Miroirs/slackware-current
1
0
Fork 0
mirror of git://slackware.nl/current.git synced 2025-01-09 05:24:36 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
1203 commits 8 branches 2379 tags 490 MiB
Commit graph

9 commits

Author SHA1 Message Date
Patrick J Volkerding
585883b9b5 Sat Jan 7 01:50:00 UTC 2023 
extra/php80/php80-8.0.27-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes a security issue:
  PDO::quote() may return unquoted string.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-31631
  (* Security fix *)
extra/php81/php81-8.1.14-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and a security issue:
  PDO::quote() may return unquoted string.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-31631
  (* Security fix *)
patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txz:  Upgraded.
  Fixed memory corruption in NSS via DER-encoded DSA and RSA-PSS signatures.
  For more information, see:
    https://www.mozilla.org/en-US/security/advisories/mfsa2021-51/
    https://www.cve.org/CVERecord?id=CVE-2021-43527
  (* Security fix *)
patches/packages/php-7.4.33-x86_64-2_slack15.0.txz:  Rebuilt.
  This update fixes a security issue:
  PDO::quote() may return unquoted string.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-31631
  (* Security fix *)
 2023-01-07 13:30:29 +01:00
Patrick J Volkerding
bcdf30a8fe Mon Oct 31 23:31:36 UTC 2022 
extra/php80/php80-8.0.25-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes security issues:
  GD: OOB read due to insufficient input validation in imageloadfont().
  Hash: buffer overflow in hash_update() on long parameter.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-31630
    https://www.cve.org/CVERecord?id=CVE-2022-37454
  (* Security fix *)
extra/php81/php81-8.1.12-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes security issues:
  GD: OOB read due to insufficient input validation in imageloadfont().
  Hash: buffer overflow in hash_update() on long parameter.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-31630
    https://www.cve.org/CVERecord?id=CVE-2022-37454
  (* Security fix *)
patches/packages/mozilla-thunderbird-102.4.1-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/102.4.1/releasenotes/
patches/packages/vim-9.0.0814-x86_64-1_slack15.0.txz:  Upgraded.
  A vulnerability was found in vim and classified as problematic. Affected by
  this issue is the function qf_update_buffer of the file quickfix.c of the
  component autocmd Handler. The manipulation leads to use after free. The
  attack may be launched remotely. Upgrading to version 9.0.0805 is able to
  address this issue.
  Thanks to marav for the heads-up.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-3705
  (* Security fix *)
patches/packages/vim-gvim-9.0.0814-x86_64-1_slack15.0.txz:  Upgraded.
 2022-11-01 13:30:36 +01:00
Patrick J Volkerding
3087018ea7 Fri Sep 30 17:52:21 UTC 2022 
extra/php80/php80-8.0.24-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and security issues:
  phar wrapper: DOS when using quine gzip file.
  Don't mangle HTTP variable names that clash with ones that have a specific
  semantic meaning.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31628
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31629
  (* Security fix *)
extra/php81/php81-8.1.11-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and security issues:
  phar wrapper: DOS when using quine gzip file.
  Don't mangle HTTP variable names that clash with ones that have a specific
  semantic meaning.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31628
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31629
  (* Security fix *)
patches/packages/mozilla-thunderbird-102.3.1-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/102.3.1/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2022-43/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39249
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39250
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39251
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39236
  (* Security fix *)
patches/packages/php-7.4.32-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and security issues:
  phar wrapper: DOS when using quine gzip file.
  Don't mangle HTTP variable names that clash with ones that have a specific
  semantic meaning.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31628
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31629
  (* Security fix *)
patches/packages/seamonkey-2.53.14-x86_64-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.seamonkey-project.org/releases/seamonkey2.53.14
  (* Security fix *)
patches/packages/vim-9.0.0623-x86_64-1_slack15.0.txz:  Upgraded.
  Fixed use-after-free and stack-based buffer overflow.
  Thanks to marav for the heads-up.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-3352
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-3324
  (* Security fix *)
patches/packages/vim-gvim-9.0.0623-x86_64-1_slack15.0.txz:  Upgraded.
 2022-10-01 13:30:35 +02:00
Patrick J Volkerding
9edcc6c242 Thu Jul 7 23:03:01 UTC 2022 
patches/packages/gnupg2-2.2.36-x86_64-1_slack15.0.txz:  Upgraded.
  g10: Fix possibly garbled status messages in NOTATION_DATA.  This bug could
  trick GPGME and other parsers to accept faked status lines.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903
  (* Security fix *)
extra/php81/php81-8.1.8-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and a security issue:
  Fileinfo: Fixed bug #81723 (Heap buffer overflow in finfo_buffer).
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31627
  (* Security fix *)
 2022-07-08 13:30:29 +02:00
Patrick J Volkerding
7809bcc762 Mon Jun 13 21:02:58 UTC 2022 
patches/packages/php-7.4.30-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and security issues:
  mysqlnd/pdo password buffer overflow.
  Uninitialized array in pg_query_params().
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31626
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31625
  (* Security fix *)
extra/php80/php80-8.0.20-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and security issues:
  mysqlnd/pdo password buffer overflow.
