Commit graph

1328 commits

Author SHA1 Message Date
Patrick J Volkerding
b9f4e8dc0e Sat Jun 4 18:43:17 UTC 2022
patches/packages/pidgin-2.14.10-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and several security issues.
  For more information, see:
    https://www.pidgin.im/posts/2022-06-2.14.10-released/
  (* Security fix *)
2022-06-05 13:30:26 +02:00
Patrick J Volkerding
a9dc1aa8fa Thu Jun 2 19:42:06 UTC 2022
patches/packages/mozilla-thunderbird-91.10.0-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/91.10.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2022-22/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31739
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747
  (* Security fix *)
2022-06-03 13:30:29 +02:00
Patrick J Volkerding
f6bd13c472 Wed Jun 1 00:49:45 UTC 2022
patches/packages/mozilla-firefox-91.10.0esr-x86_64-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/91.10.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2022-21/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31739
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747
  (* Security fix *)
2022-06-01 13:30:20 +02:00
Patrick J Volkerding
81f2355530 Thu May 26 18:27:32 UTC 2022
patches/packages/cups-2.4.2-x86_64-1_slack15.0.txz:  Upgraded.
  Fixed certificate strings comparison for Local authorization.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26691
  (* Security fix *)
2022-05-27 13:30:00 +02:00
Patrick J Volkerding
590bfd3df8 Sat May 21 19:30:02 UTC 2022
patches/packages/mariadb-10.5.16-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and several security issues.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27376
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27377
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27378
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27379
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27380
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27381
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27382
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27383
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27384
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27386
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27387
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27444
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27445
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27446
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27447
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27448
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27449
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27451
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27452
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27455
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27456
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27457
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27458
  (* Security fix *)
2022-05-22 13:30:03 +02:00
Patrick J Volkerding
e9f027ce23 Sat May 21 01:35:40 UTC 2022
patches/packages/mozilla-firefox-91.9.1esr-x86_64-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/91.9.1/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2022-19/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529
  (* Security fix *)
patches/packages/mozilla-thunderbird-91.9.1-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/91.9.1/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2022-19/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529
  (* Security fix *)
2022-05-21 13:30:05 +02:00
Patrick J Volkerding
341dffdb1a Thu May 19 23:07:59 UTC 2022
patches/packages/bind-9.16.29-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
testing/packages/bind-9.18.3-x86_64-1_slack15.0.txz:  Upgraded.
  Fixed a crash in DNS-over-HTTPS (DoH) code caused by premature TLS stream
  socket object deletion.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1183
  (* Security fix *)
2022-05-20 13:30:01 +02:00
Patrick J Volkerding
96bf53e55d Wed May 11 19:01:59 UTC 2022
patches/packages/curl-7.83.1-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes security issues:
  HSTS bypass via trailing dot.
  TLS and SSH connection too eager reuse.
  CERTINFO never-ending busy-loop.
  percent-encoded path separator in URL host.
  cookie for trailing dot TLD.
  curl removes wrong file on error.
  For more information, see:
    https://curl.se/docs/CVE-2022-30115.html
    https://curl.se/docs/CVE-2022-27782.html
    https://curl.se/docs/CVE-2022-27781.html
    https://curl.se/docs/CVE-2022-27780.html
    https://curl.se/docs/CVE-2022-27779.html
    https://curl.se/docs/CVE-2022-27778.html
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30115
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27780
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27779
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27778
  (* Security fix *)
2022-05-12 13:29:51 +02:00
Patrick J Volkerding
3c08cf6792 Mon May 9 21:33:25 UTC 2022
patches/packages/linux-5.15.38/*:  Upgraded.
  These updates fix various bugs and security issues.
  Be sure to upgrade your initrd after upgrading the kernel packages.
  If you use lilo to boot your machine, be sure lilo.conf points to the correct
  kernel and initrd and run lilo as root to update the bootloader.
  If you use elilo to boot your machine, you should run eliloconfig to copy the
  kernel and initrd to the EFI System Partition.
