Patrick J Volkerding
0cec0ecfa1
Wed Jun 12 21:12:05 UTC 2024
...
patches/packages/mozilla-thunderbird-115.11.1-x86_64-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.11.1/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2024-23/
https://www.cve.org/CVERecord?id=CVE-2024-4367
https://www.cve.org/CVERecord?id=CVE-2024-4767
https://www.cve.org/CVERecord?id=CVE-2024-4768
https://www.cve.org/CVERecord?id=CVE-2024-4769
https://www.cve.org/CVERecord?id=CVE-2024-4770
https://www.cve.org/CVERecord?id=CVE-2024-4777
(* Security fix *)
2024-06-13 13:30:30 +02:00
Patrick J Volkerding
cfdd416e37
Tue Jun 11 21:09:01 UTC 2024
...
patches/packages/cups-2.4.9-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and a security issue:
When starting the cupsd server with a Listen configuration item pointing
to a symbolic link, the cupsd process can be caused to perform an arbitrary
chmod of the provided argument, providing world-writable access to the
target.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-35235
(* Security fix *)
patches/packages/mozilla-firefox-115.12.0esr-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.12.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2024-26/
https://www.cve.org/CVERecord?id=CVE-2024-5702
https://www.cve.org/CVERecord?id=CVE-2024-5688
https://www.cve.org/CVERecord?id=CVE-2024-5690
https://www.cve.org/CVERecord?id=CVE-2024-5691
https://www.cve.org/CVERecord?id=CVE-2024-5692
https://www.cve.org/CVERecord?id=CVE-2024-5693
https://www.cve.org/CVERecord?id=CVE-2024-5696
https://www.cve.org/CVERecord?id=CVE-2024-5700
(* Security fix *)
2024-06-12 13:30:32 +02:00
Patrick J Volkerding
61eadccb16
Sat Jun 8 19:42:03 UTC 2024
...
patches/packages/kernel-firmware-20240606_90df68d-noarch-1.txz: Upgraded.
Updated to the latest kernel firmware.
patches/packages/linux-5.15.160/*: Upgraded.
These updates fix a regression with the first 5.15.160 packages:
Subject: [PATCH] Revert "drm/amdgpu: init iommu after amdkfd device init"
This reverts commit 56b522f4668167096a50c39446d6263c96219f5f.
A user reported that this commit breaks the integrated gpu of his
notebook, causing a black screen. He was able to bisect the problematic
commit and verified that by reverting it the notebook works again.
He also confirmed that kernel 6.8.1 also works on his device, so the
upstream commit itself seems to be ok.
An amdgpu developer (Alex Deucher) confirmed that this patch should
have never been ported to 5.15 in the first place, so revert this
commit from the 5.15 stable series.
Thanks to fsLeg.
Be sure to upgrade your initrd after upgrading the kernel packages.
If you use lilo to boot your machine, be sure lilo.conf points to the correct
kernel and initrd and run lilo as root to update the bootloader.
If you use elilo to boot your machine, you should run eliloconfig to copy the
kernel and initrd to the EFI System Partition.
2024-06-09 13:30:34 +02:00
Patrick J Volkerding
dfa4788e03
Thu Jun 6 19:44:49 UTC 2024
...
extra/php81/php81-8.1.29-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and security issues:
Bypass of CVE-2012-1823, Argument Injection in PHP-CGI.
Filter bypass in filter_var FILTER_VALIDATE_URL.
Bypass of CVE-2024-1874.
For more information, see:
https://www.php.net/ChangeLog-8.php#8.1.29
https://www.cve.org/CVERecord?id=CVE-2024-4577
https://www.cve.org/CVERecord?id=CVE-2024-5458
https://www.cve.org/CVERecord?id=CVE-2024-5585
(* Security fix *)
2024-06-07 13:30:44 +02:00
Patrick J Volkerding
e53c2323e1
Wed Jun 5 19:06:36 UTC 2024
...
patches/packages/ca-certificates-20240604-noarch-1_slack15.0.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
patches/packages/kernel-firmware-20240604_22643bb-noarch-1.txz: Upgraded.
Updated to the latest kernel firmware.
patches/packages/linux-5.15.160/*: Upgraded.
These updates fix various bugs and security issues.
Be sure to upgrade your initrd after upgrading the kernel packages.
If you use lilo to boot your machine, be sure lilo.conf points to the correct
kernel and initrd and run lilo as root to update the bootloader.
If you use elilo to boot your machine, you should run eliloconfig to copy the
kernel and initrd to the EFI System Partition.