  Uninitialized array in pg_query_params().
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31626
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31625
  (* Security fix *)
extra/php81/php81-8.1.7-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and security issues:
  mysqlnd/pdo password buffer overflow.
  Uninitialized array in pg_query_params().
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31626
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31625
  (* Security fix *)
 2022-06-14 13:30:26 +02:00
Patrick J Volkerding
a019271253 Fri Feb 18 05:29:00 UTC 2022 
patches/packages/mozilla-thunderbird-91.6.1-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/91.6.1/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2022-07/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0566
  (* Security fix *)
patches/packages/php-7.4.28-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and a security issue:
  UAF due to php_filter_float() failing for ints.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21708
  (* Security fix *)
extra/php80/php80-8.0.16-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and a security issue:
  UAF due to php_filter_float() failing for ints.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21708
  (* Security fix *)
extra/php81/php81-8.1.3-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and a security issue:
  UAF due to php_filter_float() failing for ints.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21708
  (* Security fix *)
 2022-02-19 13:30:02 +01:00
Patrick J Volkerding
30ad57f5bd Fri Jan 21 05:47:49 UTC 2022 
a/aaa_libraries-15.0-x86_64-15.txz:  Rebuilt.
  Upgraded: libzstd.so.1.5.2.
a/kernel-firmware-20220119_0c6a7b3-noarch-1.txz:  Upgraded.
a/kernel-generic-5.15.16-x86_64-1.txz:  Upgraded.
a/kernel-huge-5.15.16-x86_64-1.txz:  Upgraded.
a/kernel-modules-5.15.16-x86_64-1.txz:  Upgraded.
ap/vim-8.2.4166-x86_64-1.txz:  Upgraded.
d/kernel-headers-5.15.16-x86-1.txz:  Upgraded.
d/rust-1.58.1-x86_64-1.txz:  Upgraded.
k/kernel-source-5.15.16-noarch-1.txz:  Upgraded.
l/qt5-5.15.3_20211130_014c375b-x86_64-2.txz:  Rebuilt.
  Applied upstream patch:
  [PATCH] Move the wayland socket polling to a separate event thread.
  Thanks to LuckyCyborg.
l/svgalib-1.9.25-x86_64-7.txz:  Rebuilt.
  Don't try to use the (broken) assembly. Thanks to nobodino.
l/zstd-1.5.2-x86_64-1.txz:  Upgraded.
x/ibus-m17n-1.4.9-x86_64-1.txz:  Upgraded.
xap/vim-gvim-8.2.4166-x86_64-1.txz:  Upgraded.
extra/php80/php80-8.0.15-x86_64-1.txz:  Upgraded.
extra/php81/php81-8.1.2-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
 2022-01-21 17:59:42 +01:00
Patrick J Volkerding
93a272f6d5 Fri Dec 17 20:47:13 UTC 2021 
a/kernel-generic-5.15.10-x86_64-1.txz:  Upgraded.
a/kernel-huge-5.15.10-x86_64-1.txz:  Upgraded.
a/kernel-modules-5.15.10-x86_64-1.txz:  Upgraded.
ap/inxi-3.3.11_1-noarch-1.txz:  Upgraded.
ap/ksh93-1.0_20211217_ce3e080c-x86_64-1.txz:  Upgraded.
ap/neofetch-20211210_ccd5d9f5-noarch-1.txz:  Upgraded.
d/Cython-0.29.26-x86_64-1.txz:  Upgraded.
d/kernel-headers-5.15.10-x86-1.txz:  Upgraded.
k/kernel-source-5.15.10-noarch-1.txz:  Upgraded.
l/utf8proc-2.7.0-x86_64-1.txz:  Upgraded.
n/ca-certificates-20211216-noarch-1.txz:  Upgraded.
  This update provides the latest CA certificates to check for the
  authenticity of SSL connections.
xap/xine-ui-0.99.13-x86_64-1.txz:  Upgraded.
extra/php80/php80-8.0.14-x86_64-1.txz:  Upgraded.
extra/php81/php81-8.1.1-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
 2021-12-18 08:59:54 +01:00
Patrick J Volkerding
c29dcfa2dd Fri Dec 3 20:07:20 UTC 2021 
ap/rpm-4.16.1.3-x86_64-4.txz:  Rebuilt.
  Patched to handle non-compliant RPMs created by install4j. Thanks to alienBOB.
d/poke-1.4-x86_64-1.txz:  Upgraded.
l/enchant-2.3.2-x86_64-1.txz:  Upgraded.
l/freetype-2.11.1-x86_64-1.txz:  Upgraded.
l/glib2-2.70.2-x86_64-1.txz:  Upgraded.
n/lynx-2.9.0dev.10-x86_64-1.txz:  Upgraded.
extra/php8/php8-8.1.0-x86_64-1.txz:  Removed.
extra/php80/php80-8.0.13-x86_64-1.txz:  Added.
extra/php81/php81-8.1.0-x86_64-1.txz:  Added.
 2021-12-04 08:59:57 +01:00
Renamed from extra/source/php8/fetch-php.sh (Browse further)