diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2024-03-20 21:10:30 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2024-03-21 13:30:40 +0100 |
| commit | 7fee55d3d8eecec3b44c753bb5d3fbb87c06a7cb (patch) | |
| tree | 7c3a089ab09345fe18b4ae374790b500a3b783df /ChangeLog.txt | |
| parent | 56c586940289967700f069619a0a1b0b89fa70e8 (diff) | |
| download | current-7fee55d3d8eecec3b44c753bb5d3fbb87c06a7cb.tar.gz current-7fee55d3d8eecec3b44c753bb5d3fbb87c06a7cb.tar.xz | |
Wed Mar 20 21:10:30 UTC 202420240320211030_15.0
patches/packages/bind-9.16.49-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
patches/packages/python3-3.9.19-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
bundled libexpat was updated to 2.6.0.
zipfile is now protected from the "quoted-overlap" zipbomb.
tempfile.TemporaryDirectory cleanup no longer dereferences symlinks when
working around file system permission errors.
For more information, see:
https://pythoninsider.blogspot.com/2024/03/python-31014-3919-and-3819-is-now.html
https://www.cve.org/CVERecord?id=CVE-2023-52425
https://www.cve.org/CVERecord?id=CVE-2024-0450
https://www.cve.org/CVERecord?id=CVE-2023-6597
(* Security fix *)
testing/packages/bind-9.18.25-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
Diffstat (limited to 'ChangeLog.txt')
| -rw-r--r-- | ChangeLog.txt | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index bbe9ebbda..89534b548 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,21 @@ +Wed Mar 20 21:10:30 UTC 2024 +patches/packages/bind-9.16.49-x86_64-1_slack15.0.txz: Upgraded. + This is a bugfix release. +patches/packages/python3-3.9.19-x86_64-1_slack15.0.txz: Upgraded. + This update fixes security issues: + bundled libexpat was updated to 2.6.0. + zipfile is now protected from the "quoted-overlap" zipbomb. + tempfile.TemporaryDirectory cleanup no longer dereferences symlinks when + working around file system permission errors. + For more information, see: + https://pythoninsider.blogspot.com/2024/03/python-31014-3919-and-3819-is-now.html + https://www.cve.org/CVERecord?id=CVE-2023-52425 + https://www.cve.org/CVERecord?id=CVE-2024-0450 + https://www.cve.org/CVERecord?id=CVE-2023-6597 + (* Security fix *) +testing/packages/bind-9.18.25-x86_64-1_slack15.0.txz: Upgraded. + This is a bugfix release. ++--------------------------+ Wed Mar 20 00:08:59 UTC 2024 patches/packages/gnutls-3.8.4-x86_64-1_slack15.0.txz: Upgraded. This update fixes two medium severity security issues: |