Patrick J Volkerding
53f7d421db
Mon Sep 23 20:01:35 UTC 2024
...
patches/packages/libarchive-3.7.6-x86_64-1_slack15.0.txz: Upgraded.
This release fixes a tar regression introduced in libarchive 3.7.5.
2024-09-24 13:30:38 +02:00
Patrick J Volkerding
d1483d2e62
Fri Sep 20 19:25:40 UTC 2024
...
patches/packages/bind-9.18.30-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
2024-09-21 13:30:35 +02:00
Patrick J Volkerding
cf77f89919
Wed Sep 18 21:23:19 UTC 2024
...
patches/packages/curl-8.10.1-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
2024-09-19 13:30:42 +02:00
Patrick J Volkerding
02beedc910
Mon Sep 16 19:58:49 UTC 2024
...
patches/packages/netatalk-3.2.9-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
2024-09-17 13:30:44 +02:00
Patrick J Volkerding
52e9abcddc
Sat Sep 14 18:15:34 UTC 2024
...
patches/packages/libarchive-3.7.5-x86_64-1_slack15.0.txz: Upgraded.
This update fixes the following security issues:
fix multiple vulnerabilities identified by SAST (#2251 , #2256 )
cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing (#2258 )
lzop: prevent integer overflow (#2174 )
rar4: protect copy_from_lzss_window_to_unp() (#2172 , CVE-2024-20696)
rar4: fix CVE-2024-26256 (#2269 )
rar4: fix OOB in delta and audio filter (#2148 , #2149 )
rar4: fix out of boundary access with large files (#2179 )
rar4: add boundary checks to rgb filter (#2210 )
rar4: fix OOB access with unicode filenames (#2203 )
rar5: clear 'data ready' cache on window buffer reallocs (#2265 )
rpm: calculate huge header sizes correctly (#2158 )
unzip: unify EOF handling (#2175 )
util: fix out of boundary access in mktemp functions (#2160 )
uu: stop processing if lines are too long (#2168 )
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-20696
https://www.cve.org/CVERecord?id=CVE-2024-26256
(* Security fix *)
2024-09-15 13:30:43 +02:00
Patrick J Volkerding
ced6fa47ab
Fri Sep 13 01:32:33 UTC 2024
...
patches/packages/libssh2-1.11.0-x86_64-1_slack15.0.txz: Upgraded.
This update adds support for rsa-sha2-512 and rsa-sha2-256, which are needed
to connect to servers that use a recent version of OpenSSH.
Thanks to Jonathan Woithe.
2024-09-13 13:30:46 +02:00
Patrick J Volkerding
6b496a06b1
Wed Sep 11 17:47:14 UTC 2024
...
patches/packages/curl-8.10.0-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
2024-09-12 13:30:43 +02:00
Patrick J Volkerding
c438a3c0d9
Mon Sep 9 17:27:00 UTC 2024
...
patches/packages/netatalk-3.2.8-x86_64-1_slack15.0.txz: Upgraded.
Bump bundled WolfSSL library to stable version 5.7.2, GitHub #1433 .
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-1544
https://www.cve.org/CVERecord?id=CVE-2024-5288
https://www.cve.org/CVERecord?id=CVE-2024-5991
https://www.cve.org/CVERecord?id=CVE-2024-5814
(* Security fix *)
2024-09-10 13:30:45 +02:00
Patrick J Volkerding
8039a5b124
Mon Sep 9 00:53:17 UTC 2024
...
patches/packages/python3-3.9.20-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
Bundled libexpat was updated to 2.6.3.
Fix quadratic complexity in parsing "-quoted cookie values with backslashes
by http.cookies.
Fixed various false positives and false negatives in IPv4Address.is_private,
IPv4Address.is_global, IPv6Address.is_private, IPv6Address.is_global.
Fix urllib.parse.urlunparse() and urllib.parse.urlunsplit() for URIs with
path starting with multiple slashes and no authority.
Remove backtracking from tarfile header parsing for hdrcharset, PAX, and
GNU sparse headers.
email.utils.getaddresses() and email.utils.parseaddr() now return ('', '')
2-tuples in more situations where invalid email addresses are encountered
instead of potentially inaccurate values. Add optional strict parameter to
these two functions: use strict=False to get the old behavior, accept
malformed inputs. getattr(email.utils, 'supports_strict_parsing', False) can
be used to check if the strict paramater is available.
Sanitize names in zipfile.Path to avoid infinite loops (gh-122905) without
breaking contents using legitimate characters.
Email headers with embedded newlines are now quoted on output. The generator
will now refuse to serialize (write) headers that are unsafely folded or
delimited; see verify_generated_headers.
For more information, see:
https://pythoninsider.blogspot.com/2024/09/python-3130rc2-3126-31110-31015-3920.html
https://www.cve.org/CVERecord?id=CVE-2024-28757
https://www.cve.org/CVERecord?id=CVE-2024-45490
https://www.cve.org/CVERecord?id=CVE-2024-45491
https://www.cve.org/CVERecord?id=CVE-2024-45492
https://www.cve.org/CVERecord?id=CVE-2024-7592
https://www.cve.org/CVERecord?id=CVE-2024-4032
https://www.cve.org/CVERecord?id=CVE-2015-2104
https://www.cve.org/CVERecord?id=CVE-2024-6232
https://www.cve.org/CVERecord?id=CVE-2023-27043
https://www.cve.org/CVERecord?id=CVE-2024-8088
https://www.cve.org/CVERecord?id=CVE-2024-6923
(* Security fix *)
2024-09-09 13:30:45 +02:00
Patrick J Volkerding
382f07b69c
Sat Sep 7 18:16:12 UTC 2024
...
patches/packages/glibc-zoneinfo-2024b-noarch-1_slack15.0.txz: Upgraded.
