diff options
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r-- | ChangeLog.txt | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 2d1b19c46..a223e099c 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,36 @@ +Tue Feb 7 20:48:57 UTC 2023 +a/openssl-solibs-1.1.1t-x86_64-1.txz: Upgraded. +ap/mariadb-10.6.12-x86_64-1.txz: Upgraded. +l/SDL2_image-2.6.3-x86_64-1.txz: Upgraded. +l/SDL2_mixer-2.6.3-x86_64-1.txz: Upgraded. +l/SDL2_ttf-2.20.2-x86_64-1.txz: Upgraded. +n/openssl-1.1.1t-x86_64-1.txz: Upgraded. + This update fixes security issues: + X.400 address type confusion in X.509 GeneralName. + Timing Oracle in RSA Decryption. + Use-after-free following BIO_new_NDEF. + Double free after calling PEM_read_bio_ex. + For more information, see: + https://www.openssl.org/news/secadv/20230207.txt + https://www.cve.org/CVERecord?id=CVE-2023-0286 + https://www.cve.org/CVERecord?id=CVE-2022-4304 + https://www.cve.org/CVERecord?id=CVE-2023-0215 + https://www.cve.org/CVERecord?id=CVE-2022-4450 + (* Security fix *) +x/xorg-server-21.1.7-x86_64-1.txz: Upgraded. + [PATCH] Xi: fix potential use-after-free in DeepCopyPointerClasses. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2023-0494 + (* Security fix *) +x/xorg-server-xephyr-21.1.7-x86_64-1.txz: Upgraded. +x/xorg-server-xnest-21.1.7-x86_64-1.txz: Upgraded. +x/xorg-server-xvfb-21.1.7-x86_64-1.txz: Upgraded. +x/xorg-server-xwayland-22.1.8-x86_64-1.txz: Upgraded. + [PATCH] Xi: fix potential use-after-free in DeepCopyPointerClasses. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2023-0494 + (* Security fix *) ++--------------------------+ Mon Feb 6 20:47:34 UTC 2023 a/kernel-generic-6.1.10-x86_64-1.txz: Upgraded. a/kernel-huge-6.1.10-x86_64-1.txz: Upgraded. |