| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/mozilla-thunderbird-115.5.0-x86_64-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.5.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-52/
https://www.cve.org/CVERecord?id=CVE-2023-6204
https://www.cve.org/CVERecord?id=CVE-2023-6205
https://www.cve.org/CVERecord?id=CVE-2023-6206
https://www.cve.org/CVERecord?id=CVE-2023-6207
https://www.cve.org/CVERecord?id=CVE-2023-6208
https://www.cve.org/CVERecord?id=CVE-2023-6209
https://www.cve.org/CVERecord?id=CVE-2023-6212
(* Security fix *)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/kernel-firmware-20231120_9552083-noarch-1.txz: Upgraded.
Updated to the latest kernel firmware.
patches/packages/linux-5.15.139/*: Upgraded.
These updates fix various bugs and security issues.
Be sure to upgrade your initrd after upgrading the kernel packages.
If you use lilo to boot your machine, be sure lilo.conf points to the correct
kernel and initrd and run lilo as root to update the bootloader.
If you use elilo to boot your machine, you should run eliloconfig to copy the
kernel and initrd to the EFI System Partition.
For more information, see:
Fixed in 5.15.116:
https://www.cve.org/CVERecord?id=CVE-2023-35788
https://www.cve.org/CVERecord?id=CVE-2022-45887
https://www.cve.org/CVERecord?id=CVE-2022-45886
https://www.cve.org/CVERecord?id=CVE-2023-3212
https://www.cve.org/CVERecord?id=CVE-2022-45919
Fixed in 5.15.117:
https://www.cve.org/CVERecord?id=CVE-2023-2124
https://www.cve.org/CVERecord?id=CVE-2023-34255
Fixed in 5.15.118:
https://www.cve.org/CVERecord?id=CVE-2023-3609
https://www.cve.org/CVERecord?id=CVE-2023-3117
https://www.cve.org/CVERecord?id=CVE-2023-3390
https://www.cve.org/CVERecord?id=CVE-2023-3338
Fixed in 5.15.119:
https://www.cve.org/CVERecord?id=CVE-2023-3610
Fixed in 5.15.121:
https://www.cve.org/CVERecord?id=CVE-2023-31248
https://www.cve.org/CVERecord?id=CVE-2023-38432
https://www.cve.org/CVERecord?id=CVE-2023-3866
https://www.cve.org/CVERecord?id=CVE-2023-2898
https://www.cve.org/CVERecord?id=CVE-2023-44466
https://www.cve.org/CVERecord?id=CVE-2023-4132
https://www.cve.org/CVERecord?id=CVE-2023-3611
https://www.cve.org/CVERecord?id=CVE-2022-48502
https://www.cve.org/CVERecord?id=CVE-2023-3865
https://www.cve.org/CVERecord?id=CVE-2023-35001
https://www.cve.org/CVERecord?id=CVE-2023-3776
https://www.cve.org/CVERecord?id=CVE-2023-3863
Fixed in 5.15.122:
https://www.cve.org/CVERecord?id=CVE-2023-20593
Fixed in 5.15.123:
https://www.cve.org/CVERecord?id=CVE-2023-3777
https://www.cve.org/CVERecord?id=CVE-2023-4004
Fixed in 5.15.124:
https://www.cve.org/CVERecord?id=CVE-2023-4015
https://www.cve.org/CVERecord?id=CVE-2023-4147
https://www.cve.org/CVERecord?id=CVE-2023-1206
Fixed in 5.15.125:
https://www.cve.org/CVERecord?id=CVE-2022-40982
https://www.cve.org/CVERecord?id=CVE-2023-20569
Fixed in 5.15.126:
https://www.cve.org/CVERecord?id=CVE-2023-20588
https://www.cve.org/CVERecord?id=CVE-2023-4128
https://www.cve.org/CVERecord?id=CVE-2023-4208
https://www.cve.org/CVERecord?id=CVE-2023-4206
https://www.cve.org/CVERecord?id=CVE-2023-4207
https://www.cve.org/CVERecord?id=CVE-2023-40283
Fixed in 5.15.128:
https://www.cve.org/CVERecord?id=CVE-2023-4569
https://www.cve.org/CVERecord?id=CVE-2023-39194
https://www.cve.org/CVERecord?id=CVE-2023-4273
https://www.cve.org/CVERecord?id=CVE-2023-3772
Fixed in 5.15.132:
https://www.cve.org/CVERecord?id=CVE-2023-4921
https://www.cve.org/CVERecord?id=CVE-2023-4623
https://www.cve.org/CVERecord?id=CVE-2023-42753
https://www.cve.org/CVERecord?id=CVE-2023-42752
https://www.cve.org/CVERecord?id=CVE-2023-39189
https://www.cve.org/CVERecord?id=CVE-2023-4881
