slackware-current

Miroirs/slackware-current

Fork 0

mirror of git://slackware.nl/current.git synced 2025-01-30 08:38:10 +01:00

Commit graph

Author	SHA1	Message	Date
Patrick J Volkerding	dc74348a7f	Wed Feb 7 20:07:29 UTC 2024 a/hwdata-0.379-noarch-1.txz: Upgraded. ap/inxi-3.3.33_1-noarch-1.txz: Upgraded. ap/rpm-4.19.1.1-x86_64-1.txz: Upgraded. kde/kstars-3.6.9-x86_64-1.txz: Upgraded. l/enchant-2.6.5-x86_64-1.txz: Upgraded. Reverted to non-broken version. l/expat-2.6.0-x86_64-1.txz: Upgraded. This update fixes security issues: Fix quadratic runtime issues with big tokens that can cause denial of service. Fix billion laughs attacks for users compiling without XML_DTD defined (which is not common). For more information, see: https://www.cve.org/CVERecord?id=CVE-2023-52425 https://www.cve.org/CVERecord?id=CVE-2023-52426 (* Security fix *) l/orc-0.4.37-x86_64-1.txz: Upgraded. l/pipewire-1.0.3-x86_64-2.txz: Rebuilt. Use wireplumber-0.4.17, as the newer version's support for elogind seems to be broken, and this prevents bluetooth from connecting properly. Thanks to mistfire and rizitis. x/libwacom-2.10.0-x86_64-1.txz: Upgraded. xap/hexchat-2.16.2-x86_64-1.txz: Upgraded. extra/xv/xv-5.0.0-x86_64-1.txz: Upgraded.	2024-02-07 21:35:44 +01:00
Patrick J Volkerding	387b2bc525	Tue Oct 25 18:38:58 UTC 2022 ap/alsa-utils-1.2.8-x86_64-1.txz: Upgraded. l/alsa-lib-1.2.8-x86_64-1.txz: Upgraded. l/expat-2.5.0-x86_64-1.txz: Upgraded. This update fixes a security issue: Fix heap use-after-free after overeager destruction of a shared DTD in function XML_ExternalEntityParserCreate in out-of-memory situations. Expected impact is denial of service or potentially arbitrary code execution. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43680 (* Security fix ) n/samba-4.17.2-x86_64-1.txz: Upgraded. This update fixes the following security issues: There is a limited write heap buffer overflow in the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal (included in Samba). A malicious client can use a symlink to escape the exported directory. For more information, see: https://www.samba.org/samba/security/CVE-2022-3437.html https://www.samba.org/samba/security/CVE-2022-3592.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3592 ( Security fix *)	2022-10-26 07:00:17 +02:00
Patrick J Volkerding	bae5a7d858	Tue Sep 20 22:50:28 UTC 2022 a/kernel-generic-5.19.10-x86_64-1.txz: Upgraded. a/kernel-huge-5.19.10-x86_64-1.txz: Upgraded. a/kernel-modules-5.19.10-x86_64-1.txz: Upgraded. d/kernel-headers-5.19.10-x86-1.txz: Upgraded. k/kernel-source-5.19.10-noarch-1.txz: Upgraded. l/expat-2.4.9-x86_64-1.txz: Upgraded. This update fixes a security issue: Heap use-after-free vulnerability in function doContent. Expected impact is denial of service or potentially arbitrary code execution. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40674 (* Security fix ) l/libffi-3.4.3-x86_64-1.txz: Upgraded. xap/mozilla-firefox-105.0-x86_64-1.txz: Upgraded. This update contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/firefox/105.0/releasenotes/ https://www.mozilla.org/security/advisories/mfsa2022-40/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40959 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40960 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40958 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40961 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40956 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40957 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40962 ( Security fix ) xap/mozilla-thunderbird-102.3.0-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/thunderbird/102.3.0/releasenotes/ isolinux/initrd.img: Rebuilt. kernels/: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.	2022-09-21 07:00:16 +02:00

Author

SHA1

Message

Date

Patrick J Volkerding

dc74348a7f

Wed Feb 7 20:07:29 UTC 2024

a/hwdata-0.379-noarch-1.txz:  Upgraded.
ap/inxi-3.3.33_1-noarch-1.txz:  Upgraded.
ap/rpm-4.19.1.1-x86_64-1.txz:  Upgraded.
kde/kstars-3.6.9-x86_64-1.txz:  Upgraded.
l/enchant-2.6.5-x86_64-1.txz:  Upgraded.
  Reverted to non-broken version.
l/expat-2.6.0-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  Fix quadratic runtime issues with big tokens that can cause
  denial of service.
  Fix billion laughs attacks for users compiling *without* XML_DTD
  defined (which is not common).
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-52425
    https://www.cve.org/CVERecord?id=CVE-2023-52426
  (* Security fix *)
l/orc-0.4.37-x86_64-1.txz:  Upgraded.
l/pipewire-1.0.3-x86_64-2.txz:  Rebuilt.
  Use wireplumber-0.4.17, as the newer version's support for elogind seems to
  be broken, and this prevents bluetooth from connecting properly.
  Thanks to mistfire and rizitis.
x/libwacom-2.10.0-x86_64-1.txz:  Upgraded.
xap/hexchat-2.16.2-x86_64-1.txz:  Upgraded.
extra/xv/xv-5.0.0-x86_64-1.txz:  Upgraded.

2024-02-07 21:35:44 +01:00

Patrick J Volkerding

387b2bc525

Tue Oct 25 18:38:58 UTC 2022

ap/alsa-utils-1.2.8-x86_64-1.txz:  Upgraded.
l/alsa-lib-1.2.8-x86_64-1.txz:  Upgraded.
l/expat-2.5.0-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  Fix heap use-after-free after overeager destruction of a shared DTD in
  function XML_ExternalEntityParserCreate in out-of-memory situations.
  Expected impact is denial of service or potentially arbitrary code
  execution.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43680
  (* Security fix *)
n/samba-4.17.2-x86_64-1.txz:  Upgraded.
  This update fixes the following security issues:
  There is a limited write heap buffer overflow in the GSSAPI unwrap_des()
  and unwrap_des3() routines of Heimdal (included in Samba).
  A malicious client can use a symlink to escape the exported directory.
  For more information, see:
    https://www.samba.org/samba/security/CVE-2022-3437.html
    https://www.samba.org/samba/security/CVE-2022-3592.html
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3592
  (* Security fix *)

2022-10-26 07:00:17 +02:00

Patrick J Volkerding

bae5a7d858

Tue Sep 20 22:50:28 UTC 2022

a/kernel-generic-5.19.10-x86_64-1.txz:  Upgraded.
a/kernel-huge-5.19.10-x86_64-1.txz:  Upgraded.
a/kernel-modules-5.19.10-x86_64-1.txz:  Upgraded.
d/kernel-headers-5.19.10-x86-1.txz:  Upgraded.
k/kernel-source-5.19.10-noarch-1.txz:  Upgraded.
l/expat-2.4.9-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  Heap use-after-free vulnerability in function doContent. Expected impact is
  denial of service or potentially arbitrary code execution.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40674
  (* Security fix *)
l/libffi-3.4.3-x86_64-1.txz:  Upgraded.
xap/mozilla-firefox-105.0-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/105.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2022-40/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40959
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40960
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40958
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40961
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40956
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40957
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40962
  (* Security fix *)
xap/mozilla-thunderbird-102.3.0-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/102.3.0/releasenotes/
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.

2022-09-21 07:00:16 +02:00

3 commits