slackware-current

Miroirs/slackware-current

Fork 0

mirror of git://slackware.nl/current.git synced 2024-12-28 09:59:53 +01:00

Commit graph

Author	SHA1	Message	Date
Patrick J Volkerding	387b2bc525	Tue Oct 25 18:38:58 UTC 2022 ap/alsa-utils-1.2.8-x86_64-1.txz: Upgraded. l/alsa-lib-1.2.8-x86_64-1.txz: Upgraded. l/expat-2.5.0-x86_64-1.txz: Upgraded. This update fixes a security issue: Fix heap use-after-free after overeager destruction of a shared DTD in function XML_ExternalEntityParserCreate in out-of-memory situations. Expected impact is denial of service or potentially arbitrary code execution. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43680 (* Security fix ) n/samba-4.17.2-x86_64-1.txz: Upgraded. This update fixes the following security issues: There is a limited write heap buffer overflow in the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal (included in Samba). A malicious client can use a symlink to escape the exported directory. For more information, see: https://www.samba.org/samba/security/CVE-2022-3437.html https://www.samba.org/samba/security/CVE-2022-3592.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3592 ( Security fix *)	2022-10-26 07:00:17 +02:00
Patrick J Volkerding	bae5a7d858	Tue Sep 20 22:50:28 UTC 2022 a/kernel-generic-5.19.10-x86_64-1.txz: Upgraded. a/kernel-huge-5.19.10-x86_64-1.txz: Upgraded. a/kernel-modules-5.19.10-x86_64-1.txz: Upgraded. d/kernel-headers-5.19.10-x86-1.txz: Upgraded. k/kernel-source-5.19.10-noarch-1.txz: Upgraded. l/expat-2.4.9-x86_64-1.txz: Upgraded. This update fixes a security issue: Heap use-after-free vulnerability in function doContent. Expected impact is denial of service or potentially arbitrary code execution. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40674 (* Security fix ) l/libffi-3.4.3-x86_64-1.txz: Upgraded. xap/mozilla-firefox-105.0-x86_64-1.txz: Upgraded. This update contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/firefox/105.0/releasenotes/ https://www.mozilla.org/security/advisories/mfsa2022-40/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40959 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40960 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40958 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40961 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40956 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40957 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40962 ( Security fix ) xap/mozilla-thunderbird-102.3.0-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/thunderbird/102.3.0/releasenotes/ isolinux/initrd.img: Rebuilt. kernels/: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.	2022-09-21 07:00:16 +02:00

Author

SHA1

Message

Date

Patrick J Volkerding

387b2bc525

Tue Oct 25 18:38:58 UTC 2022

ap/alsa-utils-1.2.8-x86_64-1.txz:  Upgraded.
l/alsa-lib-1.2.8-x86_64-1.txz:  Upgraded.
l/expat-2.5.0-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  Fix heap use-after-free after overeager destruction of a shared DTD in
  function XML_ExternalEntityParserCreate in out-of-memory situations.
  Expected impact is denial of service or potentially arbitrary code
  execution.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43680
  (* Security fix *)
n/samba-4.17.2-x86_64-1.txz:  Upgraded.
  This update fixes the following security issues:
  There is a limited write heap buffer overflow in the GSSAPI unwrap_des()
  and unwrap_des3() routines of Heimdal (included in Samba).
  A malicious client can use a symlink to escape the exported directory.
  For more information, see:
    https://www.samba.org/samba/security/CVE-2022-3437.html
    https://www.samba.org/samba/security/CVE-2022-3592.html
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3592
  (* Security fix *)

2022-10-26 07:00:17 +02:00

Patrick J Volkerding

bae5a7d858

Tue Sep 20 22:50:28 UTC 2022

a/kernel-generic-5.19.10-x86_64-1.txz:  Upgraded.
a/kernel-huge-5.19.10-x86_64-1.txz:  Upgraded.
a/kernel-modules-5.19.10-x86_64-1.txz:  Upgraded.
d/kernel-headers-5.19.10-x86-1.txz:  Upgraded.
k/kernel-source-5.19.10-noarch-1.txz:  Upgraded.
l/expat-2.4.9-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  Heap use-after-free vulnerability in function doContent. Expected impact is
  denial of service or potentially arbitrary code execution.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40674
  (* Security fix *)
l/libffi-3.4.3-x86_64-1.txz:  Upgraded.
xap/mozilla-firefox-105.0-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/105.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2022-40/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40959
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40960
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40958
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40961
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40956
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40957
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40962
  (* Security fix *)
xap/mozilla-thunderbird-102.3.0-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/102.3.0/releasenotes/
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.

2022-09-21 07:00:16 +02:00

2 commits