diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2022-10-25 18:38:58 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2022-10-26 13:30:34 +0200 |
commit | 6e7a178c9ace16b71ba3d83c925b44915615b92d (patch) | |
tree | 5afbb169c05d72898810b31809858c1380003a13 /patches/source/cyrus-sasl/slack-desc | |
parent | f9f39a199c74a9321dfc44f94fcafa8161ca73b5 (diff) | |
download | current-6e7a178c9ace16b71ba3d83c925b44915615b92d.tar.gz current-6e7a178c9ace16b71ba3d83c925b44915615b92d.tar.xz |
Tue Oct 25 18:38:58 UTC 202220221025183858_15.0
patches/packages/expat-2.5.0-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a security issue:
Fix heap use-after-free after overeager destruction of a shared DTD in
function XML_ExternalEntityParserCreate in out-of-memory situations.
Expected impact is denial of service or potentially arbitrary code
execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43680
(* Security fix *)
patches/packages/samba-4.15.11-x86_64-1_slack15.0.txz: Upgraded.
This update fixes the following security issue:
There is a limited write heap buffer overflow in the GSSAPI unwrap_des()
and unwrap_des3() routines of Heimdal (included in Samba).
For more information, see:
https://www.samba.org/samba/security/CVE-2022-3437.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437
(* Security fix *)
Diffstat (limited to 'patches/source/cyrus-sasl/slack-desc')
0 files changed, 0 insertions, 0 deletions