patches/packages/openssl-1.1.1t-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
X.400 address type confusion in X.509 GeneralName.
Timing Oracle in RSA Decryption.
Use-after-free following BIO_new_NDEF.
Double free after calling PEM_read_bio_ex.
For more information, see:
https://www.openssl.org/news/secadv/20230207.txthttps://www.cve.org/CVERecord?id=CVE-2023-0286https://www.cve.org/CVERecord?id=CVE-2022-4304https://www.cve.org/CVERecord?id=CVE-2023-0215https://www.cve.org/CVERecord?id=CVE-2022-4450
(* Security fix *)
patches/packages/openssl-solibs-1.1.1t-x86_64-1_slack15.0.txz: Upgraded.
patches/packages/xorg-server-1.20.14-x86_64-7_slack15.0.txz: Rebuilt.
[PATCH] Xi: fix potential use-after-free in DeepCopyPointerClasses.
Also merged another patch to prevent crashes when using a compositor with
the NVIDIA blob. Thanks to mdinslage, willysr, and Daedra.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-0494
(* Security fix *)
patches/packages/xorg-server-xephyr-1.20.14-x86_64-7_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xnest-1.20.14-x86_64-7_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xvfb-1.20.14-x86_64-7_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xwayland-21.1.4-x86_64-6_slack15.0.txz: Rebuilt.
[PATCH] Xi: fix potential use-after-free in DeepCopyPointerClasses.
Also merged another patch to prevent crashes when using a compositor with
the NVIDIA blob. Thanks to mdinslage, willysr, and Daedra.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-0494
(* Security fix *)
patches/packages/openssh-9.2p1-x86_64-1_slack15.0.txz: Upgraded.
This release contains fixes for two security problems and a memory safety
problem. The memory safety problem is not believed to be exploitable, but
upstream reports most network-reachable memory faults as security bugs.
This update contains some potentially incompatible changes regarding the
scp utility. For more information, see:
https://www.openssh.com/releasenotes.html#9.0
For more information, see:
https://www.openssh.com/releasenotes.html#9.2
(* Security fix *)
patches/packages/bind-9.16.37-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and the following security issues:
An UPDATE message flood could cause :iscman:`named` to exhaust all
available memory. This flaw was addressed by adding a new
:any:`update-quota` option that controls the maximum number of
outstanding DNS UPDATE messages that :iscman:`named` can hold in a
queue at any given time (default: 100).
:iscman:`named` could crash with an assertion failure when an RRSIG
query was received and :any:`stale-answer-client-timeout` was set to a
non-zero value. This has been fixed.
:iscman:`named` running as a resolver with the
:any:`stale-answer-client-timeout` option set to any value greater
than ``0`` could crash with an assertion failure, when the
:any:`recursive-clients` soft quota was reached. This has been fixed.
For more information, see:
https://kb.isc.org/docs/cve-2022-3094https://kb.isc.org/docs/cve-2022-3736https://kb.isc.org/docs/cve-2022-3924https://www.cve.org/CVERecord?id=CVE-2022-3094https://www.cve.org/CVERecord?id=CVE-2022-3736https://www.cve.org/CVERecord?id=CVE-2022-3924
(* Security fix *)
patches/packages/vim-9.0.1241-x86_64-1_slack15.0.txz: Upgraded.
Fixed a security issue:
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225.
Thanks to marav for the heads-up.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-0433
(* Security fix *)
patches/packages/vim-gvim-9.0.1241-x86_64-1_slack15.0.txz: Upgraded.
testing/packages/bind-9.18.11-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and the following security issues:
An UPDATE message flood could cause :iscman:`named` to exhaust all
available memory. This flaw was addressed by adding a new
:any:`update-quota` option that controls the maximum number of
outstanding DNS UPDATE messages that :iscman:`named` can hold in a
queue at any given time (default: 100).
:iscman:`named` could crash with an assertion failure when an RRSIG
query was received and :any:`stale-answer-client-timeout` was set to a
non-zero value. This has been fixed.
:iscman:`named` running as a resolver with the
:any:`stale-answer-client-timeout` option set to any value greater
than ``0`` could crash with an assertion failure, when the
:any:`recursive-clients` soft quota was reached. This has been fixed.