For more information, see:
Fixed in 5.15.147:
https://www.cve.org/CVERecord?id=CVE-2023-52340
https://www.cve.org/CVERecord?id=CVE-2023-6040
https://www.cve.org/CVERecord?id=CVE-2024-0646
Fixed in 5.15.148:
https://www.cve.org/CVERecord?id=CVE-2023-46838
https://www.cve.org/CVERecord?id=CVE-2023-52436
https://www.cve.org/CVERecord?id=CVE-2023-52438
https://www.cve.org/CVERecord?id=CVE-2023-52439
https://www.cve.org/CVERecord?id=CVE-2023-52443
https://www.cve.org/CVERecord?id=CVE-2023-52444
https://www.cve.org/CVERecord?id=CVE-2023-52445
https://www.cve.org/CVERecord?id=CVE-2023-52448
https://www.cve.org/CVERecord?id=CVE-2023-52449
https://www.cve.org/CVERecord?id=CVE-2023-52451
https://www.cve.org/CVERecord?id=CVE-2023-52454
https://www.cve.org/CVERecord?id=CVE-2023-52456
https://www.cve.org/CVERecord?id=CVE-2023-52458
https://www.cve.org/CVERecord?id=CVE-2023-52463
https://www.cve.org/CVERecord?id=CVE-2023-52464
https://www.cve.org/CVERecord?id=CVE-2023-52467
https://www.cve.org/CVERecord?id=CVE-2023-52469
https://www.cve.org/CVERecord?id=CVE-2023-52470
https://www.cve.org/CVERecord?id=CVE-2023-52609
https://www.cve.org/CVERecord?id=CVE-2023-52610
https://www.cve.org/CVERecord?id=CVE-2023-52612
https://www.cve.org/CVERecord?id=CVE-2023-6356
https://www.cve.org/CVERecord?id=CVE-2023-6536
https://www.cve.org/CVERecord?id=CVE-2023-6915
https://www.cve.org/CVERecord?id=CVE-2024-1085
https://www.cve.org/CVERecord?id=CVE-2024-24860
https://www.cve.org/CVERecord?id=CVE-2024-26586
https://www.cve.org/CVERecord?id=CVE-2024-26589
https://www.cve.org/CVERecord?id=CVE-2024-26591
https://www.cve.org/CVERecord?id=CVE-2024-26597
https://www.cve.org/CVERecord?id=CVE-2024-26598
https://www.cve.org/CVERecord?id=CVE-2024-26631
https://www.cve.org/CVERecord?id=CVE-2024-26633
Fixed in 5.15.149:
https://www.cve.org/CVERecord?id=CVE-2023-52429
https://www.cve.org/CVERecord?id=CVE-2023-52435
https://www.cve.org/CVERecord?id=CVE-2023-52486
https://www.cve.org/CVERecord?id=CVE-2023-52489
https://www.cve.org/CVERecord?id=CVE-2023-52491
https://www.cve.org/CVERecord?id=CVE-2023-52492
https://www.cve.org/CVERecord?id=CVE-2023-52493
https://www.cve.org/CVERecord?id=CVE-2023-52494
https://www.cve.org/CVERecord?id=CVE-2023-52498
https://www.cve.org/CVERecord?id=CVE-2023-52583
https://www.cve.org/CVERecord?id=CVE-2023-52587
https://www.cve.org/CVERecord?id=CVE-2023-52588
https://www.cve.org/CVERecord?id=CVE-2023-52594
https://www.cve.org/CVERecord?id=CVE-2023-52595
https://www.cve.org/CVERecord?id=CVE-2023-52597
https://www.cve.org/CVERecord?id=CVE-2023-52598
https://www.cve.org/CVERecord?id=CVE-2023-52599
https://www.cve.org/CVERecord?id=CVE-2023-52600
https://www.cve.org/CVERecord?id=CVE-2023-52601
https://www.cve.org/CVERecord?id=CVE-2023-52602
https://www.cve.org/CVERecord?id=CVE-2023-52603
https://www.cve.org/CVERecord?id=CVE-2023-52604
https://www.cve.org/CVERecord?id=CVE-2023-52606
https://www.cve.org/CVERecord?id=CVE-2023-52607
https://www.cve.org/CVERecord?id=CVE-2023-52608
https://www.cve.org/CVERecord?id=CVE-2023-52614
https://www.cve.org/CVERecord?id=CVE-2023-52615
https://www.cve.org/CVERecord?id=CVE-2023-52616
https://www.cve.org/CVERecord?id=CVE-2023-52617
https://www.cve.org/CVERecord?id=CVE-2023-52618
https://www.cve.org/CVERecord?id=CVE-2023-52619
https://www.cve.org/CVERecord?id=CVE-2023-52622
https://www.cve.org/CVERecord?id=CVE-2023-52623
https://www.cve.org/CVERecord?id=CVE-2023-52627
https://www.cve.org/CVERecord?id=CVE-2023-52630
https://www.cve.org/CVERecord?id=CVE-2023-52631
https://www.cve.org/CVERecord?id=CVE-2023-52633
https://www.cve.org/CVERecord?id=CVE-2023-52635
https://www.cve.org/CVERecord?id=CVE-2023-52637
https://www.cve.org/CVERecord?id=CVE-2023-52638
https://www.cve.org/CVERecord?id=CVE-2024-0340
https://www.cve.org/CVERecord?id=CVE-2024-1086
https://www.cve.org/CVERecord?id=CVE-2024-1151
https://www.cve.org/CVERecord?id=CVE-2024-23849
https://www.cve.org/CVERecord?id=CVE-2024-23850
https://www.cve.org/CVERecord?id=CVE-2024-23851
https://www.cve.org/CVERecord?id=CVE-2024-26592
https://www.cve.org/CVERecord?id=CVE-2024-26593
https://www.cve.org/CVERecord?id=CVE-2024-26594
https://www.cve.org/CVERecord?id=CVE-2024-26600
https://www.cve.org/CVERecord?id=CVE-2024-26602
https://www.cve.org/CVERecord?id=CVE-2024-26606
https://www.cve.org/CVERecord?id=CVE-2024-26608
https://www.cve.org/CVERecord?id=CVE-2024-26610
https://www.cve.org/CVERecord?id=CVE-2024-26614
https://www.cve.org/CVERecord?id=CVE-2024-26615
https://www.cve.org/CVERecord?id=CVE-2024-26625
https://www.cve.org/CVERecord?id=CVE-2024-26627
https://www.cve.org/CVERecord?id=CVE-2024-26635
https://www.cve.org/CVERecord?id=CVE-2024-26636
