slackware-current

1457 commits 8 branches 2369 tags 481 MiB

Author	SHA1	Message	Date
Patrick J Volkerding	2d770ad859	Wed Oct 30 21:03:27 UTC 2024 extra/llvm-19.1.3-x86_64-1_slack15.0.txz: Upgraded. Shared library .so-version bump. If you are upgrading from a previous LLVM, you might also need llvm13-compat and/or llvm17-compat. We'll be using this for newer Mozilla things. extra/llvm17-compat-17.0.6-x86_64-1_slack15.0.txz: Added. This is to support any locally compiled software that was linked against libLLVM-17.so from the llvm-17.0.6 that was previously in /extra. extra/rust-bindgen-0.69.4-x86_64-1_slack15.0.txz: Added. extra/rust-for-mozilla/rust-1.82.0-x86_64-1_slack15.0.txz: Upgraded. extra/tigervnc/tigervnc-1.12.0-x86_64-7_slack15.0.txz: Rebuilt. Recompiled against xorg-server-1.20.14, including a patch for a security issue: By providing a modified bitmap, a heap-based buffer overflow may occur. This may lead to local privilege escalation if the server is run as root or remote code execution (e.g. x11 over ssh). This vulnerability was discovered by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative For more information, see: https://lists.x.org/archives/xorg-announce/2024-October/003545.html https://www.cve.org/CVERecord?id=CVE-2024-9632 (* Security fix ) patches/packages/mozilla-firefox-128.4.0esr-x86_64-1_slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/firefox/128.4.0/releasenotes/ https://www.mozilla.org/security/advisories/mfsa2024-56/ https://www.cve.org/CVERecord?id=CVE-2024-10458 https://www.cve.org/CVERecord?id=CVE-2024-10459 https://www.cve.org/CVERecord?id=CVE-2024-10460 https://www.cve.org/CVERecord?id=CVE-2024-10461 https://www.cve.org/CVERecord?id=CVE-2024-10462 https://www.cve.org/CVERecord?id=CVE-2024-10463 https://www.cve.org/CVERecord?id=CVE-2024-10464 https://www.cve.org/CVERecord?id=CVE-2024-10465 https://www.cve.org/CVERecord?id=CVE-2024-10466 https://www.cve.org/CVERecord?id=CVE-2024-10467 ( Security fix ) patches/packages/mozilla-thunderbird-128.4.0esr-x86_64-1_slack15.0.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/128.4.0esr/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2024-58/ https://www.cve.org/CVERecord?id=CVE-2024-10458 https://www.cve.org/CVERecord?id=CVE-2024-10459 https://www.cve.org/CVERecord?id=CVE-2024-10460 https://www.cve.org/CVERecord?id=CVE-2024-10461 https://www.cve.org/CVERecord?id=CVE-2024-10462 https://www.cve.org/CVERecord?id=CVE-2024-10463 https://www.cve.org/CVERecord?id=CVE-2024-10464 https://www.cve.org/CVERecord?id=CVE-2024-10465 https://www.cve.org/CVERecord?id=CVE-2024-10466 https://www.cve.org/CVERecord?id=CVE-2024-10467 ( Security fix ) patches/packages/xorg-server-1.20.14-x86_64-14_slack15.0.txz: Rebuilt. This update fixes a security issue: By providing a modified bitmap, a heap-based buffer overflow may occur. This may lead to local privilege escalation if the server is run as root or remote code execution (e.g. x11 over ssh). This vulnerability was discovered by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative For more information, see: https://lists.x.org/archives/xorg-announce/2024-October/003545.html https://www.cve.org/CVERecord?id=CVE-2024-9632 ( Security fix ) patches/packages/xorg-server-xephyr-1.20.14-x86_64-14_slack15.0.txz: Rebuilt. patches/packages/xorg-server-xnest-1.20.14-x86_64-14_slack15.0.txz: Rebuilt. patches/packages/xorg-server-xvfb-1.20.14-x86_64-14_slack15.0.txz: Rebuilt. patches/packages/xorg-server-xwayland-21.1.4-x86_64-12_slack15.0.txz: Rebuilt. This update fixes a security issue: By providing a modified bitmap, a heap-based buffer overflow may occur. This may lead to local privilege escalation if the server is run as root or remote code execution (e.g. x11 over ssh). This vulnerability was discovered by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative For more information, see: https://lists.x.org/archives/xorg-announce/2024-October/003545.html https://www.cve.org/CVERecord?id=CVE-2024-9632 ( Security fix *)	2024-10-31 13:30:38 +01:00

