diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2022-09-21 19:19:07 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2022-09-22 06:59:46 +0200 |
commit | 5a04d2d705926c4691d26307b0125cfb290e6ee7 (patch) | |
tree | d72b5ffbc568245cbd2b3992eb815f4128a52e3d /ChangeLog.rss | |
parent | bae5a7d8587d3c1c7fd0ca466a80bb744833c012 (diff) | |
download | current-5a04d2d705926c4691d26307b0125cfb290e6ee7.tar.gz current-5a04d2d705926c4691d26307b0125cfb290e6ee7.tar.xz |
Wed Sep 21 19:19:07 UTC 202220220921191907
ap/cups-2.4.2-x86_64-3.txz: Rebuilt.
Fixed crash when using the CUPS web setup interface:
[PATCH] Fix OpenSSL crash bug - "tls" pointer wasn't cleared after freeing
it (Issue #409).
Thanks to MisterL, bryjen, and kjhambrick.
Fixed an OpenSSL certificate loading issue:
[PATCH] The OpenSSL code path wasn't loading the full certificate
chain (Issue #465).
Thanks to tmmukunn.
Diffstat (limited to 'ChangeLog.rss')
-rw-r--r-- | ChangeLog.rss | 63 |
1 files changed, 61 insertions, 2 deletions
diff --git a/ChangeLog.rss b/ChangeLog.rss index bedf29edb..7f0a14901 100644 --- a/ChangeLog.rss +++ b/ChangeLog.rss @@ -11,10 +11,69 @@ <description>Tracking Slackware development in git.</description> <language>en-us</language> <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id> - <pubDate>Tue, 20 Sep 2022 22:50:28 GMT</pubDate> - <lastBuildDate>Wed, 21 Sep 2022 05:00:14 GMT</lastBuildDate> + <pubDate>Wed, 21 Sep 2022 19:19:07 GMT</pubDate> + <lastBuildDate>Thu, 22 Sep 2022 04:59:43 GMT</lastBuildDate> <generator>maintain_current_git.sh v 1.17</generator> <item> + <title>Wed, 21 Sep 2022 19:19:07 GMT</title> + <pubDate>Wed, 21 Sep 2022 19:19:07 GMT</pubDate> + <link>https://git.slackware.nl/current/tag/?h=20220921191907</link> + <guid isPermaLink="false">20220921191907</guid> + <description> + <![CDATA[<pre> +ap/cups-2.4.2-x86_64-3.txz: Rebuilt. + Fixed crash when using the CUPS web setup interface: + [PATCH] Fix OpenSSL crash bug - "tls" pointer wasn't cleared after freeing + it (Issue #409). + Thanks to MisterL, bryjen, and kjhambrick. + Fixed an OpenSSL certificate loading issue: + [PATCH] The OpenSSL code path wasn't loading the full certificate + chain (Issue #465). + Thanks to tmmukunn. + </pre>]]> + </description> + </item> + <item> + <title>Wed, 21 Sep 2022 18:30:30 GMT</title> + <pubDate>Wed, 21 Sep 2022 18:30:30 GMT</pubDate> + <link>https://git.slackware.nl/current/tag/?h=20220921183030</link> + <guid isPermaLink="false">20220921183030</guid> + <description> + <![CDATA[<pre> +ap/cups-2.4.2-x86_64-2.txz: Rebuilt. + Install pkgconfig file to the proper directory. +l/libbluray-1.3.3-x86_64-1.txz: Upgraded. +l/system-config-printer-1.5.18-x86_64-1.txz: Upgraded. +n/bind-9.18.7-x86_64-1.txz: Upgraded. + This update fixes bugs and the following security issues: + Fix memory leak in EdDSA verify processing. + Fix serve-stale crash that could happen when stale-answer-client-timeout + was set to 0 and there was a stale CNAME in the cache for an incoming query. + Fix memory leaks in the DH code when using OpenSSL 3.0.0 and later versions. + The openssldh_compare(), openssldh_paramcompare(), and openssldh_todns() + functions were affected. + When an HTTP connection was reused to get statistics from the stats channel, + and zlib compression was in use, each successive response sent larger and + larger blocks of memory, potentially reading past the end of the allocated + buffer. + Prevent excessive resource use while processing large delegations. + For more information, see: + https://kb.isc.org/docs/cve-2022-38178 + https://kb.isc.org/docs/cve-2022-3080 + https://kb.isc.org/docs/cve-2022-2906 + https://kb.isc.org/docs/cve-2022-2881 + https://kb.isc.org/docs/cve-2022-2795 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38178 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3080 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2906 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2881 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2795 + (* Security fix *) +n/nghttp2-1.50.0-x86_64-1.txz: Upgraded. + </pre>]]> + </description> + </item> + <item> <title>Tue, 20 Sep 2022 22:50:28 GMT</title> <pubDate>Tue, 20 Sep 2022 22:50:28 GMT</pubDate> <link>https://git.slackware.nl/current/tag/?h=20220920225028</link> |