diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2023-09-14 21:10:50 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2023-09-15 13:30:41 +0200 |
commit | 41dd70fad96bd2b1f41940d01239ebc762493d48 (patch) | |
tree | b8e213bad8c3b68bf183973f7f52ef4c0a9266d1 /ChangeLog.txt | |
parent | 1c8e67398aaa28e157b0b894944b7407aa0b2440 (diff) | |
download | current-41dd70fad96bd2b1f41940d01239ebc762493d48.tar.gz current-41dd70fad96bd2b1f41940d01239ebc762493d48.tar.xz |
Thu Sep 14 21:10:50 UTC 202320230914211050_15.0
patches/packages/libwebp-1.3.2-x86_64-1_slack15.0.txz: Upgraded.
Security fix for lossless decoder (chromium: #1479274, CVE-2023-4863).
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-4863
(* Security fix *)
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r-- | ChangeLog.txt | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index ac71452cb..4e219c1e3 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,39 @@ +Thu Sep 14 21:10:50 UTC 2023 +patches/packages/libwebp-1.3.2-x86_64-1_slack15.0.txz: Upgraded. + Security fix for lossless decoder (chromium: #1479274, CVE-2023-4863). + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2023-4863 + (* Security fix *) ++--------------------------+ +Thu Sep 14 02:38:14 UTC 2023 +patches/packages/curl-8.3.0-x86_64-1_slack15.0.txz: Upgraded. + This update fixes a security issue: + HTTP headers eat all memory. + https://curl.se/docs/CVE-2023-38039.html + https://www.cve.org/CVERecord?id=CVE-2023-38039 + (* Security fix *) +patches/packages/libarchive-3.7.2-x86_64-1_slack15.0.txz: Upgraded. + This update fixes multiple security vulnerabilities in the PAX writer: + Heap overflow in url_encode() in archive_write_set_format_pax.c. + NULL dereference in archive_write_pax_header_xattrs(). + Another NULL dereference in archive_write_pax_header_xattrs(). + NULL dereference in archive_write_pax_header_xattr(). + (* Security fix *) +patches/packages/mozilla-thunderbird-115.2.2-x86_64-1_slack15.0.txz: Upgraded. + This release contains a security fix for a critical heap buffer overflow. + For more information, see: + https://www.mozilla.org/en-US/thunderbird/115.2.2/releasenotes/ + https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/ + https://www.cve.org/CVERecord?id=CVE-2023-4863 + (* Security fix *) +patches/packages/netatalk-3.1.16-x86_64-1_slack15.0.txz: Upgraded. + This update fixes bugs and security issues. + Shared library .so-version bump. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2022-23121 + https://www.cve.org/CVERecord?id=CVE-2022-23123 + (* Security fix *) ++--------------------------+ Wed Sep 13 01:32:01 UTC 2023 patches/packages/mozilla-firefox-115.2.1esr-x86_64-1_slack15.0.txz: Upgraded. This update contains security fixes and improvements. |