  For more information, see:
    Fixed in 5.15.27:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0742
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24958
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0494
    Fixed in 5.15.28:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23038
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23039
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23960
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23036
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23037
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0001
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0002
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23041
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23040
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23042
    Fixed in 5.15.29:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1199
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27666
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1011
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0995
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0854
    Fixed in 5.15.32:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1015
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26490
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1048
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1016
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28356
    Fixed in 5.15.33:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28390
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0168
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1158
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1353
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1198
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28389
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28388
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1516
    Fixed in 5.15.34:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1263
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29582
    Fixed in 5.15.35:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1204
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1205
    Fixed in 5.15.37:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0500
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23222
  (* Security fix *)
2022-05-10 13:30:03 +02:00
Patrick J Volkerding
2971d84285 Wed May 4 21:24:57 UTC 2022
patches/packages/mozilla-thunderbird-91.9.0-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/91.9.0/releasenotes/
  (* Security fix *)
patches/packages/openssl-1.1.1o-x86_64-1_slack15.0.txz:  Upgraded.
  Fixed a bug in the c_rehash script which was not properly sanitising shell
  metacharacters to prevent command injection.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292
  (* Security fix *)
patches/packages/openssl-solibs-1.1.1o-x86_64-1_slack15.0.txz:  Upgraded.
patches/packages/seamonkey-2.53.12-x86_64-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.seamonkey-project.org/releases/seamonkey2.53.12
  (* Security fix *)
2022-05-05 13:30:04 +02:00
Patrick J Volkerding
d88c750381 Mon May 2 20:02:49 UTC 2022
patches/packages/libxml2-2.9.14-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and the following security issues:
  Fix integer overflow in xmlBuf and xmlBuffer.
  Fix potential double-free in xmlXPtrStringRangeFunction.
  Fix memory leak in xmlFindCharEncodingHandler.
  Normalize XPath strings in-place.
  Prevent integer-overflow in htmlSkipBlankChars() and xmlSkipBlankChars().
  Fix leak of xmlElementContent.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824
  (* Security fix *)
patches/packages/mozilla-firefox-91.9.0esr-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/91.9.0/releasenotes/
patches/packages/samba-4.15.7-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.samba.org/samba/history/samba-4.15.7.html
2022-05-03 13:29:53 +02:00
Patrick J Volkerding
7d2523ede3 Sat Apr 30 21:18:47 UTC 2022
patches/packages/pidgin-2.14.9-x86_64-1_slack15.0.txz:  Upgraded.
  Mitigate the potential for a man in the middle attack via DNS spoofing by
  removing the code that supported the _xmppconnect DNS TXT record.
  For more information, see:
    https://www.pidgin.im/about/security/advisories/cve-2022-26491/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26491
  (* Security fix *)
2022-05-01 13:30:01 +02:00
Patrick J Volkerding
cf5d757506 Wed Apr 27 21:43:51 UTC 2022
patches/packages/curl-7.83.0-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes security issues:
  OAUTH2 bearer bypass in connection re-use.
  Credential leak on redirect.
  Bad local IPv6 connection reuse.
  Auth/cookie leak on redirect.
  For more information, see:
    https://curl.se/docs/CVE-2022-22576.html
    https://curl.se/docs/CVE-2022-27774.html
    https://curl.se/docs/CVE-2022-27775.html
    https://curl.se/docs/CVE-2022-27776.html
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
  (* Security fix *)
2022-04-28 13:29:49 +02:00
Patrick J Volkerding
dfafa37940 Mon Apr 25 20:55:17 UTC 2022
patches/packages/freerdp-2.7.0-x86_64-1_slack15.0.txz:  Upgraded.
  This update is a security and maintenance release.
  For more information, see:
    https://github.com/FreeRDP/FreeRDP/blob/2.7.0/ChangeLog
  (* Security fix *)
2022-04-26 13:30:04 +02:00
Patrick J Volkerding
a08f3ec912 Thu Apr 21 19:11:10 UTC 2022
patches/packages/mozilla-thunderbird-91.8.1-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/91.8.1/releasenotes/
2022-04-22 13:29:59 +02:00
Patrick J Volkerding
9e2efe650c Thu Apr 14 21:14:21 UTC 2022
patches/packages/git-2.35.3-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes a security issue where a Git worktree created by another
  user might be able to execute arbitrary code.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765
  (* Security fix *)
patches/packages/gzip-1.12-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes a security issue:
  zgrep applied to a crafted file name with two or more newlines can no
  longer overwrite an arbitrary, attacker-selected file.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271
  (* Security fix *)
patches/packages/xz-5.2.5-x86_64-4_slack15.0.txz:  Rebuilt.