https://www.cve.org/CVERecord?id=CVE-2024-26640
https://www.cve.org/CVERecord?id=CVE-2024-26641
https://www.cve.org/CVERecord?id=CVE-2024-26644
https://www.cve.org/CVERecord?id=CVE-2024-26645
https://www.cve.org/CVERecord?id=CVE-2024-26660
https://www.cve.org/CVERecord?id=CVE-2024-26663
https://www.cve.org/CVERecord?id=CVE-2024-26664
https://www.cve.org/CVERecord?id=CVE-2024-26665
https://www.cve.org/CVERecord?id=CVE-2024-26668
https://www.cve.org/CVERecord?id=CVE-2024-26671
https://www.cve.org/CVERecord?id=CVE-2024-26673
https://www.cve.org/CVERecord?id=CVE-2024-26675
https://www.cve.org/CVERecord?id=CVE-2024-26676
https://www.cve.org/CVERecord?id=CVE-2024-26679
https://www.cve.org/CVERecord?id=CVE-2024-26684
https://www.cve.org/CVERecord?id=CVE-2024-26685
https://www.cve.org/CVERecord?id=CVE-2024-26689
https://www.cve.org/CVERecord?id=CVE-2024-26696
https://www.cve.org/CVERecord?id=CVE-2024-26697
https://www.cve.org/CVERecord?id=CVE-2024-26698
https://www.cve.org/CVERecord?id=CVE-2024-26702
https://www.cve.org/CVERecord?id=CVE-2024-26704
https://www.cve.org/CVERecord?id=CVE-2024-26707
https://www.cve.org/CVERecord?id=CVE-2024-26712
https://www.cve.org/CVERecord?id=CVE-2024-26715
https://www.cve.org/CVERecord?id=CVE-2024-26717
https://www.cve.org/CVERecord?id=CVE-2024-26720
https://www.cve.org/CVERecord?id=CVE-2024-26727
https://www.cve.org/CVERecord?id=CVE-2024-26808
Fixed in 5.15.150:
https://www.cve.org/CVERecord?id=CVE-2023-52434
https://www.cve.org/CVERecord?id=CVE-2023-52497
https://www.cve.org/CVERecord?id=CVE-2023-52640
https://www.cve.org/CVERecord?id=CVE-2023-52641
https://www.cve.org/CVERecord?id=CVE-2024-0565
https://www.cve.org/CVERecord?id=CVE-2024-26601
https://www.cve.org/CVERecord?id=CVE-2024-26603
https://www.cve.org/CVERecord?id=CVE-2024-26733
https://www.cve.org/CVERecord?id=CVE-2024-26735
https://www.cve.org/CVERecord?id=CVE-2024-26736
https://www.cve.org/CVERecord?id=CVE-2024-26737
https://www.cve.org/CVERecord?id=CVE-2024-26743
https://www.cve.org/CVERecord?id=CVE-2024-26744
https://www.cve.org/CVERecord?id=CVE-2024-26747
https://www.cve.org/CVERecord?id=CVE-2024-26748
https://www.cve.org/CVERecord?id=CVE-2024-26749
https://www.cve.org/CVERecord?id=CVE-2024-26751
https://www.cve.org/CVERecord?id=CVE-2024-26752
https://www.cve.org/CVERecord?id=CVE-2024-26754
https://www.cve.org/CVERecord?id=CVE-2024-26763
https://www.cve.org/CVERecord?id=CVE-2024-26764
https://www.cve.org/CVERecord?id=CVE-2024-26766
https://www.cve.org/CVERecord?id=CVE-2024-26769
https://www.cve.org/CVERecord?id=CVE-2024-26771
https://www.cve.org/CVERecord?id=CVE-2024-26772
https://www.cve.org/CVERecord?id=CVE-2024-26773
https://www.cve.org/CVERecord?id=CVE-2024-26774
https://www.cve.org/CVERecord?id=CVE-2024-26776
https://www.cve.org/CVERecord?id=CVE-2024-26777
https://www.cve.org/CVERecord?id=CVE-2024-26778
https://www.cve.org/CVERecord?id=CVE-2024-26779
Fixed in 5.15.151:
https://www.cve.org/CVERecord?id=CVE-2023-52620
https://www.cve.org/CVERecord?id=CVE-2024-0841
https://www.cve.org/CVERecord?id=CVE-2024-26622
https://www.cve.org/CVERecord?id=CVE-2024-26688
https://www.cve.org/CVERecord?id=CVE-2024-26782
https://www.cve.org/CVERecord?id=CVE-2024-26788
https://www.cve.org/CVERecord?id=CVE-2024-26790
https://www.cve.org/CVERecord?id=CVE-2024-26791
https://www.cve.org/CVERecord?id=CVE-2024-26793
https://www.cve.org/CVERecord?id=CVE-2024-26795
https://www.cve.org/CVERecord?id=CVE-2024-26798
https://www.cve.org/CVERecord?id=CVE-2024-26801
https://www.cve.org/CVERecord?id=CVE-2024-26802
https://www.cve.org/CVERecord?id=CVE-2024-26803
https://www.cve.org/CVERecord?id=CVE-2024-26804
https://www.cve.org/CVERecord?id=CVE-2024-26805
Fixed in 5.15.152:
https://www.cve.org/CVERecord?id=CVE-2024-26659
https://www.cve.org/CVERecord?id=CVE-2024-26787
Fixed in 5.15.153:
https://www.cve.org/CVERecord?id=CVE-2023-52447
https://www.cve.org/CVERecord?id=CVE-2023-6270
https://www.cve.org/CVERecord?id=CVE-2023-7042
https://www.cve.org/CVERecord?id=CVE-2024-22099
https://www.cve.org/CVERecord?id=CVE-2024-26651
https://www.cve.org/CVERecord?id=CVE-2024-26809
(* Security fix *)
2024-06-06 13:30:38 +02:00
Patrick J Volkerding
e5301d4448
Sat Jun 1 19:52:37 UTC 2024
...
patches/packages/ntp-4.2.8p18-x86_64-2_slack15.0.txz: Rebuilt.
This is a bugfix release to fix a possible regression. In some cases ntpd
gets an error on mixed ipv4/ipv6 networks, so we'll make it possible to
easily configure ntpd to use ipv4 only or ipv6 only (as well as to change
any other ntpd options).
rc.ntp: properly create the PID file on start.
Add /etc/default/ntp to configure ntpd startup options since some people are
needing to add -4 to avoid an error.
Thanks to rkelsen and teoberi.
