diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2022-10-14 01:39:37 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2022-10-14 13:30:41 +0200 |
commit | 00cb38d107c01392f28cb151b5e398fba053a73a (patch) | |
tree | 2f13e9ea594e1db541974ee0868a41070043cfcc /ChangeLog.txt | |
parent | 46235d1ce09f003a4ef490dd171c1935c91bca47 (diff) | |
download | current-00cb38d107c01392f28cb151b5e398fba053a73a.tar.gz current-00cb38d107c01392f28cb151b5e398fba053a73a.tar.xz |
Fri Oct 14 01:39:37 UTC 202220221014013937_15.0
patches/packages/mozilla-thunderbird-102.3.3-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/102.3.3/releasenotes/
patches/packages/python3-3.9.15-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
Bundled libexpat was upgraded from 2.4.7 to 2.4.9 which fixes a heap
use-after-free vulnerability in function doContent.
gh-97616: a fix for a possible buffer overflow in list *= int.
gh-97612: a fix for possible shell injection in the example script
get-remote-certificate.py.
gh-96577: a fix for a potential buffer overrun in msilib.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40674
(* Security fix *)
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r-- | ChangeLog.txt | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 13c050bc2..b08a304e2 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,20 @@ +Fri Oct 14 01:39:37 UTC 2022 +patches/packages/mozilla-thunderbird-102.3.3-x86_64-1_slack15.0.txz: Upgraded. + This is a bugfix release. + For more information, see: + https://www.mozilla.org/en-US/thunderbird/102.3.3/releasenotes/ +patches/packages/python3-3.9.15-x86_64-1_slack15.0.txz: Upgraded. + This update fixes security issues: + Bundled libexpat was upgraded from 2.4.7 to 2.4.9 which fixes a heap + use-after-free vulnerability in function doContent. + gh-97616: a fix for a possible buffer overflow in list *= int. + gh-97612: a fix for possible shell injection in the example script + get-remote-certificate.py. + gh-96577: a fix for a potential buffer overrun in msilib. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40674 + (* Security fix *) ++--------------------------+ Sat Oct 8 19:23:31 UTC 2022 patches/packages/libksba-1.6.2-x86_64-1_slack15.0.txz: Upgraded. Detect a possible overflow directly in the TLV parser. |