diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2023-11-16 20:51:47 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2023-11-17 13:30:41 +0100 |
commit | 65d9c1e075af3943292ff2187303f6951ddd6ba6 (patch) | |
tree | 8834f4db84cdc5b0e90fe5b9d43e0b9ed7aa034b /ChangeLog.txt | |
parent | 2aa4bf659d5d93805e81f555da0ec5455357f040 (diff) | |
download | current-65d9c1e075af3943292ff2187303f6951ddd6ba6.tar.gz current-65d9c1e075af3943292ff2187303f6951ddd6ba6.tar.xz |
Thu Nov 16 20:51:47 UTC 202320231116205147_15.0
patches/packages/gegl-0.4.46-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release, needed by the GIMP upgrade.
patches/packages/gimp-2.10.36-x86_64-1_slack15.0.txz: Upgraded.
This release fixes security issues:
If a user loads a malicious DDS, PSD, or PSP file, this could result in a
program crash or possibly the execution of arbitrary code.
Please note that this package also requires the updated gegl package.
Thanks to henca for the heads-up.
For more information, see:
https://www.gimp.org/news/2023/11/07/gimp-2-10-36-released/
https://www.zerodayinitiative.com/advisories/ZDI-23-1591/
https://www.zerodayinitiative.com/advisories/ZDI-23-1592/
https://www.zerodayinitiative.com/advisories/ZDI-23-1593/
https://www.zerodayinitiative.com/advisories/ZDI-23-1594/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44441
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44442
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44443
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44444
(* Security fix *)
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r-- | ChangeLog.txt | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 1fbd565a1..0e52f941c 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,24 @@ +Thu Nov 16 20:51:47 UTC 2023 +patches/packages/gegl-0.4.46-x86_64-1_slack15.0.txz: Upgraded. + This is a bugfix release, needed by the GIMP upgrade. +patches/packages/gimp-2.10.36-x86_64-1_slack15.0.txz: Upgraded. + This release fixes security issues: + If a user loads a malicious DDS, PSD, or PSP file, this could result in a + program crash or possibly the execution of arbitrary code. + Please note that this package also requires the updated gegl package. + Thanks to henca for the heads-up. + For more information, see: + https://www.gimp.org/news/2023/11/07/gimp-2-10-36-released/ + https://www.zerodayinitiative.com/advisories/ZDI-23-1591/ + https://www.zerodayinitiative.com/advisories/ZDI-23-1592/ + https://www.zerodayinitiative.com/advisories/ZDI-23-1593/ + https://www.zerodayinitiative.com/advisories/ZDI-23-1594/ + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44441 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44442 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44443 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44444 + (* Security fix *) ++--------------------------+ Wed Nov 15 22:01:26 UTC 2023 patches/packages/mozilla-thunderbird-115.4.3-x86_64-1_slack15.0.txz: Upgraded. This is a bugfix release. |