current - Tracking development of slackware-current

	Commit message (Collapse)	Author	Age	Files	Lines
*	Thu Apr 13 22:25:18 UTC 202320230413222518_15.0	Patrick J Volkerding	2023-04-14	2	-2/+2
\| \| \| \| \| \| \|	extra/php81/php81-8.1.17-x86_64-1_slack15.0.txz: Upgraded. This is a bugfix release. For more information, see: https://www.php.net/ChangeLog-8.php#8.1.17
*	Tue Mar 14 20:42:47 UTC 202320230314204247_15.0	Patrick J Volkerding	2023-03-15	2	-5/+4
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	patches/packages/mozilla-firefox-102.9.0esr-x86_64-1_slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/firefox/102.9.0/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2023-10 https://www.cve.org/CVERecord?id=CVE-2023-25751 https://www.cve.org/CVERecord?id=CVE-2023-28164 https://www.cve.org/CVERecord?id=CVE-2023-28162 https://www.cve.org/CVERecord?id=CVE-2023-25752 https://www.cve.org/CVERecord?id=CVE-2023-28163 https://www.cve.org/CVERecord?id=CVE-2023-28176 (* Security fix *)
*	Wed Feb 15 19:48:10 UTC 202320230215194810_15.0	Patrick J Volkerding	2023-02-16	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	patches/packages/curl-7.88.0-x86_64-1_slack15.0.txz: Upgraded. This update fixes security issues: HTTP multi-header compression denial of service. HSTS amnesia with --parallel. HSTS ignored on multiple requests. For more information, see: https://curl.se/docs/CVE-2023-23916.html https://curl.se/docs/CVE-2023-23915.html https://curl.se/docs/CVE-2023-23914.html https://www.cve.org/CVERecord?id=CVE-2023-23916 https://www.cve.org/CVERecord?id=CVE-2023-23915 https://www.cve.org/CVERecord?id=CVE-2023-23914 (* Security fix ) patches/packages/git-2.35.7-x86_64-1_slack15.0.txz: Upgraded. This update fixes security issues: Using a specially-crafted repository, Git can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local clones whose source $GIT_DIR/objects directory contains symbolic links (c.f., CVE-2022-39253), the objects directory itself may still be a symbolic link. These two may be combined to include arbitrary files based on known paths on the victim's filesystem within the malicious repository's working copy, allowing for data exfiltration in a similar manner as CVE-2022-39253. By feeding a crafted input to "git apply", a path outside the working tree can be overwritten as the user who is running "git apply". For more information, see: https://www.cve.org/CVERecord?id=CVE-2023-22490 https://www.cve.org/CVERecord?id=CVE-2023-23946 ( Security fix *)
*	Sat Jan 7 01:50:00 UTC 202320230107015000_15.0	Patrick J Volkerding	2023-01-07	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	extra/php80/php80-8.0.27-x86_64-1_slack15.0.txz: Upgraded. This update fixes a security issue: PDO::quote() may return unquoted string. For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-31631 (* Security fix ) extra/php81/php81-8.1.14-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and a security issue: PDO::quote() may return unquoted string. For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-31631 ( Security fix ) patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txz: Upgraded. Fixed memory corruption in NSS via DER-encoded DSA and RSA-PSS signatures. For more information, see: https://www.mozilla.org/en-US/security/advisories/mfsa2021-51/ https://www.cve.org/CVERecord?id=CVE-2021-43527 ( Security fix ) patches/packages/php-7.4.33-x86_64-2_slack15.0.txz: Rebuilt. This update fixes a security issue: PDO::quote() may return unquoted string. For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-31631 ( Security fix *)
*	Mon Oct 31 23:31:36 UTC 202220221031233136_15.0	Patrick J Volkerding	2022-11-01	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	extra/php80/php80-8.0.25-x86_64-1_slack15.0.txz: Upgraded. This update fixes security issues: GD: OOB read due to insufficient input validation in imageloadfont(). Hash: buffer overflow in hash_update() on long parameter. For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-31630 https://www.cve.org/CVERecord?id=CVE-2022-37454 (* Security fix ) extra/php81/php81-8.1.12-x86_64-1_slack15.0.txz: Upgraded. This update fixes security issues: GD: OOB read due to insufficient input validation in imageloadfont(). Hash: buffer overflow in hash_update() on long parameter. For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-31630 https://www.cve.org/CVERecord?id=CVE-2022-37454 ( Security fix ) patches/packages/mozilla-thunderbird-102.4.1-x86_64-1_slack15.0.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/thunderbird/102.4.1/releasenotes/ patches/packages/vim-9.0.0814-x86_64-1_slack15.0.txz: Upgraded. A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to address this issue. Thanks to marav for the heads-up. For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-3705 ( Security fix *) patches/packages/vim-gvim-9.0.0814-x86_64-1_slack15.0.txz: Upgraded.
