summaryrefslogtreecommitdiffstats
path: root/patches/source/httpd (follow)
Commit message (Expand)AuthorAgeFilesLines
* Thu Oct 19 19:14:05 UTC 2023...patches/packages/httpd-2.4.58-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and security issues: moderate: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST. low: mod_macro buffer over-read. low: Apache HTTP Server: DoS in HTTP/2 with initial windows size 0. For more information, see: https://downloads.apache.org/httpd/CHANGES_2.4.58 https://www.cve.org/CVERecord?id=CVE-2023-45802 https://www.cve.org/CVERecord?id=CVE-2023-31122 https://www.cve.org/CVERecord?id=CVE-2023-43622 (* Security fix *) patches/packages/mozilla-thunderbird-115.3.3-x86_64-1_slack15.0.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/thunderbird/115.3.3/releasenotes/ 20231019191405_15.0 Patrick J Volkerding2023-10-202-13/+16
* Fri Apr 7 18:53:33 UTC 2023...patches/packages/httpd-2.4.57-x86_64-1_slack15.0.txz: Upgraded. This is a bugfix release. For more information, see: https://downloads.apache.org/httpd/CHANGES_2.4.57 20230407185333_15.0 Patrick J Volkerding2023-04-081-2/+2
* Wed Mar 8 20:26:54 UTC 2023...patches/packages/httpd-2.4.56-x86_64-1_slack15.0.txz: Upgraded. This update fixes two security issues: HTTP Response Smuggling vulnerability via mod_proxy_uwsgi. HTTP Request Smuggling attack via mod_rewrite and mod_proxy. For more information, see: https://downloads.apache.org/httpd/CHANGES_2.4.56 https://www.cve.org/CVERecord?id=CVE-2023-27522 https://www.cve.org/CVERecord?id=CVE-2023-25690 (* Security fix *) 20230308202654_15.0 Patrick J Volkerding2023-03-091-2/+2
* Thu Jan 19 00:40:12 UTC 2023...patches/packages/sudo-1.9.12p2-x86_64-1_slack15.0.txz: Upgraded. This update fixes a flaw in sudo's -e option (aka sudoedit) that could allow a malicious user with sudoedit privileges to edit arbitrary files. For more information, see: https://www.cve.org/CVERecord?id=CVE-2023-22809 (* Security fix *) 20230119004012_15.0 Patrick J Volkerding2023-01-191-2/+2
* Tue Mar 15 00:13:59 UTC 2022...patches/packages/httpd-2.4.53-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and the following security issues: mod_sed: Read/write beyond bounds core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody HTTP request smuggling vulnerability mod_lua: Use of uninitialized value in r:parsebody For more information, see: https://downloads.apache.org/httpd/CHANGES_2.4.53 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23943 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22721 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22720 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22719 (* Security fix *) patches/packages/mozilla-firefox-91.7.1esr-x86_64-1_slack15.0.txz: Upgraded. This release makes the following change: Yandex and Mail.ru have been removed as optional search providers in the drop-down search menu in Firefox. For more information, see: https://www.mozilla.org/en-US/firefox/91.7.1/releasenotes/ (* Security fix *) 20220315001359_15.0 Patrick J Volkerding2022-03-157-0/+427
generated by cgit v1.2.3-79-gdb01 (git 2.46.1) at 2024-09-22 05:35:12 +0000