diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2023-02-01 22:27:31 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2023-02-02 13:30:30 +0100 |
| commit | 7453cf8b304eae3ce386c64fe1739e21b2559edb (patch) | |
| tree | 1296e6548aadd9c18bf1d6d17065b49580c57130 /patches/source/apr/slack-desc | |
| parent | 139b76eee421713ee3f6c9054c40d326bacb20a6 (diff) | |
| download | current-7453cf8b304eae3ce386c64fe1739e21b2559edb.tar.gz current-7453cf8b304eae3ce386c64fe1739e21b2559edb.tar.xz | |
Wed Feb 1 22:27:31 UTC 202320230201222731_15.0
patches/packages/apr-1.7.2-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
Integer Overflow or Wraparound vulnerability in apr_encode functions of
Apache Portable Runtime (APR) allows an attacker to write beyond bounds
of a buffer. (CVE-2022-24963)
Restore fix for out-of-bounds array dereference in apr_time_exp*() functions.
(This issue was addressed as CVE-2017-12613 in APR 1.6.3 and
later 1.6.x releases, but was missing in 1.7.0.) (CVE-2021-35940)
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-24963
https://www.cve.org/CVERecord?id=CVE-2021-35940
https://www.cve.org/CVERecord?id=CVE-2017-12613
(* Security fix *)
patches/packages/apr-util-1.6.3-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a security issue:
Integer Overflow or Wraparound vulnerability in apr_base64 functions
of Apache Portable Runtime Utility (APR-util) allows an attacker to
write beyond bounds of a buffer. (CVE-2022-25147)
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-25147
(* Security fix *)
patches/packages/mozilla-thunderbird-102.7.1-x86_64-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/102.7.1/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-04/
https://www.cve.org/CVERecord?id=CVE-2023-0430
(* Security fix *)
Diffstat (limited to '')
| -rw-r--r-- | patches/source/apr/slack-desc | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/patches/source/apr/slack-desc b/patches/source/apr/slack-desc new file mode 100644 index 000000000..bc9236870 --- /dev/null +++ b/patches/source/apr/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +apr: apr (Apache Portable Runtime) +apr: +apr: The mission of the Apache Portable Runtime (APR) is to provide a +apr: free library of C data structures and routines, forming a system +apr: portability layer to as many operating systems as possible. +apr: +apr: +apr: +apr: +apr: +apr: |