diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2023-12-10 01:12:17 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2023-12-10 13:30:41 +0100 |
commit | e20d844068126e89fe483df7687b094b92f7369d (patch) | |
tree | c5cd26513a10742cf9ff04b268cff954c8f32d9f /ChangeLog.txt | |
parent | d62d64ff5c0a0ce8526256d2a2f1dd3ca68698af (diff) | |
download | current-e20d844068126e89fe483df7687b094b92f7369d.tar.gz current-e20d844068126e89fe483df7687b094b92f7369d.tar.xz |
Sun Dec 10 01:12:17 UTC 202320231210011217_15.0
patches/packages/libxml2-2.12.2-x86_64-1_slack15.0.txz: Upgraded.
Add --sysconfdir=/etc option so that this can find the xml catalog.
Thanks to SpiderTux.
Fix the following security issues:
Fix integer overflows with XML_PARSE_HUGE.
Fix dict corruption caused by entity reference cycles.
Hashing of empty dict strings isn't deterministic.
Fix null deref in xmlSchemaFixupComplexType.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-40303
https://www.cve.org/CVERecord?id=CVE-2022-40304
https://www.cve.org/CVERecord?id=CVE-2023-29469
https://www.cve.org/CVERecord?id=CVE-2023-28484
(* Security fix *)
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r-- | ChangeLog.txt | 24 |
1 files changed, 23 insertions, 1 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index d6f77021b..6a85856dc 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,5 +1,27 @@ +Sun Dec 10 01:12:17 UTC 2023 +patches/packages/libxml2-2.12.2-x86_64-1_slack15.0.txz: Upgraded. + Add --sysconfdir=/etc option so that this can find the xml catalog. + Thanks to SpiderTux. + Fix the following security issues: + Fix integer overflows with XML_PARSE_HUGE. + Fix dict corruption caused by entity reference cycles. + Hashing of empty dict strings isn't deterministic. + Fix null deref in xmlSchemaFixupComplexType. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2022-40303 + https://www.cve.org/CVERecord?id=CVE-2022-40304 + https://www.cve.org/CVERecord?id=CVE-2023-29469 + https://www.cve.org/CVERecord?id=CVE-2023-28484 + (* Security fix *) ++--------------------------+ +Sat Dec 9 19:55:12 UTC 2023 +patches/packages/seamonkey-2.53.18-x86_64-1_slack15.0.txz: Upgraded. + This is a bugfix release. + For more information, see: + https://www.seamonkey-project.org/releases/seamonkey2.53.18 ++--------------------------+ Wed Dec 6 20:29:23 UTC 2023 -patches/packages/rdfind-1.6.0-x86_64-1_slack15.0.txz: Upgraded. +patches/packages/rdfind-1.6.0-x86_64-1_slack15.0.txz: Added. Redundant data finder utility, needed to build the kernel-firmware package. +--------------------------+ Thu Nov 30 21:21:55 UTC 2023 |