*	Fri Sep 30 17:52:21 UTC 202220220930175221_15.0	Patrick J Volkerding	2022-10-01	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	extra/php80/php80-8.0.24-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and security issues: phar wrapper: DOS when using quine gzip file. Don't mangle HTTP variable names that clash with ones that have a specific semantic meaning. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31628 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31629 (* Security fix ) extra/php81/php81-8.1.11-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and security issues: phar wrapper: DOS when using quine gzip file. Don't mangle HTTP variable names that clash with ones that have a specific semantic meaning. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31628 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31629 ( Security fix ) patches/packages/mozilla-thunderbird-102.3.1-x86_64-1_slack15.0.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/102.3.1/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2022-43/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39249 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39250 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39251 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39236 ( Security fix ) patches/packages/php-7.4.32-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and security issues: phar wrapper: DOS when using quine gzip file. Don't mangle HTTP variable names that clash with ones that have a specific semantic meaning. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31628 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31629 ( Security fix ) patches/packages/seamonkey-2.53.14-x86_64-1_slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more information, see: https://www.seamonkey-project.org/releases/seamonkey2.53.14 ( Security fix ) patches/packages/vim-9.0.0623-x86_64-1_slack15.0.txz: Upgraded. Fixed use-after-free and stack-based buffer overflow. Thanks to marav for the heads-up. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-3352 https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-3324 ( Security fix *) patches/packages/vim-gvim-9.0.0623-x86_64-1_slack15.0.txz: Upgraded.
*	Thu Jul 7 23:03:01 UTC 202220220707230301_15.0	Patrick J Volkerding	2022-07-08	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	patches/packages/gnupg2-2.2.36-x86_64-1_slack15.0.txz: Upgraded. g10: Fix possibly garbled status messages in NOTATION_DATA. This bug could trick GPGME and other parsers to accept faked status lines. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34903 (* Security fix ) extra/php81/php81-8.1.8-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and a security issue: Fileinfo: Fixed bug #81723 (Heap buffer overflow in finfo_buffer). For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31627 ( Security fix *)
*	Mon Jun 13 21:02:58 UTC 202220220613210258_15.0	Patrick J Volkerding	2022-06-14	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	patches/packages/php-7.4.30-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and security issues: mysqlnd/pdo password buffer overflow. Uninitialized array in pg_query_params(). For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31626 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31625 (* Security fix ) extra/php80/php80-8.0.20-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and security issues: mysqlnd/pdo password buffer overflow. Uninitialized array in pg_query_params(). For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31626 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31625 ( Security fix ) extra/php81/php81-8.1.7-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and security issues: mysqlnd/pdo password buffer overflow. Uninitialized array in pg_query_params(). For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31626 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31625 ( Security fix *)
