ap/man-db-2.11.1-x86_64-1.txz: Upgraded. ap/nano-7.0-x86_64-1.txz: Upgraded. ap/sqlite-3.40.0-x86_64-1.txz: Upgraded. kde/plasma-framework-5.100.0-x86_64-2.txz: Rebuilt. [PATCH] svgitem: do not upscale svg when using fractional scaling. l/netpbm-11.00.02-x86_64-1.txz: Upgraded. n/bind-9.18.9-x86_64-1.txz: Upgraded. n/krb5-1.20.1-x86_64-1.txz: Upgraded. Fixed integer overflows in PAC parsing. Fixed null deref in KDC when decoding invalid NDR. Fixed memory leak in OTP kdcpreauth module. Fixed PKCS11 module path search. For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-42898 (* Security fix *) n/samba-4.17.3-x86_64-1.txz: Upgraded. Fixed a security issue where Samba's Kerberos libraries and AD DC failed to guard against integer overflows when parsing a PAC on a 32-bit system, which allowed an attacker with a forged PAC to corrupt the heap. For more information, see: https://www.samba.org/samba/security/CVE-2022-42898.html https://www.cve.org/CVERecord?id=CVE-2022-42898 (* Security fix *) x/libXft-2.3.7-x86_64-1.txz: Upgraded. x/wayland-protocols-1.29-noarch-1.txz: Upgraded. xap/mozilla-firefox-107.0-x86_64-1.txz: Upgraded. This update contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/firefox/107.0/releasenotes/ https://www.mozilla.org/security/advisories/mfsa2022-47/ https://www.cve.org/CVERecord?id=CVE-2022-45403 https://www.cve.org/CVERecord?id=CVE-2022-45404 https://www.cve.org/CVERecord?id=CVE-2022-45405 https://www.cve.org/CVERecord?id=CVE-2022-45406 https://www.cve.org/CVERecord?id=CVE-2022-45407 https://www.cve.org/CVERecord?id=CVE-2022-45408 https://www.cve.org/CVERecord?id=CVE-2022-45409 https://www.cve.org/CVERecord?id=CVE-2022-45410 https://www.cve.org/CVERecord?id=CVE-2022-45411 https://www.cve.org/CVERecord?id=CVE-2022-45412 https://www.cve.org/CVERecord?id=CVE-2022-45413 https://www.cve.org/CVERecord?id=CVE-2022-40674 https://www.cve.org/CVERecord?id=CVE-2022-45415 https://www.cve.org/CVERecord?id=CVE-2022-45416 https://www.cve.org/CVERecord?id=CVE-2022-45417 https://www.cve.org/CVERecord?id=CVE-2022-45418 https://www.cve.org/CVERecord?id=CVE-2022-45419 https://www.cve.org/CVERecord?id=CVE-2022-45420 https://www.cve.org/CVERecord?id=CVE-2022-45421 (* Security fix *) xap/mozilla-thunderbird-102.5.0-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/102.5.0/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/ https://www.cve.org/CVERecord?id=CVE-2022-45403 https://www.cve.org/CVERecord?id=CVE-2022-45404 https://www.cve.org/CVERecord?id=CVE-2022-45405 https://www.cve.org/CVERecord?id=CVE-2022-45406 https://www.cve.org/CVERecord?id=CVE-2022-45408 https://www.cve.org/CVERecord?id=CVE-2022-45409 https://www.cve.org/CVERecord?id=CVE-2022-45410 https://www.cve.org/CVERecord?id=CVE-2022-45411 https://www.cve.org/CVERecord?id=CVE-2022-45412 https://www.cve.org/CVERecord?id=CVE-2022-45416 https://www.cve.org/CVERecord?id=CVE-2022-45418 https://www.cve.org/CVERecord?id=CVE-2022-45420 https://www.cve.org/CVERecord?id=CVE-2022-45421 (* Security fix *) xfce/xfce4-settings-4.16.5-x86_64-1.txz: Upgraded. This update fixes regressions in the previous security fix: mime-settings: Properly quote command parameters. Revert "Escape characters which do not belong into an URI/URL (Issue #390)."
