diff options
Diffstat (limited to 'ChangeLog.rss')
-rw-r--r-- | ChangeLog.rss | 78 |
1 files changed, 76 insertions, 2 deletions
diff --git a/ChangeLog.rss b/ChangeLog.rss index d78f1acbf..691920a3a 100644 --- a/ChangeLog.rss +++ b/ChangeLog.rss @@ -11,10 +11,84 @@ <description>Tracking Slackware development in git.</description> <language>en-us</language> <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id> - <pubDate>Tue, 10 Oct 2023 19:27:56 GMT</pubDate> - <lastBuildDate>Wed, 11 Oct 2023 11:30:06 GMT</lastBuildDate> + <pubDate>Wed, 11 Oct 2023 22:22:40 GMT</pubDate> + <lastBuildDate>Thu, 12 Oct 2023 11:30:29 GMT</lastBuildDate> <generator>maintain_current_git.sh v 1.17</generator> <item> + <title>Wed, 11 Oct 2023 22:22:40 GMT</title> + <pubDate>Wed, 11 Oct 2023 22:22:40 GMT</pubDate> + <link>https://git.slackware.nl/current/tag/?h=20231011222240</link> + <guid isPermaLink="false">20231011222240</guid> + <description> + <![CDATA[<pre> +patches/packages/libcaca-0.99.beta20-x86_64-1_slack15.0.txz: Upgraded. + Fixed a crash bug (a crafted file defining width of zero leads to divide by + zero and a crash). Seems to be merely a bug rather than a security issue, but + I'd been meaning to get beta20 building so this was a good excuse. + Thanks to marav. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2022-0856 + (* Security fix *) + </pre>]]> + </description> + </item> + <item> + <title>Wed, 11 Oct 2023 06:37:21 GMT</title> + <pubDate>Wed, 11 Oct 2023 06:37:21 GMT</pubDate> + <link>https://git.slackware.nl/current/tag/?h=20231011063721</link> + <guid isPermaLink="false">20231011063721</guid> + <description> + <![CDATA[<pre> +patches/packages/curl-8.4.0-x86_64-1_slack15.0.txz: Upgraded. + This update fixes security issues: + Cookie injection with none file. + SOCKS5 heap buffer overflow. + For more information, see: + https://curl.se/docs/CVE-2023-38546.html + https://curl.se/docs/CVE-2023-38545.html + https://www.cve.org/CVERecord?id=CVE-2023-38546 + https://www.cve.org/CVERecord?id=CVE-2023-38545 + (* Security fix *) +patches/packages/mozilla-thunderbird-115.3.2-x86_64-1_slack15.0.txz: Upgraded. + This is a bugfix release. + For more information, see: + https://www.mozilla.org/en-US/thunderbird/115.3.2/releasenotes/ +patches/packages/nghttp2-1.57.0-x86_64-1_slack15.0.txz: Upgraded. + This release has a fix to mitigate the HTTP/2 Rapid Reset vulnerability. + For more information, see: + https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg + https://www.cve.org/CVERecord?id=CVE-2023-44487 + (* Security fix *) +patches/packages/samba-4.18.8-x86_64-1_slack15.0.txz: Upgraded. + This is a security release in order to address the following defects: + Unsanitized pipe names allow SMB clients to connect as root to existing + unix domain sockets on the file system. + SMB client can truncate files to 0 bytes by opening files with OVERWRITE + disposition when using the acl_xattr Samba VFS module with the smb.conf + setting "acl_xattr:ignore system acls = yes" + An RODC and a user with the GET_CHANGES right can view all attributes, + including secrets and passwords. Additionally, the access check fails + open on error conditions. + Calls to the rpcecho server on the AD DC can request that the server block + for a user-defined amount of time, denying service. + Samba can be made to start multiple incompatible RPC listeners, disrupting + service on the AD DC. + For more information, see: + https://www.samba.org/samba/security/CVE-2023-3961.html + https://www.samba.org/samba/security/CVE-2023-4091.html + https://www.samba.org/samba/security/CVE-2023-4154.html + https://www.samba.org/samba/security/CVE-2023-42669.html + https://www.samba.org/samba/security/CVE-2023-42670.html + https://www.cve.org/CVERecord?id=CVE-2023-3961 + https://www.cve.org/CVERecord?id=CVE-2023-4091 + https://www.cve.org/CVERecord?id=CVE-2023-4154 + https://www.cve.org/CVERecord?id=CVE-2023-42669 + https://www.cve.org/CVERecord?id=CVE-2023-42670 + (* Security fix *) + </pre>]]> + </description> + </item> + <item> <title>Tue, 10 Oct 2023 19:27:56 GMT</title> <pubDate>Tue, 10 Oct 2023 19:27:56 GMT</pubDate> <link>https://git.slackware.nl/current/tag/?h=20231010192756</link> |