https://www.cve.org/CVERecord?id=CVE-2023-45871
https://www.cve.org/CVERecord?id=CVE-2023-39193
https://www.cve.org/CVERecord?id=CVE-2023-39192
Fixed in 5.15.133:
https://www.cve.org/CVERecord?id=CVE-2023-42755
Fixed in 5.15.134:
https://www.cve.org/CVERecord?id=CVE-2023-42754
https://www.cve.org/CVERecord?id=CVE-2023-4563
https://www.cve.org/CVERecord?id=CVE-2023-4244
https://www.cve.org/CVERecord?id=CVE-2023-5197
Fixed in 5.15.135:
https://www.cve.org/CVERecord?id=CVE-2023-34324
https://www.cve.org/CVERecord?id=CVE-2023-31085
https://www.cve.org/CVERecord?id=CVE-2023-5158
Fixed in 5.15.136:
https://www.cve.org/CVERecord?id=CVE-2023-35827
Fixed in 5.15.137:
https://www.cve.org/CVERecord?id=CVE-2023-46813
https://www.cve.org/CVERecord?id=CVE-2023-5717
https://www.cve.org/CVERecord?id=CVE-2023-5178
(* Security fix *)
patches/packages/mozilla-firefox-115.5.0esr-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
Thanks to zuriel for the taskbar icon fix on Wayland. :-)
For more information, see:
https://www.mozilla.org/en-US/firefox/115.5.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2023-50/
https://www.cve.org/CVERecord?id=CVE-2023-6204
https://www.cve.org/CVERecord?id=CVE-2023-6205
https://www.cve.org/CVERecord?id=CVE-2023-6206
https://www.cve.org/CVERecord?id=CVE-2023-6207
https://www.cve.org/CVERecord?id=CVE-2023-6208
https://www.cve.org/CVERecord?id=CVE-2023-6209
https://www.cve.org/CVERecord?id=CVE-2023-6212
(* Security fix *)
|
|
|
|
|
|
| |
patches/packages/ca-certificates-20231117-noarch-1_slack15.0.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/gegl-0.4.46-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release, needed by the GIMP upgrade.
patches/packages/gimp-2.10.36-x86_64-1_slack15.0.txz: Upgraded.
This release fixes security issues:
If a user loads a malicious DDS, PSD, or PSP file, this could result in a
program crash or possibly the execution of arbitrary code.
Please note that this package also requires the updated gegl package.
Thanks to henca for the heads-up.
For more information, see:
https://www.gimp.org/news/2023/11/07/gimp-2-10-36-released/
https://www.zerodayinitiative.com/advisories/ZDI-23-1591/
https://www.zerodayinitiative.com/advisories/ZDI-23-1592/
https://www.zerodayinitiative.com/advisories/ZDI-23-1593/
https://www.zerodayinitiative.com/advisories/ZDI-23-1594/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44441
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44442
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44443
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44444
(* Security fix *)
|
|
|
|
|
|
|
| |
patches/packages/mozilla-thunderbird-115.4.3-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.4.3/releasenotes/
|
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/mariadb-10.5.23-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and a security issue:
Vulnerability allows high privileged attacker with network access via
multiple protocols to compromise the server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22084
(* Security fix *)
|
|
|
|
|
|
| |
patches/packages/whois-5.5.20-x86_64-1_slack15.0.txz: Upgraded.
Added the .gn TLD server.
Removed 6 new gTLDs which are no longer active.
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/mozilla-thunderbird-115.4.2-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.4.2/releasenotes/
patches/packages/sudo-1.9.15p1-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release:
Fixed a bug introduced in sudo 1.9.15 that prevented LDAP-based sudoers
from being able to read the ldap.conf file.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/sudo-1.9.15-x86_64-1_slack15.0.txz: Upgraded.