For more information, see:
https://kb.isc.org/docs/cve-2022-3094https://kb.isc.org/docs/cve-2022-3736https://kb.isc.org/docs/cve-2022-3924https://www.cve.org/CVERecord?id=CVE-2022-3094https://www.cve.org/CVERecord?id=CVE-2022-3736https://www.cve.org/CVERecord?id=CVE-2022-3924
(* Security fix *)
patches/packages/sudo-1.9.12p2-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a flaw in sudo's -e option (aka sudoedit) that could allow
a malicious user with sudoedit privileges to edit arbitrary files.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-22809
(* Security fix *)
patches/packages/netatalk-3.1.14-x86_64-1_slack15.0.txz: Upgraded.
Netatalk through 3.1.13 has an afp_getappl heap-based buffer overflow
resulting in code execution via a crafted .appl file.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-45188
(* Security fix *)
patches/packages/ca-certificates-20221205-noarch-2_slack15.0.txz: Rebuilt.
Make sure that if we're installing this package on another partition (such as
when using installpkg with a --root parameter) that the updates are done on
that partition. Thanks to fulalas.
patches/packages/libtiff-4.4.0-x86_64-1_slack15.0.txz: Upgraded.
Patched various security bugs.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-2056https://www.cve.org/CVERecord?id=CVE-2022-2057https://www.cve.org/CVERecord?id=CVE-2022-2058https://www.cve.org/CVERecord?id=CVE-2022-3970https://www.cve.org/CVERecord?id=CVE-2022-34526
(* Security fix *)
patches/packages/rxvt-unicode-9.26-x86_64-3_slack15.0.txz: Rebuilt.
When the "background" extension was loaded, an attacker able to control the
data written to the terminal would be able to execute arbitrary code as the
terminal's user. Thanks to David Leadbeater and Ben Collver.
For more information, see:
https://www.openwall.com/lists/oss-security/2022/12/05/1https://www.cve.org/CVERecord?id=CVE-2022-4170
(* Security fix *)
patches/packages/whois-5.5.15-x86_64-1_slack15.0.txz: Upgraded.
Updated the .bd, .nz and .tv TLD servers.
Added the .llyw.cymru, .gov.scot and .gov.wales SLD servers.
Updated the .ac.uk and .gov.uk SLD servers.
Recursion has been enabled for whois.nic.tv.
Updated the list of new gTLDs with four generic TLDs assigned in October 2013
which were missing due to a bug.
Removed 4 new gTLDs which are no longer active.
Added the Georgian translation, contributed by Temuri Doghonadze.
Updated the Finnish translation, contributed by Lauri Nurmi.
patches/packages/libksba-1.6.3-x86_64-1_slack15.0.txz: Upgraded.
Fix another integer overflow in the CRL's signature parser.
(* Security fix *)
patches/packages/sdl-1.2.15-x86_64-13_slack15.0.txz: Rebuilt.
This update fixes a heap overflow problem in video/SDL_pixels.c in SDL.
By crafting a malicious .BMP file, an attacker can cause the application
using this library to crash, denial of service, or code execution.
Thanks to marav for the heads-up.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2021-33657
(* Security fix *)
patches/packages/xorg-server-1.20.14-x86_64-6_slack15.0.txz: Rebuilt.
This release fixes an invalid event type mask in XTestSwapFakeInput which
was inadvertently changed from octal 0177 to hexadecimal 0x177 in the fix
for CVE-2022-46340.
patches/packages/xorg-server-xephyr-1.20.14-x86_64-6_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xnest-1.20.14-x86_64-6_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xvfb-1.20.14-x86_64-6_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xwayland-21.1.4-x86_64-5_slack15.0.txz: Rebuilt.
This release fixes an invalid event type mask in XTestSwapFakeInput which
was inadvertently changed from octal 0177 to hexadecimal 0x177 in the fix
for CVE-2022-46340.
patches/packages/libarchive-3.6.2-x86_64-2_slack15.0.txz: Rebuilt.
This update fixes a regression causing a failure to compile against
libarchive: don't include iconv in libarchive.pc.
patches/packages/samba-4.15.13-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
This is the Samba CVE for the Windows Kerberos RC4-HMAC Elevation of
Privilege Vulnerability disclosed by Microsoft on Nov 8 2022.
A Samba Active Directory DC will issue weak rc4-hmac session keys for
use between modern clients and servers despite all modern Kerberos
implementations supporting the aes256-cts-hmac-sha1-96 cipher.
On Samba Active Directory DCs and members
'kerberos encryption types = legacy'
would force rc4-hmac as a client even if the server supports
aes128-cts-hmac-sha1-96 and/or aes256-cts-hmac-sha1-96.
This is the Samba CVE for the Windows Kerberos Elevation of Privilege
Vulnerability disclosed by Microsoft on Nov 8 2022.
A service account with the special constrained delegation permission
could forge a more powerful ticket than the one it was presented with.