2024-06-02 13:30:47 +02:00
Patrick J Volkerding
dd5b1ba2c4
Sun May 26 00:07:39 UTC 2024
...
patches/packages/ntp-4.2.8p18-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
2024-05-26 13:30:49 +02:00
Patrick J Volkerding
97a6982d2b
Wed May 22 18:57:13 UTC 2024
...
patches/packages/curl-8.8.0-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
2024-05-23 13:30:44 +02:00
Patrick J Volkerding
e10e8c9854
Mon May 20 18:42:49 UTC 2024
...
patches/packages/mariadb-10.5.25-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and a security issue:
Difficult to exploit vulnerability allows unauthenticated attacker with
logon to the infrastructure where MariaDB Server executes to compromise the
server. This could result in unauthorized update, insert or delete access
to some of the data as well as unauthorized read access to a subset of the
data and unauthorized ability to cause a partial denial of service.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-21096
(* Security fix *)
2024-05-21 13:30:45 +02:00
Patrick J Volkerding
fb146f18cf
Thu May 16 02:31:40 UTC 2024
...
patches/packages/gdk-pixbuf2-2.42.12-x86_64-1_slack15.0.txz: Upgraded.
ani: Reject files with multiple INA or IART chunks.
ani: Reject files with multiple anih chunks.
ani: validate chunk size.
Thanks to 0xvhp, pedrib, and Benjamin Gilbert.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-48622
(* Security fix *)
patches/packages/git-2.39.4-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
Recursive clones on case-insensitive filesystems that support symbolic
links are susceptible to case confusion that can be exploited to
execute just-cloned code during the clone operation.
Repositories can be configured to execute arbitrary code during local
clones. To address this, the ownership checks introduced in v2.30.3
are now extended to cover cloning local repositories.
Local clones may end up hardlinking files into the target repository's
object database when source and target repository reside on the same
disk. If the source repository is owned by a different user, then
those hardlinked files may be rewritten at any point in time by the
untrusted user.
When cloning a local source repository that contains symlinks via the
filesystem, Git may create hardlinks to arbitrary user-readable files
on the same filesystem as the target repository in the objects/
directory.
It is supposed to be safe to clone untrusted repositories, even those
unpacked from zip archives or tarballs originating from untrusted
sources, but Git can be tricked to run arbitrary code as part of the
clone.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-32002
https://www.cve.org/CVERecord?id=CVE-2024-32004
https://www.cve.org/CVERecord?id=CVE-2024-32020
https://www.cve.org/CVERecord?id=CVE-2024-32021
https://www.cve.org/CVERecord?id=CVE-2024-32465
(* Security fix *)
patches/packages/popa3d-1.0.3-x86_64-7_slack15.0.txz: Rebuilt.
This is a bugfix release:
Build with AUTH_PAM, not AUTH_SHADOW.
Thanks to jayjwa.
testing/packages/bind-9.18.27-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
2024-05-17 13:40:17 +02:00
Patrick J Volkerding
a86246c0dd
Tue May 14 19:07:51 UTC 2024
...
patches/packages/mozilla-firefox-115.11.0esr-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.11.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2024-22/
https://www.cve.org/CVERecord?id=CVE-2024-4367
https://www.cve.org/CVERecord?id=CVE-2024-4767
https://www.cve.org/CVERecord?id=CVE-2024-4768
https://www.cve.org/CVERecord?id=CVE-2024-4769
https://www.cve.org/CVERecord?id=CVE-2024-4770
https://www.cve.org/CVERecord?id=CVE-2024-4777
(* Security fix *)
2024-05-15 13:30:44 +02:00
Patrick J Volkerding
e00e146d20
Mon May 13 18:22:20 UTC 2024
...
patches/packages/libxml2-2.11.8-x86_64-1_slack15.0.txz: Upgraded.
Fix buffer overread with "xmllint --htmlout".
xmllint: Fix --pedantic option.
save: Handle invalid parent pointers in xhtmlNodeDumpOutput.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-34459
(* Security fix *)
2024-05-14 13:40:19 +02:00
Patrick J Volkerding
39da3ef43f
Sun May 12 19:10:12 UTC 2024
...
patches/packages/whois-5.5.23-x86_64-1_slack15.0.txz: Upgraded.
Updated the .sc, .********* (.xn--yfro4i67o, Singapore)
and .********************************* (.xn--clchc0ea0b2g2a9gcd, Singapore)
TLD servers.
2024-05-13 13:30:45 +02:00
Patrick J Volkerding
bc6a73dcbb
Thu May 9 19:26:51 UTC 2024
...
patches/packages/sg3_utils-1.47-x86_64-2_slack15.0.txz: Rebuilt.
This is a bugfix release to fix a regression in rescan-scsi-bus.sh that
causes all SCSI devices to be removed from the system when the '-r'
option is used. Thanks to jwoithe for the link to the upstream patch.
2024-05-10 13:30:43 +02:00
Patrick J Volkerding
1163276b19
Thu Apr 25 17:58:17 UTC 2024
...
patches/packages/libarchive-3.7.3-x86_64-2_slack15.0.txz: Rebuilt.
Patched an out-of-bound error in the rar e8 filter that could allow for
the execution of arbitrary code.
Thanks to gmgf for the heads-up.
For more information, see:
https://github.com/advisories/GHSA-2jc9-36w4-pmqw
https://www.cve.org/CVERecord?id=CVE-2024-26256
(* Security fix *)
2024-04-26 13:30:48 +02:00
Patrick J Volkerding
88c375df6b
Tue Apr 23 22:24:03 UTC 2024
...
patches/packages/ruby-3.0.7-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
Arbitrary memory address read vulnerability with Regex search.
RCE vulnerability with .rdoc_options in RDoc.
Buffer overread vulnerability in StringIO.
For more information, see:
https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/
https://www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281/
https://www.ruby-lang.org/en/news/2024/03/21/buffer-overread-cve-2024-27280/
https://www.cve.org/CVERecord?id=CVE-2024-27282
https://www.cve.org/CVERecord?id=CVE-2024-27281
https://www.cve.org/CVERecord?id=CVE-2024-27280
(* Security fix *)
2024-04-24 13:30:50 +02:00
Patrick J Volkerding
9e65079da6
Mon Apr 22 19:36:38 UTC 2024
...
patches/packages/freerdp-2.11.7-x86_64-1_slack15.0.txz: Upgraded.
