diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2022-04-27 21:43:51 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2022-04-28 13:29:49 +0200 |
commit | cf5d75750640be00bf9d826189628a96ed17248c (patch) | |
tree | 96506a3841148bd122e784b6b524df0096236cbf /ChangeLog.txt | |
parent | dfafa379401441229ad529bfa45564a368ef575a (diff) | |
download | current-cf5d75750640be00bf9d826189628a96ed17248c.tar.gz current-cf5d75750640be00bf9d826189628a96ed17248c.tar.xz |
Wed Apr 27 21:43:51 UTC 202220220427214351_15.0
patches/packages/curl-7.83.0-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
OAUTH2 bearer bypass in connection re-use.
Credential leak on redirect.
Bad local IPv6 connection reuse.
Auth/cookie leak on redirect.
For more information, see:
https://curl.se/docs/CVE-2022-22576.html
https://curl.se/docs/CVE-2022-27774.html
https://curl.se/docs/CVE-2022-27775.html
https://curl.se/docs/CVE-2022-27776.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
(* Security fix *)
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r-- | ChangeLog.txt | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 2f5295f3b..edcb5d9d9 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,21 @@ +Wed Apr 27 21:43:51 UTC 2022 +patches/packages/curl-7.83.0-x86_64-1_slack15.0.txz: Upgraded. + This update fixes security issues: + OAUTH2 bearer bypass in connection re-use. + Credential leak on redirect. + Bad local IPv6 connection reuse. + Auth/cookie leak on redirect. + For more information, see: + https://curl.se/docs/CVE-2022-22576.html + https://curl.se/docs/CVE-2022-27774.html + https://curl.se/docs/CVE-2022-27775.html + https://curl.se/docs/CVE-2022-27776.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776 + (* Security fix *) ++--------------------------+ Mon Apr 25 20:55:17 UTC 2022 patches/packages/freerdp-2.7.0-x86_64-1_slack15.0.txz: Upgraded. This update is a security and maintenance release. |