The "RC4" protection of the NetLogon Secure channel uses the same
algorithms as rc4-hmac cryptography in Kerberos, and so must also be
assumed to be weak.
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed
that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue
rc4-hmac encrypted tickets despite the target server supporting better
encryption (eg aes256-cts-hmac-sha1-96).
Note that there are several important behavior changes included in this
release, which may cause compatibility problems interacting with system
still expecting the former behavior.
Please read the advisories of CVE-2022-37966, CVE-2022-37967 and
CVE-2022-38023 carefully!
For more information, see:
https://www.samba.org/samba/security/CVE-2022-37966.htmlhttps://www.samba.org/samba/security/CVE-2022-37967.htmlhttps://www.samba.org/samba/security/CVE-2022-38023.htmlhttps://www.samba.org/samba/security/CVE-2022-45141.htmlhttps://www.cve.org/CVERecord?id=CVE-2022-37966https://www.cve.org/CVERecord?id=CVE-2022-37967https://www.cve.org/CVERecord?id=CVE-2022-38023https://www.cve.org/CVERecord?id=CVE-2022-45141
(* Security fix *)
patches/packages/libarchive-3.6.2-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix and security release.
Relevant bugfixes:
rar5 reader: fix possible garbled output with bsdtar -O (#1745)
mtree reader: support reading mtree files with tabs (#1783)
Security fixes:
various small fixes for issues found by CodeQL
(* Security fix *)
patches/packages/python3-3.9.16-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
gh-98739: Updated bundled libexpat to 2.5.0 to fix CVE-2022-43680
(heap use-after-free).
gh-98433: The IDNA codec decoder used on DNS hostnames by socket or asyncio
related name resolution functions no longer involves a quadratic algorithm
to fix CVE-2022-45061. This prevents a potential CPU denial of service if an
out-of-spec excessive length hostname involving bidirectional characters were
decoded. Some protocols such as urllib http 3xx redirects potentially allow
for an attacker to supply such a name.
gh-100001: python -m http.server no longer allows terminal control characters
sent within a garbage request to be printed to the stderr server log.
gh-87604: Avoid publishing list of active per-interpreter audit hooks via the
gc module.
gh-97514: On Linux the multiprocessing module returns to using filesystem
backed unix domain sockets for communication with the forkserver process
instead of the Linux abstract socket namespace. Only code that chooses to use
the "forkserver" start method is affected. This prevents Linux CVE-2022-42919
(potential privilege escalation) as abstract sockets have no permissions and
could allow any user on the system in the same network namespace (often the
whole system) to inject code into the multiprocessing forkserver process.
Filesystem based socket permissions restrict this to the forkserver process
user as was the default in Python 3.8 and earlier.
gh-98517: Port XKCP's fix for the buffer overflows in SHA-3 to fix
CVE-2022-37454.
gh-68966: The deprecated mailcap module now refuses to inject unsafe text
(filenames, MIME types, parameters) into shell commands to address
CVE-2015-20107. Instead of using such text, it will warn and act as if a
match was not found (or for test commands, as if the test failed).
For more information, see:
https://pythoninsider.blogspot.com/2022/12/python-3111-3109-3916-3816-3716-and.htmlhttps://www.cve.org/CVERecord?id=CVE-2022-43680https://www.cve.org/CVERecord?id=CVE-2022-45061https://www.cve.org/CVERecord?id=CVE-2022-42919https://www.cve.org/CVERecord?id=CVE-2022-37454https://www.cve.org/CVERecord?id=CVE-2015-20107
(* Security fix *)
patches/packages/ca-certificates-20221205-noarch-1_slack15.0.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
patches/packages/glibc-zoneinfo-2022g-noarch-1_slack15.0.txz: Upgraded.
This package provides the latest timezone updates.
patches/packages/ruby-3.0.5-x86_64-1_slack15.0.txz: Upgraded.
This release includes a security fix:
HTTP response splitting in CGI.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2021-33621
(* Security fix *)
patches/packages/sysstat-12.7.1-x86_64-1_slack15.0.txz: Upgraded.
On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1,
allocate_structures contains a size_t overflow in sa_common.c. The
allocate_structures function insufficiently checks bounds before arithmetic
multiplication, allowing for an overflow in the size allocated for the
buffer representing system activities.
This issue may lead to Remote Code Execution (RCE).
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-39377
(* Security fix *)
patches/packages/xfce4-settings-4.16.4-x86_64-1_slack15.0.txz: Upgraded.