  This update fixes a security issue:
  xzgrep applied to a crafted file name with two or more newlines can no
  longer overwrite an arbitrary, attacker-selected file.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271
  (* Security fix *)
2022-04-15 13:29:52 +02:00
Patrick J Volkerding
799fadd352 Wed Apr 13 20:51:01 UTC 2022
patches/packages/ruby-3.0.4-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and security issues:
  Double free in Regexp compilation.
  Buffer overrun in String-to-Float conversion.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28738
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28739
  (* Security fix *)
2022-04-14 13:30:03 +02:00
Patrick J Volkerding
c0c70f97c2 Tue Apr 12 21:56:14 UTC 2022
patches/packages/whois-5.5.13-x86_64-1_slack15.0.txz:  Upgraded.
  This update adds the .sd TLD server, updates the list of new gTLDs, and adds
  a Turkish translation.
2022-04-13 13:29:47 +02:00
Patrick J Volkerding
c023bce19a Fri Apr 8 20:03:36 UTC 2022
patches/packages/libarchive-3.6.1-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix and security release.
  Security fixes:
    7zip reader: fix PPMD read beyond boundary.
    ZIP reader: fix possible out of bounds read.
    ISO reader: fix possible heap buffer overflow in read_children().
    RARv4 redaer: fix multiple issues in RARv4 filter code (introduced in
    libarchive 3.6.0).
    Fix heap use after free in archive_read_format_rar_read_data().
    Fix null dereference in read_data_compressed().
    Fix heap user after free in run_filters().
  (* Security fix *)
2022-04-09 13:29:59 +02:00
Patrick J Volkerding
d9ca4d1a16 Wed Apr 6 20:23:46 UTC 2022
patches/packages/mozilla-thunderbird-91.8.0-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/91.8.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2022-15/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289
  (* Security fix *)
2022-04-07 13:29:46 +02:00
Patrick J Volkerding
a32f923a16 Tue Apr 5 19:16:30 UTC 2022
patches/packages/mozilla-firefox-91.8.0esr-x86_64-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/91.8.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2022-14/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289
  (* Security fix *)
2022-04-06 13:29:41 +02:00
Patrick J Volkerding
f37bd9fb49 Sun Apr 3 19:57:16 UTC 2022
patches/packages/ca-certificates-20220403-noarch-1_slack15.0.txz:  Upgraded.
  This update provides the latest CA certificates to check for the
  authenticity of SSL connections.
2022-04-04 13:29:59 +02:00
Patrick J Volkerding
287bf2688a Wed Mar 30 22:37:05 UTC 2022
patches/packages/vim-8.2.4649-x86_64-1_slack15.0.txz:  Upgraded.
  Fixes a use-after-free in utf_ptr2char in vim/vim prior to 8.2.4646.
  This vulnerability is capable of crashing software, bypassing protection
  mechanisms, modifying memory, and possibly execution of arbitrary code.
  Thanks to marav for the heads-up.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1154
    https://huntr.dev/bounties/7f0ec6bc-ea0e-45b0-8128-caac72d23425
    b55986c52d
  (* Security fix *)
patches/packages/vim-gvim-8.2.4649-x86_64-1_slack15.0.txz:  Upgraded.
2022-03-31 13:29:48 +02:00
Patrick J Volkerding
64d851e17a Mon Mar 28 19:33:46 UTC 2022
patches/packages/whois-5.5.12-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release. Thanks to Nobby6.
patches/packages/zlib-1.2.12-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes memory corruption when deflating (i.e., when compressing)
  if the input has many distant matches. Thanks to marav.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
  (* Security fix *)
2022-03-29 13:29:47 +02:00
Patrick J Volkerding
54997ae6c7 Fri Mar 25 19:18:41 UTC 2022
patches/packages/seamonkey-2.53.11.1-x86_64-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.seamonkey-project.org/releases/seamonkey2.53.11.1
  (* Security fix *)
2022-03-26 13:30:02 +01:00
Patrick J Volkerding
545dfeeec3 Thu Mar 24 20:59:09 UTC 2022
patches/packages/python3-3.9.12-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://pythoninsider.blogspot.com/2022/03/python-3104-and-3912-are-now-available.html
usb-and-pxe-installers/usbimg2disk.sh:  Upgraded.