This package provides the latest timezone updates.
2024-09-08 13:30:53 +02:00
Patrick J Volkerding
a782e78272
Fri Sep 6 19:22:57 UTC 2024
...
testing/packages/rust-1.81.0-x86_64-1_slack15.0.txz: Upgraded.
2024-09-07 13:30:46 +02:00
Patrick J Volkerding
b684b4dc4a
Thu Sep 5 22:14:23 UTC 2024
...
patches/packages/mozilla-thunderbird-115.15.0-x86_64-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.15.0esr/releasenotes/
(* Security fix *)
2024-09-06 13:30:49 +02:00
Patrick J Volkerding
91fbde5fb9
Wed Sep 4 23:37:27 UTC 2024
...
patches/packages/expat-2.6.3-x86_64-1_slack15.0.txz: Upgraded.
This update addresses security issues with impact ranging from denial of
service to potentially artitrary code execution.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-45490
https://www.cve.org/CVERecord?id=CVE-2024-45491
https://www.cve.org/CVERecord?id=CVE-2024-45492
(* Security fix *)
2024-09-05 13:30:37 +02:00
Patrick J Volkerding
3637e85ebe
Tue Sep 3 21:07:09 UTC 2024
...
patches/packages/mozilla-firefox-115.15.0esr-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.15.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2024-41/
https://www.cve.org/CVERecord?id=CVE-2024-8381
https://www.cve.org/CVERecord?id=CVE-2024-8382
https://www.cve.org/CVERecord?id=CVE-2024-8383
https://www.cve.org/CVERecord?id=CVE-2024-8384
(* Security fix *)
patches/packages/seamonkey-2.53.19-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.seamonkey-project.org/releases/seamonkey2.53.19
(* Security fix *)
2024-09-04 13:39:55 +02:00
Patrick J Volkerding
a55d5c5151
Sat Aug 31 18:26:20 UTC 2024
...
patches/packages/libpcap-1.10.5-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
Clean up sock_initaddress() and its callers to avoid double frees
in some cases.
Fix pcap_findalldevs_ex() not to crash if passed a file:// URL with a
path to a directory that cannot be opened.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-7256
https://www.cve.org/CVERecord?id=CVE-2024-8006
(* Security fix *)
2024-09-01 13:31:05 +02:00
Patrick J Volkerding
b13ab22fec
Fri Aug 30 17:52:19 UTC 2024
...
patches/packages/ca-certificates-20240830-noarch-1_slack15.0.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
2024-08-31 13:30:59 +02:00
Patrick J Volkerding
e472158ace
Tue Aug 27 19:24:48 UTC 2024
...
patches/packages/kcron-21.12.3-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a security issue:
kcron: Invalid temporary file handling.
Thanks to pbslxw for the heads-up.
For more information, see:
https://kde.org/info/security/advisory-20220216-1.txt
https://www.cve.org/CVERecord?id=CVE-2022-24986
(* Security fix *)
patches/packages/plasma-workspace-5.23.5-x86_64-4_slack15.0.txz: Rebuilt.
This update patches a security issue:
ksmserver: Unauthorized users can access session manager.
Thanks to pbslxw for the heads-up.
For more information, see:
https://kde.org/info/security/advisory-20240531-1.txt
https://www.cve.org/CVERecord?id=CVE-2024-36041
(* Security fix *)
2024-08-28 13:30:50 +02:00
Patrick J Volkerding
1246cf6d34
Thu Aug 22 19:10:18 UTC 2024
...
patches/packages/bind-9.18.29-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
patches/packages/ffmpeg-4.4.5-x86_64-1_slack15.0.txz: Upgraded.
This update addresses several vulnerabilities in FFmpeg which could result
in denial of service, or potentially the execution of arbitrary code if
malformed files/streams are processed.
Thanks to pbslxw for the heads-up.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-1475
https://www.cve.org/CVERecord?id=CVE-2022-48434
https://www.cve.org/CVERecord?id=CVE-2022-3109
https://www.cve.org/CVERecord?id=CVE-2022-3341
https://www.cve.org/CVERecord?id=CVE-2022-3964
https://www.cve.org/CVERecord?id=CVE-2024-7055
https://www.cve.org/CVERecord?id=CVE-2023-47342
(* Security fix *)
2024-08-23 13:31:07 +02:00
Patrick J Volkerding
20718db5e4
Thu Aug 15 20:07:37 UTC 2024
...
patches/packages/libX11-1.8.10-x86_64-1_slack15.0.txz: Upgraded.
This is a bug fix release, correcting an empty XKeysymDB file.
Thanks to Jonathan Woithe for the bug report.
2024-08-16 13:31:00 +02:00
Patrick J Volkerding
5edf138e9c
Wed Aug 14 19:36:01 UTC 2024
...
patches/packages/dovecot-2.3.21.1-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
A large number of address headers in email resulted in excessive CPU usage.