Fixed an argument injection vulnerability in xfce4-mime-helper.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-45062
(* Security fix *)
patches/packages/glibc-zoneinfo-2022f-noarch-1_slack15.0.txz: Upgraded.
This package provides the latest timezone updates.
patches/packages/mariadb-10.5.18-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://mariadb.com/kb/en/mariadb-10-5-18-release-notes
patches/packages/sudo-1.9.12p1-x86_64-1_slack15.0.txz: Upgraded.
Fixed a potential out-of-bounds write for passwords smaller than 8
characters when passwd authentication is enabled.
This does not affect configurations that use other authentication
methods such as PAM, AIX authentication or BSD authentication.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-43995
(* Security fix *)
extra/php80/php80-8.0.25-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
GD: OOB read due to insufficient input validation in imageloadfont().
Hash: buffer overflow in hash_update() on long parameter.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-31630https://www.cve.org/CVERecord?id=CVE-2022-37454
(* Security fix *)
extra/php81/php81-8.1.12-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
GD: OOB read due to insufficient input validation in imageloadfont().
Hash: buffer overflow in hash_update() on long parameter.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-31630https://www.cve.org/CVERecord?id=CVE-2022-37454
(* Security fix *)
patches/packages/mozilla-thunderbird-102.4.1-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/102.4.1/releasenotes/
patches/packages/vim-9.0.0814-x86_64-1_slack15.0.txz: Upgraded.
A vulnerability was found in vim and classified as problematic. Affected by
this issue is the function qf_update_buffer of the file quickfix.c of the
component autocmd Handler. The manipulation leads to use after free. The
attack may be launched remotely. Upgrading to version 9.0.0805 is able to
address this issue.
Thanks to marav for the heads-up.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-3705
(* Security fix *)
patches/packages/vim-gvim-9.0.0814-x86_64-1_slack15.0.txz: Upgraded.
patches/packages/expat-2.5.0-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a security issue:
Fix heap use-after-free after overeager destruction of a shared DTD in
function XML_ExternalEntityParserCreate in out-of-memory situations.
Expected impact is denial of service or potentially arbitrary code
execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43680
(* Security fix *)
patches/packages/samba-4.15.11-x86_64-1_slack15.0.txz: Upgraded.
This update fixes the following security issue:
There is a limited write heap buffer overflow in the GSSAPI unwrap_des()
and unwrap_des3() routines of Heimdal (included in Samba).
For more information, see:
https://www.samba.org/samba/security/CVE-2022-3437.htmlhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437
(* Security fix *)
patches/packages/rsync-3.2.7-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
Notably, this addresses some regressions caused by the file-list validation
fix in rsync-3.2.5.
Thanks to llgar.
patches/packages/mozilla-thunderbird-102.4.0-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/102.4.0/releasenotes/
patches/packages/whois-5.5.14-x86_64-1_slack15.0.txz: Upgraded.
This update adds the .bf and .sd TLD servers, removes the .gu TLD server,
updates the .dm, .fj, .mt and .pk TLD servers, updates the charset for
whois.nic.tr, updates the list of new gTLDs, removes whois.nic.fr from the
list of RIPE-like servers (because it is not one anymore), renames
whois.arnes.si to whois.register.si in the list of RIPE-like servers, and
adds the hiding string for whois.auda.org.au.
patches/packages/zlib-1.2.13-x86_64-1_slack15.0.txz: Upgraded.
Fixed a bug when getting a gzip header extra field with inflateGetHeader().
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434
(* Security fix *)
patches/packages/mozilla-thunderbird-102.3.3-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/102.3.3/releasenotes/
patches/packages/python3-3.9.15-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
Bundled libexpat was upgraded from 2.4.7 to 2.4.9 which fixes a heap
use-after-free vulnerability in function doContent.
gh-97616: a fix for a possible buffer overflow in list *= int.
gh-97612: a fix for possible shell injection in the example script
get-remote-certificate.py.
gh-96577: a fix for a potential buffer overrun in msilib.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40674
(* Security fix *)
patches/packages/libksba-1.6.2-x86_64-1_slack15.0.txz: Upgraded.
Detect a possible overflow directly in the TLV parser.
This patch detects possible integer overflows immmediately when creating
the TI object.
Reported-by: ZDI-CAN-18927, ZDI-CAN-18928, ZDI-CAN-18929
(* Security fix *)
patches/packages/dhcp-4.4.3_P1-x86_64-1_slack15.0.txz: Upgraded.
This update fixes two security issues:
Corrected a reference count leak that occurs when the server builds
responses to leasequery packets.
