patches/packages/ca-certificates-20230506-noarch-1_slack15.0.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
patches/packages/libssh-0.10.5-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
A NULL dereference during rekeying with algorithm guessing.
A possible authorization bypass in pki_verify_data_signature under
low-memory conditions.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-1667https://www.cve.org/CVERecord?id=CVE-2023-2283
(* Security fix *)
patches/packages/whois-5.5.17-x86_64-1_slack15.0.txz: Upgraded.
Added the .cd TLD server.
Updated the -kg NIC handles server name.
Removed 2 new gTLDs which are no longer active.
patches/packages/netatalk-3.1.15-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues, including a critical vulnerability that
allows remote attackers to execute arbitrary code on affected installations
of Netatalk. Authentication is not required to exploit this vulnerability.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-43634https://www.cve.org/CVERecord?id=CVE-2022-45188
(* Security fix *)
patches/packages/git-2.35.8-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
By feeding specially crafted input to `git apply --reject`, a
path outside the working tree can be overwritten with partially
controlled contents (corresponding to the rejected hunk(s) from
the given patch).
When Git is compiled with runtime prefix support and runs without
translated messages, it still used the gettext machinery to
display messages, which subsequently potentially looked for
translated messages in unexpected places. This allowed for
malicious placement of crafted messages.
When renaming or deleting a section from a configuration file,
certain malicious configuration values may be misinterpreted as
the beginning of a new configuration section, leading to arbitrary
configuration injection.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-25652https://www.cve.org/CVERecord?id=CVE-2023-25815https://www.cve.org/CVERecord?id=CVE-2023-29007
(* Security fix *)
patches/packages/mozilla-thunderbird-102.10.1-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/102.10.1/releasenotes/
patches/packages/bind-9.16.40-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
testing/packages/bind-9.18.14-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
patches/packages/zstd-1.5.5-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release. The primary focus is to correct a rare corruption
bug in high compression mode. While the probability might be very small,
corruption issues are nonetheless very serious, so an update to this version
is highly recommended, especially if you employ high compression modes
(levels 16+).
patches/packages/irssi-1.4.4-x86_64-1_slack15.0.txz: Upgraded.
Do not crash Irssi when one line is printed as the result of another line
being printed.
Also solve a memory leak while printing unformatted lines.
(* Security fix *)
patches/packages/glibc-zoneinfo-2023c-noarch-1_slack15.0.txz: Upgraded.
This package provides the latest timezone updates.
patches/packages/mozilla-thunderbird-102.9.1-x86_64-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/102.9.1/releasenotes/https://www.mozilla.org/en-US/security/advisories/mfsa2023-12/https://www.cve.org/CVERecord?id=CVE-2023-28427
(* Security fix *)
patches/packages/xorg-server-1.20.14-x86_64-8_slack15.0.txz: Rebuilt.
[PATCH] composite: Fix use-after-free of the COW.
Fix use-after-free that can lead to local privileges elevation on systems
where the X server is running privileged and remote code execution for ssh
X forwarding sessions.
For more information, see:
https://lists.x.org/archives/xorg-announce/2023-March/003374.htmlhttps://www.cve.org/CVERecord?id=CVE-2023-1393
(* Security fix *)
patches/packages/xorg-server-xephyr-1.20.14-x86_64-8_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xnest-1.20.14-x86_64-8_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xvfb-1.20.14-x86_64-8_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xwayland-21.1.4-x86_64-7_slack15.0.txz: Rebuilt.
[PATCH] composite: Fix use-after-free of the COW.
Fix use-after-free that can lead to local privileges elevation on systems
where the X server is running privileged and remote code execution for ssh
X forwarding sessions.
For more information, see:
https://lists.x.org/archives/xorg-announce/2023-March/003374.htmlhttps://www.cve.org/CVERecord?id=CVE-2023-1393
(* Security fix *)
patches/packages/glibc-zoneinfo-2023b-noarch-1_slack15.0.txz: Upgraded.
This package provides the latest timezone updates.
patches/packages/tar-1.34-x86_64-2_slack15.0.txz: Rebuilt.
GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use
of uninitialized memory for a conditional jump. Exploitation to change the
flow of control has not been demonstrated. The issue occurs in from_header
in list.c via a V7 archive in which mtime has approximately 11 whitespace
characters.
