diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2024-04-23 22:24:03 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2024-04-24 01:01:16 +0200 |
| commit | 1531b10f73b870c8fabb19e9b84b8fd60d349bac (patch) | |
| tree | 09d37f25b05f6b33fb9b6cd4c77b303f0f1e1970 /ChangeLog.txt | |
| parent | 388220eab9a207d386dec56cab9709a2b3f4fd71 (diff) | |
| download | current-1531b10f73b870c8fabb19e9b84b8fd60d349bac.tar.gz current-1531b10f73b870c8fabb19e9b84b8fd60d349bac.tar.xz | |
Tue Apr 23 22:24:03 UTC 202420240423222403
d/ruby-3.3.1-x86_64-1.txz: Upgraded.
This update fixes security issues:
Arbitrary memory address read vulnerability with Regex search.
RCE vulnerability with .rdoc_options in RDoc.
Buffer overread vulnerability in StringIO.
For more information, see:
https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/
https://www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281/
https://www.ruby-lang.org/en/news/2024/03/21/buffer-overread-cve-2024-27280/
https://www.cve.org/CVERecord?id=CVE-2024-27282
https://www.cve.org/CVERecord?id=CVE-2024-27281
https://www.cve.org/CVERecord?id=CVE-2024-27280
(* Security fix *)
l/python-docutils-0.21.2-x86_64-1.txz: Upgraded.
x/rendercheck-1.6-x86_64-1.txz: Upgraded.
x/xcb-imdkit-1.0.8-x86_64-1.txz: Upgraded.
Diffstat (limited to 'ChangeLog.txt')
| -rw-r--r-- | ChangeLog.txt | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 8da7d363e..804d5fb79 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,21 @@ +Tue Apr 23 22:24:03 UTC 2024 +d/ruby-3.3.1-x86_64-1.txz: Upgraded. + This update fixes security issues: + Arbitrary memory address read vulnerability with Regex search. + RCE vulnerability with .rdoc_options in RDoc. + Buffer overread vulnerability in StringIO. + For more information, see: + https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/ + https://www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281/ + https://www.ruby-lang.org/en/news/2024/03/21/buffer-overread-cve-2024-27280/ + https://www.cve.org/CVERecord?id=CVE-2024-27282 + https://www.cve.org/CVERecord?id=CVE-2024-27281 + https://www.cve.org/CVERecord?id=CVE-2024-27280 + (* Security fix *) +l/python-docutils-0.21.2-x86_64-1.txz: Upgraded. +x/rendercheck-1.6-x86_64-1.txz: Upgraded. +x/xcb-imdkit-1.0.8-x86_64-1.txz: Upgraded. ++--------------------------+ Tue Apr 23 19:48:05 UTC 2024 a/ed-1.20.2-x86_64-1.txz: Upgraded. d/parallel-20240422-noarch-1.txz: Upgraded. |