summaryrefslogtreecommitdiffstats
path: root/patches/source/libxml2/libxml2.SlackBuild (follow)
Commit message (Expand)AuthorAgeFilesLines
* Thu Dec 14 20:09:31 UTC 2023...patches/packages/bluez-5.71-x86_64-1_slack15.0.txz: Upgraded. This update fixes a security issue: It may have been possible for an attacker within Bluetooth range to inject keystrokes (and possibly execute commands) while devices were discoverable. Thanks to marav for the heads-up. For more information, see: https://www.cve.org/CVERecord?id=CVE-2023-45866 (* Security fix *) patches/packages/libxml2-2.11.6-x86_64-1_slack15.0.txz: Upgraded. We're going to drop back to the 2.11 branch here on the stable releases since it has all of the relevant security fixes and better compatibility. 20231214200931_15.0 Patrick J Volkerding2023-12-151-0/+4
* Sun Dec 10 01:12:17 UTC 2023...patches/packages/libxml2-2.12.2-x86_64-1_slack15.0.txz: Upgraded. Add --sysconfdir=/etc option so that this can find the xml catalog. Thanks to SpiderTux. Fix the following security issues: Fix integer overflows with XML_PARSE_HUGE. Fix dict corruption caused by entity reference cycles. Hashing of empty dict strings isn't deterministic. Fix null deref in xmlSchemaFixupComplexType. For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-40303 https://www.cve.org/CVERecord?id=CVE-2022-40304 https://www.cve.org/CVERecord?id=CVE-2023-29469 https://www.cve.org/CVERecord?id=CVE-2023-28484 (* Security fix *) 20231210011217_15.0 Patrick J Volkerding2023-12-101-17/+26
* Tue Mar 1 05:05:48 UTC 2022...patches/packages/libxml2-2.9.13-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and the following security issues: Use-after-free of ID and IDREF attributes (Thanks to Shinji Sato for the report) Use-after-free in xmlXIncludeCopyRange (David Kilzer) Fix Null-deref-in-xmlSchemaGetComponentTargetNs (huangduirong) Fix memory leak in xmlXPathCompNodeTest Fix null pointer deref in xmlStringGetNodeList Fix several memory leaks found by Coverity (David King) For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23308 (* Security fix *) patches/packages/libxslt-1.1.35-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and the following security issues: Fix use-after-free in xsltApplyTemplates Fix memory leak in xsltDocumentElem (David King) Fix memory leak in xsltCompileIdKeyPattern (David King) Fix double-free with stylesheets containing entity nodes For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30560 (* Security fix *) 20220301050548_15.0 Patrick J Volkerding2022-03-021-0/+156
generated by cgit v1.2.3-80-g2a13 (git 2.46.2) at 2024-09-26 08:37:44 +0000