slackware-current

1359 commits 8 branches 2397 tags 509 MiB

Author	SHA1	Message	Date
Patrick J Volkerding	7fee55d3d8	Wed Mar 20 21:10:30 UTC 2024 patches/packages/bind-9.16.49-x86_64-1_slack15.0.txz: Upgraded. This is a bugfix release. patches/packages/python3-3.9.19-x86_64-1_slack15.0.txz: Upgraded. This update fixes security issues: bundled libexpat was updated to 2.6.0. zipfile is now protected from the "quoted-overlap" zipbomb. tempfile.TemporaryDirectory cleanup no longer dereferences symlinks when working around file system permission errors. For more information, see: https://pythoninsider.blogspot.com/2024/03/python-31014-3919-and-3819-is-now.html https://www.cve.org/CVERecord?id=CVE-2023-52425 https://www.cve.org/CVERecord?id=CVE-2024-0450 https://www.cve.org/CVERecord?id=CVE-2023-6597 (* Security fix *) testing/packages/bind-9.18.25-x86_64-1_slack15.0.txz: Upgraded. This is a bugfix release.	2024-03-21 13:30:40 +01:00
Patrick J Volkerding	cd44edc237	Tue Feb 13 19:19:24 UTC 2024 patches/packages/bind-9.16.48-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and security issues: Specific DNS answers could cause a denial-of-service condition due to DNS validation taking a long time. Query patterns that continuously triggered cache database maintenance could exhaust all available memory on the host running named. Restore DNS64 state when handling a serve-stale timeout. Specific queries could trigger an assertion check with nxdomain-redirect enabled. Speed up parsing of DNS messages with many different names. For more information, see: https://kb.isc.org/docs/cve-2023-50387 https://www.cve.org/CVERecord?id=CVE-2023-50387 https://kb.isc.org/docs/cve-2023-6516 https://www.cve.org/CVERecord?id=CVE-2023-6516 https://kb.isc.org/docs/cve-2023-5679 https://www.cve.org/CVERecord?id=CVE-2023-5679 https://kb.isc.org/docs/cve-2023-5517 https://www.cve.org/CVERecord?id=CVE-2023-5517 https://kb.isc.org/docs/cve-2023-4408 https://www.cve.org/CVERecord?id=CVE-2023-4408 (* Security fix ) testing/packages/bind-9.18.24-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and security issues: Specific DNS answers could cause a denial-of-service condition due to DNS validation taking a long time. Restore DNS64 state when handling a serve-stale timeout. Specific queries could trigger an assertion check with nxdomain-redirect enabled. Speed up parsing of DNS messages with many different names. For more information, see: https://kb.isc.org/docs/cve-2023-50387 https://www.cve.org/CVERecord?id=CVE-2023-50387 https://kb.isc.org/docs/cve-2023-5679 https://www.cve.org/CVERecord?id=CVE-2023-5679 https://kb.isc.org/docs/cve-2023-5517 https://www.cve.org/CVERecord?id=CVE-2023-5517 https://kb.isc.org/docs/cve-2023-4408 https://www.cve.org/CVERecord?id=CVE-2023-4408 ( Security fix *)	2024-02-14 13:30:43 +01:00

Author

SHA1

Message

Date

Patrick J Volkerding

7fee55d3d8

Wed Mar 20 21:10:30 UTC 2024

patches/packages/bind-9.16.49-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
patches/packages/python3-3.9.19-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes security issues:
  bundled libexpat was updated to 2.6.0.
  zipfile is now protected from the "quoted-overlap" zipbomb.
  tempfile.TemporaryDirectory cleanup no longer dereferences symlinks when
  working around file system permission errors.
  For more information, see:
    https://pythoninsider.blogspot.com/2024/03/python-31014-3919-and-3819-is-now.html
    https://www.cve.org/CVERecord?id=CVE-2023-52425
    https://www.cve.org/CVERecord?id=CVE-2024-0450
    https://www.cve.org/CVERecord?id=CVE-2023-6597
  (* Security fix *)
testing/packages/bind-9.18.25-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.

2024-03-21 13:30:40 +01:00

Patrick J Volkerding

cd44edc237

Tue Feb 13 19:19:24 UTC 2024

patches/packages/bind-9.16.48-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and security issues:
  Specific DNS answers could cause a denial-of-service condition due to DNS
  validation taking a long time.
  Query patterns that continuously triggered cache database maintenance could
  exhaust all available memory on the host running named.
  Restore DNS64 state when handling a serve-stale timeout.
  Specific queries could trigger an assertion check with nxdomain-redirect
  enabled.
  Speed up parsing of DNS messages with many different names.
  For more information, see:
    https://kb.isc.org/docs/cve-2023-50387
    https://www.cve.org/CVERecord?id=CVE-2023-50387
    https://kb.isc.org/docs/cve-2023-6516
    https://www.cve.org/CVERecord?id=CVE-2023-6516
    https://kb.isc.org/docs/cve-2023-5679
    https://www.cve.org/CVERecord?id=CVE-2023-5679
    https://kb.isc.org/docs/cve-2023-5517
    https://www.cve.org/CVERecord?id=CVE-2023-5517
    https://kb.isc.org/docs/cve-2023-4408
    https://www.cve.org/CVERecord?id=CVE-2023-4408
  (* Security fix *)
testing/packages/bind-9.18.24-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and security issues:
  Specific DNS answers could cause a denial-of-service condition due to DNS
  validation taking a long time.
  Restore DNS64 state when handling a serve-stale timeout.
  Specific queries could trigger an assertion check with nxdomain-redirect
  enabled.
  Speed up parsing of DNS messages with many different names.
  For more information, see:
    https://kb.isc.org/docs/cve-2023-50387
    https://www.cve.org/CVERecord?id=CVE-2023-50387
    https://kb.isc.org/docs/cve-2023-5679
    https://www.cve.org/CVERecord?id=CVE-2023-5679
    https://kb.isc.org/docs/cve-2023-5517
    https://www.cve.org/CVERecord?id=CVE-2023-5517
    https://kb.isc.org/docs/cve-2023-4408
    https://www.cve.org/CVERecord?id=CVE-2023-4408
  (* Security fix *)

2024-02-14 13:30:43 +01:00

Renamed from patches/packages/bind-9.16.45-x86_64-1_slack15.0.txt (Browse further)

2 commits