diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2022-11-09 22:16:30 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2022-11-10 07:00:17 +0100 |
commit | e519d8d2c69426feefc2ee207e3b14940fad2d2a (patch) | |
tree | a2594ad06d1047cc0fea45bc8c48683c3c95c00e /ChangeLog.rss | |
parent | 458c6cc7f8c05cd766aaa02b9468e25a234741d1 (diff) | |
download | current-e519d8d2c69426feefc2ee207e3b14940fad2d2a.tar.gz current-e519d8d2c69426feefc2ee207e3b14940fad2d2a.tar.xz |
Wed Nov 9 22:16:30 UTC 202220221109221630
a/btrfs-progs-6.0.1-x86_64-1.txz: Upgraded.
ap/sysstat-12.7.1-x86_64-1.txz: Upgraded.
On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1,
allocate_structures contains a size_t overflow in sa_common.c. The
allocate_structures function insufficiently checks bounds before arithmetic
multiplication, allowing for an overflow in the size allocated for the
buffer representing system activities.
This issue may lead to Remote Code Execution (RCE).
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-39377
(* Security fix *)
kde/bluedevil-5.26.3.1-x86_64-1.txz: Upgraded.
kde/breeze-5.26.3.1-x86_64-1.txz: Upgraded.
kde/oxygen-sounds-5.26.3.1-x86_64-1.txz: Upgraded.
l/gdk-pixbuf2-2.42.10-x86_64-1.txz: Upgraded.
l/orc-0.4.33-x86_64-1.txz: Upgraded.
n/mobile-broadband-provider-info-20221107-x86_64-1.txz: Upgraded.
xfce/xfce4-settings-4.16.4-x86_64-1.txz: Upgraded.
Fixed an argument injection vulnerability in xfce4-mime-helper.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-45062
(* Security fix *)
Diffstat (limited to 'ChangeLog.rss')
-rw-r--r-- | ChangeLog.rss | 36 |
1 files changed, 34 insertions, 2 deletions
diff --git a/ChangeLog.rss b/ChangeLog.rss index 7ba04e475..48fabbb78 100644 --- a/ChangeLog.rss +++ b/ChangeLog.rss @@ -11,10 +11,42 @@ <description>Tracking Slackware development in git.</description> <language>en-us</language> <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id> - <pubDate>Tue, 8 Nov 2022 22:21:43 GMT</pubDate> - <lastBuildDate>Wed, 9 Nov 2022 06:00:16 GMT</lastBuildDate> + <pubDate>Wed, 9 Nov 2022 22:16:30 GMT</pubDate> + <lastBuildDate>Thu, 10 Nov 2022 06:00:15 GMT</lastBuildDate> <generator>maintain_current_git.sh v 1.17</generator> <item> + <title>Wed, 9 Nov 2022 22:16:30 GMT</title> + <pubDate>Wed, 9 Nov 2022 22:16:30 GMT</pubDate> + <link>https://git.slackware.nl/current/tag/?h=20221109221630</link> + <guid isPermaLink="false">20221109221630</guid> + <description> + <![CDATA[<pre> +a/btrfs-progs-6.0.1-x86_64-1.txz: Upgraded. +ap/sysstat-12.7.1-x86_64-1.txz: Upgraded. + On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, + allocate_structures contains a size_t overflow in sa_common.c. The + allocate_structures function insufficiently checks bounds before arithmetic + multiplication, allowing for an overflow in the size allocated for the + buffer representing system activities. + This issue may lead to Remote Code Execution (RCE). + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2022-39377 + (* Security fix *) +kde/bluedevil-5.26.3.1-x86_64-1.txz: Upgraded. +kde/breeze-5.26.3.1-x86_64-1.txz: Upgraded. +kde/oxygen-sounds-5.26.3.1-x86_64-1.txz: Upgraded. +l/gdk-pixbuf2-2.42.10-x86_64-1.txz: Upgraded. +l/orc-0.4.33-x86_64-1.txz: Upgraded. +n/mobile-broadband-provider-info-20221107-x86_64-1.txz: Upgraded. +xfce/xfce4-settings-4.16.4-x86_64-1.txz: Upgraded. + Fixed an argument injection vulnerability in xfce4-mime-helper. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2022-45062 + (* Security fix *) + </pre>]]> + </description> + </item> + <item> <title>Tue, 8 Nov 2022 22:21:43 GMT</title> <pubDate>Tue, 8 Nov 2022 22:21:43 GMT</pubDate> <link>https://git.slackware.nl/current/tag/?h=20221108222143</link> |