Thanks to marav for the heads-up.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-48303
(* Security fix *)
patches/packages/whois-5.5.16-x86_64-1_slack15.0.txz: Upgraded.
Add bash completion support, courtesy of Ville Skytta.
Updated the .tr TLD server.
Removed support for -metu NIC handles.
patches/packages/curl-7.88.0-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
HTTP multi-header compression denial of service.
HSTS amnesia with --parallel.
HSTS ignored on multiple requests.
For more information, see:
https://curl.se/docs/CVE-2023-23916.htmlhttps://curl.se/docs/CVE-2023-23915.htmlhttps://curl.se/docs/CVE-2023-23914.htmlhttps://www.cve.org/CVERecord?id=CVE-2023-23916https://www.cve.org/CVERecord?id=CVE-2023-23915https://www.cve.org/CVERecord?id=CVE-2023-23914
(* Security fix *)
patches/packages/git-2.35.7-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
Using a specially-crafted repository, Git can be tricked into using
its local clone optimization even when using a non-local transport.
Though Git will abort local clones whose source $GIT_DIR/objects
directory contains symbolic links (c.f., CVE-2022-39253), the objects
directory itself may still be a symbolic link.
These two may be combined to include arbitrary files based on known
paths on the victim's filesystem within the malicious repository's
working copy, allowing for data exfiltration in a similar manner as
CVE-2022-39253.
By feeding a crafted input to "git apply", a path outside the
working tree can be overwritten as the user who is running "git
apply".
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-22490https://www.cve.org/CVERecord?id=CVE-2023-23946
(* Security fix *)
patches/packages/gnutls-3.7.9-x86_64-1_slack15.0.txz: Upgraded.
libgnutls: Fix a Bleichenbacher oracle in the TLS RSA key exchange.
Reported by Hubert Kario (#1050). Fix developed by Alexander Sosedkin.
[GNUTLS-SA-2020-07-14, CVSS: medium] [CVE-2023-0361]
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-0361
(* Security fix *)
patches/packages/openssl-1.1.1t-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
X.400 address type confusion in X.509 GeneralName.
Timing Oracle in RSA Decryption.
Use-after-free following BIO_new_NDEF.
Double free after calling PEM_read_bio_ex.
For more information, see:
https://www.openssl.org/news/secadv/20230207.txthttps://www.cve.org/CVERecord?id=CVE-2023-0286https://www.cve.org/CVERecord?id=CVE-2022-4304https://www.cve.org/CVERecord?id=CVE-2023-0215https://www.cve.org/CVERecord?id=CVE-2022-4450
(* Security fix *)
patches/packages/openssl-solibs-1.1.1t-x86_64-1_slack15.0.txz: Upgraded.
patches/packages/xorg-server-1.20.14-x86_64-7_slack15.0.txz: Rebuilt.
[PATCH] Xi: fix potential use-after-free in DeepCopyPointerClasses.
Also merged another patch to prevent crashes when using a compositor with
the NVIDIA blob. Thanks to mdinslage, willysr, and Daedra.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-0494
(* Security fix *)
patches/packages/xorg-server-xephyr-1.20.14-x86_64-7_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xnest-1.20.14-x86_64-7_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xvfb-1.20.14-x86_64-7_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xwayland-21.1.4-x86_64-6_slack15.0.txz: Rebuilt.
[PATCH] Xi: fix potential use-after-free in DeepCopyPointerClasses.
Also merged another patch to prevent crashes when using a compositor with
the NVIDIA blob. Thanks to mdinslage, willysr, and Daedra.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-0494
(* Security fix *)
patches/packages/openssh-9.2p1-x86_64-1_slack15.0.txz: Upgraded.
This release contains fixes for two security problems and a memory safety
problem. The memory safety problem is not believed to be exploitable, but
upstream reports most network-reachable memory faults as security bugs.
This update contains some potentially incompatible changes regarding the
scp utility. For more information, see:
https://www.openssh.com/releasenotes.html#9.0
For more information, see:
https://www.openssh.com/releasenotes.html#9.2
(* Security fix *)
patches/packages/bind-9.16.37-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and the following security issues:
An UPDATE message flood could cause :iscman:`named` to exhaust all
available memory. This flaw was addressed by adding a new
:any:`update-quota` option that controls the maximum number of
outstanding DNS UPDATE messages that :iscman:`named` can hold in a
queue at any given time (default: 100).