The sudoers plugin has been modified to make it more resilient to ROWHAMMER
attacks on authentication and policy matching.
The sudoers plugin now constructs the user time stamp file path name using
the user-ID instead of the user name. This avoids a potential problem with
user names that contain a path separator ('/') being interpreted as part of
the path name.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-42465
https://www.cve.org/CVERecord?id=CVE-2023-42456
(* Security fix *)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/mozilla-thunderbird-115.4.1-x86_64-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.4.1/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-47/
https://www.cve.org/CVERecord?id=CVE-2023-5721
https://www.cve.org/CVERecord?id=CVE-2023-5732
https://www.cve.org/CVERecord?id=CVE-2023-5724
https://www.cve.org/CVERecord?id=CVE-2023-5725
https://www.cve.org/CVERecord?id=CVE-2023-5726
https://www.cve.org/CVERecord?id=CVE-2023-5727
https://www.cve.org/CVERecord?id=CVE-2023-5728
https://www.cve.org/CVERecord?id=CVE-2023-5730
(* Security fix *)
patches/packages/xorg-server-1.20.14-x86_64-9_slack15.0.txz: Rebuilt.
This update fixes security issues:
OOB write in XIChangeDeviceProperty/RRChangeOutputProperty.
Use-after-free bug in DestroyWindow.
For more information, see:
https://lists.x.org/archives/xorg-announce/2023-October/003430.html
https://www.cve.org/CVERecord?id=CVE-2023-5367
https://www.cve.org/CVERecord?id=CVE-2023-5380
(* Security fix *)
patches/packages/xorg-server-xephyr-1.20.14-x86_64-9_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xnest-1.20.14-x86_64-9_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xvfb-1.20.14-x86_64-9_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xwayland-21.1.4-x86_64-8_slack15.0.txz: Rebuilt.
This update fixes a security issue:
OOB write in XIChangeDeviceProperty/RRChangeOutputProperty.
For more information, see:
https://lists.x.org/archives/xorg-announce/2023-October/003430.html
https://www.cve.org/CVERecord?id=CVE-2023-5367
(* Security fix *)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/mozilla-firefox-115.4.0esr-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.4.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2023-46/
https://www.cve.org/CVERecord?id=CVE-2023-5721
https://www.cve.org/CVERecord?id=CVE-2023-5732
https://www.cve.org/CVERecord?id=CVE-2023-5724
https://www.cve.org/CVERecord?id=CVE-2023-5725
https://www.cve.org/CVERecord?id=CVE-2023-5726
https://www.cve.org/CVERecord?id=CVE-2023-5727
https://www.cve.org/CVERecord?id=CVE-2023-5728
https://www.cve.org/CVERecord?id=CVE-2023-5730
(* Security fix *)
patches/packages/mozilla-thunderbird-115.4.0-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.4.0/releasenotes/
patches/packages/vim-9.0.2063-x86_64-1_slack15.0.txz: Upgraded.
Fixed use-after-free security issue.
Thanks to marav for the heads-up.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-5535
(* Security fix *)
patches/packages/vim-gvim-9.0.2063-x86_64-1_slack15.0.txz: Upgraded.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/LibRaw-0.20.2-x86_64-4_slack15.0.txz: Rebuilt.
This update fixes security issues:
A Buffer Overflow vulnerability was found in LibRaw_buffer_datastream::
gets(char*, int), which could lead to privilege escalation or application
crash.
A heap-buffer-overflow was found in raw2image_ex(int), which may lead to
application crash by maliciously crafted input file.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2021-32142
https://www.cve.org/CVERecord?id=CVE-2023-1729
(* Security fix *)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/httpd-2.4.58-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and security issues:
moderate: Apache HTTP Server: HTTP/2 stream memory not reclaimed
right away on RST.
low: mod_macro buffer over-read.
low: Apache HTTP Server: DoS in HTTP/2 with initial windows size 0.
For more information, see:
https://downloads.apache.org/httpd/CHANGES_2.4.58
https://www.cve.org/CVERecord?id=CVE-2023-45802
https://www.cve.org/CVERecord?id=CVE-2023-31122
https://www.cve.org/CVERecord?id=CVE-2023-43622
(* Security fix *)
patches/packages/mozilla-thunderbird-115.3.3-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.3.3/releasenotes/
|
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/util-linux-2.37.4-x86_64-2_slack15.0.txz: Rebuilt.
