diff options
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r-- | ChangeLog.txt | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 12d9280ad..6b14d5b49 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,26 @@ +Wed Jun 8 19:15:34 UTC 2022 +patches/packages/httpd-2.4.54-x86_64-1_slack15.0.txz: Upgraded. + This update fixes bugs and the following security issues: + mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism. + Information Disclosure in mod_lua with websockets. + mod_sed denial of service. + Denial of service in mod_lua r:parsebody. + Read beyond bounds in ap_strcmp_match(). + Read beyond bounds via ap_rwrite(). + Read beyond bounds in mod_isapi. + mod_proxy_ajp: Possible request smuggling. + For more information, see: + https://downloads.apache.org/httpd/CHANGES_2.4.54 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31813 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30556 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30522 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29404 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28615 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28614 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28330 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26377 + (* Security fix *) ++--------------------------+ Sat Jun 4 18:43:17 UTC 2022 patches/packages/pidgin-2.14.10-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and several security issues. |