  Calculate the space requirement by checking the size of the packages in the
  Slackware directory tree.
2022-03-25 13:29:47 +01:00
Patrick J Volkerding
29c65b6804 Mon Mar 21 20:24:16 UTC 2022
patches/packages/bind-9.16.27-x86_64-1_slack15.0.txz:  Upgraded.
  Sorry folks, I had not meant to bump BIND to the newer branch. I've moved
  the other packages into /testing. Thanks to Nobby6 for pointing this out.
  This update fixes bugs and the following security issues:
  A synchronous call to closehandle_cb() caused isc__nm_process_sock_buffer()
  to be called recursively, which in turn left TCP connections hanging in the
  CLOSE_WAIT state blocking indefinitely when out-of-order processing was
  disabled.
  The rules for acceptance of records into the cache have been tightened to
  prevent the possibility of poisoning if forwarders send records outside
  the configured bailiwick.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0396
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25220
  (* Security fix *)
testing/packages/bind-9.18.1-x86_64-1_slack15.0.txz:  Moved.
2022-03-22 13:30:01 +01:00
Patrick J Volkerding
8e056e9406 Sat Mar 19 20:28:16 UTC 2022
patches/packages/glibc-zoneinfo-2022a-noarch-1_slack15.0.txz:  Upgraded.
  This package provides the latest timezone updates.
2022-03-20 13:29:57 +01:00
Patrick J Volkerding
5d5dc01569 Fri Mar 18 20:16:12 UTC 2022
patches/packages/python3-3.9.11-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and security issues:
  libexpat upgraded from 2.4.1 to 2.4.7
  bundled pip upgraded from 21.2.4 to 22.0.4
  authorization bypass fixed in urllib.request
  REDoS avoided in importlib.metadata
  For more information, see:
    https://pythoninsider.blogspot.com/2022/03/python-3103-3911-3813-and-3713-are-now.html
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28363
  (* Security fix *)
2022-03-19 13:29:58 +01:00
Patrick J Volkerding
fcc29dbb40 Thu Mar 17 19:46:28 UTC 2022
patches/packages/bind-9.18.1-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and the following security issues:
  An assertion could occur in resume_dslookup() if the fetch had been shut
  down earlier.
  Lookups involving a DNAME could trigger an INSIST when "synth-from-dnssec"
  was enabled.
  A synchronous call to closehandle_cb() caused isc__nm_process_sock_buffer()
  to be called recursively, which in turn left TCP connections hanging in the
  CLOSE_WAIT state blocking indefinitely when out-of-order processing was
  disabled.
  The rules for acceptance of records into the cache have been tightened to
  prevent the possibility of poisoning if forwarders send records outside
  the configured bailiwick.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0667
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0635
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0396
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25220
  (* Security fix *)
patches/packages/bluez-5.64-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release:
  Fix issue with handling A2DP discover procedure.
  Fix issue with media endpoint replies and SetConfiguration.
  Fix issue with HoG queuing events before report map is read.
  Fix issue with HoG and read order of GATT attributes.
  Fix issue with HoG and not using UHID_CREATE2 interface.
  Fix issue with failed scanning for 5 minutes after reboot.
patches/packages/openssl-1.1.1n-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes a high severity security issue:
  The BN_mod_sqrt() function, which computes a modular square root, contains
  a bug that can cause it to loop forever for non-prime moduli.
  For more information, see:
    https://www.openssl.org/news/secadv/20220315.txt
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
  (* Security fix *)
patches/packages/openssl-solibs-1.1.1n-x86_64-1_slack15.0.txz:  Upgraded.
patches/packages/qt5-5.15.3_20220312_33a3f16f-x86_64-1_slack15.0.txz:  Upgraded.
  Thanks to Heinz Wiesinger for updating the fetch_sources.sh script to make
  sure that the QtWebEngine version matches the rest of Qt, which got the
  latest git pull compiling again.
  If a 32-bit userspace is detected, then:
  export QTWEBENGINE_CHROMIUM_FLAGS="--disable-seccomp-filter-sandbox"
  This works around crashes occuring with 32-bit QtWebEngine applications.
  Thanks to alienBOB.
