diff options
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r-- | ChangeLog.txt | 75 |
1 files changed, 75 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 3cdfc352a..67a9c6036 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,78 @@ +Thu Nov 17 01:49:28 UTC 2022 +ap/man-db-2.11.1-x86_64-1.txz: Upgraded. +ap/nano-7.0-x86_64-1.txz: Upgraded. +ap/sqlite-3.40.0-x86_64-1.txz: Upgraded. +kde/plasma-framework-5.100.0-x86_64-2.txz: Rebuilt. + [PATCH] svgitem: do not upscale svg when using fractional scaling. +l/netpbm-11.00.02-x86_64-1.txz: Upgraded. +n/bind-9.18.9-x86_64-1.txz: Upgraded. +n/krb5-1.20.1-x86_64-1.txz: Upgraded. + Fixed integer overflows in PAC parsing. + Fixed null deref in KDC when decoding invalid NDR. + Fixed memory leak in OTP kdcpreauth module. + Fixed PKCS11 module path search. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2022-42898 + (* Security fix *) +n/samba-4.17.3-x86_64-1.txz: Upgraded. + Fixed a security issue where Samba's Kerberos libraries and AD DC failed + to guard against integer overflows when parsing a PAC on a 32-bit system, + which allowed an attacker with a forged PAC to corrupt the heap. + For more information, see: + https://www.samba.org/samba/security/CVE-2022-42898.html + https://www.cve.org/CVERecord?id=CVE-2022-42898 + (* Security fix *) +x/libXft-2.3.7-x86_64-1.txz: Upgraded. +x/wayland-protocols-1.29-noarch-1.txz: Upgraded. +xap/mozilla-firefox-107.0-x86_64-1.txz: Upgraded. + This update contains security fixes and improvements. + For more information, see: + https://www.mozilla.org/en-US/firefox/107.0/releasenotes/ + https://www.mozilla.org/security/advisories/mfsa2022-47/ + https://www.cve.org/CVERecord?id=CVE-2022-45403 + https://www.cve.org/CVERecord?id=CVE-2022-45404 + https://www.cve.org/CVERecord?id=CVE-2022-45405 + https://www.cve.org/CVERecord?id=CVE-2022-45406 + https://www.cve.org/CVERecord?id=CVE-2022-45407 + https://www.cve.org/CVERecord?id=CVE-2022-45408 + https://www.cve.org/CVERecord?id=CVE-2022-45409 + https://www.cve.org/CVERecord?id=CVE-2022-45410 + https://www.cve.org/CVERecord?id=CVE-2022-45411 + https://www.cve.org/CVERecord?id=CVE-2022-45412 + https://www.cve.org/CVERecord?id=CVE-2022-45413 + https://www.cve.org/CVERecord?id=CVE-2022-40674 + https://www.cve.org/CVERecord?id=CVE-2022-45415 + https://www.cve.org/CVERecord?id=CVE-2022-45416 + https://www.cve.org/CVERecord?id=CVE-2022-45417 + https://www.cve.org/CVERecord?id=CVE-2022-45418 + https://www.cve.org/CVERecord?id=CVE-2022-45419 + https://www.cve.org/CVERecord?id=CVE-2022-45420 + https://www.cve.org/CVERecord?id=CVE-2022-45421 + (* Security fix *) +xap/mozilla-thunderbird-102.5.0-x86_64-1.txz: Upgraded. + This release contains security fixes and improvements. + For more information, see: + https://www.mozilla.org/en-US/thunderbird/102.5.0/releasenotes/ + https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/ + https://www.cve.org/CVERecord?id=CVE-2022-45403 + https://www.cve.org/CVERecord?id=CVE-2022-45404 + https://www.cve.org/CVERecord?id=CVE-2022-45405 + https://www.cve.org/CVERecord?id=CVE-2022-45406 + https://www.cve.org/CVERecord?id=CVE-2022-45408 + https://www.cve.org/CVERecord?id=CVE-2022-45409 + https://www.cve.org/CVERecord?id=CVE-2022-45410 + https://www.cve.org/CVERecord?id=CVE-2022-45411 + https://www.cve.org/CVERecord?id=CVE-2022-45412 + https://www.cve.org/CVERecord?id=CVE-2022-45416 + https://www.cve.org/CVERecord?id=CVE-2022-45418 + https://www.cve.org/CVERecord?id=CVE-2022-45420 + https://www.cve.org/CVERecord?id=CVE-2022-45421 + (* Security fix *) +xfce/xfce4-settings-4.16.5-x86_64-1.txz: Upgraded. + This update fixes regressions in the previous security fix: + mime-settings: Properly quote command parameters. + Revert "Escape characters which do not belong into an URI/URL (Issue #390)." ++--------------------------+ Tue Nov 15 01:28:38 UTC 2022 a/xz-5.2.8-x86_64-1.txz: Upgraded. d/mercurial-6.3.0-x86_64-1.txz: Upgraded. |