:iscman:`named` could crash with an assertion failure when an RRSIG
query was received and :any:`stale-answer-client-timeout` was set to a
non-zero value. This has been fixed.
:iscman:`named` running as a resolver with the
:any:`stale-answer-client-timeout` option set to any value greater
than ``0`` could crash with an assertion failure, when the
:any:`recursive-clients` soft quota was reached. This has been fixed.
For more information, see:
https://kb.isc.org/docs/cve-2022-3094https://kb.isc.org/docs/cve-2022-3736https://kb.isc.org/docs/cve-2022-3924https://www.cve.org/CVERecord?id=CVE-2022-3094https://www.cve.org/CVERecord?id=CVE-2022-3736https://www.cve.org/CVERecord?id=CVE-2022-3924
(* Security fix *)
patches/packages/vim-9.0.1241-x86_64-1_slack15.0.txz: Upgraded.
Fixed a security issue:
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225.
Thanks to marav for the heads-up.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-0433
(* Security fix *)
patches/packages/vim-gvim-9.0.1241-x86_64-1_slack15.0.txz: Upgraded.
testing/packages/bind-9.18.11-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and the following security issues:
An UPDATE message flood could cause :iscman:`named` to exhaust all
available memory. This flaw was addressed by adding a new
:any:`update-quota` option that controls the maximum number of
outstanding DNS UPDATE messages that :iscman:`named` can hold in a
queue at any given time (default: 100).
:iscman:`named` could crash with an assertion failure when an RRSIG
query was received and :any:`stale-answer-client-timeout` was set to a
non-zero value. This has been fixed.
:iscman:`named` running as a resolver with the
:any:`stale-answer-client-timeout` option set to any value greater
than ``0`` could crash with an assertion failure, when the
:any:`recursive-clients` soft quota was reached. This has been fixed.
For more information, see:
https://kb.isc.org/docs/cve-2022-3094https://kb.isc.org/docs/cve-2022-3736https://kb.isc.org/docs/cve-2022-3924https://www.cve.org/CVERecord?id=CVE-2022-3094https://www.cve.org/CVERecord?id=CVE-2022-3736https://www.cve.org/CVERecord?id=CVE-2022-3924
(* Security fix *)
patches/packages/sudo-1.9.12p2-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a flaw in sudo's -e option (aka sudoedit) that could allow
a malicious user with sudoedit privileges to edit arbitrary files.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-22809
(* Security fix *)
patches/packages/netatalk-3.1.14-x86_64-1_slack15.0.txz: Upgraded.
Netatalk through 3.1.13 has an afp_getappl heap-based buffer overflow
resulting in code execution via a crafted .appl file.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-45188
(* Security fix *)
patches/packages/ca-certificates-20221205-noarch-2_slack15.0.txz: Rebuilt.
Make sure that if we're installing this package on another partition (such as
when using installpkg with a --root parameter) that the updates are done on
that partition. Thanks to fulalas.
patches/packages/libtiff-4.4.0-x86_64-1_slack15.0.txz: Upgraded.
Patched various security bugs.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-2056https://www.cve.org/CVERecord?id=CVE-2022-2057https://www.cve.org/CVERecord?id=CVE-2022-2058https://www.cve.org/CVERecord?id=CVE-2022-3970https://www.cve.org/CVERecord?id=CVE-2022-34526
(* Security fix *)
patches/packages/rxvt-unicode-9.26-x86_64-3_slack15.0.txz: Rebuilt.
When the "background" extension was loaded, an attacker able to control the
data written to the terminal would be able to execute arbitrary code as the
terminal's user. Thanks to David Leadbeater and Ben Collver.
For more information, see:
https://www.openwall.com/lists/oss-security/2022/12/05/1https://www.cve.org/CVERecord?id=CVE-2022-4170
(* Security fix *)
patches/packages/whois-5.5.15-x86_64-1_slack15.0.txz: Upgraded.
Updated the .bd, .nz and .tv TLD servers.