2022-03-18 13:29:58 +01:00
Patrick J Volkerding
44c9fcd877 Tue Mar 15 00:13:59 UTC 2022
patches/packages/httpd-2.4.53-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and the following security issues:
  mod_sed: Read/write beyond bounds
  core: Possible buffer overflow with very large or unlimited
  LimitXMLRequestBody
  HTTP request smuggling vulnerability
  mod_lua: Use of uninitialized value in r:parsebody
  For more information, see:
    https://downloads.apache.org/httpd/CHANGES_2.4.53
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23943
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22721
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22720
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22719
  (* Security fix *)
patches/packages/mozilla-firefox-91.7.1esr-x86_64-1_slack15.0.txz:  Upgraded.
  This release makes the following change:
  Yandex and Mail.ru have been removed as optional search providers in the
  drop-down search menu in Firefox.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/91.7.1/releasenotes/
  (* Security fix *)
2022-03-15 13:30:00 +01:00
Patrick J Volkerding
477bd290fa Sat Mar 12 20:57:35 UTC 2022
patches/packages/polkit-0.120-x86_64-3_slack15.0.txz:  Rebuilt.
  Patched to fix a security issue where an unprivileged user could cause a
  denial of service due to process file descriptor exhaustion.
  Thanks to marav.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4115
  (* Security fix *)
2022-03-13 13:29:55 +01:00
Patrick J Volkerding
9ebdf8edc0 Thu Mar 10 02:30:54 UTC 2022
patches/packages/ca-certificates-20220309-noarch-1_slack15.0.txz:  Upgraded.
  This update provides the latest CA certificates to check for the
  authenticity of SSL connections.
2022-03-10 13:29:56 +01:00
Patrick J Volkerding
ead45c4c66 Wed Mar 9 04:14:08 UTC 2022
patches/packages/linux-5.15.27/*:  Upgraded.
  These updates fix various bugs and security issues, including the recently
  announced "Dirty Pipe" vulnerability which allows overwriting data in
  arbitrary read-only files (CVE-2022-0847).
  Be sure to upgrade your initrd after upgrading the kernel packages.
  If you use lilo to boot your machine, be sure lilo.conf points to the correct
  kernel and initrd and run lilo as root to update the bootloader.
  If you use elilo to boot your machine, you should run eliloconfig to copy the
  kernel and initrd to the EFI System Partition.
  For more information, see:
    Fixed in 5.15.20:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0492
    Fixed in 5.15.23:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0516
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0435
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0487
    Fixed in 5.15.24:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25375
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25258
    Fixed in 5.15.25:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0847
    Fixed in 5.15.26:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25636
  (* Security fix *)
2022-03-09 19:15:03 +01:00
Patrick J Volkerding
013aa123f3 Tue Mar 8 04:39:53 UTC 2022
patches/packages/boost-1.78.0-x86_64-2_slack15.0.txz:  Rebuilt.
  This update has been patched to fix a regression:
  Boost.Build silently skips installation of library headers and binaries in
  some cases.
  Thanks to Willy Sudiarto Raharjo.
2022-03-09 13:29:58 +01:00
Patrick J Volkerding
83d9a46441 Tue Mar 8 00:52:43 UTC 2022
patches/packages/mozilla-firefox-91.7.0esr-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/91.7.0/releasenotes/
  (* Security fix *)
2022-03-08 13:29:55 +01:00
Patrick J Volkerding
3ec92b50f1 Sat Mar 5 19:56:26 UTC 2022
patches/packages/expat-2.4.7-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release:
  Relax fix to CVE-2022-25236 (introduced with release 2.4.5) with regard to
  all valid URI characters (RFC 3986).