This release eliminates a bunch of issues detected during oss-fuzz runs.
(* Security fix *)
2024-04-23 13:30:50 +02:00
Patrick J Volkerding
54a8f66b49
Fri Apr 19 19:36:17 UTC 2024
...
patches/packages/freerdp-2.11.6-x86_64-1_slack15.0.txz: Upgraded.
This release is a security release and addresses multiple issues:
[Low] OutOfBound Read in zgfx_decompress_segment.
[Moderate] Integer overflow & OutOfBound Write in
clear_decompress_residual_data.
[Low] integer underflow in nsc_rle_decode.
[Low] OutOfBound Read in planar_skip_plane_rle.
[Low] OutOfBound Read in ncrush_decompress.
[Low] OutOfBound Read in interleaved_decompress.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-32041
https://www.cve.org/CVERecord?id=CVE-2024-32039
https://www.cve.org/CVERecord?id=CVE-2024-32040
https://www.cve.org/CVERecord?id=CVE-2024-32458
https://www.cve.org/CVERecord?id=CVE-2024-32459
https://www.cve.org/CVERecord?id=CVE-2024-32460
(* Security fix *)
2024-04-20 13:30:46 +02:00
Patrick J Volkerding
d3c452d720
Thu Apr 18 19:17:30 UTC 2024
...
patches/packages/bind-9.16.50-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
patches/packages/aaa_glibc-solibs-2.33-x86_64-6_slack15.0.txz: Rebuilt.
patches/packages/glibc-2.33-x86_64-6_slack15.0.txz: Rebuilt.
This update fixes a security issue:
The iconv() function in the GNU C Library versions 2.39 and older may
overflow the output buffer passed to it by up to 4 bytes when converting
strings to the ISO-2022-CN-EXT character set, which may be used to crash
an application or overwrite a neighbouring variable.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-2961
(* Security fix *)
patches/packages/glibc-i18n-2.33-x86_64-6_slack15.0.txz: Rebuilt.
patches/packages/glibc-profile-2.33-x86_64-6_slack15.0.txz: Rebuilt.
testing/packages/bind-9.18.26-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
2024-04-19 13:30:41 +02:00
Patrick J Volkerding
2a933a7e4f
Wed Apr 17 20:35:48 UTC 2024
...
patches/packages/mozilla-thunderbird-115.10.0-x86_64-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.10.0/releasenotes/
https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird115.10
(* Security fix *)
2024-04-18 13:30:45 +02:00
Patrick J Volkerding
7165f6f4db
Tue Apr 16 18:50:13 UTC 2024
...
patches/packages/mozilla-firefox-115.10.0esr-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.10.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2024-19/
https://www.cve.org/CVERecord?id=CVE-2024-3852
https://www.cve.org/CVERecord?id=CVE-2024-3854
https://www.cve.org/CVERecord?id=CVE-2024-3857
https://www.cve.org/CVERecord?id=CVE-2024-2609
https://www.cve.org/CVERecord?id=CVE-2024-3859
https://www.cve.org/CVERecord?id=CVE-2024-3861
https://www.cve.org/CVERecord?id=CVE-2024-3863
https://www.cve.org/CVERecord?id=CVE-2024-3302
https://www.cve.org/CVERecord?id=CVE-2024-3864
(* Security fix *)
2024-04-17 13:30:44 +02:00
Patrick J Volkerding
1d9ca96a22
Sun Apr 14 18:35:32 UTC 2024
...
patches/packages/less-653-x86_64-1_slack15.0.txz: Upgraded.
This update patches a security issue:
less through 653 allows OS command execution via a newline character in the
name of a file, because quoting is mishandled in filename.c. Exploitation
typically requires use with attacker-controlled file names, such as the files
extracted from an untrusted archive. Exploitation also requires the LESSOPEN
environment variable, but this is set by default in many common cases.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-32487
(* Security fix *)
2024-04-15 13:30:43 +02:00
Patrick J Volkerding
47084e3f2f
Fri Apr 12 19:08:59 UTC 2024
...
extra/php81/php81-8.1.28-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
Command injection via array-ish $command parameter of proc_open.
__Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix.
Password_verify can erroneously return true, opening ATO risk.
For more information, see:
https://www.php.net/ChangeLog-8.php#8.1.28
https://www.cve.org/CVERecord?id=CVE-2024-1874
https://www.cve.org/CVERecord?id=CVE-2024-2756
https://www.cve.org/CVERecord?id=CVE-2024-3096
(* Security fix *)
2024-04-13 13:30:41 +02:00
Patrick J Volkerding
971e161e46
Mon Apr 8 18:44:37 UTC 2024
...
patches/packages/libarchive-3.7.3-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a security issue:
Fix possible vulnerability in tar error reporting introduced in f27c173
by JiaT75.
For more information, see:
f27c173d17
https://github.com/libarchive/libarchive/pull/2101
(* Security fix *)
2024-04-09 13:30:46 +02:00
Patrick J Volkerding
d5ca6849f8
Fri Apr 5 20:11:23 UTC 2024
...
extra/tigervnc/tigervnc-1.12.0-x86_64-6_slack15.0.txz: Rebuilt.
Recompiled against xorg-server-1.20.14, including the latest patches for
several security issues:
Heap buffer overread/data leakage in ProcXIGetSelectedEvents.
Heap buffer overread/data leakage in ProcXIPassiveGrabDevice.
Heap buffer overread/data leakage in ProcAppleDRICreatePixmap.
Use-after-free in ProcRenderAddGlyphs.
