diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2023-05-25 00:24:33 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2023-05-25 13:30:31 +0200 |
| commit | 73b668742a86c06c84cde2da658b5135367d23fe (patch) | |
| tree | ff414f05e1499907a1970b1f062918ab73b7f4ef /ChangeLog.rss | |
| parent | 8e0b115ff3be360a6e31635f57629008062a66f3 (diff) | |
| download | current-73b668742a86c06c84cde2da658b5135367d23fe.tar.gz current-73b668742a86c06c84cde2da658b5135367d23fe.tar.xz | |
Thu May 25 00:24:33 UTC 202320230525002433_15.0
patches/packages/curl-8.1.1-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
patches/packages/texlive-2023.230322-x86_64-1_slack15.0.txz: Upgraded.
This update patches a security issue:
LuaTeX before 1.17.0 allows execution of arbitrary shell commands when
compiling a TeX file obtained from an untrusted source. This occurs
because luatex-core.lua lets the original io.popen be accessed. This also
affects TeX Live before 2023 r66984 and MiKTeX before 23.5.
Thanks to Johannes Schoepfer.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-32700
(* Security fix *)
Diffstat (limited to 'ChangeLog.rss')
| -rw-r--r-- | ChangeLog.rss | 26 |
1 files changed, 24 insertions, 2 deletions
diff --git a/ChangeLog.rss b/ChangeLog.rss index 3fdb0cfbc..b4a4f621c 100644 --- a/ChangeLog.rss +++ b/ChangeLog.rss @@ -11,10 +11,32 @@ <description>Tracking Slackware development in git.</description> <language>en-us</language> <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id> - <pubDate>Mon, 22 May 2023 19:05:02 GMT</pubDate> - <lastBuildDate>Tue, 23 May 2023 11:30:15 GMT</lastBuildDate> + <pubDate>Thu, 25 May 2023 00:24:33 GMT</pubDate> + <lastBuildDate>Thu, 25 May 2023 11:30:18 GMT</lastBuildDate> <generator>maintain_current_git.sh v 1.17</generator> <item> + <title>Thu, 25 May 2023 00:24:33 GMT</title> + <pubDate>Thu, 25 May 2023 00:24:33 GMT</pubDate> + <link>https://git.slackware.nl/current/tag/?h=20230525002433</link> + <guid isPermaLink="false">20230525002433</guid> + <description> + <![CDATA[<pre> +patches/packages/curl-8.1.1-x86_64-1_slack15.0.txz: Upgraded. + This is a bugfix release. +patches/packages/texlive-2023.230322-x86_64-1_slack15.0.txz: Upgraded. + This update patches a security issue: + LuaTeX before 1.17.0 allows execution of arbitrary shell commands when + compiling a TeX file obtained from an untrusted source. This occurs + because luatex-core.lua lets the original io.popen be accessed. This also + affects TeX Live before 2023 r66984 and MiKTeX before 23.5. + Thanks to Johannes Schoepfer. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2023-32700 + (* Security fix *) + </pre>]]> + </description> + </item> + <item> <title>Mon, 22 May 2023 19:05:02 GMT</title> <pubDate>Mon, 22 May 2023 19:05:02 GMT</pubDate> <link>https://git.slackware.nl/current/tag/?h=20230522190502</link> |