Copy /etc/pam.d/login to /etc/pam.d/remote. This is needed for /bin/login's
'-h' option, used (for example) by telnetd. If -h is used without
/etc/pam.d/remote, pam will not be configured properly, and /etc/securetty
will be ignored, possibly allowing root to login from a tty that is not
considered secure. Of course, the usual disclaimers about the security of
telnet/telnetd apply.
Thanks to HytronBG and Petri Kaukasoina.
(* Security fix *)
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/libcaca-0.99.beta20-x86_64-1_slack15.0.txz: Upgraded.
Fixed a crash bug (a crafted file defining width of zero leads to divide by
zero and a crash). Seems to be merely a bug rather than a security issue, but
I'd been meaning to get beta20 building so this was a good excuse.
Thanks to marav.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-0856
(* Security fix *)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/libcue-2.2.1-x86_64-4_slack15.0.txz: Rebuilt.
Fixed a bug which could allow memory corruption resulting in arbitrary
code execution.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-43641
(* Security fix *)
patches/packages/libnotify-0.8.3-x86_64-1_slack15.0.txz: Upgraded.
This release contains a critical stability/minor security update which
affects Electron applications that utilize Portal notifications (eg,
through Flatpak). It is highly recommended that all users of libnotify
0.8.x update to this release.
(* Security fix *)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/wayland-1.22.0-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
patches/packages/whois-5.5.19-x86_64-1_slack15.0.txz: Upgraded.
Fixed english support for Japanese queries to not add again the /e argument
if it had already been provided by the user. (Closes: #1050171)
Added the .ye and .*************** (.xn--54b7fta0cc, Bangladesh) TLD servers.
Updated the .ba, .bb, .dk, .es, .gt, .jo, .ml, .mo, .pa, .pn, .sv, .uy,
.a+-la-r+-d+.n+, (.xn--mgbayh7gpa, Jordan) and .****** (.xn--mix891f, Macao)
TLD servers.
Upgraded the TLD URLs to HTTPS whenever possible.
Updated the charset for whois.jprs.jp.
Removed 3 new gTLDs which are no longer active.
Removed support for the obsolete as32 dot notation.
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/netatalk-3.1.18-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and a security issue:
Harden create_appledesktop_folder().
For more information, see:
https://netatalk.sourceforge.io/CVE-2022-22995.php
https://www.cve.org/CVERecord?id=CVE-2022-22995
(* Security fix *)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/libX11-1.8.7-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
libX11: out-of-bounds memory access in _XkbReadKeySyms().
libX11: stack exhaustion from infinite recursion in PutSubImage().
libX11: integer overflow in XCreateImage() leading to a heap overflow.
For more information, see:
https://lists.x.org/archives/xorg-announce/2023-October/003424.html
https://www.cve.org/CVERecord?id=CVE-2023-43785
https://www.cve.org/CVERecord?id=CVE-2023-43786
https://www.cve.org/CVERecord?id=CVE-2023-43787
(* Security fix *)
patches/packages/libXpm-3.5.17-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
libXpm: out of bounds read in XpmCreateXpmImageFromBuffer().
libXpm: out of bounds read on XPM with corrupted colormap.
For more information, see:
https://lists.x.org/archives/xorg-announce/2023-October/003424.html
https://www.cve.org/CVERecord?id=CVE-2023-43788
https://www.cve.org/CVERecord?id=CVE-2023-43789
(* Security fix *)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/libvpx-1.12.0-x86_64-1_slack15.0.txz: Upgraded.
This release contains two security related fixes -- one each for VP8 and VP9.
For more information, see:
https://crbug.com/1486441
https://www.cve.org/CVERecord?id=CVE-2023-5217
(* Security fix *)
patches/packages/mozilla-thunderbird-115.3.1-x86_64-1_slack15.0.txz: Upgraded.
This release contains a security fix for a critical heap buffer overflow in
the libvpx VP8 encoder.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.3.1/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/
https://www.cve.org/CVERecord?id=CVE-2023-5217
(* Security fix *)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
extra/php81/php81-8.1.24-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.php.net/ChangeLog-8.php#8.1.24
patches/packages/mozilla-firefox-115.3.1esr-x86_64-1_slack15.0.txz: Upgraded.
