id=CVE-2024-26696
    https://www.cve.org/CVERecord?id=CVE-2024-26697
    https://www.cve.org/CVERecord?id=CVE-2024-26698
    https://www.cve.org/CVERecord?id=CVE-2024-26702
    https://www.cve.org/CVERecord?id=CVE-2024-26704
    https://www.cve.org/CVERecord?id=CVE-2024-26707
    https://www.cve.org/CVERecord?id=CVE-2024-26712
    https://www.cve.org/CVERecord?id=CVE-2024-26715
    https://www.cve.org/CVERecord?id=CVE-2024-26717
    https://www.cve.org/CVERecord?id=CVE-2024-26720
    https://www.cve.org/CVERecord?id=CVE-2024-26727
    https://www.cve.org/CVERecord?id=CVE-2024-26808
    Fixed in 5.15.150:
    https://www.cve.org/CVERecord?id=CVE-2023-52434
    https://www.cve.org/CVERecord?id=CVE-2023-52497
    https://www.cve.org/CVERecord?id=CVE-2023-52640
    https://www.cve.org/CVERecord?id=CVE-2023-52641
    https://www.cve.org/CVERecord?id=CVE-2024-0565
    https://www.cve.org/CVERecord?id=CVE-2024-26601
    https://www.cve.org/CVERecord?id=CVE-2024-26603
    https://www.cve.org/CVERecord?id=CVE-2024-26733
    https://www.cve.org/CVERecord?id=CVE-2024-26735
    https://www.cve.org/CVERecord?id=CVE-2024-26736
    https://www.cve.org/CVERecord?id=CVE-2024-26737
    https://www.cve.org/CVERecord?id=CVE-2024-26743
    https://www.cve.org/CVERecord?id=CVE-2024-26744
    https://www.cve.org/CVERecord?id=CVE-2024-26747
    https://www.cve.org/CVERecord?id=CVE-2024-26748
    https://www.cve.org/CVERecord?id=CVE-2024-26749
    https://www.cve.org/CVERecord?id=CVE-2024-26751
    https://www.cve.org/CVERecord?id=CVE-2024-26752
    https://www.cve.org/CVERecord?id=CVE-2024-26754
    https://www.cve.org/CVERecord?id=CVE-2024-26763
    https://www.cve.org/CVERecord?id=CVE-2024-26764
    https://www.cve.org/CVERecord?id=CVE-2024-26766
    https://www.cve.org/CVERecord?id=CVE-2024-26769
    https://www.cve.org/CVERecord?id=CVE-2024-26771
    https://www.cve.org/CVERecord?id=CVE-2024-26772
    https://www.cve.org/CVERecord?id=CVE-2024-26773
    https://www.cve.org/CVERecord?id=CVE-2024-26774
    https://www.cve.org/CVERecord?id=CVE-2024-26776
    https://www.cve.org/CVERecord?id=CVE-2024-26777
    https://www.cve.org/CVERecord?id=CVE-2024-26778
    https://www.cve.org/CVERecord?id=CVE-2024-26779
    Fixed in 5.15.151:
    https://www.cve.org/CVERecord?id=CVE-2023-52620
    https://www.cve.org/CVERecord?id=CVE-2024-0841
    https://www.cve.org/CVERecord?id=CVE-2024-26622
    https://www.cve.org/CVERecord?id=CVE-2024-26688
    https://www.cve.org/CVERecord?id=CVE-2024-26782
    https://www.cve.org/CVERecord?id=CVE-2024-26788
    https://www.cve.org/CVERecord?id=CVE-2024-26790
    https://www.cve.org/CVERecord?id=CVE-2024-26791
    https://www.cve.org/CVERecord?id=CVE-2024-26793
    https://www.cve.org/CVERecord?id=CVE-2024-26795
    https://www.cve.org/CVERecord?id=CVE-2024-26798
    https://www.cve.org/CVERecord?id=CVE-2024-26801
    https://www.cve.org/CVERecord?id=CVE-2024-26802
    https://www.cve.org/CVERecord?id=CVE-2024-26803
    https://www.cve.org/CVERecord?id=CVE-2024-26804
    https://www.cve.org/CVERecord?id=CVE-2024-26805
    Fixed in 5.15.152:
    https://www.cve.org/CVERecord?id=CVE-2024-26659
    https://www.cve.org/CVERecord?id=CVE-2024-26787
    Fixed in 5.15.153:
    https://www.cve.org/CVERecord?id=CVE-2023-52447
    https://www.cve.org/CVERecord?id=CVE-2023-6270
    https://www.cve.org/CVERecord?id=CVE-2023-7042
    https://www.cve.org/CVERecord?id=CVE-2024-22099
    https://www.cve.org/CVERecord?id=CVE-2024-26651
    https://www.cve.org/CVERecord?id=CVE-2024-26809
  (* Security fix *)
2024-06-06 13:30:38 +02:00
Patrick J Volkerding
e5301d4448 Sat Jun 1 19:52:37 UTC 2024
patches/packages/ntp-4.2.8p18-x86_64-2_slack15.0.txz:  Rebuilt.
  This is a bugfix release to fix a possible regression. In some cases ntpd
  gets an error on mixed ipv4/ipv6 networks, so we'll make it possible to
  easily configure ntpd to use ipv4 only or ipv6 only (as well as to change
  any other ntpd options).
  rc.ntp: properly create the PID file on start.
  Add /etc/default/ntp to configure ntpd startup options since some people are
  needing to add -4 to avoid an error.
  Thanks to rkelsen and teoberi.
2024-06-02 13:30:47 +02:00
Patrick J Volkerding
dd5b1ba2c4 Sun May 26 00:07:39 UTC 2024
patches/packages/ntp-4.2.8p18-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
2024-05-26 13:30:49 +02:00
Patrick J Volkerding
97a6982d2b Wed May 22 18:57:13 UTC 2024
patches/packages/curl-8.8.0-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
2024-05-23 13:30:44 +02:00
Patrick J Volkerding
e10e8c9854 Mon May 20 18:42:49 UTC 2024
patches/packages/mariadb-10.5.25-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and a security issue:
  Difficult to exploit vulnerability allows unauthenticated attacker with
  logon to the infrastructure where MariaDB Server executes to compromise the
  server. This could result in unauthorized update, insert or delete access
  to some of the data as well as unauthorized read access to a subset of the
  data and unauthorized ability to cause a partial denial of service.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-21096
  (* Security fix *)
2024-05-21 13:30:45 +02:00