diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2024-03-29 02:25:21 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2024-03-29 04:01:39 +0100 |
| commit | 90b9714d2f62f8500252c7f3f5281c0e3777541e (patch) | |
| tree | 3b83ed82b78389827fbb9dcc5b90e0898c8cc4d9 /ChangeLog.txt | |
| parent | 6b5ab0b4ab4195a9d3c2107de2167c0735695899 (diff) | |
| download | current-90b9714d2f62f8500252c7f3f5281c0e3777541e.tar.gz current-90b9714d2f62f8500252c7f3f5281c0e3777541e.tar.xz | |
Fri Mar 29 02:25:21 UTC 202420240329022521
a/coreutils-9.5-x86_64-1.txz: Upgraded.
chmod -R now avoids a race where an attacker may replace a traversed file
with a symlink, causing chmod to operate on an unintended file.
[This bug was present in "the beginning".]
split --line-bytes with a mixture of very long and short lines no longer
overwrites the heap.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-0684
(* Security fix *)
Diffstat (limited to 'ChangeLog.txt')
| -rw-r--r-- | ChangeLog.txt | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 49d56fb2d..1483ea341 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,14 @@ +Fri Mar 29 02:25:21 UTC 2024 +a/coreutils-9.5-x86_64-1.txz: Upgraded. + chmod -R now avoids a race where an attacker may replace a traversed file + with a symlink, causing chmod to operate on an unintended file. + [This bug was present in "the beginning".] + split --line-bytes with a mixture of very long and short lines no longer + overwrites the heap. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2024-0684 + (* Security fix *) ++--------------------------+ Thu Mar 28 21:40:08 UTC 2024 a/btrfs-progs-6.8-x86_64-1.txz: Upgraded. a/gpm-1.20.7-x86_64-10.txz: Rebuilt. |