Abnormally large email headers are now truncated or discarded, with a limit
of 10MB on a single header and 50MB for all the headers of all the parts of
an email.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-23184
https://www.cve.org/CVERecord?id=CVE-2024-23185
(* Security fix *)
2024-08-15 13:30:54 +02:00
Patrick J Volkerding
690d923d27
Sun Aug 11 19:00:08 UTC 2024
...
These are needed to build Chromium. Thanks to alienBOB.
We'll probably move them to /extra once the Mozilla stuff needs it.
Please note that if upgrading to the new llvm, you'll need the llvm13-compat
package from /extra.
testing/packages/llvm-18.1.8-x86_64-1_slack15.0.txz: Added.
testing/packages/rust-1.80.1-x86_64-1_slack15.0.txz: Added.
testing/packages/rust-bindgen-0.69.4-x86_64-1_slack15.0.txz: Added.
2024-08-12 13:30:50 +02:00
Patrick J Volkerding
a2bba28e56
Fri Aug 9 21:22:03 UTC 2024
...
patches/packages/mariadb-10.5.26-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://mariadb.com/kb/en/mariadb-10-5-26-release-notes/
2024-08-10 13:30:53 +02:00
Patrick J Volkerding
d6bbed4a7d
Wed Aug 7 04:03:09 UTC 2024
...
patches/packages/curl-8.9.1-x86_64-2_slack15.0.txz: Rebuilt.
This is a bugfix release.
[PATCH] sigpipe: init the struct so that first apply ignores.
Thanks to ponce.
patches/packages/mozilla-firefox-115.14.0esr-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.14.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2024-34/
https://www.cve.org/CVERecord?id=CVE-2024-7519
https://www.cve.org/CVERecord?id=CVE-2024-7521
https://www.cve.org/CVERecord?id=CVE-2024-7522
https://www.cve.org/CVERecord?id=CVE-2024-7524
https://www.cve.org/CVERecord?id=CVE-2024-7525
https://www.cve.org/CVERecord?id=CVE-2024-7526
https://www.cve.org/CVERecord?id=CVE-2024-7527
https://www.cve.org/CVERecord?id=CVE-2024-7529
https://www.cve.org/CVERecord?id=CVE-2024-7531
(* Security fix *)
patches/packages/mozilla-thunderbird-115.14.0-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.14.0esr/releasenotes/
2024-08-08 13:30:52 +02:00
Patrick J Volkerding
56b509117f
Mon Aug 5 21:58:24 UTC 2024
...
patches/packages/ksh93-1.0.10-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
2024-08-06 13:30:53 +02:00
Patrick J Volkerding
c6614b91d7
Wed Jul 31 18:35:06 UTC 2024
...
patches/packages/curl-8.9.1-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a security issue:
ASN.1 date parser overread.
For more information, see:
https://curl.se/docs/CVE-2024-7264.html
https://www.cve.org/CVERecord?id=CVE-2024-7264
(* Security fix *)
2024-08-01 13:30:48 +02:00
Patrick J Volkerding
a44e6a9f0b
Thu Jul 25 02:39:18 UTC 2024
...
patches/packages/curl-8.9.0-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
patches/packages/htdig-3.2.0b6-x86_64-10_slack15.0.txz: Rebuilt.
Patch XSS vulnerability. Thanks to jayjwa.
Get this out of cgi-bin. Thanks to LuckyCyborg.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2007-6110
(* Security fix *)
patches/packages/libxml2-2.11.9-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a security issue:
Fix XXE protection in downstream code.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-40896
(* Security fix *)
2024-07-26 13:30:58 +02:00
Patrick J Volkerding
75a92ded1e
Tue Jul 23 18:54:25 UTC 2024
...
patches/packages/bind-9.18.28-x86_64-1_slack15.0.txz: Upgraded.
Please note that we have moved to the 9.18 branch, as 9.16 is EOL.
This update fixes security issues:
Remove SIG(0) support from named as a countermeasure for CVE-2024-1975.
qctx-zversion was not being cleared when it should have been leading to
an assertion failure if it needed to be reused.
An excessively large number of rrtypes per owner can slow down database query
processing, so a limit has been placed on the number of rrtypes that can be
stored per owner (node) in a cache or zone database. This is configured with
the new "max-rrtypes-per-name" option, and defaults to 100.
Excessively large rdatasets can slow down database query processing, so a
limit has been placed on the number of records that can be stored per
rdataset in a cache or zone database. This is configured with the new
"max-records-per-type" option, and defaults to 100.
Malicious DNS client that sends many queries over TCP but never reads
responses can cause server to respond slowly or not respond at all for other
clients.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-1975
https://www.cve.org/CVERecord?id=CVE-2024-4076
https://www.cve.org/CVERecord?id=CVE-2024-1737
https://www.cve.org/CVERecord?id=CVE-2024-0760
(* Security fix *)
patches/packages/aaa_glibc-solibs-2.33-x86_64-7_slack15.0.txz: Rebuilt.
patches/packages/glibc-2.33-x86_64-7_slack15.0.txz: Rebuilt.
This update fixes security issues:
nscd: Stack-based buffer overflow in netgroup cache.
nscd: Null pointer crash after notfound response.
nscd: netgroup cache may terminate daemon on memory allocation failure.
nscd: netgroup cache assumes NSS callback uses in-buffer strings.
