mirror of
git://slackware.nl/current.git
synced 2024-12-28 09:59:53 +01:00
7453cf8b30
patches/packages/apr-1.7.2-x86_64-1_slack15.0.txz: Upgraded. This update fixes security issues: Integer Overflow or Wraparound vulnerability in apr_encode functions of Apache Portable Runtime (APR) allows an attacker to write beyond bounds of a buffer. (CVE-2022-24963) Restore fix for out-of-bounds array dereference in apr_time_exp*() functions. (This issue was addressed as CVE-2017-12613 in APR 1.6.3 and later 1.6.x releases, but was missing in 1.7.0.) (CVE-2021-35940) For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-24963 https://www.cve.org/CVERecord?id=CVE-2021-35940 https://www.cve.org/CVERecord?id=CVE-2017-12613 (* Security fix *) patches/packages/apr-util-1.6.3-x86_64-1_slack15.0.txz: Upgraded. This update fixes a security issue: Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer. (CVE-2022-25147) For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-25147 (* Security fix *) patches/packages/mozilla-thunderbird-102.7.1-x86_64-1_slack15.0.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/102.7.1/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2023-04/ https://www.cve.org/CVERecord?id=CVE-2023-0430 (* Security fix *) |
||
---|---|---|
.. | ||
apr-util.SlackBuild | ||
apr-util.url | ||
slack-desc |