diff options
Diffstat (limited to 'ChangeLog.rss')
-rw-r--r-- | ChangeLog.rss | 32 |
1 files changed, 30 insertions, 2 deletions
diff --git a/ChangeLog.rss b/ChangeLog.rss index ff34637e1..2ea660c3d 100644 --- a/ChangeLog.rss +++ b/ChangeLog.rss @@ -11,10 +11,38 @@ <description>Tracking Slackware development in git.</description> <language>en-us</language> <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id> - <pubDate>Mon, 14 Feb 2022 00:10:38 GMT</pubDate> - <lastBuildDate>Mon, 14 Feb 2022 12:29:49 GMT</lastBuildDate> + <pubDate>Tue, 15 Feb 2022 20:00:48 GMT</pubDate> + <lastBuildDate>Wed, 16 Feb 2022 12:29:48 GMT</lastBuildDate> <generator>maintain_current_git.sh v 1.17</generator> <item> + <title>Tue, 15 Feb 2022 20:00:48 GMT</title> + <pubDate>Tue, 15 Feb 2022 20:00:48 GMT</pubDate> + <link>https://git.slackware.nl/current/tag/?h=20220215200048</link> + <guid isPermaLink="false">20220215200048</guid> + <description> + <![CDATA[<pre> +patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txz: Rebuilt. + If root's mailbox did not already exist, it would be created with insecure + permissions leading to possible local information disclosure. This update + ensures that a new mailbox will be created with proper permissions and + ownership, and corrects the permissions on an existing mailbox if they are + found to be incorrect. Thanks to Martin for the bug report. + (* Security fix *) +patches/packages/util-linux-2.37.4-x86_64-1_slack15.0.txz: Upgraded. + This release fixes a security issue in chsh(1) and chfn(8): + By default, these utilities had been linked with libreadline, which allows + the INPUTRC environment variable to be abused to produce an error message + containing data from an arbitrary file. So, don't link these utilities with + libreadline as it does not use secure_getenv() (or a similar concept), or + sanitize the config file path to avoid vulnerabilities that could occur in + set-user-ID or set-group-ID programs. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0563 + (* Security fix *) + </pre>]]> + </description> + </item> + <item> <title>Mon, 14 Feb 2022 00:10:38 GMT</title> <pubDate>Mon, 14 Feb 2022 00:10:38 GMT</pubDate> <link>https://git.slackware.nl/current/tag/?h=20220214001038</link> |