diff options
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r-- | ChangeLog.txt | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index cb767bc8c..282e70678 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,38 @@ +Thu Jun 23 05:30:51 UTC 2022 +a/kernel-generic-5.18.6-x86_64-1.txz: Upgraded. +a/kernel-huge-5.18.6-x86_64-1.txz: Upgraded. +a/kernel-modules-5.18.6-x86_64-1.txz: Upgraded. +a/openssl-solibs-1.1.1p-x86_64-1.txz: Upgraded. +ap/sudo-1.9.11p3-x86_64-1.txz: Upgraded. +d/kernel-headers-5.18.6-x86-1.txz: Upgraded. +k/kernel-source-5.18.6-noarch-1.txz: Upgraded. +l/espeak-ng-1.51.1-x86_64-1.txz: Upgraded. +l/libidn-1.40-x86_64-1.txz: Upgraded. +l/mlt-7.8.0-x86_64-1.txz: Upgraded. +l/openal-soft-1.22.1-x86_64-1.txz: Upgraded. +l/pulseaudio-16.1-x86_64-1.txz: Upgraded. +l/speex-1.2.1-x86_64-1.txz: Upgraded. +l/speexdsp-1.2.1-x86_64-1.txz: Upgraded. +n/ca-certificates-20220622-noarch-1.txz: Upgraded. + This update provides the latest CA certificates to check for the + authenticity of SSL connections. +n/openssl-1.1.1p-x86_64-1.txz: Upgraded. + In addition to the c_rehash shell command injection identified in + CVE-2022-1292, further circumstances where the c_rehash script does not + properly sanitise shell metacharacters to prevent command injection were + found by code review. + When the CVE-2022-1292 was fixed it was not discovered that there + are other places in the script where the file names of certificates + being hashed were possibly passed to a command executed through the shell. + For more information, see: + https://www.openssl.org/news/secadv/20220621.txt + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068 + (* Security fix *) +x/ibus-table-1.16.9-x86_64-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. ++--------------------------+ Tue Jun 21 19:49:31 UTC 2022 a/kernel-firmware-20220621_fc8557e-noarch-1.txz: Upgraded. ap/vim-8.2.5145-x86_64-1.txz: Upgraded. |