diff options
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r-- | ChangeLog.txt | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 98cbbf992..e17d22c53 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,49 @@ +Thu Mar 17 19:46:28 UTC 2022 +patches/packages/bind-9.18.1-x86_64-1_slack15.0.txz: Upgraded. + This update fixes bugs and the following security issues: + An assertion could occur in resume_dslookup() if the fetch had been shut + down earlier. + Lookups involving a DNAME could trigger an INSIST when "synth-from-dnssec" + was enabled. + A synchronous call to closehandle_cb() caused isc__nm_process_sock_buffer() + to be called recursively, which in turn left TCP connections hanging in the + CLOSE_WAIT state blocking indefinitely when out-of-order processing was + disabled. + The rules for acceptance of records into the cache have been tightened to + prevent the possibility of poisoning if forwarders send records outside + the configured bailiwick. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0667 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0635 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0396 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25220 + (* Security fix *) +patches/packages/bluez-5.64-x86_64-1_slack15.0.txz: Upgraded. + This is a bugfix release: + Fix issue with handling A2DP discover procedure. + Fix issue with media endpoint replies and SetConfiguration. + Fix issue with HoG queuing events before report map is read. + Fix issue with HoG and read order of GATT attributes. + Fix issue with HoG and not using UHID_CREATE2 interface. + Fix issue with failed scanning for 5 minutes after reboot. +patches/packages/openssl-1.1.1n-x86_64-1_slack15.0.txz: Upgraded. + This update fixes a high severity security issue: + The BN_mod_sqrt() function, which computes a modular square root, contains + a bug that can cause it to loop forever for non-prime moduli. + For more information, see: + https://www.openssl.org/news/secadv/20220315.txt + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778 + (* Security fix *) +patches/packages/openssl-solibs-1.1.1n-x86_64-1_slack15.0.txz: Upgraded. +patches/packages/qt5-5.15.3_20220312_33a3f16f-x86_64-1_slack15.0.txz: Upgraded. + Thanks to Heinz Wiesinger for updating the fetch_sources.sh script to make + sure that the QtWebEngine version matches the rest of Qt, which got the + latest git pull compiling again. + If a 32-bit userspace is detected, then: + export QTWEBENGINE_CHROMIUM_FLAGS="--disable-seccomp-filter-sandbox" + This works around crashes occuring with 32-bit QtWebEngine applications. + Thanks to alienBOB. ++--------------------------+ Tue Mar 15 00:13:59 UTC 2022 patches/packages/httpd-2.4.53-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and the following security issues: |