These vulnerabilities were only present in the nscd binary.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-33599
https://www.cve.org/CVERecord?id=CVE-2024-33600
https://www.cve.org/CVERecord?id=CVE-2024-33601
https://www.cve.org/CVERecord?id=CVE-2024-33602
(* Security fix *)
patches/packages/glibc-i18n-2.33-x86_64-7_slack15.0.txz: Rebuilt.
patches/packages/glibc-profile-2.33-x86_64-7_slack15.0.txz: Rebuilt.
patches/packages/mozilla-thunderbird-115.13.0-x86_64-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.13.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2024-31/
https://www.cve.org/CVERecord?id=CVE-2024-6600
https://www.cve.org/CVERecord?id=CVE-2024-6601
https://www.cve.org/CVERecord?id=CVE-2024-6602
https://www.cve.org/CVERecord?id=CVE-2024-6603
https://www.cve.org/CVERecord?id=CVE-2024-6604
(* Security fix *)
2024-07-24 13:31:01 +02:00
Patrick J Volkerding
39cc109e67
Thu Jul 18 20:01:18 UTC 2024
...
patches/packages/httpd-2.4.62-x86_64-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
The first CVE is for Windows, but the second one is an additional fix for
the source code disclosure regression when using AddType.
Users are recommended to upgrade to version 2.4.62 which fixes this issue.
For more information, see:
https://downloads.apache.org/httpd/CHANGES_2.4.62
https://www.cve.org/CVERecord?id=CVE-2024-40898
https://www.cve.org/CVERecord?id=CVE-2024-40725
(* Security fix *)
2024-07-19 13:31:06 +02:00
Patrick J Volkerding
0e307de269
Wed Jul 17 19:29:24 UTC 2024
...
patches/packages/openssl-1.1.1za-x86_64-1_slack15.0.txz: Upgraded.
Apply patches to fix CVEs that were fixed by the 1.1.1{x,y,za} releases that
were only available to subscribers to OpenSSL's premium extended support.
These patches were prepared by backporting commits from the OpenSSL-3.0 repo.
The reported version number has been updated so that vulnerability scanners
calm down. All of these issues were considered to be of low severity.
Thanks to Ken Zalewski for the patches!
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-5678
https://www.cve.org/CVERecord?id=CVE-2024-0727
https://www.cve.org/CVERecord?id=CVE-2024-2511
https://www.cve.org/CVERecord?id=CVE-2024-4741
https://www.cve.org/CVERecord?id=CVE-2024-5535
(* Security fix *)
patches/packages/openssl-solibs-1.1.1za-x86_64-1_slack15.0.txz: Upgraded.
2024-07-18 13:31:00 +02:00
Patrick J Volkerding
b4086e535f
Sun Jul 14 18:22:30 UTC 2024
...
patches/packages/netatalk-3.2.3-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
2024-07-15 13:30:51 +02:00
Patrick J Volkerding
0656746e99
Sat Jul 13 20:26:06 UTC 2024
...
patches/packages/mozilla-thunderbird-115.12.2-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.12.2/releasenotes/
2024-07-14 13:30:55 +02:00
Patrick J Volkerding
93bc5ad87d
Wed Jul 10 21:02:41 UTC 2024
...
patches/packages/xorg-server-1.20.14-x86_64-13_slack15.0.txz: Rebuilt.
This is a bugfix update to fix X server crashes:
[PATCH] render: Avoid possible double-free in ProcRenderAddGlyphs()
Thanks to typbigoh and Petri Kaukasoina.
patches/packages/xorg-server-xephyr-1.20.14-x86_64-13_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xnest-1.20.14-x86_64-13_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xvfb-1.20.14-x86_64-13_slack15.0.txz: Rebuilt.
2024-07-11 13:30:37 +02:00
Patrick J Volkerding
343c8c7b5e
Mon Jul 8 18:00:35 UTC 2024
...
patches/packages/netatalk-3.2.2-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
patches/packages/openssh-9.8p1-x86_64-3_slack15.0.txz: Rebuilt.
As upstream refactors this into smaller binaries, we could easily run into
another update that causes an sshd lockout if the listener process isn't
restarted. So, let's try to prevent that. After the package is upgraded,
we'll use "sshd -t" to make sure that we have a sane configuration, and if
so then we'll restart the listener process automatically.
If you don't like this idea, you may turn it off in /etc/default/sshd.
2024-07-09 13:30:39 +02:00
Patrick J Volkerding
7b9fb4996b
Wed Jul 3 22:27:28 UTC 2024
...
patches/packages/openssh-9.8p1-x86_64-2_slack15.0.txz: Rebuilt.
rc.sshd: also shut down sshd-session processes with "stop" function.
This shuts down connections cleanly instead of them having to time out.
Thanks to Petri Kaukasoina.
2024-07-04 13:30:57 +02:00
Patrick J Volkerding
b9a3a17045
Tue Jul 2 19:31:00 UTC 2024
...
patches/packages/httpd-2.4.60-x86_64-2_slack15.0.txz: Rebuilt.
This update is to fix a regression and to note security issues that were not
listed in the CHANGES file included with the source code.
Fixed a regression where a config file using AddType rather than AddHandler
could cause raw PHP files to be downloaded rather than processed.
Thanks to Nobby6.