This update contains a security fix.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.3.1/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/
https://www.cve.org/CVERecord?id=CVE-2023-5217
(* Security fix *)
|
|
|
|
|
|
|
| |
patches/packages/mozilla-thunderbird-115.3.0-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.3.0/releasenotes/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/Cython-0.29.36-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
patches/packages/mozilla-firefox-115.3.0esr-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.3.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-42/
https://www.cve.org/CVERecord?id=CVE-2023-5168
https://www.cve.org/CVERecord?id=CVE-2023-5169
https://www.cve.org/CVERecord?id=CVE-2023-5171
https://www.cve.org/CVERecord?id=CVE-2023-5174
https://www.cve.org/CVERecord?id=CVE-2023-5176
(* Security fix *)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/bind-9.16.44-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and a security issue:
Limit the amount of recursion that can be performed by isccc_cc_fromwire.
For more information, see:
https://kb.isc.org/docs/cve-2023-3341
https://www.cve.org/CVERecord?id=CVE-2023-3341
(* Security fix *)
patches/packages/cups-2.4.7-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and a security issue:
Fixed Heap-based buffer overflow when reading Postscript in PPD files.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-4504
(* Security fix *)
patches/packages/mozilla-thunderbird-115.2.3-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.2.3/releasenotes/
patches/packages/seamonkey-2.53.17.1-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.seamonkey-project.org/releases/seamonkey2.53.17.1
https://www.cve.org/CVERecord?id=CVE-2023-4863
(* Security fix *)
testing/packages/bind-9.18.19-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and security issues:
Limit the amount of recursion that can be performed by isccc_cc_fromwire.
Fix use-after-free error in TLS DNS code when sending data.
For more information, see:
https://kb.isc.org/docs/cve-2023-3341
https://www.cve.org/CVERecord?id=CVE-2023-3341
https://kb.isc.org/docs/cve-2023-4236
https://www.cve.org/CVERecord?id=CVE-2023-4236
(* Security fix *)
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/netatalk-3.1.17-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and a security issue:
Validate data type in dalloc_value_for_key(). This flaw could allow a
malicious actor to cause Netatalk's afpd daemon to crash, or possibly to
execute arbitrary code.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-42464
(* Security fix *)
|
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/python3-3.9.18-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a security issue:
Fixed an issue where instances of ssl.SSLSocket were vulnerable to a bypass
of the TLS handshake and included protections (like certificate verification)
and treating sent unencrypted data as if it were post-handshake TLS encrypted
data. Security issue reported by Aapo Oksman; patch by Gregory P. Smith.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-40217
(* Security fix *)
|
|
|
|
|
|
|
|
| |
patches/packages/libwebp-1.3.2-x86_64-1_slack15.0.txz: Upgraded.
Security fix for lossless decoder (chromium: #1479274, CVE-2023-4863).
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-4863
(* Security fix *)
|
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/mozilla-firefox-115.2.1esr-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.2.1/releasenotes/
(* Security fix *)
patches/packages/mozilla-thunderbird-115.2.1-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.2.1/releasenotes/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/openssl-1.1.1w-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and a security issue that does not affect Linux:
Fix POLY1305 MAC implementation corrupting XMM registers on Windows.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-4807
patches/packages/openssl-solibs-1.1.1w-x86_64-1_slack15.0.txz: Upgraded.
patches/packages/vim-9.0.1897-x86_64-1_slack15.0.txz: Upgraded.
Fixed three use-after-free security issues.
Thanks to marav for the heads-up.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-4733
https://www.cve.org/CVERecord?id=CVE-2023-4752
https://www.cve.org/CVERecord?id=CVE-2023-4750
(* Security fix *)
patches/packages/vim-gvim-9.0.1897-x86_64-1_slack15.0.txz: Upgraded.
Fixed three use-after-free security issues.
Thanks to marav for the heads-up.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-4733
https://www.cve.org/CVERecord?id=CVE-2023-4752
https://www.cve.org/CVERecord?id=CVE-2023-4750
(* Security fix *)
|
|
|
|
|
| |
patches/packages/rocs-21.12.1-x86_64-2_slack15.0.txz: Rebuilt.
