diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2023-05-25 00:24:33 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2023-05-25 03:50:00 +0200 |
commit | ed49432ad9d734d447d1bda6657b2d221a7fb3a8 (patch) | |
tree | fbd372b018ab43e211a275280da8a02597203800 /ChangeLog.txt | |
parent | b2fa3fdbd7ee8367f9ea371367850e010a58dfee (diff) | |
download | current-ed49432ad9d734d447d1bda6657b2d221a7fb3a8.tar.gz current-ed49432ad9d734d447d1bda6657b2d221a7fb3a8.tar.xz |
Thu May 25 00:24:33 UTC 202320230525002433
a/elilo-3.16-x86_64-16.txz: Rebuilt.
eliloconfig: don't mess with mounting efivarfs. This should be handled by
rc.S, or by whatever the admin put in /etc/fstab.
a/kernel-firmware-20230523_1ba3519-noarch-1.txz: Upgraded.
a/kernel-generic-6.1.30-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.30-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.30-x86_64-1.txz: Upgraded.
a/sysvinit-scripts-15.1-noarch-5.txz: Rebuilt.
rc.S: mount efivarfs rw, may be overridden in /etc/default/efivarfs.
ap/sc-im-0.8.3-x86_64-1.txz: Upgraded.
d/kernel-headers-6.1.30-x86-1.txz: Upgraded.
d/parallel-20230522-noarch-1.txz: Upgraded.
k/kernel-source-6.1.30-noarch-1.txz: Upgraded.
l/enchant-2.4.0-x86_64-1.txz: Upgraded.
l/glib2-2.76.3-x86_64-1.txz: Upgraded.
l/gtk+3-3.24.38-x86_64-1.txz: Upgraded.
l/qt5-5.15.9_20230523_245f369c-x86_64-1.txz: Upgraded.
This update fixes a security issue.
Qt-based clients may mismatch HSTS headers (Strict-Transport-Security),
which would prevent the client from switching to a secure HTTPS
connection as requested by a server.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-32762
(* Security fix *)
n/curl-8.1.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
t/texlive-2023.230322-x86_64-3.txz: Rebuilt.
This update patches a security issue:
LuaTeX before 1.17.0 allows execution of arbitrary shell commands when
compiling a TeX file obtained from an untrusted source. This occurs
because luatex-core.lua lets the original io.popen be accessed. This also
affects TeX Live before 2023 r66984 and MiKTeX before 23.5.
Thanks to Johannes Schoepfer.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-32700
(* Security fix *)
xap/mozilla-firefox-113.0.2-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/113.0.2/releasenotes/
xfce/libxfce4ui-4.18.4-x86_64-1.txz: Upgraded.
xfce/xfce4-panel-4.18.4-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r-- | ChangeLog.txt | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 51d1bde1a..1f8d1ca47 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,50 @@ +Thu May 25 00:24:33 UTC 2023 +a/elilo-3.16-x86_64-16.txz: Rebuilt. + eliloconfig: don't mess with mounting efivarfs. This should be handled by + rc.S, or by whatever the admin put in /etc/fstab. +a/kernel-firmware-20230523_1ba3519-noarch-1.txz: Upgraded. +a/kernel-generic-6.1.30-x86_64-1.txz: Upgraded. +a/kernel-huge-6.1.30-x86_64-1.txz: Upgraded. +a/kernel-modules-6.1.30-x86_64-1.txz: Upgraded. +a/sysvinit-scripts-15.1-noarch-5.txz: Rebuilt. + rc.S: mount efivarfs rw, may be overridden in /etc/default/efivarfs. +ap/sc-im-0.8.3-x86_64-1.txz: Upgraded. +d/kernel-headers-6.1.30-x86-1.txz: Upgraded. +d/parallel-20230522-noarch-1.txz: Upgraded. +k/kernel-source-6.1.30-noarch-1.txz: Upgraded. +l/enchant-2.4.0-x86_64-1.txz: Upgraded. +l/glib2-2.76.3-x86_64-1.txz: Upgraded. +l/gtk+3-3.24.38-x86_64-1.txz: Upgraded. +l/qt5-5.15.9_20230523_245f369c-x86_64-1.txz: Upgraded. + This update fixes a security issue. + Qt-based clients may mismatch HSTS headers (Strict-Transport-Security), + which would prevent the client from switching to a secure HTTPS + connection as requested by a server. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2023-32762 + (* Security fix *) +n/curl-8.1.1-x86_64-1.txz: Upgraded. + This is a bugfix release. +t/texlive-2023.230322-x86_64-3.txz: Rebuilt. + This update patches a security issue: + LuaTeX before 1.17.0 allows execution of arbitrary shell commands when + compiling a TeX file obtained from an untrusted source. This occurs + because luatex-core.lua lets the original io.popen be accessed. This also + affects TeX Live before 2023 r66984 and MiKTeX before 23.5. + Thanks to Johannes Schoepfer. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2023-32700 + (* Security fix *) +xap/mozilla-firefox-113.0.2-x86_64-1.txz: Upgraded. + This is a bugfix release. + For more information, see: + https://www.mozilla.org/en-US/firefox/113.0.2/releasenotes/ +xfce/libxfce4ui-4.18.4-x86_64-1.txz: Upgraded. +xfce/xfce4-panel-4.18.4-x86_64-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. ++--------------------------+ Mon May 22 19:05:02 UTC 2023 ap/qpdf-11.4.0-x86_64-1.txz: Upgraded. l/exiv2-0.27.7-x86_64-1.txz: Upgraded. |