diff options
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r-- | ChangeLog.txt | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 3dd67490d..c91fb9e53 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,27 @@ +Thu Jul 21 18:13:18 UTC 2022 +patches/packages/net-snmp-5.9.3-x86_64-1_slack15.0.txz: Upgraded. + This update fixes security issues: + A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause + an out-of-bounds memory access. + A malformed OID in a GET-NEXT to the nsVacmAccessTable can cause a NULL + pointer dereference. + Improper Input Validation when SETing malformed OIDs in master agent and + subagent simultaneously. + A malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable + can cause an out-of-bounds memory access. + A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a + NULL pointer dereference. + A malformed OID in a SET to the nsVacmAccessTable can cause a NULL pointer + dereference. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810 + (* Security fix *) ++--------------------------+ Wed Jul 13 19:56:59 UTC 2022 patches/packages/xorg-server-1.20.14-x86_64-3_slack15.0.txz: Rebuilt. xkb: switch to array index loops to moving pointers. |