slackware-current

mirror of git://slackware.nl/current.git synced 2025-01-18 22:27:20 +01:00

History

Patrick J Volkerding 39f1d1796b Tue Jan 14 23:53:04 UTC 2025 a/lzlib-1.15-x86_64-1.txz: Upgraded. a/plzip-1.12-x86_64-1.txz: Upgraded. d/llvm-19.1.7-x86_64-1.txz: Upgraded. l/libqalculate-5.5.0-x86_64-1.txz: Upgraded. n/gnupg2-2.5.3-x86_64-1.txz: Upgraded. n/rsync-3.4.0-x86_64-1.txz: Upgraded. This is a security release, fixing several important security vulnerabilities: Heap Buffer Overflow in Checksum Parsing. Info Leak via uninitialized Stack contents defeats ASLR. Server leaks arbitrary client files. Server can make client write files outside of destination directory using symbolic links. --safe-links Bypass. Symlink race condition. Many thanks to Simon Scannell, Pedro Gallegos, and Jasiel Spelman at Google Cloud Vulnerability Research and Aleksei Gorban (Loqpa) for discovering these vulnerabilities and working with the rsync project to develop and test fixes. For more information, see: https://kb.cert.org/vuls/id/952657 https://www.cve.org/CVERecord?id=CVE-2024-12084 https://www.cve.org/CVERecord?id=CVE-2024-12085 https://www.cve.org/CVERecord?id=CVE-2024-12086 https://www.cve.org/CVERecord?id=CVE-2024-12087 https://www.cve.org/CVERecord?id=CVE-2024-12088 https://www.cve.org/CVERecord?id=CVE-2024-12747 (* Security fix *) xap/qalculate-gtk-5.5.0-x86_64-1.txz: Upgraded. xap/qalculate-qt-5.5.0-x86_64-1.txz: Upgraded.	2025-01-15 01:55:25 +01:00
..
lzlib.SlackBuild	Tue Jan 14 23:53:04 UTC 2025	2025-01-15 01:55:25 +01:00
slack-desc	Mon May 28 19:12:29 UTC 2018	2018-05-31 23:39:35 +02:00

Patrick J Volkerding 39f1d1796b Tue Jan 14 23:53:04 UTC 2025

a/lzlib-1.15-x86_64-1.txz:  Upgraded.
a/plzip-1.12-x86_64-1.txz:  Upgraded.
d/llvm-19.1.7-x86_64-1.txz:  Upgraded.
l/libqalculate-5.5.0-x86_64-1.txz:  Upgraded.
n/gnupg2-2.5.3-x86_64-1.txz:  Upgraded.
n/rsync-3.4.0-x86_64-1.txz:  Upgraded.
  This is a security release, fixing several important security vulnerabilities:
  Heap Buffer Overflow in Checksum Parsing.
  Info Leak via uninitialized Stack contents defeats ASLR.
  Server leaks arbitrary client files.
  Server can make client write files outside of destination directory using symbolic links.
  --safe-links Bypass.
  Symlink race condition.
  Many thanks to Simon Scannell, Pedro Gallegos, and Jasiel Spelman at
  Google Cloud Vulnerability Research and Aleksei Gorban (Loqpa) for
  discovering these vulnerabilities and working with the rsync project
  to develop and test fixes.
  For more information, see:
    https://kb.cert.org/vuls/id/952657
    https://www.cve.org/CVERecord?id=CVE-2024-12084
    https://www.cve.org/CVERecord?id=CVE-2024-12085
    https://www.cve.org/CVERecord?id=CVE-2024-12086
    https://www.cve.org/CVERecord?id=CVE-2024-12087
    https://www.cve.org/CVERecord?id=CVE-2024-12088
    https://www.cve.org/CVERecord?id=CVE-2024-12747
  (* Security fix *)
xap/qalculate-gtk-5.5.0-x86_64-1.txz:  Upgraded.
xap/qalculate-qt-5.5.0-x86_64-1.txz:  Upgraded.

2025-01-15 01:55:25 +01:00

lzlib.SlackBuild

Tue Jan 14 23:53:04 UTC 2025

2025-01-15 01:55:25 +01:00

slack-desc

Mon May 28 19:12:29 UTC 2018

2018-05-31 23:39:35 +02:00