For more information, see:
https://downloads.apache.org/httpd/CHANGES_2.4.60
https://www.cve.org/CVERecord?id=CVE-2024-39573
https://www.cve.org/CVERecord?id=CVE-2024-38477
https://www.cve.org/CVERecord?id=CVE-2024-38476
https://www.cve.org/CVERecord?id=CVE-2024-38475
https://www.cve.org/CVERecord?id=CVE-2024-38474
https://www.cve.org/CVERecord?id=CVE-2024-38473
https://www.cve.org/CVERecord?id=CVE-2024-38472
https://www.cve.org/CVERecord?id=CVE-2024-36387
(* Security fix *)
patches/packages/ksh93-1.0.9-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
2024-07-03 13:30:51 +02:00
Patrick J Volkerding
6c760751d7
Mon Jul 1 20:12:46 UTC 2024
...
patches/packages/httpd-2.4.60-x86_64-1_slack15.0.txz: Upgraded.
This is the latest release from the Apache HTTP Server 2.4.x stable branch.
patches/packages/openssh-9.8p1-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a security issue:
Fix race condition resulting in potential remote code execution.
For more information, see:
https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt
https://www.cve.org/CVERecord?id=CVE-2024-6387
(* Security fix *)
2024-07-02 13:30:50 +02:00
Patrick J Volkerding
2ad12f43bc
Wed Jun 26 20:06:09 UTC 2024
...
patches/packages/bluez-5.71-x86_64-3_slack15.0.txz: Rebuilt.
Fix a regression in bluez-5.71:
[PATCH] audio: transport: Fix crash on A2DP suspend.
Thanks to coltfire.
patches/packages/xcb-util-cursor-0.1.5-x86_64-1.txz: Upgraded.
This is a bugfix release.
Thanks to Lockywolf.
2024-06-27 13:30:48 +02:00
Patrick J Volkerding
46995c4798
Sat Jun 22 20:05:28 UTC 2024
...
patches/packages/emacs-29.4-x86_64-1_slack15.0.txz: Upgraded.
Emacs 29.4 is an emergency bugfix release intended to fix a
security vulnerability:
Arbitrary shell commands are no longer run when turning on Org mode.
This is for security reasons, to avoid running malicious commands.
(* Security fix *)
2024-06-23 13:30:49 +02:00
Patrick J Volkerding
c60f8dd577
Tue Jun 18 21:05:48 UTC 2024
...
patches/packages/cups-2.4.10-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
2024-06-19 13:30:49 +02:00
Patrick J Volkerding
8b116857fe
Sun Jun 16 21:32:49 UTC 2024
...
patches/packages/linux-5.15.161/*: Upgraded.
These updates fix regressions with the 5.15.160 packages.
Hopefully we do not get any new ones. :-)
Be sure to upgrade your initrd after upgrading the kernel packages.
If you use lilo to boot your machine, be sure lilo.conf points to the correct
kernel and initrd and run lilo as root to update the bootloader.
If you use elilo to boot your machine, you should run eliloconfig to copy the
kernel and initrd to the EFI System Partition.
2024-06-17 13:30:48 +02:00
Patrick J Volkerding
249e0a3900
Sat Jun 15 20:51:59 UTC 2024
...
patches/packages/ca-certificates-20240615-noarch-1_slack15.0.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
2024-06-16 13:30:48 +02:00
Patrick J Volkerding
0cec0ecfa1
Wed Jun 12 21:12:05 UTC 2024
...
patches/packages/mozilla-thunderbird-115.11.1-x86_64-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.11.1/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2024-23/
https://www.cve.org/CVERecord?id=CVE-2024-4367
https://www.cve.org/CVERecord?id=CVE-2024-4767
https://www.cve.org/CVERecord?id=CVE-2024-4768
https://www.cve.org/CVERecord?id=CVE-2024-4769
https://www.cve.org/CVERecord?id=CVE-2024-4770
https://www.cve.org/CVERecord?id=CVE-2024-4777
(* Security fix *)
2024-06-13 13:30:30 +02:00
Patrick J Volkerding
cfdd416e37
Tue Jun 11 21:09:01 UTC 2024
...
patches/packages/cups-2.4.9-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and a security issue:
When starting the cupsd server with a Listen configuration item pointing
to a symbolic link, the cupsd process can be caused to perform an arbitrary
chmod of the provided argument, providing world-writable access to the
target.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-35235
(* Security fix *)
patches/packages/mozilla-firefox-115.12.0esr-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.12.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2024-26/
https://www.cve.org/CVERecord?id=CVE-2024-5702
https://www.cve.org/CVERecord?id=CVE-2024-5688
https://www.cve.org/CVERecord?id=CVE-2024-5690
https://www.cve.org/CVERecord?id=CVE-2024-5691
https://www.cve.org/CVERecord?id=CVE-2024-5692
https://www.cve.org/CVERecord?id=CVE-2024-5693
https://www.cve.org/CVERecord?id=CVE-2024-5696
https://www.cve.org/CVERecord?id=CVE-2024-5700
(* Security fix *)
2024-06-12 13:30:32 +02:00
Patrick J Volkerding
61eadccb16
Sat Jun 8 19:42:03 UTC 2024
...
patches/packages/kernel-firmware-20240606_90df68d-noarch-1.txz: Upgraded.
Updated to the latest kernel firmware.
patches/packages/linux-5.15.160/*: Upgraded.
These updates fix a regression with the first 5.15.160 packages:
Subject: [PATCH] Revert "drm/amdgpu: init iommu after amdkfd device init"
This reverts commit 56b522f4668167096a50c39446d6263c96219f5f.
A user reported that this commit breaks the integrated gpu of his
notebook, causing a black screen. He was able to bisect the problematic
commit and verified that by reverting it the notebook works again.