*	Fri Feb 18 05:29:00 UTC 202220220218052900_15.0	Patrick J Volkerding	2022-02-19	2	-3/+3
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	patches/packages/mozilla-thunderbird-91.6.1-x86_64-1_slack15.0.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/91.6.1/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2022-07/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0566 (* Security fix ) patches/packages/php-7.4.28-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and a security issue: UAF due to php_filter_float() failing for ints. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21708 ( Security fix ) extra/php80/php80-8.0.16-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and a security issue: UAF due to php_filter_float() failing for ints. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21708 ( Security fix ) extra/php81/php81-8.1.3-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and a security issue: UAF due to php_filter_float() failing for ints. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21708 ( Security fix *)
*	Fri Jan 21 05:47:49 UTC 202220220121054749	Patrick J Volkerding	2022-01-21	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	a/aaa_libraries-15.0-x86_64-15.txz: Rebuilt. Upgraded: libzstd.so.1.5.2. a/kernel-firmware-20220119_0c6a7b3-noarch-1.txz: Upgraded. a/kernel-generic-5.15.16-x86_64-1.txz: Upgraded. a/kernel-huge-5.15.16-x86_64-1.txz: Upgraded. a/kernel-modules-5.15.16-x86_64-1.txz: Upgraded. ap/vim-8.2.4166-x86_64-1.txz: Upgraded. d/kernel-headers-5.15.16-x86-1.txz: Upgraded. d/rust-1.58.1-x86_64-1.txz: Upgraded. k/kernel-source-5.15.16-noarch-1.txz: Upgraded. l/qt5-5.15.3_20211130_014c375b-x86_64-2.txz: Rebuilt. Applied upstream patch: [PATCH] Move the wayland socket polling to a separate event thread. Thanks to LuckyCyborg. l/svgalib-1.9.25-x86_64-7.txz: Rebuilt. Don't try to use the (broken) assembly. Thanks to nobodino. l/zstd-1.5.2-x86_64-1.txz: Upgraded. x/ibus-m17n-1.4.9-x86_64-1.txz: Upgraded. xap/vim-gvim-8.2.4166-x86_64-1.txz: Upgraded. extra/php80/php80-8.0.15-x86_64-1.txz: Upgraded. extra/php81/php81-8.1.2-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
*	Fri Dec 17 20:47:13 UTC 202120211217204713	Patrick J Volkerding	2021-12-18	2	-3/+3
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	a/kernel-generic-5.15.10-x86_64-1.txz: Upgraded. a/kernel-huge-5.15.10-x86_64-1.txz: Upgraded. a/kernel-modules-5.15.10-x86_64-1.txz: Upgraded. ap/inxi-3.3.11_1-noarch-1.txz: Upgraded. ap/ksh93-1.0_20211217_ce3e080c-x86_64-1.txz: Upgraded. ap/neofetch-20211210_ccd5d9f5-noarch-1.txz: Upgraded. d/Cython-0.29.26-x86_64-1.txz: Upgraded. d/kernel-headers-5.15.10-x86-1.txz: Upgraded. k/kernel-source-5.15.10-noarch-1.txz: Upgraded. l/utf8proc-2.7.0-x86_64-1.txz: Upgraded. n/ca-certificates-20211216-noarch-1.txz: Upgraded. This update provides the latest CA certificates to check for the authenticity of SSL connections. xap/xine-ui-0.99.13-x86_64-1.txz: Upgraded. extra/php80/php80-8.0.14-x86_64-1.txz: Upgraded. extra/php81/php81-8.1.1-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
*	Fri Dec 3 20:07:20 UTC 202120211203200720	Patrick J Volkerding	2021-12-04	8	-0/+571
	ap/rpm-4.16.1.3-x86_64-4.txz: Rebuilt. Patched to handle non-compliant RPMs created by install4j. Thanks to alienBOB. d/poke-1.4-x86_64-1.txz: Upgraded. l/enchant-2.3.2-x86_64-1.txz: Upgraded. l/freetype-2.11.1-x86_64-1.txz: Upgraded. l/glib2-2.70.2-x86_64-1.txz: Upgraded. n/lynx-2.9.0dev.10-x86_64-1.txz: Upgraded. extra/php8/php8-8.1.0-x86_64-1.txz: Removed. extra/php80/php80-8.0.13-x86_64-1.txz: Added. extra/php81/php81-8.1.0-x86_64-1.txz: Added.