For more information, see:
https://lists.x.org/archives/xorg-announce/2024-April/003497.html
https://www.cve.org/CVERecord?id=CVE-2024-31080
https://www.cve.org/CVERecord?id=CVE-2024-31081
https://www.cve.org/CVERecord?id=CVE-2024-31082
https://www.cve.org/CVERecord?id=CVE-2024-31083
(* Security fix *)
2024-04-06 13:30:47 +02:00
Patrick J Volkerding
1e2fa38645
Thu Apr 4 20:49:23 UTC 2024
...
patches/packages/httpd-2.4.59-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
HTTP/2 DoS by memory exhaustion on endless continuation frames.
HTTP Response Splitting in multiple modules.
HTTP response splitting.
For more information, see:
https://downloads.apache.org/httpd/CHANGES_2.4.59
https://www.cve.org/CVERecord?id=CVE-2024-27316
https://www.cve.org/CVERecord?id=CVE-2024-24795
https://www.cve.org/CVERecord?id=CVE-2023-38709
(* Security fix *)
patches/packages/nghttp2-1.61.0-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
nghttp2 library keeps reading the unbounded number of HTTP/2 CONTINUATION
frames even after a stream is reset to keep HPACK context in sync. This
causes excessive CPU usage to decode HPACK stream. nghttp2 v1.61.0 mitigates
this vulnerability by limiting the number of CONTINUATION frames it can
accept after a HEADERS frame.
For more information, see:
https://github.com/nghttp2/nghttp2/security/advisories/GHSA-x6x3-gv8h-m57q
https://www.kb.cert.org/vuls/id/421644
https://www.cve.org/CVERecord?id=CVE-2024-28182
(* Security fix *)
2024-04-05 13:30:57 +02:00
Patrick J Volkerding
d6e7dd0417
Wed Apr 3 22:22:06 UTC 2024
...
patches/packages/xorg-server-1.20.14-x86_64-12_slack15.0.txz: Rebuilt.
This update fixes security issues:
Heap buffer overread/data leakage in ProcXIGetSelectedEvents.
Heap buffer overread/data leakage in ProcXIPassiveGrabDevice.
Heap buffer overread/data leakage in ProcAppleDRICreatePixmap.
Use-after-free in ProcRenderAddGlyphs.
For more information, see:
https://lists.x.org/archives/xorg-announce/2024-April/003497.html
https://www.cve.org/CVERecord?id=CVE-2024-31080
https://www.cve.org/CVERecord?id=CVE-2024-31081
https://www.cve.org/CVERecord?id=CVE-2024-31082
https://www.cve.org/CVERecord?id=CVE-2024-31083
(* Security fix *)
patches/packages/xorg-server-xephyr-1.20.14-x86_64-12_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xnest-1.20.14-x86_64-12_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xvfb-1.20.14-x86_64-12_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xwayland-21.1.4-x86_64-11_slack15.0.txz: Rebuilt.
This update fixes security issues:
Heap buffer overread/data leakage in ProcXIGetSelectedEvents.
Heap buffer overread/data leakage in ProcXIPassiveGrabDevice.
Use-after-free in ProcRenderAddGlyphs.
For more information, see:
https://lists.x.org/archives/xorg-announce/2024-April/003497.html
https://www.cve.org/CVERecord?id=CVE-2024-31080
https://www.cve.org/CVERecord?id=CVE-2024-31081
https://www.cve.org/CVERecord?id=CVE-2024-31083
(* Security fix *)
2024-04-04 13:30:42 +02:00
Patrick J Volkerding
3874039d9c
Fri Mar 29 02:25:21 UTC 2024
...
patches/packages/coreutils-9.5-x86_64-1_slack15.0.txz: Upgraded.
chmod -R now avoids a race where an attacker may replace a traversed file
with a symlink, causing chmod to operate on an unintended file.
[This bug was present in "the beginning".]
split --line-bytes with a mixture of very long and short lines no longer
overwrites the heap.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-0684
(* Security fix *)
2024-03-29 13:30:42 +01:00
Patrick J Volkerding
9146b9762b
Wed Mar 27 19:16:09 UTC 2024
...
patches/packages/curl-8.7.1-x86_64-1_slack15.0.txz: Upgraded.
This release fixes the following security issues:
TLS certificate check bypass with mbedTLS.
HTTP/2 push headers memory-leak.
QUIC certificate check bypass with wolfSSL.
Usage of disabled protocol.
For more information, see:
https://curl.se/docs/CVE-2024-2466.html
https://curl.se/docs/CVE-2024-2398.html
https://curl.se/docs/CVE-2024-2379.html
https://curl.se/docs/CVE-2024-2004.html
https://www.cve.org/CVERecord?id=CVE-2024-2466
https://www.cve.org/CVERecord?id=CVE-2024-2398
https://www.cve.org/CVERecord?id=CVE-2024-2379
https://www.cve.org/CVERecord?id=CVE-2024-2004
(* Security fix *)
2024-03-28 13:30:39 +01:00
Patrick J Volkerding
9543d326f2
Sun Mar 24 18:21:46 UTC 2024
...
patches/packages/emacs-29.3-x86_64-1_slack15.0.txz: Upgraded.
GNU Emacs through 28.2 allows attackers to execute commands via shell
metacharacters in the name of a source-code file, because lib-src/etags.c
uses the system C library function in its implementation of the ctags
program. For example, a victim may use the "ctags *" command (suggested in
the ctags documentation) in a situation where the current working directory
has contents that depend on untrusted input.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-45939
(* Security fix *)
2024-03-25 13:30:45 +01:00
Patrick J Volkerding
fca48db86c
Sat Mar 23 19:34:02 UTC 2024
...
patches/packages/mozilla-firefox-115.9.1esr-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a critical security issue:
An attacker was able to inject an event handler into a privileged object
that would allow arbitrary JavaScript execution in the parent process.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.9.1esr/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2024-16/
https://www.cve.org/CVERecord?id=CVE-2024-29944
(* Security fix *)
2024-03-24 13:30:44 +01:00
Patrick J Volkerding
7fee55d3d8
Wed Mar 20 21:10:30 UTC 2024
...
patches/packages/bind-9.16.49-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
patches/packages/python3-3.9.19-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
bundled libexpat was updated to 2.6.0.
zipfile is now protected from the "quoted-overlap" zipbomb.
tempfile.TemporaryDirectory cleanup no longer dereferences symlinks when
working around file system permission errors.