Corrected a memory leak that occurs when unpacking a packet that has an
FQDN option (81) that contains a label with length greater than 63 bytes.
Thanks to VictorV of Cyber Kunlun Lab for reporting these issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2928https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2929
(* Security fix *)
patches/packages/xorg-server-xwayland-21.1.4-x86_64-2_slack15.0.txz: Rebuilt.
xkb: switch to array index loops to moving pointers.
xkb: add request length validation for XkbSetGeometry.
xkb: swap XkbSetDeviceInfo and XkbSetDeviceInfoCheck.
I hadn't realized that the xorg-server patches were needed (or applied
cleanly) to Xwayland. Thanks to LuckyCyborg for the kind reminder. :-)
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2319https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2320
(* Security fix *)
patches/packages/dnsmasq-2.87-x86_64-1_slack15.0.txz: Upgraded.
Fix write-after-free error in DHCPv6 server code.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0934
(* Security fix *)
patches/packages/vim-9.0.0594-x86_64-1_slack15.0.txz: Upgraded.
Fixed stack-based buffer overflow.
Thanks to marav for the heads-up.
In addition, Mig21 pointed out an issue where the defaults.vim file might
need to be edited for some purposes as its contents will override the
settings in the system-wide vimrc. Usually this file is replaced whenever
vim is upgraded, which in those situations would be inconvenient for the
admin. So, I've added support for a file named defaults.vim.custom which
(if it exists) will be used instead of the defaults.vim file shipped in
the package and will persist through upgrades.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3296
(* Security fix *)
patches/packages/vim-gvim-9.0.0594-x86_64-1_slack15.0.txz: Upgraded.
patches/packages/vim-9.0.0558-x86_64-1_slack15.0.txz: Upgraded.
Fixed use after free.
Thanks to marav for the heads-up.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3256
(* Security fix *)
patches/packages/vim-gvim-9.0.0558-x86_64-1_slack15.0.txz: Upgraded.
patches/packages/ca-certificates-20220922-noarch-1_slack15.0.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
patches/packages/cups-2.4.2-x86_64-3_slack15.0.txz: Rebuilt.
Fixed crash when using the CUPS web setup interface:
[PATCH] Fix OpenSSL crash bug - "tls" pointer wasn't cleared after freeing
it (Issue #409).
Thanks to MisterL, bryjen, and kjhambrick.
Fixed an OpenSSL certificate loading issue:
[PATCH] The OpenSSL code path wasn't loading the full certificate
chain (Issue #465).
Thanks to tmmukunn.
patches/packages/vim-9.0.0500-x86_64-1_slack15.0.txz: Upgraded.
Fixed heap-based buffer overflow.
Thanks to marav for the heads-up.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3234
(* Security fix *)
patches/packages/vim-gvim-9.0.0500-x86_64-1_slack15.0.txz: Upgraded.
patches/packages/vim-9.0.0417-x86_64-1_slack15.0.txz: Upgraded.
Fixed null pointer dereference.
Thanks to marav for the heads-up.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3153
(* Security fix *)
patches/packages/vim-gvim-9.0.0417-x86_64-1_slack15.0.txz: Upgraded.
extra/sendmail/sendmail-8.17.1-x86_64-4_slack15.0.txz: Rebuilt.
Patched sendmail.h to fix SASL auth. Thanks to af7567.
Build without -DUSE_EAI (which is evidently considered experimental) since
the option breaks the vacation binary. Thanks to bitfuzzy and HQuest.
It is possible that this could work but requires additional options. I found
this in the ChangeLog for the SUSE rpm:
Experimental support for SMTPUTF8 (EAI, see RFC 6530-6533) is available
when using the compile time option USE_EAI (see also
devtools/Site/site.config.m4.sample for other required settings) and the cf
option SMTPUTF8. If a mail submission via the command line requires the
use of SMTPUTF8, e.g., because a header uses UTF-8 encoding, but the
addresses on the command line are all ASCII, then the new option -U must be
used, and the cf option SMTPUTF8 must be set in submit.cf.
Any assistance with getting -DUSE_EAI working properly would be appreciated.
extra/sendmail/sendmail-cf-8.17.1-noarch-4_slack15.0.txz: Rebuilt.
patches/packages/vim-9.0.0334-x86_64-1_slack15.0.txz: Upgraded.
Fixed use after free.
Thanks to marav for the heads-up.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3016
(* Security fix *)
patches/packages/vim-gvim-9.0.0334-x86_64-1_slack15.0.txz: Upgraded.
patches/packages/vim-8.2.4649-x86_64-3_slack15.0.txz: Rebuilt.