patches/packages/mozilla-firefox-91.6.1esr-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/91.6.1/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2022-09/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26485
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26486
  (* Security fix *)
patches/packages/mozilla-thunderbird-91.6.2-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/91.6.2/releasenotes/
  (* Security fix *)
2022-03-06 13:29:55 +01:00
Patrick J Volkerding
43560cb6f4 Wed Mar 2 21:39:57 UTC 2022
patches/packages/seamonkey-2.53.11-x86_64-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.seamonkey-project.org/releases/seamonkey2.53.11
  (* Security fix *)
2022-03-03 13:29:43 +01:00
Patrick J Volkerding
87f850786e Tue Mar 1 05:05:48 UTC 2022
patches/packages/libxml2-2.9.13-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and the following security issues:
  Use-after-free of ID and IDREF attributes
  (Thanks to Shinji Sato for the report)
  Use-after-free in xmlXIncludeCopyRange (David Kilzer)
  Fix Null-deref-in-xmlSchemaGetComponentTargetNs (huangduirong)
  Fix memory leak in xmlXPathCompNodeTest
  Fix null pointer deref in xmlStringGetNodeList
  Fix several memory leaks found by Coverity (David King)
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23308
  (* Security fix *)
patches/packages/libxslt-1.1.35-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and the following security issues:
  Fix use-after-free in xsltApplyTemplates
  Fix memory leak in xsltDocumentElem (David King)
  Fix memory leak in xsltCompileIdKeyPattern (David King)
  Fix double-free with stylesheets containing entity nodes
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30560
  (* Security fix *)
2022-03-02 13:30:01 +01:00
Patrick J Volkerding
a737ba20e2 Fri Feb 25 00:03:28 UTC 2022
patches/packages/cyrus-sasl-2.1.28-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and security issues.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19906
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24407
  (* Security fix *)
2022-02-25 13:29:56 +01:00
Patrick J Volkerding
2858060a50 Mon Feb 21 20:21:38 UTC 2022
patches/packages/expat-2.4.6-x86_64-1_slack15.0.txz:  Upgraded.
  Fixed a regression introduced by the fix for CVE-2022-25313 that affects
  applications that (1) call function XML_SetElementDeclHandler and (2) are
  parsing XML that contains nested element declarations:
  (e.g. "<!ELEMENT junk ((bar|foo|xyz+), zebra*)>").
patches/packages/flac-1.3.4-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes overflow issues with encoding and decoding.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0499
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0561
  (* Security fix *)
patches/packages/mariadb-10.5.15-x86_64-2_slack15.0.txz:  Rebuilt.
  Removed dangling symlink.
2022-02-22 13:29:56 +01:00
Patrick J Volkerding
6d57f3ac47 Sun Feb 20 05:13:20 UTC 2022
patches/packages/expat-2.4.5-x86_64-1_slack15.0.txz:  Upgraded.
  Fixed security issues that could lead to denial of service or potentially
  arbitrary code execution.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25235
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25236
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25313
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25315
  (* Security fix *)
2022-02-21 13:29:58 +01:00
Patrick J Volkerding
a019271253 Fri Feb 18 05:29:00 UTC 2022
patches/packages/mozilla-thunderbird-91.6.1-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/91.6.1/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2022-07/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0566
  (* Security fix *)
patches/packages/php-7.4.28-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and a security issue:
  UAF due to php_filter_float() failing for ints.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21708
  (* Security fix *)
extra/php80/php80-8.0.16-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and a security issue:
  UAF due to php_filter_float() failing for ints.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21708
  (* Security fix *)
extra/php81/php81-8.1.3-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and a security issue:
  UAF due to php_filter_float() failing for ints.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21708
  (* Security fix *)
2022-02-19 13:30:02 +01:00
Patrick J Volkerding
c9881ad979 Tue Feb 15 20:00:48 UTC 2022
patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txz:  Rebuilt.
  If root's mailbox did not already exist, it would be created with insecure
  permissions leading to possible local information disclosure. This update
  ensures that a new mailbox will be created with proper permissions and
  ownership, and corrects the permissions on an existing mailbox if they are
  found to be incorrect. Thanks to Martin for the bug report.
  (* Security fix *)
patches/packages/util-linux-2.37.4-x86_64-1_slack15.0.txz:  Upgraded.
  This release fixes a security issue in chsh(1) and chfn(8):
  By default, these utilities had been linked with libreadline, which allows
  the INPUTRC environment variable to be abused to produce an error message
  containing data from an arbitrary file. So, don't link these utilities with
  libreadline as it does not use secure_getenv() (or a similar concept), or
  sanitize the config file path to avoid vulnerabilities that could occur in
  set-user-ID or set-group-ID programs.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0563
  (* Security fix *)
2022-02-16 13:29:58 +01:00
Patrick J Volkerding
9a5f4fd634 Mon Feb 14 00:10:38 UTC 2022
patches/packages/mariadb-10.5.15-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes potential denial-of-service vulnerabilities.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46665
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46664
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46661
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46668
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46663
  (* Security fix *)
2022-02-14 13:29:59 +01:00
Patrick J Volkerding
eb19d64569 Thu Feb 10 01:46:55 UTC 2022
patches/packages/at-3.2.3-x86_64-1_slack15.0.txz:  Upgraded.