Added the .llyw.cymru, .gov.scot and .gov.wales SLD servers.
Updated the .ac.uk and .gov.uk SLD servers.
Recursion has been enabled for whois.nic.tv.
Updated the list of new gTLDs with four generic TLDs assigned in October 2013
which were missing due to a bug.
Removed 4 new gTLDs which are no longer active.
Added the Georgian translation, contributed by Temuri Doghonadze.
Updated the Finnish translation, contributed by Lauri Nurmi.
patches/packages/libksba-1.6.3-x86_64-1_slack15.0.txz: Upgraded.
Fix another integer overflow in the CRL's signature parser.
(* Security fix *)
patches/packages/sdl-1.2.15-x86_64-13_slack15.0.txz: Rebuilt.
This update fixes a heap overflow problem in video/SDL_pixels.c in SDL.
By crafting a malicious .BMP file, an attacker can cause the application
using this library to crash, denial of service, or code execution.
Thanks to marav for the heads-up.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2021-33657
(* Security fix *)
patches/packages/xorg-server-1.20.14-x86_64-6_slack15.0.txz: Rebuilt.
This release fixes an invalid event type mask in XTestSwapFakeInput which
was inadvertently changed from octal 0177 to hexadecimal 0x177 in the fix
for CVE-2022-46340.
patches/packages/xorg-server-xephyr-1.20.14-x86_64-6_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xnest-1.20.14-x86_64-6_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xvfb-1.20.14-x86_64-6_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xwayland-21.1.4-x86_64-5_slack15.0.txz: Rebuilt.
This release fixes an invalid event type mask in XTestSwapFakeInput which
was inadvertently changed from octal 0177 to hexadecimal 0x177 in the fix
for CVE-2022-46340.
patches/packages/libarchive-3.6.2-x86_64-2_slack15.0.txz: Rebuilt.
This update fixes a regression causing a failure to compile against
libarchive: don't include iconv in libarchive.pc.
patches/packages/samba-4.15.13-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
This is the Samba CVE for the Windows Kerberos RC4-HMAC Elevation of
Privilege Vulnerability disclosed by Microsoft on Nov 8 2022.
A Samba Active Directory DC will issue weak rc4-hmac session keys for
use between modern clients and servers despite all modern Kerberos
implementations supporting the aes256-cts-hmac-sha1-96 cipher.
On Samba Active Directory DCs and members
'kerberos encryption types = legacy'
would force rc4-hmac as a client even if the server supports
aes128-cts-hmac-sha1-96 and/or aes256-cts-hmac-sha1-96.
This is the Samba CVE for the Windows Kerberos Elevation of Privilege
Vulnerability disclosed by Microsoft on Nov 8 2022.
A service account with the special constrained delegation permission
could forge a more powerful ticket than the one it was presented with.
The "RC4" protection of the NetLogon Secure channel uses the same
algorithms as rc4-hmac cryptography in Kerberos, and so must also be
assumed to be weak.
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed
that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue
rc4-hmac encrypted tickets despite the target server supporting better
encryption (eg aes256-cts-hmac-sha1-96).
Note that there are several important behavior changes included in this
release, which may cause compatibility problems interacting with system
still expecting the former behavior.
Please read the advisories of CVE-2022-37966, CVE-2022-37967 and
CVE-2022-38023 carefully!
For more information, see:
https://www.samba.org/samba/security/CVE-2022-37966.htmlhttps://www.samba.org/samba/security/CVE-2022-37967.htmlhttps://www.samba.org/samba/security/CVE-2022-38023.htmlhttps://www.samba.org/samba/security/CVE-2022-45141.htmlhttps://www.cve.org/CVERecord?id=CVE-2022-37966https://www.cve.org/CVERecord?id=CVE-2022-37967https://www.cve.org/CVERecord?id=CVE-2022-38023https://www.cve.org/CVERecord?id=CVE-2022-45141
(* Security fix *)
patches/packages/libarchive-3.6.2-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix and security release.
Relevant bugfixes:
rar5 reader: fix possible garbled output with bsdtar -O (#1745)
mtree reader: support reading mtree files with tabs (#1783)
Security fixes:
various small fixes for issues found by CodeQL
(* Security fix *)