For more information, see:
https://pythoninsider.blogspot.com/2024/03/python-31014-3919-and-3819-is-now.html
https://www.cve.org/CVERecord?id=CVE-2023-52425
https://www.cve.org/CVERecord?id=CVE-2024-0450
https://www.cve.org/CVERecord?id=CVE-2023-6597
(* Security fix *)
testing/packages/bind-9.18.25-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
2024-03-21 13:30:40 +01:00
Patrick J Volkerding
56c5869402
Wed Mar 20 00:08:59 UTC 2024
...
patches/packages/gnutls-3.8.4-x86_64-1_slack15.0.txz: Upgraded.
This update fixes two medium severity security issues:
libgnutls: Fix side-channel in the deterministic ECDSA.
Reported by George Pantelakis (#1516 ).
libgnutls: Fixed a bug where certtool crashed when verifying a certificate
chain with more than 16 certificates. Reported by William Woodruff (#1525 )
and yixiangzhike (#1527 ).
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-28834
https://www.cve.org/CVERecord?id=CVE-2024-28835
(* Security fix *)
patches/packages/mozilla-firefox-115.9.0esr-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.9.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2024-13/
https://www.cve.org/CVERecord?id=CVE-2024-0743
https://www.cve.org/CVERecord?id=CVE-2024-2605
https://www.cve.org/CVERecord?id=CVE-2024-2607
https://www.cve.org/CVERecord?id=CVE-2024-2608
https://www.cve.org/CVERecord?id=CVE-2024-2616
https://www.cve.org/CVERecord?id=CVE-2023-5388
https://www.cve.org/CVERecord?id=CVE-2024-2610
https://www.cve.org/CVERecord?id=CVE-2024-2611
https://www.cve.org/CVERecord?id=CVE-2024-2612
https://www.cve.org/CVERecord?id=CVE-2024-2614
(* Security fix *)
patches/packages/mozilla-thunderbird-115.9.0-x86_64-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.9.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2024-14/
https://www.cve.org/CVERecord?id=CVE-2024-0743
https://www.cve.org/CVERecord?id=CVE-2024-2605
https://www.cve.org/CVERecord?id=CVE-2024-2607
https://www.cve.org/CVERecord?id=CVE-2024-2608
https://www.cve.org/CVERecord?id=CVE-2024-2616
https://www.cve.org/CVERecord?id=CVE-2023-5388
https://www.cve.org/CVERecord?id=CVE-2024-2610
https://www.cve.org/CVERecord?id=CVE-2024-2611
https://www.cve.org/CVERecord?id=CVE-2024-2612
https://www.cve.org/CVERecord?id=CVE-2024-2614
(* Security fix *)
2024-03-20 13:30:42 +01:00
Patrick J Volkerding
735bb1f74b
Wed Mar 13 19:46:48 UTC 2024
...
patches/packages/expat-2.6.2-x86_64-1_slack15.0.txz: Upgraded.
Prevent billion laughs attacks with isolated use of external parsers.
For more information, see:
1d50b80cf3
https://www.cve.org/CVERecord?id=CVE-2024-28757
(* Security fix *)
2024-03-14 13:30:42 +01:00
Patrick J Volkerding
c131b21d96
Fri Mar 8 19:20:11 UTC 2024
...
patches/packages/xfce4-weather-plugin-0.11.2-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
2024-03-09 13:30:47 +01:00
Patrick J Volkerding
9f285815b9
Thu Mar 7 20:40:08 UTC 2024
...
patches/packages/ghostscript-9.55.0-x86_64-2_slack15.0.txz: Rebuilt.
Fixes security issues:
A vulnerability was identified in the way Ghostscript/GhostPDL called
tesseract for the OCR devices, which could allow arbitrary code execution.
Thanks to J_W for the heads-up.
Mishandling of permission validation for pipe devices could allow arbitrary
code execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36664
(* Security fix *)
2024-03-08 13:30:42 +01:00
Patrick J Volkerding
f4d1d3ac7d
Tue Mar 5 21:16:50 UTC 2024
...
patches/packages/mozilla-thunderbird-115.8.1-x86_64-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.8.1/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2024-11/
https://www.cve.org/CVERecord?id=CVE-2024-1936
(* Security fix *)
patches/packages/postfix-3.6.15-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.postfix.org/announcements/postfix-3.8.6.html
2024-03-06 13:30:42 +01:00
Patrick J Volkerding
ce64f0a935
Fri Mar 1 22:13:28 UTC 2024
...
patches/packages/expat-2.6.1-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
2024-03-02 13:31:26 +01:00
Patrick J Volkerding
cec16b4f7e
Thu Feb 29 19:11:19 UTC 2024
...
patches/packages/openjpeg-2.5.2-x86_64-1_slack15.0.txz: Upgraded.
Fixed a regression in openjpeg-2.5.1:
API breakage / openjpeg version no longer detected (openjpeg.h no longer
includes opj_config.h).
2024-03-01 13:30:44 +01:00
Patrick J Volkerding
970e55afb6
Wed Feb 28 18:36:48 UTC 2024
...
patches/packages/wpa_supplicant-2.10-x86_64-2_slack15.0.txz: Rebuilt.
Patched the implementation of PEAP in wpa_supplicant to prevent an
authentication bypass. For a successful attack, wpa_supplicant must be
configured to not verify the network's TLS certificate during Phase 1
authentication, and an eap_peap_decrypt vulnerability can then be abused
to skip Phase 2 authentication. The attack vector is sending an EAP-TLV
Success packet instead of starting Phase 2. This allows an adversary to
impersonate Enterprise Wi-Fi networks.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-52160
(* Security fix *)
2024-02-29 13:30:42 +01:00
Patrick J Volkerding
6008910371
Mon Feb 26 20:09:43 UTC 2024
...
patches/packages/openjpeg-2.5.1-x86_64-1_slack15.0.txz: Upgraded.
