diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2023-02-15 03:05:40 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2023-02-16 01:30:36 +0100 |
commit | ad9ea8bf781935db257f79f0efd1e0744c8e02c2 (patch) | |
tree | 9da82fc636b78ff4ff4e05b6c586b9f50b49674a /ChangeLog.rss | |
parent | 57c03ef31c0605de681f1b0b851a48985f59baa9 (diff) | |
download | current-ad9ea8bf781935db257f79f0efd1e0744c8e02c2.tar.gz current-ad9ea8bf781935db257f79f0efd1e0744c8e02c2.tar.xz |
Wed Feb 15 03:05:40 UTC 202320230215030540_15.0
extra/php80/php80-8.0.28-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
Core: Password_verify() always return true with some hash.
Core: 1-byte array overrun in common path resolve code.
SAPI: DOS vulnerability when parsing multipart request body.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-0567
https://www.cve.org/CVERecord?id=CVE-2023-0568
https://www.cve.org/CVERecord?id=CVE-2023-0662
(* Security fix *)
extra/php81/php81-8.1.16-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
Core: Password_verify() always return true with some hash.
Core: 1-byte array overrun in common path resolve code.
SAPI: DOS vulnerability when parsing multipart request body.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-0567
https://www.cve.org/CVERecord?id=CVE-2023-0568
https://www.cve.org/CVERecord?id=CVE-2023-0662
(* Security fix *)
patches/packages/hwdata-0.367-noarch-1_slack15.0.txz: Upgraded.
Upgraded to get information for newer hardware.
Requested by kingbeowulf on LQ.
patches/packages/mozilla-firefox-102.8.0esr-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/102.8.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/
https://www.cve.org/CVERecord?id=CVE-2023-25728
https://www.cve.org/CVERecord?id=CVE-2023-25730
https://www.cve.org/CVERecord?id=CVE-2023-25743
https://www.cve.org/CVERecord?id=CVE-2023-0767
https://www.cve.org/CVERecord?id=CVE-2023-25735
https://www.cve.org/CVERecord?id=CVE-2023-25737
https://www.cve.org/CVERecord?id=CVE-2023-25738
https://www.cve.org/CVERecord?id=CVE-2023-25739
https://www.cve.org/CVERecord?id=CVE-2023-25729
https://www.cve.org/CVERecord?id=CVE-2023-25732
https://www.cve.org/CVERecord?id=CVE-2023-25734
https://www.cve.org/CVERecord?id=CVE-2023-25742
https://www.cve.org/CVERecord?id=CVE-2023-25746
(* Security fix *)
patches/packages/php-7.4.33-x86_64-3_slack15.0.txz: Rebuilt.
This update fixes security issues:
Core: Password_verify() always return true with some hash.
Core: 1-byte array overrun in common path resolve code.
SAPI: DOS vulnerability when parsing multipart request body.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-0567
https://www.cve.org/CVERecord?id=CVE-2023-0568
https://www.cve.org/CVERecord?id=CVE-2023-0662
(* Security fix *)
Diffstat (limited to 'ChangeLog.rss')
-rw-r--r-- | ChangeLog.rss | 66 |
1 files changed, 64 insertions, 2 deletions
diff --git a/ChangeLog.rss b/ChangeLog.rss index 052cae115..f96a5a1ee 100644 --- a/ChangeLog.rss +++ b/ChangeLog.rss @@ -11,10 +11,72 @@ <description>Tracking Slackware development in git.</description> <language>en-us</language> <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id> - <pubDate>Fri, 10 Feb 2023 20:08:41 GMT</pubDate> - <lastBuildDate>Sat, 11 Feb 2023 12:30:19 GMT</lastBuildDate> + <pubDate>Wed, 15 Feb 2023 03:05:40 GMT</pubDate> + <lastBuildDate>Thu, 16 Feb 2023 00:30:23 GMT</lastBuildDate> <generator>maintain_current_git.sh v 1.17</generator> <item> + <title>Wed, 15 Feb 2023 03:05:40 GMT</title> + <pubDate>Wed, 15 Feb 2023 03:05:40 GMT</pubDate> + <link>https://git.slackware.nl/current/tag/?h=20230215030540</link> + <guid isPermaLink="false">20230215030540</guid> + <description> + <![CDATA[<pre> +extra/php80/php80-8.0.28-x86_64-1_slack15.0.txz: Upgraded. + This update fixes security issues: + Core: Password_verify() always return true with some hash. + Core: 1-byte array overrun in common path resolve code. + SAPI: DOS vulnerability when parsing multipart request body. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2023-0567 + https://www.cve.org/CVERecord?id=CVE-2023-0568 + https://www.cve.org/CVERecord?id=CVE-2023-0662 + (* Security fix *) +extra/php81/php81-8.1.16-x86_64-1_slack15.0.txz: Upgraded. + This update fixes security issues: + Core: Password_verify() always return true with some hash. + Core: 1-byte array overrun in common path resolve code. + SAPI: DOS vulnerability when parsing multipart request body. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2023-0567 + https://www.cve.org/CVERecord?id=CVE-2023-0568 + https://www.cve.org/CVERecord?id=CVE-2023-0662 + (* Security fix *) +patches/packages/hwdata-0.367-noarch-1_slack15.0.txz: Upgraded. + Upgraded to get information for newer hardware. + Requested by kingbeowulf on LQ. +patches/packages/mozilla-firefox-102.8.0esr-x86_64-1_slack15.0.txz: Upgraded. + This update contains security fixes and improvements. + For more information, see: + https://www.mozilla.org/en-US/firefox/102.8.0/releasenotes/ + https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/ + https://www.cve.org/CVERecord?id=CVE-2023-25728 + https://www.cve.org/CVERecord?id=CVE-2023-25730 + https://www.cve.org/CVERecord?id=CVE-2023-25743 + https://www.cve.org/CVERecord?id=CVE-2023-0767 + https://www.cve.org/CVERecord?id=CVE-2023-25735 + https://www.cve.org/CVERecord?id=CVE-2023-25737 + https://www.cve.org/CVERecord?id=CVE-2023-25738 + https://www.cve.org/CVERecord?id=CVE-2023-25739 + https://www.cve.org/CVERecord?id=CVE-2023-25729 + https://www.cve.org/CVERecord?id=CVE-2023-25732 + https://www.cve.org/CVERecord?id=CVE-2023-25734 + https://www.cve.org/CVERecord?id=CVE-2023-25742 + https://www.cve.org/CVERecord?id=CVE-2023-25746 + (* Security fix *) +patches/packages/php-7.4.33-x86_64-3_slack15.0.txz: Rebuilt. + This update fixes security issues: + Core: Password_verify() always return true with some hash. + Core: 1-byte array overrun in common path resolve code. + SAPI: DOS vulnerability when parsing multipart request body. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2023-0567 + https://www.cve.org/CVERecord?id=CVE-2023-0568 + https://www.cve.org/CVERecord?id=CVE-2023-0662 + (* Security fix *) + </pre>]]> + </description> + </item> + <item> <title>Fri, 10 Feb 2023 20:08:41 GMT</title> <pubDate>Fri, 10 Feb 2023 20:08:41 GMT</pubDate> <link>https://git.slackware.nl/current/tag/?h=20230210200841</link> |