  Switched to at-3.2.3 since version 3.2.4 has a regression that causes
  queued jobs to not always run on time when atd is run as a standalone
  daemon. Thanks to Cesare.
patches/packages/mozilla-firefox-91.6.0esr-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/91.6.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2022-05/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22753
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764
  (* Security fix *)
patches/packages/mozilla-thunderbird-91.6.0-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/91.6.0/releasenotes/
    https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird91.6
  (* Security fix *)
2022-02-10 05:00:00 +01:00
Patrick J Volkerding
0ff3062f77 Wed Feb 2 22:22:22 UTC 2022
Slackware 15.0 x86_64 stable is released!

Another too-long development cycle is behind us after we bit off more than
we could chew and then had to shine it up to a high-gloss finish. Hopefully
we've managed to get the tricky parts out of the way so that we'll be able
to see a 15.1 incremental update after a far shorter development cycle.
Certainly the development infrastructure has been streamlined here and things
should be easier moving forward. My thanks to the rest of the Slackware team,
all the upstream developers who have given us such great building materials,
the folks on LinuxQuestions.org and elsewhere for all the help with testing,
great suggestions, and countless bug fixes, and to everyone who helped
support this project so that the release could finally see the light of day.
I couldn't have done any of this without your help, and I'm grateful to all
of you. Thanks!

For more information, check out the RELEASE_NOTES, CHANGES_AND_HINTS.TXT,
and ANNOUNCE.15.0.

Have fun!  :-)
2022-02-04 00:29:06 +01:00
Patrick J Volkerding
7e275bc3ae Wed Feb 2 08:21:48 UTC 2022
a/kernel-generic-5.15.19-x86_64-2.txz:  Upgraded.
a/kernel-huge-5.15.19-x86_64-2.txz:  Upgraded.
a/kernel-modules-5.15.19-x86_64-2.txz:  Upgraded.
d/kernel-headers-5.15.19-x86-2.txz:  Upgraded.
k/kernel-source-5.15.19-noarch-2.txz:  Upgraded.
  -RTC_SYSTOHC_DEVICE "rtc0"
   RTC_SYSTOHC y -> n
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
testing/source/linux-5.16.5-configs/*:  Rebuilt.
  -RTC_SYSTOHC_DEVICE "rtc0"
   RTC_SYSTOHC y -> n
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2022-02-02 11:59:53 +01:00
Patrick J Volkerding
8b3ff193a8 Wed Feb 2 04:17:39 UTC 2022
fortune -m "I will be finished tomorrow" fortunes2
a/kernel-generic-5.15.19-x86_64-1.txz:  Upgraded.
a/kernel-huge-5.15.19-x86_64-1.txz:  Upgraded.
a/kernel-modules-5.15.19-x86_64-1.txz:  Upgraded.
ap/screen-4.9.0-x86_64-1.txz:  Upgraded.
  Patched possible denial of service via a crafted UTF-8 character sequence.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26937
  (* Security fix *)
d/kernel-headers-5.15.19-x86-1.txz:  Upgraded.
k/kernel-source-5.15.19-noarch-1.txz:  Upgraded.
   RTC_INTF_DEV_UIE_EMUL y -> n
   RTC_SYSTOHC n -> y
  +RTC_SYSTOHC_DEVICE "rtc0"
l/lcms2-2.13-x86_64-2.txz:  Rebuilt.
  [PATCH] Fix for optimization error on grayscale.
  Thanks to Aaron Boxer for reporting this issue.
  Thanks to gmgf.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
testing/source/linux-5.16.5-configs/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2022-02-02 08:59:53 +01:00
Patrick J Volkerding
ba74260aeb Tue Feb 1 08:27:47 UTC 2022
kde/kate-21.12.1-x86_64-2.txz:  Rebuilt.
  Fix missing validation of binaries executed via QProcess.
  Thanks to Heinz Wiesinger.
  For more information, see:
    https://kde.org/info/security/advisory-20220131-1.txt
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23853
  (* Security fix *)
2022-02-01 17:59:49 +01:00