He also confirmed that kernel 6.8.1 also works on his device, so the
upstream commit itself seems to be ok.
An amdgpu developer (Alex Deucher) confirmed that this patch should
have never been ported to 5.15 in the first place, so revert this
commit from the 5.15 stable series.
Thanks to fsLeg.
Be sure to upgrade your initrd after upgrading the kernel packages.
If you use lilo to boot your machine, be sure lilo.conf points to the correct
kernel and initrd and run lilo as root to update the bootloader.
If you use elilo to boot your machine, you should run eliloconfig to copy the
kernel and initrd to the EFI System Partition.
2024-06-09 13:30:34 +02:00
Patrick J Volkerding
dfa4788e03
Thu Jun 6 19:44:49 UTC 2024
...
extra/php81/php81-8.1.29-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and security issues:
Bypass of CVE-2012-1823, Argument Injection in PHP-CGI.
Filter bypass in filter_var FILTER_VALIDATE_URL.
Bypass of CVE-2024-1874.
For more information, see:
https://www.php.net/ChangeLog-8.php#8.1.29
https://www.cve.org/CVERecord?id=CVE-2024-4577
https://www.cve.org/CVERecord?id=CVE-2024-5458
https://www.cve.org/CVERecord?id=CVE-2024-5585
(* Security fix *)
2024-06-07 13:30:44 +02:00
Patrick J Volkerding
e53c2323e1
Wed Jun 5 19:06:36 UTC 2024
...
patches/packages/ca-certificates-20240604-noarch-1_slack15.0.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
patches/packages/kernel-firmware-20240604_22643bb-noarch-1.txz: Upgraded.
Updated to the latest kernel firmware.
patches/packages/linux-5.15.160/*: Upgraded.
These updates fix various bugs and security issues.
Be sure to upgrade your initrd after upgrading the kernel packages.
If you use lilo to boot your machine, be sure lilo.conf points to the correct
kernel and initrd and run lilo as root to update the bootloader.
If you use elilo to boot your machine, you should run eliloconfig to copy the
kernel and initrd to the EFI System Partition.
For more information, see:
Fixed in 5.15.147:
https://www.cve.org/CVERecord?id=CVE-2023-52340
https://www.cve.org/CVERecord?id=CVE-2023-6040
https://www.cve.org/CVERecord?id=CVE-2024-0646
Fixed in 5.15.148:
https://www.cve.org/CVERecord?id=CVE-2023-46838
https://www.cve.org/CVERecord?id=CVE-2023-52436
https://www.cve.org/CVERecord?id=CVE-2023-52438
https://www.cve.org/CVERecord?id=CVE-2023-52439
https://www.cve.org/CVERecord?id=CVE-2023-52443
https://www.cve.org/CVERecord?id=CVE-2023-52444
https://www.cve.org/CVERecord?id=CVE-2023-52445
https://www.cve.org/CVERecord?id=CVE-2023-52448
https://www.cve.org/CVERecord?id=CVE-2023-52449
https://www.cve.org/CVERecord?id=CVE-2023-52451
https://www.cve.org/CVERecord?id=CVE-2023-52454
https://www.cve.org/CVERecord?id=CVE-2023-52456
https://www.cve.org/CVERecord?id=CVE-2023-52458
https://www.cve.org/CVERecord?id=CVE-2023-52463
https://www.cve.org/CVERecord?id=CVE-2023-52464
https://www.cve.org/CVERecord?id=CVE-2023-52467
https://www.cve.org/CVERecord?id=CVE-2023-52469
https://www.cve.org/CVERecord?id=CVE-2023-52470
https://www.cve.org/CVERecord?id=CVE-2023-52609
https://www.cve.org/CVERecord?id=CVE-2023-52610
https://www.cve.org/CVERecord?id=CVE-2023-52612
https://www.cve.org/CVERecord?id=CVE-2023-6356
https://www.cve.org/CVERecord?id=CVE-2023-6536
https://www.cve.org/CVERecord?id=CVE-2023-6915
https://www.cve.org/CVERecord?id=CVE-2024-1085
https://www.cve.org/CVERecord?id=CVE-2024-24860
https://www.cve.org/CVERecord?id=CVE-2024-26586
https://www.cve.org/CVERecord?id=CVE-2024-26589
https://www.cve.org/CVERecord?id=CVE-2024-26591
https://www.cve.org/CVERecord?id=CVE-2024-26597
https://www.cve.org/CVERecord?id=CVE-2024-26598
https://www.cve.org/CVERecord?id=CVE-2024-26631
https://www.cve.org/CVERecord?id=CVE-2024-26633
Fixed in 5.15.149:
https://www.cve.org/CVERecord?id=CVE-2023-52429
https://www.cve.org/CVERecord?id=CVE-2023-52435
https://www.cve.org/CVERecord?id=CVE-2023-52486
https://www.cve.org/CVERecord?id=CVE-2023-52489
https://www.cve.org/CVERecord?id=CVE-2023-52491
https://www.cve.org/CVERecord?id=CVE-2023-52492
https://www.cve.org/CVERecord?id=CVE-2023-52493
https://www.cve.org/CVERecord?id=CVE-2023-52494