Author

SHA1

Message

Date

Patrick J Volkerding

2d770ad859

Wed Oct 30 21:03:27 UTC 2024

extra/llvm-19.1.3-x86_64-1_slack15.0.txz:  Upgraded.
  Shared library .so-version bump.
  If you are upgrading from a previous LLVM, you might also need llvm13-compat
  and/or llvm17-compat. We'll be using this for newer Mozilla things.
extra/llvm17-compat-17.0.6-x86_64-1_slack15.0.txz:  Added.
  This is to support any locally compiled software that was linked against
  libLLVM-17.so from the llvm-17.0.6 that was previously in /extra.
extra/rust-bindgen-0.69.4-x86_64-1_slack15.0.txz:  Added.
extra/rust-for-mozilla/rust-1.82.0-x86_64-1_slack15.0.txz:  Upgraded.
extra/tigervnc/tigervnc-1.12.0-x86_64-7_slack15.0.txz:  Rebuilt.
  Recompiled against xorg-server-1.20.14, including a patch for a
  security issue:
  By providing a modified bitmap, a heap-based buffer overflow may occur.
  This may lead to local privilege escalation if the server is run as root
  or remote code execution (e.g. x11 over ssh).
  This vulnerability was discovered by:
  Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2024-October/003545.html
    https://www.cve.org/CVERecord?id=CVE-2024-9632
  (* Security fix *)
patches/packages/mozilla-firefox-128.4.0esr-x86_64-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/128.4.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2024-56/
    https://www.cve.org/CVERecord?id=CVE-2024-10458
    https://www.cve.org/CVERecord?id=CVE-2024-10459
    https://www.cve.org/CVERecord?id=CVE-2024-10460
    https://www.cve.org/CVERecord?id=CVE-2024-10461
    https://www.cve.org/CVERecord?id=CVE-2024-10462
    https://www.cve.org/CVERecord?id=CVE-2024-10463
    https://www.cve.org/CVERecord?id=CVE-2024-10464
    https://www.cve.org/CVERecord?id=CVE-2024-10465
    https://www.cve.org/CVERecord?id=CVE-2024-10466
    https://www.cve.org/CVERecord?id=CVE-2024-10467
  (* Security fix *)
patches/packages/mozilla-thunderbird-128.4.0esr-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.4.0esr/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2024-58/
    https://www.cve.org/CVERecord?id=CVE-2024-10458
    https://www.cve.org/CVERecord?id=CVE-2024-10459
    https://www.cve.org/CVERecord?id=CVE-2024-10460
    https://www.cve.org/CVERecord?id=CVE-2024-10461
    https://www.cve.org/CVERecord?id=CVE-2024-10462
    https://www.cve.org/CVERecord?id=CVE-2024-10463
    https://www.cve.org/CVERecord?id=CVE-2024-10464
    https://www.cve.org/CVERecord?id=CVE-2024-10465
    https://www.cve.org/CVERecord?id=CVE-2024-10466
    https://www.cve.org/CVERecord?id=CVE-2024-10467
  (* Security fix *)
patches/packages/xorg-server-1.20.14-x86_64-14_slack15.0.txz:  Rebuilt.
  This update fixes a security issue:
  By providing a modified bitmap, a heap-based buffer overflow may occur.
  This may lead to local privilege escalation if the server is run as root
  or remote code execution (e.g. x11 over ssh).
  This vulnerability was discovered by:
  Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2024-October/003545.html
    https://www.cve.org/CVERecord?id=CVE-2024-9632
  (* Security fix *)
patches/packages/xorg-server-xephyr-1.20.14-x86_64-14_slack15.0.txz:  Rebuilt.
patches/packages/xorg-server-xnest-1.20.14-x86_64-14_slack15.0.txz:  Rebuilt.
patches/packages/xorg-server-xvfb-1.20.14-x86_64-14_slack15.0.txz:  Rebuilt.
patches/packages/xorg-server-xwayland-21.1.4-x86_64-12_slack15.0.txz:  Rebuilt.
  This update fixes a security issue:
  By providing a modified bitmap, a heap-based buffer overflow may occur.
  This may lead to local privilege escalation if the server is run as root
  or remote code execution (e.g. x11 over ssh).
  This vulnerability was discovered by:
  Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2024-October/003545.html
    https://www.cve.org/CVERecord?id=CVE-2024-9632
  (* Security fix *)

2024-10-31 13:30:38 +01:00

Renamed from patches/packages/xorg-server-xwayland-21.1.4-x86_64-11_slack15.0.txt (Browse further)

1 commit