slackware-current

Miroirs/slackware-current

Fork 0

mirror of git://slackware.nl/current.git synced 2024-12-29 10:25:00 +01:00

Commit graph

Author	SHA1	Message	Date
Patrick J Volkerding	694953a024	Fri Mar 24 19:42:46 UTC 2023 patches/packages/glibc-zoneinfo-2023b-noarch-1_slack15.0.txz: Upgraded. This package provides the latest timezone updates. patches/packages/tar-1.34-x86_64-2_slack15.0.txz: Rebuilt. GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters. Thanks to marav for the heads-up. For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-48303 (* Security fix *)	2023-03-25 13:30:35 +01:00

Author

SHA1

Message

Date

Patrick J Volkerding

694953a024

Fri Mar 24 19:42:46 UTC 2023

patches/packages/glibc-zoneinfo-2023b-noarch-1_slack15.0.txz:  Upgraded.
  This package provides the latest timezone updates.
patches/packages/tar-1.34-x86_64-2_slack15.0.txz:  Rebuilt.
  GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use
  of uninitialized memory for a conditional jump. Exploitation to change the
  flow of control has not been demonstrated. The issue occurs in from_header
  in list.c via a V7 archive in which mtime has approximately 11 whitespace
  characters.
  Thanks to marav for the heads-up.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-48303
  (* Security fix *)

2023-03-25 13:30:35 +01:00

1 commit