Fix use after free.
Thanks to marav for the heads-up.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2889
(* Security fix *)
patches/packages/vim-gvim-8.2.4649-x86_64-3_slack15.0.txz: Rebuilt.
patches/packages/rsync-3.2.5-x86_64-1_slack15.0.txz: Upgraded.
Added some file-list safety checking that helps to ensure that a rogue
sending rsync can't add unrequested top-level names and/or include recursive
names that should have been excluded by the sender. These extra safety
checks only require the receiver rsync to be updated. When dealing with an
untrusted sending host, it is safest to copy into a dedicated destination
directory for the remote content (i.e. don't copy into a destination
directory that contains files that aren't from the remote host unless you
trust the remote host).
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29154
(* Security fix *)
patches/packages/zlib-1.2.12-x86_64-2_slack15.0.txz: Rebuilt.
This is a bugfix update.
Applied an upstream patch to restore the handling of CRC inputs to be the
same as in previous releases of zlib. This fixes an issue with OpenJDK.
Thanks to alienBOB.
patches/packages/gnutls-3.7.7-x86_64-1_slack15.0.txz: Upgraded.
libgnutls: Fixed double free during verification of pkcs7 signatures.
Reported by Jaak Ristioja.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2509
(* Security fix *)
patches/packages/mozilla-firefox-91.12.0esr-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/91.12.0/releasenotes/
(* Security fix *)
patches/packages/perl-5.34.0-x86_64-2_slack15.0.txz: Rebuilt.
This is a bugfix release.
Upgraded: Devel-CheckLib-1.16, IO-Socket-SSL-2.074, Net-SSLeay-1.92,
Path-Tiny-0.122, Template-Toolkit-3.100, URI-5.12, libnet-3.14.
Added a symlink to libperl.so in /usr/${LIBDIRSUFFIX} since net-snmp (and
possibly other programs) might have trouble linking with it since it's not
in the LD_LIBRARY_PATH. Thanks to oneforall.
patches/packages/wavpack-5.5.0-x86_64-1_slack15.0.txz: Upgraded.
WavPack 5.5.0 contains a fix for CVE-2021-44269 wherein encoding a specially
crafted DSD file causes an out-of-bounds read exception.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44269
(* Security fix *)
patches/packages/gnupg2-2.2.36-x86_64-1_slack15.0.txz: Upgraded.
g10: Fix possibly garbled status messages in NOTATION_DATA. This bug could
trick GPGME and other parsers to accept faked status lines.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903
(* Security fix *)
extra/php81/php81-8.1.8-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and a security issue:
Fileinfo: Fixed bug #81723 (Heap buffer overflow in finfo_buffer).
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31627
(* Security fix *)
patches/packages/ca-certificates-20220622-noarch-1_slack15.0.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
patches/packages/openssl-1.1.1p-x86_64-1_slack15.0.txz: Upgraded.
In addition to the c_rehash shell command injection identified in
CVE-2022-1292, further circumstances where the c_rehash script does not
properly sanitise shell metacharacters to prevent command injection were
found by code review.
When the CVE-2022-1292 was fixed it was not discovered that there
are other places in the script where the file names of certificates
being hashed were possibly passed to a command executed through the shell.
For more information, see:
https://www.openssl.org/news/secadv/20220621.txthttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068
(* Security fix *)
patches/packages/openssl-solibs-1.1.1p-x86_64-1_slack15.0.txz: Upgraded.
patches/packages/pidgin-2.14.10-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and several security issues.
For more information, see:
https://www.pidgin.im/posts/2022-06-2.14.10-released/
(* Security fix *)
patches/packages/bind-9.16.29-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
testing/packages/bind-9.18.3-x86_64-1_slack15.0.txz: Upgraded.
Fixed a crash in DNS-over-HTTPS (DoH) code caused by premature TLS stream
socket object deletion.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1183
(* Security fix *)
patches/packages/mozilla-thunderbird-91.9.0-x86_64-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.9.0/releasenotes/
(* Security fix *)
patches/packages/openssl-1.1.1o-x86_64-1_slack15.0.txz: Upgraded.
Fixed a bug in the c_rehash script which was not properly sanitising shell
metacharacters to prevent command injection.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292
(* Security fix *)
patches/packages/openssl-solibs-1.1.1o-x86_64-1_slack15.0.txz: Upgraded.
patches/packages/seamonkey-2.53.12-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.seamonkey-project.org/releases/seamonkey2.53.12
(* Security fix *)
patches/packages/libxml2-2.9.14-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and the following security issues:
Fix integer overflow in xmlBuf and xmlBuffer.
