diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2023-02-15 03:05:40 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2023-02-16 01:30:36 +0100 |
| commit | ad9ea8bf781935db257f79f0efd1e0744c8e02c2 (patch) | |
| tree | 9da82fc636b78ff4ff4e05b6c586b9f50b49674a /ChangeLog.txt | |
| parent | 57c03ef31c0605de681f1b0b851a48985f59baa9 (diff) | |
| download | current-ad9ea8bf781935db257f79f0efd1e0744c8e02c2.tar.gz current-ad9ea8bf781935db257f79f0efd1e0744c8e02c2.tar.xz | |
Wed Feb 15 03:05:40 UTC 202320230215030540_15.0
extra/php80/php80-8.0.28-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
Core: Password_verify() always return true with some hash.
Core: 1-byte array overrun in common path resolve code.
SAPI: DOS vulnerability when parsing multipart request body.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-0567
https://www.cve.org/CVERecord?id=CVE-2023-0568
https://www.cve.org/CVERecord?id=CVE-2023-0662
(* Security fix *)
extra/php81/php81-8.1.16-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
Core: Password_verify() always return true with some hash.
Core: 1-byte array overrun in common path resolve code.
SAPI: DOS vulnerability when parsing multipart request body.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-0567
https://www.cve.org/CVERecord?id=CVE-2023-0568
https://www.cve.org/CVERecord?id=CVE-2023-0662
(* Security fix *)
patches/packages/hwdata-0.367-noarch-1_slack15.0.txz: Upgraded.
Upgraded to get information for newer hardware.
Requested by kingbeowulf on LQ.
patches/packages/mozilla-firefox-102.8.0esr-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/102.8.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/
https://www.cve.org/CVERecord?id=CVE-2023-25728
https://www.cve.org/CVERecord?id=CVE-2023-25730
https://www.cve.org/CVERecord?id=CVE-2023-25743
https://www.cve.org/CVERecord?id=CVE-2023-0767
https://www.cve.org/CVERecord?id=CVE-2023-25735
https://www.cve.org/CVERecord?id=CVE-2023-25737
https://www.cve.org/CVERecord?id=CVE-2023-25738
https://www.cve.org/CVERecord?id=CVE-2023-25739
https://www.cve.org/CVERecord?id=CVE-2023-25729
https://www.cve.org/CVERecord?id=CVE-2023-25732
https://www.cve.org/CVERecord?id=CVE-2023-25734
https://www.cve.org/CVERecord?id=CVE-2023-25742
https://www.cve.org/CVERecord?id=CVE-2023-25746
(* Security fix *)
patches/packages/php-7.4.33-x86_64-3_slack15.0.txz: Rebuilt.
This update fixes security issues:
Core: Password_verify() always return true with some hash.
Core: 1-byte array overrun in common path resolve code.
SAPI: DOS vulnerability when parsing multipart request body.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-0567
https://www.cve.org/CVERecord?id=CVE-2023-0568
https://www.cve.org/CVERecord?id=CVE-2023-0662
(* Security fix *)
Diffstat (limited to 'ChangeLog.txt')
| -rw-r--r-- | ChangeLog.txt | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 569a64a98..bad42d626 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,57 @@ +Wed Feb 15 03:05:40 UTC 2023 +extra/php80/php80-8.0.28-x86_64-1_slack15.0.txz: Upgraded. + This update fixes security issues: + Core: Password_verify() always return true with some hash. + Core: 1-byte array overrun in common path resolve code. + SAPI: DOS vulnerability when parsing multipart request body. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2023-0567 + https://www.cve.org/CVERecord?id=CVE-2023-0568 + https://www.cve.org/CVERecord?id=CVE-2023-0662 + (* Security fix *) +extra/php81/php81-8.1.16-x86_64-1_slack15.0.txz: Upgraded. + This update fixes security issues: + Core: Password_verify() always return true with some hash. + Core: 1-byte array overrun in common path resolve code. + SAPI: DOS vulnerability when parsing multipart request body. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2023-0567 + https://www.cve.org/CVERecord?id=CVE-2023-0568 + https://www.cve.org/CVERecord?id=CVE-2023-0662 + (* Security fix *) +patches/packages/hwdata-0.367-noarch-1_slack15.0.txz: Upgraded. + Upgraded to get information for newer hardware. + Requested by kingbeowulf on LQ. +patches/packages/mozilla-firefox-102.8.0esr-x86_64-1_slack15.0.txz: Upgraded. + This update contains security fixes and improvements. + For more information, see: + https://www.mozilla.org/en-US/firefox/102.8.0/releasenotes/ + https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/ + https://www.cve.org/CVERecord?id=CVE-2023-25728 + https://www.cve.org/CVERecord?id=CVE-2023-25730 + https://www.cve.org/CVERecord?id=CVE-2023-25743 + https://www.cve.org/CVERecord?id=CVE-2023-0767 + https://www.cve.org/CVERecord?id=CVE-2023-25735 + https://www.cve.org/CVERecord?id=CVE-2023-25737 + https://www.cve.org/CVERecord?id=CVE-2023-25738 + https://www.cve.org/CVERecord?id=CVE-2023-25739 + https://www.cve.org/CVERecord?id=CVE-2023-25729 + https://www.cve.org/CVERecord?id=CVE-2023-25732 + https://www.cve.org/CVERecord?id=CVE-2023-25734 + https://www.cve.org/CVERecord?id=CVE-2023-25742 + https://www.cve.org/CVERecord?id=CVE-2023-25746 + (* Security fix *) +patches/packages/php-7.4.33-x86_64-3_slack15.0.txz: Rebuilt. + This update fixes security issues: + Core: Password_verify() always return true with some hash. + Core: 1-byte array overrun in common path resolve code. + SAPI: DOS vulnerability when parsing multipart request body. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2023-0567 + https://www.cve.org/CVERecord?id=CVE-2023-0568 + https://www.cve.org/CVERecord?id=CVE-2023-0662 + (* Security fix *) ++--------------------------+ Fri Feb 10 20:08:41 UTC 2023 patches/packages/gnutls-3.7.9-x86_64-1_slack15.0.txz: Upgraded. libgnutls: Fix a Bleichenbacher oracle in the TLS RSA key exchange. |