diff options
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r-- | ChangeLog.txt | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 3f2734019..089e9110a 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,44 @@ +Wed Feb 1 22:27:31 UTC 2023 +a/kernel-firmware-20230125_5c11a37-noarch-1.txz: Upgraded. +a/kernel-generic-6.1.9-x86_64-1.txz: Upgraded. +a/kernel-huge-6.1.9-x86_64-1.txz: Upgraded. +a/kernel-modules-6.1.9-x86_64-1.txz: Upgraded. +d/kernel-headers-6.1.9-x86-1.txz: Upgraded. +k/kernel-source-6.1.9-noarch-1.txz: Upgraded. +l/apr-1.7.2-x86_64-1.txz: Upgraded. + This update fixes security issues: + Integer Overflow or Wraparound vulnerability in apr_encode functions of + Apache Portable Runtime (APR) allows an attacker to write beyond bounds + of a buffer. (CVE-2022-24963) + Restore fix for out-of-bounds array dereference in apr_time_exp*() functions. + (This issue was addressed as CVE-2017-12613 in APR 1.6.3 and + later 1.6.x releases, but was missing in 1.7.0.) (CVE-2021-35940) + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2022-24963 + https://www.cve.org/CVERecord?id=CVE-2021-35940 + https://www.cve.org/CVERecord?id=CVE-2017-12613 + (* Security fix *) +l/apr-util-1.6.3-x86_64-1.txz: Upgraded. + This update fixes a security issue: + Integer Overflow or Wraparound vulnerability in apr_base64 functions + of Apache Portable Runtime Utility (APR-util) allows an attacker to + write beyond bounds of a buffer. (CVE-2022-25147) + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2022-25147 + (* Security fix *) +l/libhandy-1.8.1-x86_64-1.txz: Upgraded. +l/libjpeg-turbo-2.1.5-x86_64-1.txz: Upgraded. +xap/mozilla-thunderbird-102.7.1-x86_64-1.txz: Upgraded. + This release contains security fixes and improvements. + For more information, see: + https://www.mozilla.org/en-US/thunderbird/102.7.1/releasenotes/ + https://www.mozilla.org/en-US/security/advisories/mfsa2023-04/ + https://www.cve.org/CVERecord?id=CVE-2023-0430 + (* Security fix *) +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. ++--------------------------+ Wed Feb 1 05:29:53 UTC 2023 d/perl-5.36.0-x86_64-3.txz: Rebuilt. Upgraded: IO-Socket-SSL-2.081, Moo-2.005005, Path-Tiny-0.144, |