Fix crash on startup. Thanks to Lockywolf and ponce.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/mozilla-firefox-115.2.0esr-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.2.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2023-36/
https://www.cve.org/CVERecord?id=CVE-2023-4573
https://www.cve.org/CVERecord?id=CVE-2023-4574
https://www.cve.org/CVERecord?id=CVE-2023-4575
https://www.cve.org/CVERecord?id=CVE-2023-4576
https://www.cve.org/CVERecord?id=CVE-2023-4577
https://www.cve.org/CVERecord?id=CVE-2023-4051
https://www.cve.org/CVERecord?id=CVE-2023-4578
https://www.cve.org/CVERecord?id=CVE-2023-4053
https://www.cve.org/CVERecord?id=CVE-2023-4580
https://www.cve.org/CVERecord?id=CVE-2023-4581
https://www.cve.org/CVERecord?id=CVE-2023-4582
https://www.cve.org/CVERecord?id=CVE-2023-4583
https://www.cve.org/CVERecord?id=CVE-2023-4584
https://www.cve.org/CVERecord?id=CVE-2023-4585
(* Security fix *)
patches/packages/mozilla-thunderbird-115.2.0-x86_64-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.2.0/releasenotes/
(* Security fix *)
|
|
|
|
|
|
|
| |
patches/packages/mozilla-thunderbird-115.1.1-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.1.1/releasenotes/
|
|
|
|
|
|
|
| |
patches/packages/mariadb-10.5.22-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://mariadb.com/kb/en/mariadb-10-5-22-changelog/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
extra/php80/php80-8.0.30-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and security issues:
Security issue with external entity loading in XML without enabling it.
Missing error check and insufficient random bytes in HTTP Digest
authentication for SOAP.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3823
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3247
(* Security fix *)
patches/packages/vim-9.0.1678-x86_64-1_slack15.0.txz: Upgraded.
Applied the last patches from Bram Moolenaar.
RIP Bram, and thanks for your great work on VIM and your kindness to the
orphan children in Uganda.
If you'd like to honor Bram with a donation to his charity, please visit:
https://iccf-holland.org/
patches/packages/vim-gvim-9.0.1678-x86_64-1_slack15.0.txz: Upgraded.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
extra/php81/php81-8.1.22-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a security issue:
Libxml: Fixed bug GHSA-3qrf-m4j2-pcrr (Security issue with external entity
loading in XML without enabling it).
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-3823
(* Security fix *)
extra/rust-for-mozilla/rust-1.70.0-x86_64-1_slack15.0.txz: Upgraded.
Upgraded the Rust compiler for Firefox 115.1.0 ESR and Thunderbird 115.1.0.
pasture/samba-4.15.13-x86_64-1_slack15.0.txz: Added.
We'll hang onto this just in case.
patches/packages/mozilla-firefox-115.1.0esr-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.1.0esr/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-31/
https://www.cve.org/CVERecord?id=CVE-2023-4045
https://www.cve.org/CVERecord?id=CVE-2023-4046
https://www.cve.org/CVERecord?id=CVE-2023-4047
https://www.cve.org/CVERecord?id=CVE-2023-4048
https://www.cve.org/CVERecord?id=CVE-2023-4049
https://www.cve.org/CVERecord?id=CVE-2023-4050
https://www.cve.org/CVERecord?id=CVE-2023-4052
https://www.cve.org/CVERecord?id=CVE-2023-4054
https://www.cve.org/CVERecord?id=CVE-2023-4055
https://www.cve.org/CVERecord?id=CVE-2023-4056
https://www.cve.org/CVERecord?id=CVE-2023-4057
(* Security fix *)
patches/packages/mozilla-thunderbird-115.1.0-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.1.0/releasenotes/
patches/packages/samba-4.18.5-x86_64-1_slack15.0.txz: Upgraded.
PLEASE NOTE: We are taking the unusual step of moving to the latest Samba
branch because Windows has made changes that break Samba 4.15.x. The last
4.15.x will be retained in /pasture as a fallback. There may be some
required configuration changes with this, but we've kept using MIT Kerberos
to try to have the behavior change as little as possible. Upgrade carefully.
This update fixes security issues:
When winbind is used for NTLM authentication, a maliciously crafted request
can trigger an out-of-bounds read in winbind and possibly crash it.
