diff options
Diffstat (limited to 'ChangeLog.txt')
| -rw-r--r-- | ChangeLog.txt | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 7d27d32a9..6ce5574b5 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,21 @@ +Wed Mar 27 19:16:09 UTC 2024 +patches/packages/curl-8.7.1-x86_64-1_slack15.0.txz: Upgraded. + This release fixes the following security issues: + TLS certificate check bypass with mbedTLS. + HTTP/2 push headers memory-leak. + QUIC certificate check bypass with wolfSSL. + Usage of disabled protocol. + For more information, see: + https://curl.se/docs/CVE-2024-2466.html + https://curl.se/docs/CVE-2024-2398.html + https://curl.se/docs/CVE-2024-2379.html + https://curl.se/docs/CVE-2024-2004.html + https://www.cve.org/CVERecord?id=CVE-2024-2466 + https://www.cve.org/CVERecord?id=CVE-2024-2398 + https://www.cve.org/CVERecord?id=CVE-2024-2379 + https://www.cve.org/CVERecord?id=CVE-2024-2004 + (* Security fix *) ++--------------------------+ Sun Mar 24 18:21:46 UTC 2024 patches/packages/emacs-29.3-x86_64-1_slack15.0.txz: Upgraded. GNU Emacs through 28.2 allows attackers to execute commands via shell |