slackware-current

mirror of git://slackware.nl/current.git synced 2025-01-03 23:03:22 +01:00

Author	SHA1	Message	Date
Patrick J Volkerding	d32f6bcf5a	Mon Aug 7 19:22:02 UTC 2023 extra/php80/php80-8.0.30-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and security issues: Security issue with external entity loading in XML without enabling it. Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3823 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3247 (* Security fix *) patches/packages/vim-9.0.1678-x86_64-1_slack15.0.txz: Upgraded. Applied the last patches from Bram Moolenaar. RIP Bram, and thanks for your great work on VIM and your kindness to the orphan children in Uganda. If you'd like to honor Bram with a donation to his charity, please visit: https://iccf-holland.org/ patches/packages/vim-gvim-9.0.1678-x86_64-1_slack15.0.txz: Upgraded.	2023-08-08 13:30:34 +02:00
Patrick J Volkerding	0ab769ac69	Mon Sep 26 19:43:54 UTC 2022 patches/packages/dnsmasq-2.87-x86_64-1_slack15.0.txz: Upgraded. Fix write-after-free error in DHCPv6 server code. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0934 (* Security fix ) patches/packages/vim-9.0.0594-x86_64-1_slack15.0.txz: Upgraded. Fixed stack-based buffer overflow. Thanks to marav for the heads-up. In addition, Mig21 pointed out an issue where the defaults.vim file might need to be edited for some purposes as its contents will override the settings in the system-wide vimrc. Usually this file is replaced whenever vim is upgraded, which in those situations would be inconvenient for the admin. So, I've added support for a file named defaults.vim.custom which (if it exists) will be used instead of the defaults.vim file shipped in the package and will persist through upgrades. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3296 ( Security fix *) patches/packages/vim-gvim-9.0.0594-x86_64-1_slack15.0.txz: Upgraded.	2022-09-27 13:30:30 +02:00
Patrick J Volkerding	71a81b7408	Fri Aug 26 04:02:20 UTC 2022 patches/packages/linux-5.15.63/: Upgraded. These updates fix various bugs and security issues. Be sure to upgrade your initrd after upgrading the kernel packages. If you use lilo to boot your machine, be sure lilo.conf points to the correct kernel and initrd and run lilo as root to update the bootloader. If you use elilo to boot your machine, you should run eliloconfig to copy the kernel and initrd to the EFI System Partition. For more information, see: Fixed in 5.15.39: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1974 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1975 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1734 Fixed in 5.15.40: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1943 Fixed in 5.15.41: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28893 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1012 Fixed in 5.15.42: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1652 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1729 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21499 Fixed in 5.15.44: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1789 Fixed in 5.15.45: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2873 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1966 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32250 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2078 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1852 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1972 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2503 Fixed in 5.15.46: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1184 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1973 Fixed in 5.15.47: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34494 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34495 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32981 Fixed in 5.15.48: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21166 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21123 Fixed in 5.15.53: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2318 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33743 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33742 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33741 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33740 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26365 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33744 Fixed in 5.15.54: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33655 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34918 Fixed in 5.15.56: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36123 Fixed in 5.15.57: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29900 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29901 Fixed in 5.15.58: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21505 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1462 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36879 Fixed in 5.15.59: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36946 Fixed in 5.15.60: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26373 Fixed in 5.15.61: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2586 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2585 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1679 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2588 ( Security fix ) patches/packages/vim-9.0.0270-x86_64-1_slack15.0.txz: Upgraded. We're just going to move to vim-9 instead of continuing to backport patches to the vim-8 branch. Most users will be better served by this. Fixed use after free and null pointer dereference. Thanks to marav for the heads-up. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2946 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2923 ( Security fix *) patches/packages/vim-gvim-9.0.0270-x86_64-1_slack15.0.txz: Upgraded.	2022-08-27 13:30:28 +02:00
Patrick J Volkerding	44e993e802	Sat Aug 20 20:04:15 UTC 2022 patches/packages/vim-8.2.4649-x86_64-3_slack15.0.txz: Rebuilt. Fix use after free. Thanks to marav for the heads-up. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2889 (* Security fix *) patches/packages/vim-gvim-8.2.4649-x86_64-3_slack15.0.txz: Rebuilt.	2022-08-21 13:30:26 +02:00
Patrick J Volkerding	821b8a94bf	Wed Aug 17 20:41:53 UTC 2022 patches/packages/vim-8.2.4649-x86_64-2_slack15.0.txz: Rebuilt. Fix use after free, out-of-bounds read, and heap based buffer overflow. Thanks to marav for the heads-up. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2816 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2817 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2819 (* Security fix *) patches/packages/vim-gvim-8.2.4649-x86_64-2_slack15.0.txz: Rebuilt.	2022-08-18 13:30:02 +02:00
Patrick J Volkerding	287bf2688a	Wed Mar 30 22:37:05 UTC 2022 patches/packages/vim-8.2.4649-x86_64-1_slack15.0.txz: Upgraded. Fixes a use-after-free in utf_ptr2char in vim/vim prior to 8.2.4646. This vulnerability is capable of crashing software, bypassing protection mechanisms, modifying memory, and possibly execution of arbitrary code. Thanks to marav for the heads-up. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1154 https://huntr.dev/bounties/7f0ec6bc-ea0e-45b0-8128-caac72d23425 `b55986c52d` (* Security fix *) patches/packages/vim-gvim-8.2.4649-x86_64-1_slack15.0.txz: Upgraded.	2022-03-31 13:29:48 +02:00

6 commits