Fix potential double-free in xmlXPtrStringRangeFunction.
Fix memory leak in xmlFindCharEncodingHandler.
Normalize XPath strings in-place.
Prevent integer-overflow in htmlSkipBlankChars() and xmlSkipBlankChars().
Fix leak of xmlElementContent.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824
(* Security fix *)
patches/packages/mozilla-firefox-91.9.0esr-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/91.9.0/releasenotes/
patches/packages/samba-4.15.7-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.samba.org/samba/history/samba-4.15.7.html
patches/packages/git-2.35.3-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a security issue where a Git worktree created by another
user might be able to execute arbitrary code.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765
(* Security fix *)
patches/packages/gzip-1.12-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a security issue:
zgrep applied to a crafted file name with two or more newlines can no
longer overwrite an arbitrary, attacker-selected file.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271
(* Security fix *)
patches/packages/xz-5.2.5-x86_64-4_slack15.0.txz: Rebuilt.
This update fixes a security issue:
xzgrep applied to a crafted file name with two or more newlines can no
longer overwrite an arbitrary, attacker-selected file.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271
(* Security fix *)
patches/packages/whois-5.5.13-x86_64-1_slack15.0.txz: Upgraded.
This update adds the .sd TLD server, updates the list of new gTLDs, and adds
a Turkish translation.
patches/packages/libarchive-3.6.1-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix and security release.
Security fixes:
7zip reader: fix PPMD read beyond boundary.
ZIP reader: fix possible out of bounds read.
ISO reader: fix possible heap buffer overflow in read_children().
RARv4 redaer: fix multiple issues in RARv4 filter code (introduced in
libarchive 3.6.0).
Fix heap use after free in archive_read_format_rar_read_data().
Fix null dereference in read_data_compressed().
Fix heap user after free in run_filters().
(* Security fix *)
patches/packages/ca-certificates-20220403-noarch-1_slack15.0.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
patches/packages/vim-8.2.4649-x86_64-1_slack15.0.txz: Upgraded.
Fixes a use-after-free in utf_ptr2char in vim/vim prior to 8.2.4646.
This vulnerability is capable of crashing software, bypassing protection
mechanisms, modifying memory, and possibly execution of arbitrary code.
Thanks to marav for the heads-up.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1154https://huntr.dev/bounties/7f0ec6bc-ea0e-45b0-8128-caac72d23425b55986c52d
(* Security fix *)
patches/packages/vim-gvim-8.2.4649-x86_64-1_slack15.0.txz: Upgraded.
patches/packages/whois-5.5.12-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release. Thanks to Nobby6.
patches/packages/zlib-1.2.12-x86_64-1_slack15.0.txz: Upgraded.
This update fixes memory corruption when deflating (i.e., when compressing)
if the input has many distant matches. Thanks to marav.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
(* Security fix *)
patches/packages/python3-3.9.12-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://pythoninsider.blogspot.com/2022/03/python-3104-and-3912-are-now-available.html
usb-and-pxe-installers/usbimg2disk.sh: Upgraded.
Calculate the space requirement by checking the size of the packages in the
Slackware directory tree.
patches/packages/bind-9.16.27-x86_64-1_slack15.0.txz: Upgraded.
Sorry folks, I had not meant to bump BIND to the newer branch. I've moved
the other packages into /testing. Thanks to Nobby6 for pointing this out.
This update fixes bugs and the following security issues:
A synchronous call to closehandle_cb() caused isc__nm_process_sock_buffer()
to be called recursively, which in turn left TCP connections hanging in the
CLOSE_WAIT state blocking indefinitely when out-of-order processing was
disabled.
The rules for acceptance of records into the cache have been tightened to
prevent the possibility of poisoning if forwarders send records outside
the configured bailiwick.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0396https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25220
(* Security fix *)
testing/packages/bind-9.18.1-x86_64-1_slack15.0.txz: Moved.
patches/packages/bind-9.18.1-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and the following security issues:
An assertion could occur in resume_dslookup() if the fetch had been shut
down earlier.
Lookups involving a DNAME could trigger an INSIST when "synth-from-dnssec"
was enabled.
A synchronous call to closehandle_cb() caused isc__nm_process_sock_buffer()
to be called recursively, which in turn left TCP connections hanging in the
CLOSE_WAIT state blocking indefinitely when out-of-order processing was
disabled.