SMB2 packet signing is not enforced if an admin configured
"server signing = required" or for SMB2 connections to Domain Controllers
where SMB2 packet signing is mandatory.
An infinite loop bug in Samba's mdssvc RPC service for Spotlight can be
triggered by an unauthenticated attacker by issuing a malformed RPC request.
Missing type validation in Samba's mdssvc RPC service for Spotlight can be
used by an unauthenticated attacker to trigger a process crash in a shared
RPC mdssvc worker process.
As part of the Spotlight protocol Samba discloses the server-side absolute
path of shares and files and directories in search results.
For more information, see:
https://www.samba.org/samba/security/CVE-2022-2127.html
https://www.samba.org/samba/security/CVE-2023-3347.html
https://www.samba.org/samba/security/CVE-2023-34966.html
https://www.samba.org/samba/security/CVE-2023-34967.html
https://www.samba.org/samba/security/CVE-2023-34968.html
https://www.cve.org/CVERecord?id=CVE-2022-2127
https://www.cve.org/CVERecord?id=CVE-2023-3347
https://www.cve.org/CVERecord?id=CVE-2023-34966
https://www.cve.org/CVERecord?id=CVE-2023-34967
https://www.cve.org/CVERecord?id=CVE-2023-34968
(* Security fix *)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/openssl-1.1.1v-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and security issues:
Fix excessive time spent checking DH q parameter value.
Fix DH_check() excessive time with over sized modulus.
For more information, see:
https://www.openssl.org/news/secadv/20230731.txt
https://www.openssl.org/news/secadv/20230719.txt
https://www.cve.org/CVERecord?id=CVE-2023-3817
https://www.cve.org/CVERecord?id=CVE-2023-3446
(* Security fix *)
patches/packages/openssl-solibs-1.1.1v-x86_64-1_slack15.0.txz: Upgraded.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/mozilla-thunderbird-102.13.1-x86_64-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/102.13.1/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-28/
https://www.cve.org/CVERecord?id=CVE-2023-3417
(* Security fix *)
patches/packages/seamonkey-2.53.17-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.seamonkey-project.org/releases/seamonkey2.53.17
(* Security fix *)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/curl-8.2.1-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
testing/packages/mozilla-firefox-115.0.3esr-x86_64-1_slack15.0.txz: Added.
This seems good to go, but a little testing won't hurt.
testing/packages/mozilla-thunderbird-115.0.1-x86_64-1_slack15.0.txz: Added.
Here, like in -current, we're going to wait until upstream deems this ready
to trigger the automatic update from earlier versions.
testing/packages/rust-1.70.0-x86_64-1_slack15.0.txz: Added.
This will replace the package in /extra/rust-for-mozilla/ when the 115.x
versions of Firefox and Thunderbird become the main ones in Slackware 15.0.
|
|
|
|
|
| |
patches/packages/kernel-firmware-20230725_b6ea35f-noarch-1.txz: Upgraded.
Restored license files and other documentation. Thanks to drumz.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/kernel-firmware-20230724_59fbffa-noarch-1.txz: Upgraded.
AMD microcode updated to fix a use-after-free in AMD Zen2 processors.
From Tavis Ormandy's annoucement of the issue:
"The practical result here is that you can spy on the registers of other
processes. No system calls or privileges are required.
It works across virtual machines and affects all operating systems.
I have written a poc for this issue that's fast enough to reconstruct
keys and passwords as users log in."
For more information, see:
https://seclists.org/oss-sec/2023/q3/59
https://www.cve.org/CVERecord?id=CVE-2023-20593
(* Security fix *)
|
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/whois-5.5.18-x86_64-1_slack15.0.txz: Upgraded.
Updated the .ga TLD server.
Added new recovered IPv4 allocations.
Removed the delegation of 43.0.0.0/8 to JPNIC.
Removed 12 new gTLDs which are no longer active.
Improved the man page source, courtesy of Bjarni Ingi Gislason.
Added the .edu.za SLD server.
Updated the .alt.za SLD server.
Added the -ru and -su NIC handles servers.
|
|
|
|
|
|
| |
patches/packages/ca-certificates-20230721-noarch-1_slack15.0.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/curl-8.2.0-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a security issue:
fopen race condition.
