mirror of
git://slackware.nl/current.git
synced 2024-12-27 09:59:16 +01:00
1e755d579a
Several ELF objects were found to have rpaths pointing into /tmp, a world writable directory. This could have allowed a local attacker to launch denial of service attacks or execute arbitrary code when the affected binaries are run by placing crafted ELF objects in the /tmp rpath location. All rpaths with an embedded /tmp path have been scrubbed from the binaries, and makepkg has gained a lint feature to detect these so that they won't creep back in. a/kernel-firmware-20241001_95bfe08-noarch-1.txz: Upgraded. a/kernel-generic-6.10.12-x86_64-1.txz: Upgraded. a/pkgtools-15.1-noarch-12.txz: Rebuilt. makepkg: when looking for ELF objects with --remove-rpaths or --remove-tmp-rpaths, avoid false hits on files containing 'ELF' as part of the directory or filename. Also warn about /tmp rpaths after the package is built. ap/cups-2.4.11-x86_64-1.txz: Upgraded. ap/cups-browsed-2.0.1-x86_64-2.txz: Rebuilt. Mitigate security issue that could lead to a denial of service or the execution of arbitrary code. Rebuilt with --with-browseremoteprotocols=none to disable incoming connections, since this daemon has been shown to be insecure. If you actually use cups-browsed, be sure to install the new /etc/cups/cups-browsed.conf.new containing this line: BrowseRemoteProtocols none For more information, see: https://www.cve.org/CVERecord?id=CVE-2024-47176 (* Security fix *) d/kernel-headers-6.10.12-x86-1.txz: Upgraded. d/llvm-18.1.8-x86_64-3.txz: Rebuilt. Remove rpaths from binaries. (* Security fix *) d/luajit-2.1.1727621189-x86_64-1.txz: Upgraded. d/ruby-3.3.5-x86_64-2.txz: Rebuilt. Remove rpaths from binaries. (* Security fix *) k/kernel-source-6.10.12-noarch-1.txz: Upgraded. kde/kimageformats-5.116.0-x86_64-2.txz: Rebuilt. Recompiled against openexr-3.3.0. kde/kio-extras-23.08.5-x86_64-2.txz: Rebuilt. Recompiled against openexr-3.3.0. kde/krita-5.2.5-x86_64-2.txz: Rebuilt. Recompiled against openexr-3.3.0. kde/libindi-2.1.0-x86_64-1.txz: Upgraded. l/cryfs-0.10.3-x86_64-13.txz: Rebuilt. Remove rpaths from binaries. (* Security fix *) l/espeak-ng-1.51.1-x86_64-2.txz: Rebuilt. Remove rpaths from binaries. (* Security fix *) l/ffmpeg-7.1-x86_64-1.txz: Upgraded. l/gegl-0.4.48-x86_64-3.txz: Rebuilt. Recompiled against openexr-3.3.0. l/gst-plugins-bad-free-1.24.8-x86_64-2.txz: Rebuilt. Recompiled against openexr-3.3.0. l/imagemagick-7.1.1_38-x86_64-2.txz: Rebuilt. Recompiled against openexr-3.3.0. l/libgsf-1.14.53-x86_64-1.txz: Upgraded. l/librsvg-2.58.5-x86_64-1.txz: Upgraded. l/libvncserver-0.9.14-x86_64-3.txz: Rebuilt. Remove rpaths from binaries. (* Security fix *) l/mozjs128-128.3.0esr-x86_64-1.txz: Upgraded. l/netpbm-11.08.00-x86_64-1.txz: Upgraded. l/opencv-4.10.0-x86_64-3.txz: Rebuilt. Recompiled against openexr-3.3.0. l/openexr-3.3.