The rules for acceptance of records into the cache have been tightened to
prevent the possibility of poisoning if forwarders send records outside
the configured bailiwick.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0667https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0635https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0396https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25220
(* Security fix *)
patches/packages/bluez-5.64-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release:
Fix issue with handling A2DP discover procedure.
Fix issue with media endpoint replies and SetConfiguration.
Fix issue with HoG queuing events before report map is read.
Fix issue with HoG and read order of GATT attributes.
Fix issue with HoG and not using UHID_CREATE2 interface.
Fix issue with failed scanning for 5 minutes after reboot.
patches/packages/openssl-1.1.1n-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a high severity security issue:
The BN_mod_sqrt() function, which computes a modular square root, contains
a bug that can cause it to loop forever for non-prime moduli.
For more information, see:
https://www.openssl.org/news/secadv/20220315.txthttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
(* Security fix *)
patches/packages/openssl-solibs-1.1.1n-x86_64-1_slack15.0.txz: Upgraded.
patches/packages/qt5-5.15.3_20220312_33a3f16f-x86_64-1_slack15.0.txz: Upgraded.
Thanks to Heinz Wiesinger for updating the fetch_sources.sh script to make
sure that the QtWebEngine version matches the rest of Qt, which got the
latest git pull compiling again.
If a 32-bit userspace is detected, then:
export QTWEBENGINE_CHROMIUM_FLAGS="--disable-seccomp-filter-sandbox"
This works around crashes occuring with 32-bit QtWebEngine applications.
Thanks to alienBOB.
patches/packages/polkit-0.120-x86_64-3_slack15.0.txz: Rebuilt.
Patched to fix a security issue where an unprivileged user could cause a
denial of service due to process file descriptor exhaustion.
Thanks to marav.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4115
(* Security fix *)
patches/packages/ca-certificates-20220309-noarch-1_slack15.0.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
patches/packages/boost-1.78.0-x86_64-2_slack15.0.txz: Rebuilt.
This update has been patched to fix a regression:
Boost.Build silently skips installation of library headers and binaries in
some cases.
Thanks to Willy Sudiarto Raharjo.
patches/packages/mozilla-firefox-91.7.0esr-x86_64-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/91.7.0/releasenotes/
(* Security fix *)
patches/packages/libxml2-2.9.13-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and the following security issues:
Use-after-free of ID and IDREF attributes
(Thanks to Shinji Sato for the report)
Use-after-free in xmlXIncludeCopyRange (David Kilzer)
Fix Null-deref-in-xmlSchemaGetComponentTargetNs (huangduirong)
Fix memory leak in xmlXPathCompNodeTest
Fix null pointer deref in xmlStringGetNodeList
Fix several memory leaks found by Coverity (David King)
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23308
(* Security fix *)
patches/packages/libxslt-1.1.35-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and the following security issues:
Fix use-after-free in xsltApplyTemplates
Fix memory leak in xsltDocumentElem (David King)
Fix memory leak in xsltCompileIdKeyPattern (David King)
Fix double-free with stylesheets containing entity nodes
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30560
(* Security fix *)
patches/packages/expat-2.4.6-x86_64-1_slack15.0.txz: Upgraded.
Fixed a regression introduced by the fix for CVE-2022-25313 that affects
applications that (1) call function XML_SetElementDeclHandler and (2) are
parsing XML that contains nested element declarations:
(e.g. "<!ELEMENT junk ((bar|foo|xyz+), zebra*)>").
patches/packages/flac-1.3.4-x86_64-1_slack15.0.txz: Upgraded.
This update fixes overflow issues with encoding and decoding.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0499https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0561
(* Security fix *)
patches/packages/mariadb-10.5.15-x86_64-2_slack15.0.txz: Rebuilt.
Removed dangling symlink.
patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txz: Rebuilt.
If root's mailbox did not already exist, it would be created with insecure
permissions leading to possible local information disclosure. This update
ensures that a new mailbox will be created with proper permissions and
ownership, and corrects the permissions on an existing mailbox if they are
found to be incorrect. Thanks to Martin for the bug report.
(* Security fix *)
patches/packages/util-linux-2.37.4-x86_64-1_slack15.0.txz: Upgraded.
This release fixes a security issue in chsh(1) and chfn(8):
By default, these utilities had been linked with libreadline, which allows
the INPUTRC environment variable to be abused to produce an error message
containing data from an arbitrary file. So, don't link these utilities with
libreadline as it does not use secure_getenv() (or a similar concept), or
sanitize the config file path to avoid vulnerabilities that could occur in
set-user-ID or set-group-ID programs.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0563
(* Security fix *)
