summaryrefslogtreecommitdiffstats
path: root/ChangeLog.txt
diff options
context:
space:
mode:
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r--ChangeLog.txt63
1 files changed, 63 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt
index 3d18b6417..648e263d9 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,66 @@
+Tue Jan 25 06:16:36 UTC 2022
+It may look like we're currently experiencing more stuckness, but this will
+lead us to Quality. We'll have this release in the can before you know it.
+a/aaa_glibc-solibs-2.33-x86_64-5.txz: Rebuilt.
+a/aaa_libraries-15.0-x86_64-16.txz: Rebuilt.
+ Rebuilt to pick up the patched libexpat.so.1.8.3.
+a/kernel-firmware-20220124_eb8ea1b-noarch-1.txz: Upgraded.
+a/kernel-generic-5.15.16-x86_64-2.txz: Upgraded.
+a/kernel-huge-5.15.16-x86_64-2.txz: Upgraded.
+ -9P_FSCACHE n
+ 9P_FS m -> y
+ Thanks to peake.
+a/kernel-modules-5.15.16-x86_64-2.txz: Upgraded.
+a/mkinitrd-1.4.11-x86_64-27.txz: Rebuilt.
+ mkinitrd_command_generator.sh: properly detect partitions of a RAID device.
+ Thanks to perrin4869.
+a/util-linux-2.37.3-x86_64-1.txz: Upgraded.
+ This release fixes two security mount(8) and umount(8) issues:
+ An issue related to parsing the /proc/self/mountinfo file allows an
+ unprivileged user to unmount other user's filesystems that are either
+ world-writable themselves or mounted in a world-writable directory.
+ Improper UID check in libmount allows an unprivileged user to unmount
+ FUSE filesystems of users with similar UID.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996
+ (* Security fix *)
+ap/vim-8.2.4212-x86_64-1.txz: Upgraded.
+d/git-2.35.0-x86_64-1.txz: Upgraded.
+d/kernel-headers-5.15.16-x86-2.txz: Upgraded.
+k/kernel-source-5.15.16-noarch-2.txz: Upgraded.
+l/expat-2.4.3-x86_64-2.txz: Rebuilt.
+ Fix signed integer overflow in function XML_GetBuffer for when
+ XML_CONTEXT_BYTES is defined to >0 (which is both common and
+ default). Impact is denial of service or other undefined behavior.
+ While we're here, also patch a memory leak on output file opening error.
+ Thanks to marav.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
+ (* Security fix *)
+l/fluidsynth-2.2.5-x86_64-1.txz: Upgraded.
+l/glibc-2.33-x86_64-5.txz: Rebuilt.
+ This update patches two security issues:
+ Unexpected return value from glibc's realpath().
+ Off-by-one buffer overflow/underflow in glibc's getcwd().
+ Thanks to Qualys Research Labs for reporting these issues.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3998
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999
+ (* Security fix *)
+l/glibc-i18n-2.33-x86_64-5.txz: Rebuilt.
+l/glibc-profile-2.33-x86_64-5.txz: Rebuilt.
+l/tdb-1.4.6-x86_64-1.txz: Upgraded.
+x/xf86-input-libinput-1.2.1-x86_64-1.txz: Upgraded.
+xap/mozilla-thunderbird-91.5.1-x86_64-1.txz: Upgraded.
+ This is a bugfix release.
+ For more information, see:
+ https://www.mozilla.org/en-US/thunderbird/91.5.1/releasenotes/
+xap/vim-gvim-8.2.4212-x86_64-1.txz: Upgraded.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
++--------------------------+
Sun Jan 23 19:36:54 UTC 2022
l/imagemagick-7.1.0_20-x86_64-1.txz: Upgraded.
Built using --with-fftw. Thanks to stormbr.
generated by cgit v1.2.3-65-gdbad (git 2.45.1) at 2024-07-08 12:26:55 +0000