slackware-current

mirror of git://slackware.nl/current.git synced 2024-11-16 07:48:02 +01:00

History

Patrick J Volkerding 07449d94af Mon Sep 9 00:53:17 UTC 2024 a/kernel-generic-6.10.9-x86_64-1.txz: Upgraded. a/kernel-huge-6.10.9-x86_64-1.txz: Upgraded. a/kernel-modules-6.10.9-x86_64-1.txz: Upgraded. ap/texinfo-7.1.1-x86_64-1.txz: Upgraded. d/kernel-headers-6.10.9-x86-1.txz: Upgraded. d/python3-3.11.10-x86_64-1.txz: Upgraded. This update fixes security issues: Bundled libexpat was updated to 2.6.3. Fix quadratic complexity in parsing "-quoted cookie values with backslashes by http.cookies. Fixed various false positives and false negatives in IPv4Address.is_private, IPv4Address.is_global, IPv6Address.is_private, IPv6Address.is_global. Fix urllib.parse.urlunparse() and urllib.parse.urlunsplit() for URIs with path starting with multiple slashes and no authority. Remove backtracking from tarfile header parsing for hdrcharset, PAX, and GNU sparse headers. email.utils.getaddresses() and email.utils.parseaddr() now return ('', '') 2-tuples in more situations where invalid email addresses are encountered instead of potentially inaccurate values. Add optional strict parameter to these two functions: use strict=False to get the old behavior, accept malformed inputs. getattr(email.utils, 'supports_strict_parsing', False) can be used to check if the strict paramater is available. Sanitize names in zipfile.Path to avoid infinite loops (gh-122905) without breaking contents using legitimate characters. Email headers with embedded newlines are now quoted on output. The generator will now refuse to serialize (write) headers that are unsafely folded or delimited; see verify_generated_headers. For more information, see: https://pythoninsider.blogspot.com/2024/09/python-3130rc2-3126-31110-31015-3920.html https://www.cve.org/CVERecord?id=CVE-2024-28757 https://www.cve.org/CVERecord?id=CVE-2024-45490 https://www.cve.org/CVERecord?id=CVE-2024-45491 https://www.cve.org/CVERecord?id=CVE-2024-45492 https://www.cve.org/CVERecord?id=CVE-2024-7592 https://www.cve.org/CVERecord?id=CVE-2024-4032 https://www.cve.org/CVERecord?id=CVE-2015-2104 https://www.cve.org/CVERecord?id=CVE-2024-6232 https://www.cve.org/CVERecord?id=CVE-2023-27043 https://www.cve.org/CVERecord?id=CVE-2024-8088 https://www.cve.org/CVERecord?id=CVE-2024-6923 (* Security fix ) k/kernel-source-6.10.9-noarch-1.txz: Upgraded. TEE n -> m +AMDTEE m +AMD_PMF m +AMD_PMF_DEBUG n Thanks to nick8325 for the suggestion. l/qt5-5.15.15_20240903_363456a6-x86_64-1.txz: Upgraded. x/noto-emoji-2.042-noarch-1.txz: Added. isolinux/initrd.img: Rebuilt. kernels/: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.	2024-09-09 04:00:54 +02:00
..
memtest	Slackware 14.1	2018-05-31 22:57:36 +02:00
VERSIONS.TXT	Mon Sep 9 00:53:17 UTC 2024	2024-09-09 04:00:54 +02:00

Patrick J Volkerding 07449d94af Mon Sep 9 00:53:17 UTC 2024

a/kernel-generic-6.10.9-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.10.9-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.10.9-x86_64-1.txz:  Upgraded.
ap/texinfo-7.1.1-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.10.9-x86-1.txz:  Upgraded.
d/python3-3.11.10-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  Bundled libexpat was updated to 2.6.3.
  Fix quadratic complexity in parsing "-quoted cookie values with backslashes
  by http.cookies.
  Fixed various false positives and false negatives in IPv4Address.is_private,
  IPv4Address.is_global, IPv6Address.is_private, IPv6Address.is_global.
  Fix urllib.parse.urlunparse() and urllib.parse.urlunsplit() for URIs with
  path starting with multiple slashes and no authority.
  Remove backtracking from tarfile header parsing for hdrcharset, PAX, and
  GNU sparse headers.
  email.utils.getaddresses() and email.utils.parseaddr() now return ('', '')
  2-tuples in more situations where invalid email addresses are encountered
  instead of potentially inaccurate values. Add optional strict parameter to
  these two functions: use strict=False to get the old behavior, accept
  malformed inputs. getattr(email.utils, 'supports_strict_parsing', False) can
  be used to check if the strict paramater is available.
  Sanitize names in zipfile.Path to avoid infinite loops (gh-122905) without
  breaking contents using legitimate characters.
  Email headers with embedded newlines are now quoted on output. The generator
  will now refuse to serialize (write) headers that are unsafely folded or
  delimited; see verify_generated_headers.
  For more information, see:
    https://pythoninsider.blogspot.com/2024/09/python-3130rc2-3126-31110-31015-3920.html
    https://www.cve.org/CVERecord?id=CVE-2024-28757
    https://www.cve.org/CVERecord?id=CVE-2024-45490
    https://www.cve.org/CVERecord?id=CVE-2024-45491
    https://www.cve.org/CVERecord?id=CVE-2024-45492
    https://www.cve.org/CVERecord?id=CVE-2024-7592
    https://www.cve.org/CVERecord?id=CVE-2024-4032
    https://www.cve.org/CVERecord?id=CVE-2015-2104
    https://www.cve.org/CVERecord?id=CVE-2024-6232
    https://www.cve.org/CVERecord?id=CVE-2023-27043
    https://www.cve.org/CVERecord?id=CVE-2024-8088
    https://www.cve.org/CVERecord?id=CVE-2024-6923
  (* Security fix *)
k/kernel-source-6.10.9-noarch-1.txz:  Upgraded.
   TEE n -> m
  +AMDTEE m
  +AMD_PMF m
  +AMD_PMF_DEBUG n
  Thanks to nick8325 for the suggestion.
l/qt5-5.15.15_20240903_363456a6-x86_64-1.txz:  Upgraded.
x/noto-emoji-2.042-noarch-1.txz:  Added.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.

2024-09-09 04:00:54 +02:00

memtest

Slackware 14.1

2018-05-31 22:57:36 +02:00

VERSIONS.TXT

Mon Sep 9 00:53:17 UTC 2024

2024-09-09 04:00:54 +02:00