Fixed a heap-based buffer overflow in openjpeg in color.c:379:42 in
sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use
this to execute arbitrary code with the permissions of the application
compiled against openjpeg.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2021-3575
(* Security fix *)
2024-02-27 13:30:41 +01:00
Patrick J Volkerding
76371c76c5
Sun Feb 25 19:16:52 UTC 2024
...
patches/packages/whois-5.5.21-x86_64-1_slack15.0.txz: Upgraded.
Updated the .cv and .sd TLD servers.
Removed 4 new gTLDs which are no longer active.
2024-02-26 13:30:47 +01:00
Patrick J Volkerding
c33fb28229
Fri Feb 23 20:37:29 UTC 2024
...
patches/packages/dcron-4.5-x86_64-13_slack15.0.txz: Rebuilt.
This is a bugfix release.
run-parts.8: document skiping *.orig files. Thanks to metaed.
2024-02-24 13:30:44 +01:00
Patrick J Volkerding
14f2469b12
Wed Feb 21 20:00:08 UTC 2024
...
patches/packages/dcron-4.5-x86_64-12_slack15.0.txz: Rebuilt.
This is a bugfix release.
run-parts: skip *.orig files. Thanks to metaed.
patches/packages/mozilla-thunderbird-115.8.0-x86_64-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.8.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2024-07/
https://www.cve.org/CVERecord?id=CVE-2024-1546
https://www.cve.org/CVERecord?id=CVE-2024-1547
https://www.cve.org/CVERecord?id=CVE-2024-1548
https://www.cve.org/CVERecord?id=CVE-2024-1549
https://www.cve.org/CVERecord?id=CVE-2024-1550
https://www.cve.org/CVERecord?id=CVE-2024-1551
https://www.cve.org/CVERecord?id=CVE-2024-1552
https://www.cve.org/CVERecord?id=CVE-2024-1553
(* Security fix *)
2024-02-22 13:39:58 +01:00
Patrick J Volkerding
bdfa16c82f
Tue Feb 20 21:08:27 UTC 2024
...
patches/packages/libuv-1.48.0-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a server-side request forgery (SSRF) flaw.
Thanks to alex2grad for the heads-up.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-24806
(* Security fix *)
2024-02-21 13:30:43 +01:00
Patrick J Volkerding
b9cc8f3425
Sun Feb 18 21:03:57 UTC 2024
...
extra/llvm-17.0.6-x86_64-1_slack15.0.txz: Added.
In case anyone needs a newer compiler.
extra/llvm13-compat-13.0.0-x86_64-1_slack15.0.txz: Added.
In case anyone needs to run binaries linked to the old compiler.
2024-02-19 13:30:46 +01:00
Patrick J Volkerding
bdd6ac9360
Fri Feb 16 20:18:59 UTC 2024
...
patches/packages/ca-certificates-20240216-noarch-1_slack15.0.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
2024-02-17 13:30:46 +01:00
Patrick J Volkerding
9847738ba0
Wed Feb 14 04:18:12 UTC 2024
...
patches/packages/dnsmasq-2.90-x86_64-1_slack15.0.txz: Upgraded.
Add limits on the resources used to do DNSSEC validation.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-50387
https://www.cve.org/CVERecord?id=CVE-2023-50868
(* Security fix *)
2024-02-15 13:30:47 +01:00
Patrick J Volkerding
cd44edc237
Tue Feb 13 19:19:24 UTC 2024
...
patches/packages/bind-9.16.48-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and security issues:
Specific DNS answers could cause a denial-of-service condition due to DNS
validation taking a long time.
Query patterns that continuously triggered cache database maintenance could
exhaust all available memory on the host running named.
Restore DNS64 state when handling a serve-stale timeout.
Specific queries could trigger an assertion check with nxdomain-redirect
enabled.
Speed up parsing of DNS messages with many different names.
For more information, see:
https://kb.isc.org/docs/cve-2023-50387
https://www.cve.org/CVERecord?id=CVE-2023-50387
https://kb.isc.org/docs/cve-2023-6516
https://www.cve.org/CVERecord?id=CVE-2023-6516
https://kb.isc.org/docs/cve-2023-5679
https://www.cve.org/CVERecord?id=CVE-2023-5679
https://kb.isc.org/docs/cve-2023-5517
https://www.cve.org/CVERecord?id=CVE-2023-5517
https://kb.isc.org/docs/cve-2023-4408
https://www.cve.org/CVERecord?id=CVE-2023-4408
(* Security fix *)
testing/packages/bind-9.18.24-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and security issues:
Specific DNS answers could cause a denial-of-service condition due to DNS
validation taking a long time.
Restore DNS64 state when handling a serve-stale timeout.
Specific queries could trigger an assertion check with nxdomain-redirect
enabled.
Speed up parsing of DNS messages with many different names.
For more information, see:
https://kb.isc.org/docs/cve-2023-50387
https://www.cve.org/CVERecord?id=CVE-2023-50387
https://kb.isc.org/docs/cve-2023-5679
https://www.cve.org/CVERecord?id=CVE-2023-5679
https://kb.isc.org/docs/cve-2023-5517
https://www.cve.org/CVERecord?id=CVE-2023-5517
https://kb.isc.org/docs/cve-2023-4408
https://www.cve.org/CVERecord?id=CVE-2023-4408
(* Security fix *)
2024-02-14 13:30:43 +01:00
Patrick J Volkerding
4f3857a3d1
Sun Feb 11 22:11:59 UTC 2024
...
patches/packages/mariadb-10.5.24-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://mariadb.com/kb/en/mariadb-10-5-24-release-notes/
2024-02-12 13:30:40 +01:00