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. l/python-glad2-2.0.8-x86_64-1.txz: Upgraded. l/python-pyproject-hooks-1.2.0-x86_64-1.txz: Upgraded. l/spirv-llvm-translator-18.1.4-x86_64-2.txz: Rebuilt. Remove rpaths from binaries. (* Security fix *) l/woff2-20231106_0f4d304-x86_64-2.txz: Rebuilt. Remove rpaths from binaries. (* Security fix *) n/openobex-1.7.2-x86_64-6.txz: Rebuilt. Remove rpaths from binaries. (* Security fix *) x/marisa-0.2.6-x86_64-11.txz: Rebuilt. Remove rpaths from binaries. (* Security fix *) xap/gimp-2.10.38-x86_64-2.txz: Rebuilt. Recompiled against openexr-3.3.0. xap/mozilla-firefox-128.3.0esr-x86_64-1.txz: Upgraded. This update contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/firefox/128.3.0/releasenotes/ https://www.mozilla.org/security/advisories/mfsa2024-47 https://www.cve.org/CVERecord?id=CVE-2024-9392 https://www.cve.org/CVERecord?id=CVE-2024-9393 https://www.cve.org/CVERecord?id=CVE-2024-9394 https://www.cve.org/CVERecord?id=CVE-2024-8900 https://www.cve.org/CVERecord?id=CVE-2024-9396 https://www.cve.org/CVERecord?id=CVE-2024-9397 https://www.cve.org/CVERecord?id=CVE-2024-9398 https://www.cve.org/CVERecord?id=CVE-2024-9399 https://www.cve.org/CVERecord?id=CVE-2024-9400 https://www.cve.org/CVERecord?id=CVE-2024-9401 https://www.cve.org/CVERecord?id=CVE-2024-9402 (* Security fix *) xap/xlockmore-5.80-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. testing/packages/kernel-generic-6.11.1-x86_64-1.txz: Upgraded. testing/packages/kernel-headers-6.11.1-x86-1.txz: Upgraded. testing/packages/kernel-source-6.11.1-noarch-1.txz: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. |
||
---|---|---|
.. | ||
anthy-unicode | ||
cldr-emoji-annotation | ||
compiz | ||
dejavu-fonts-ttf | ||
egl-wayland | ||
eglexternalplatform | ||
fcitx5 | ||
fcitx5-anthy | ||
fcitx5-chinese-addons | ||
fcitx5-gtk | ||
fcitx5-hangul | ||
fcitx5-kkc | ||
fcitx5-m17n | ||
fcitx5-qt | ||
fcitx5-sayura | ||
fcitx5-table-extra | ||
fcitx5-table-other | ||
fcitx5-unikey | ||
fontconfig | ||
freeglut | ||
glew | ||
glu | ||
hack-fonts-ttf | ||
ibus | ||
ibus-anthy | ||
ibus-hangul | ||
ibus-kkc | ||
ibus-libpinyin | ||
ibus-m17n | ||
ibus-table | ||
ibus-unikey | ||
intel-vaapi-driver | ||
libdrm | ||
libepoxy | ||
liberation-fonts-ttf | ||
libevdev | ||
libgee | ||
libglvnd | ||
libhangul | ||
libime | ||
libinput | ||
libkkc | ||
libkkc-data | ||
libmypaint | ||
libpinyin | ||
libva | ||
libva-utils | ||
libvdpau | ||
libwacom | ||
libXaw3dXft | ||
libXcm | ||
m17n-lib | ||
marisa | ||
mesa | ||
motif | ||
mtdev | ||
mypaint-brushes | ||
noto-cjk-fonts-ttf | ||
noto-emoji | ||
noto-fonts-ttf | ||
OpenCC | ||
pyxdg | ||
sazanami-fonts-ttf | ||
sddm | ||
sinhala_lklug-font-ttf | ||
skkdic | ||
tibmachuni-font-ttf | ||
ttf-indic-fonts | ||
ttf-tlwg | ||
urw-core35-fonts-otf | ||
vulkan-sdk | ||
wayland | ||
wayland-protocols | ||
wqy-zenhei-font-ttf | ||
x11 | ||
x11-skel | ||
xcb-imdkit | ||
xcm | ||
xdg-desktop-portal | ||
xdg-user-dirs | ||
xdg-utils | ||
xorg-server-xwayland | ||
xterm | ||
FTBFSlog |