For more information, see:
https://curl.se/docs/CVE-2023-32001.html
https://www.cve.org/CVERecord?id=CVE-2023-32001
(* Security fix *)
patches/packages/openssh-9.3p2-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a security issue:
ssh-agent(1) in OpenSSH between and 5.5 and 9.3p1 (inclusive): remote code
execution relating to PKCS#11 providers.
The PKCS#11 support ssh-agent(1) could be abused to achieve remote code
execution via a forwarded agent socket if the following conditions are met:
* Exploitation requires the presence of specific libraries on the victim
system.
* Remote exploitation requires that the agent was forwarded to an
attacker-controlled system.
Exploitation can also be prevented by starting ssh-agent(1) with an empty
PKCS#11/FIDO allowlist (ssh-agent -P '') or by configuring an allowlist that
contains only specific provider libraries.
This vulnerability was discovered and demonstrated to be exploitable by the
Qualys Security Advisory team.
Potentially-incompatible changes:
* ssh-agent(8): the agent will now refuse requests to load PKCS#11 modules
issued by remote clients by default. A flag has been added to restore the
previous behaviour: "-Oallow-remote-pkcs11".
For more information, see:
https://www.openssh.com/txt/release-9.3p2
https://www.cve.org/CVERecord?id=CVE-2023-38408
(* Security fix *)
|
|
|
|
|
| |
patches/packages/sudo-1.9.14p2-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/krb5-1.19.2-x86_64-4_slack15.0.txz: Rebuilt.
Fix potential uninitialized pointer free in kadm5 XDR parsing.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-36054
(* Security fix *)
patches/packages/sudo-1.9.14p1-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/mozilla-thunderbird-102.13.0-x86_64-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/102.13.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-24/
https://www.cve.org/CVERecord?id=CVE-2023-37201
https://www.cve.org/CVERecord?id=CVE-2023-37202
https://www.cve.org/CVERecord?id=CVE-2023-37207
https://www.cve.org/CVERecord?id=CVE-2023-37208
https://www.cve.org/CVERecord?id=CVE-2023-37211
(* Security fix *)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/mozilla-firefox-102.13.0esr-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/102.13.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2023-23/
https://www.cve.org/CVERecord?id=CVE-2023-37201
https://www.cve.org/CVERecord?id=CVE-2023-37202
https://www.cve.org/CVERecord?id=CVE-2023-37207
https://www.cve.org/CVERecord?id=CVE-2023-37208
https://www.cve.org/CVERecord?id=CVE-2023-37211
(* Security fix *)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/network-scripts-15.0-noarch-19_slack15.0.txz: Rebuilt.
This update fixes a bug and adds a new feature:
Re-add support for the DHCP_IPADDR parameter from rc.inet1.conf.
Expand the help text for DHCP_IPADDR in rc.inet1.conf.
Add support for a DHCP_OPTS parameter.
Thanks to ljb643 and Darren 'Tadgy' Austin.
patches/packages/vim-9.0.1667-x86_64-1_slack15.0.txz: Upgraded.
This fixes a rare divide-by-zero bug that could cause vim to crash. In an
interactive program such as vim, I can't really see this qualifying as a
security issue, but since it was brought up as such on LQ we'll just go
along with it this time. :)
Thanks to marav for the heads-up.
(* Security fix *)
patches/packages/vim-gvim-9.0.1667-x86_64-1_slack15.0.txz: Upgraded.
|
|
|
|
|
|
|
|
|
|
|
| |
patches/packages/linux-5.15.117/*: Upgraded.
We're going to back up one version to avoid an amdgpu regression in 5.15.118.
If you're already using 5.15.118 without issues, feel free to stick with it.
Be sure to upgrade your initrd after upgrading the kernel packages.
If you use lilo to boot your machine, be sure lilo.conf points to the correct
kernel and initrd and run lilo as root to update the bootloader.
If you use elilo to boot your machine, you should run eliloconfig to copy the
kernel and initrd to the EFI System Partition.
|
|
|
|
|
|
|
|
|
| |
patches/packages/cups-2.4.6-x86_64-1_slack15.0.txz: Upgraded.
Fixed use-after-free when logging warnings in case of failures
in cupsdAcceptClient().
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-34241
(* Security fix *)
|