https://www.cve.org/CVERecord?id=CVE-2023-52498
https://www.cve.org/CVERecord?id=CVE-2023-52583
https://www.cve.org/CVERecord?id=CVE-2023-52587
https://www.cve.org/CVERecord?id=CVE-2023-52588
https://www.cve.org/CVERecord?id=CVE-2023-52594
https://www.cve.org/CVERecord?id=CVE-2023-52595
https://www.cve.org/CVERecord?id=CVE-2023-52597
https://www.cve.org/CVERecord?id=CVE-2023-52598
https://www.cve.org/CVERecord?id=CVE-2023-52599
https://www.cve.org/CVERecord?id=CVE-2023-52600
https://www.cve.org/CVERecord?id=CVE-2023-52601
https://www.cve.org/CVERecord?id=CVE-2023-52602
https://www.cve.org/CVERecord?id=CVE-2023-52603
https://www.cve.org/CVERecord?id=CVE-2023-52604
https://www.cve.org/CVERecord?id=CVE-2023-52606
https://www.cve.org/CVERecord?id=CVE-2023-52607
https://www.cve.org/CVERecord?id=CVE-2023-52608
https://www.cve.org/CVERecord?id=CVE-2023-52614
https://www.cve.org/CVERecord?id=CVE-2023-52615
https://www.cve.org/CVERecord?id=CVE-2023-52616
https://www.cve.org/CVERecord?id=CVE-2023-52617
https://www.cve.org/CVERecord?id=CVE-2023-52618
https://www.cve.org/CVERecord?id=CVE-2023-52619
https://www.cve.org/CVERecord?id=CVE-2023-52622
https://www.cve.org/CVERecord?id=CVE-2023-52623
https://www.cve.org/CVERecord?id=CVE-2023-52627
https://www.cve.org/CVERecord?id=CVE-2023-52630
https://www.cve.org/CVERecord?id=CVE-2023-52631
https://www.cve.org/CVERecord?id=CVE-2023-52633
https://www.cve.org/CVERecord?id=CVE-2023-52635
https://www.cve.org/CVERecord?id=CVE-2023-52637
https://www.cve.org/CVERecord?id=CVE-2023-52638
https://www.cve.org/CVERecord?id=CVE-2024-0340
https://www.cve.org/CVERecord?id=CVE-2024-1086
https://www.cve.org/CVERecord?id=CVE-2024-1151
https://www.cve.org/CVERecord?id=CVE-2024-23849
https://www.cve.org/CVERecord?id=CVE-2024-23850
https://www.cve.org/CVERecord?id=CVE-2024-23851
https://www.cve.org/CVERecord?id=CVE-2024-26592
https://www.cve.org/CVERecord?id=CVE-2024-26593
https://www.cve.org/CVERecord?id=CVE-2024-26594
https://www.cve.org/CVERecord?id=CVE-2024-26600
https://www.cve.org/CVERecord?id=CVE-2024-26602
https://www.cve.org/CVERecord?id=CVE-2024-26606
https://www.cve.org/CVERecord?id=CVE-2024-26608
https://www.cve.org/CVERecord?id=CVE-2024-26610
https://www.cve.org/CVERecord?id=CVE-2024-26614
https://www.cve.org/CVERecord?id=CVE-2024-26615
https://www.cve.org/CVERecord?id=CVE-2024-26625
https://www.cve.org/CVERecord?id=CVE-2024-26627
https://www.cve.org/CVERecord?id=CVE-2024-26635
https://www.cve.org/CVERecord?id=CVE-2024-26636
https://www.cve.org/CVERecord?id=CVE-2024-26640
https://www.cve.org/CVERecord?id=CVE-2024-26641
https://www.cve.org/CVERecord?id=CVE-2024-26644
https://www.cve.org/CVERecord?id=CVE-2024-26645
https://www.cve.org/CVERecord?id=CVE-2024-26660
https://www.cve.org/CVERecord?id=CVE-2024-26663
https://www.cve.org/CVERecord?id=CVE-2024-26664
https://www.cve.org/CVERecord?id=CVE-2024-26665
https://www.cve.org/CVERecord?id=CVE-2024-26668
https://www.cve.org/CVERecord?id=CVE-2024-26671
https://www.cve.org/CVERecord?id=CVE-2024-26673
https://www.cve.org/CVERecord?id=CVE-2024-26675
https://www.cve.org/CVERecord?id=CVE-2024-26676
https://www.cve.org/CVERecord?id=CVE-2024-26679
https://www.cve.org/CVERecord?id=CVE-2024-26684
https://www.cve.org/CVERecord?id=CVE-2024-26685
https://www.cve.org/CVERecord?id=CVE-2024-26689
https://www.cve.org/CVERecord?id=CVE-2024-26696
https://www.cve.org/CVERecord?id=CVE-2024-26697
https://www.cve.org/CVERecord?id=CVE-2024-26698
https://www.cve.org/CVERecord?id=CVE-2024-26702
https://www.cve.org/CVERecord?id=CVE-2024-26704
https://www.cve.org/CVERecord?id=CVE-2024-26707
https://www.cve.org/CVERecord?id=CVE-2024-26712
https://www.cve.org/CVERecord?id=CVE-2024-26715
https://www.cve.org/CVERecord?id=CVE-2024-26717
https://www.cve.org/CVERecord?id=CVE-2024-26720
https://www.cve.org/CVERecord?id=CVE-2024-26727
https://www.cve.org/CVERecord?id=CVE-2024-26808
Fixed in 5.15.150:
https://www.cve.org/CVERecord?id=CVE-2023-52434
https://www.cve.org/CVERecord?id=CVE-2023-52497
https://www.cve.org/CVERecord?id=CVE-2023-52640
https://www.cve.org/CVERecord?id=CVE-2023-52641
https://www.cve.org/CVERecord?id=CVE-2024-0565
https://www.cve.org/CVERecord?id=CVE-2024-26601
https://www.cve.org/CVERecord?id=CVE-2024-26603
https://www.cve.org/CVERecord?id=CVE-2024-26733
https://www.cve.org/CVERecord?id=CVE-2024-26735
https://www.cve.org/CVERecord?id=CVE-2024-26736
https://www.cve.org/CVERecord?id=CVE-2024-26737
https://www.cve.org/CVERecord?id=CVE-2024-26743
https://www.cve.org/CVERecord?id=CVE-2024-26744
https://www.cve.org/CVERecord?id=CVE-2024-26747
https://www.cve.org/CVERecord?id=CVE-2024-26748
https://www.cve.org/CVERecord?id=CVE-2024-26749
https://www.cve.org/CVERecord?id=CVE-2024-26751
https://www.cve.org/CVERecord?id=CVE-2024-26752
https://www.cve.org/CVERecord?id=CVE-2024-26754
https://www.cve.org/CVERecord?id=CVE-2024-26763
https://www.cve.org/CVERecord?id=CVE-2024-26764
https://www.cve.org/CVERecord?id=CVE-2024-26766
https://www.cve.org/CVERecord?id=CVE-2024-26769
https://www.cve.org/CVERecord?id=CVE-2024-26771
https://www.cve.org/CVERecord?id=CVE-2024-26772
https://www.cve.org/CVERecord?id=CVE-2024-26773
https://www.cve.org/CVERecord?id=CVE-2024-26774
https://www.cve.org/CVERecord?id=CVE-2024-26776
https://www.cve.org/CVERecord?id=CVE-2024-26777
https://www.cve.org/CVERecord?id=CVE-2024-26778
https://www.cve.org/CVERecord?id=CVE-2024-26779
Fixed in 5.15.151:
https://www.cve.org/CVERecord?id=CVE-2023-52620
https://www.cve.org/CVERecord?id=CVE-2024-0841
https://www.cve.org/CVERecord?id=CVE-2024-26622
https://www.cve.org/CVERecord?id=CVE-2024-26688
https://www.cve.org/CVERecord?id=CVE-2024-26782
https://www.cve.org/CVERecord?id=CVE-2024-26788
https://www.cve.org/CVERecord?id=CVE-2024-26790
https://www.cve.org/CVERecord?id=CVE-2024-26791
https://www.cve.org/CVERecord?id=CVE-2024-26793
https://www.cve.org/CVERecord?id=CVE-2024-26795
https://www.cve.org/CVERecord?id=CVE-2024-26798
https://www.cve.org/CVERecord?id=CVE-2024-26801
https://www.cve.org/CVERecord?id=CVE-2024-26802
https://www.cve.org/CVERecord?id=CVE-2024-26803
https://www.cve.org/CVERecord?id=CVE-2024-26804
https://www.cve.org/CVERecord?id=CVE-2024-26805
Fixed in 5.15.152:
https://www.cve.org/CVERecord?id=CVE-2024-26659
https://www.cve.org/CVERecord?id=CVE-2024-26787
Fixed in 5.15.153:
https://www.cve.org/CVERecord?id=CVE-2023-52447
https://www.cve.org/CVERecord?id=CVE-2023-6270
https://www.cve.org/CVERecord?id=CVE-2023-7042
https://www.cve.org/CVERecord?id=CVE-2024-22099
https://www.cve.org/CVERecord?id=CVE-2024-26651
https://www.cve.org/CVERecord?id=CVE-2024-26809
(* Security fix *)
2024-06-06 13:30:38 +02:00
Patrick J Volkerding
e5301d4448
Sat Jun 1 19:52:37 UTC 2024
...
patches/packages/ntp-4.2.8p18-x86_64-2_slack15.0.txz: Rebuilt.
This is a bugfix release to fix a possible regression. In some cases ntpd
gets an error on mixed ipv4/ipv6 networks, so we'll make it possible to
easily configure ntpd to use ipv4 only or ipv6 only (as well as to change
any other ntpd options).
rc.ntp: properly create the PID file on start.
Add /etc/default/ntp to configure ntpd startup options since some people are
needing to add -4 to avoid an error.
Thanks to rkelsen and teoberi.
2024-06-02 13:30:47 +02:00
Patrick J Volkerding
dd5b1ba2c4
Sun May 26 00:07:39 UTC 2024
...
patches/packages/ntp-4.2.8p18-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
2024-05-26 13:30:49 +02:00
Patrick J Volkerding
97a6982d2b
Wed May 22 18:57:13 UTC 2024
...
patches/packages/curl-8.8.0-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
2024-05-23 13:30:44 +02:00
Patrick J Volkerding
e10e8c9854
Mon May 20 18:42:49 UTC 2024
...
patches/packages/mariadb-10.5.25-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and a security issue:
Difficult to exploit vulnerability allows unauthenticated attacker with
logon to the infrastructure where MariaDB Server executes to compromise the
server. This could result in unauthorized update, insert or delete access
to some of the data as well as unauthorized read access to a subset of the
data and unauthorized ability to cause a partial denial of service.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-21096
(* Security fix *)
2024-05-21 13:30:45 +02:00