| Commit message (Expand) | Author | Age | Files | Lines |
* | Mon Sep 11 20:19:30 UTC 2023...patches/packages/openssl-1.1.1w-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and a security issue that does not affect Linux:
Fix POLY1305 MAC implementation corrupting XMM registers on Windows.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-4807
patches/packages/openssl-solibs-1.1.1w-x86_64-1_slack15.0.txz: Upgraded.
patches/packages/vim-9.0.1897-x86_64-1_slack15.0.txz: Upgraded.
Fixed three use-after-free security issues.
Thanks to marav for the heads-up.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-4733
https://www.cve.org/CVERecord?id=CVE-2023-4752
https://www.cve.org/CVERecord?id=CVE-2023-4750
(* Security fix *)
patches/packages/vim-gvim-9.0.1897-x86_64-1_slack15.0.txz: Upgraded.
Fixed three use-after-free security issues.
Thanks to marav for the heads-up.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-4733
https://www.cve.org/CVERecord?id=CVE-2023-4752
https://www.cve.org/CVERecord?id=CVE-2023-4750
(* Security fix *)
20230911201930_15.0 | Patrick J Volkerding | 2023-09-12 | 1 | -1/+6 |
* | Tue Nov 29 20:56:03 UTC 2022...patches/packages/kernel-firmware-20221123_cdf9499-noarch-1.txz: Upgraded.
patches/packages/linux-5.15.80/*: Upgraded.
These updates fix various bugs and security issues.
Be sure to upgrade your initrd after upgrading the kernel packages.
If you use lilo to boot your machine, be sure lilo.conf points to the correct
kernel and initrd and run lilo as root to update the bootloader.
If you use elilo to boot your machine, you should run eliloconfig to copy the
kernel and initrd to the EFI System Partition.
For more information, see:
Fixed in 5.15.63:
https://www.cve.org/CVERecord?id=CVE-2022-3629
https://www.cve.org/CVERecord?id=CVE-2022-3635
https://www.cve.org/CVERecord?id=CVE-2022-3633
https://www.cve.org/CVERecord?id=CVE-2022-3625
Fixed in 5.15.64:
https://www.cve.org/CVERecord?id=CVE-2022-39190
https://www.cve.org/CVERecord?id=CVE-2022-3028
https://www.cve.org/CVERecord?id=CVE-2022-2905
Fixed in 5.15.65:
https://www.cve.org/CVERecord?id=CVE-2022-42703
https://www.cve.org/CVERecord?id=CVE-2022-3176
Fixed in 5.15.66:
https://www.cve.org/CVERecord?id=CVE-2022-4095
https://www.cve.org/CVERecord?id=CVE-2022-20421
Fixed in 5.15.68:
https://www.cve.org/CVERecord?id=CVE-2022-3303
https://www.cve.org/CVERecord?id=CVE-2022-2663
https://www.cve.org/CVERecord?id=CVE-2022-40307
https://www.cve.org/CVERecord?id=CVE-2022-3586
Fixed in 5.15.70:
https://www.cve.org/CVERecord?id=CVE-2022-0171
https://www.cve.org/CVERecord?id=CVE-2022-39842
https://www.cve.org/CVERecord?id=CVE-2022-3061
Fixed in 5.15.72:
https://www.cve.org/CVERecord?id=CVE-2022-2308
Fixed in 5.15.73:
https://www.cve.org/CVERecord?id=CVE-2022-2978
https://www.cve.org/CVERecord?id=CVE-2022-43750
Fixed in 5.15.74:
https://www.cve.org/CVERecord?id=CVE-2022-40768
https://www.cve.org/CVERecord?id=CVE-2022-42721
https://www.cve.org/CVERecord?id=CVE-2022-3621
https://www.cve.org/CVERecord?id=CVE-2022-42722
https://www.cve.org/CVERecord?id=CVE-2022-42719
https://www.cve.org/CVERecord?id=CVE-2022-41674
https://www.cve.org/CVERecord?id=CVE-2022-3649
https://www.cve.org/CVERecord?id=CVE-2022-3646
https://www.cve.org/CVERecord?id=CVE-2022-42720
Fixed in 5.15.75:
https://www.cve.org/CVERecord?id=CVE-2022-43945
https://www.cve.org/CVERecord?id=CVE-2022-41849
https://www.cve.org/CVERecord?id=CVE-2022-3535
https://www.cve.org/CVERecord?id=CVE-2022-3594
https://www.cve.org/CVERecord?id=CVE-2022-2602
https://www.cve.org/CVERecord?id=CVE-2022-41850
https://www.cve.org/CVERecord?id=CVE-2022-3565
https://www.cve.org/CVERecord?id=CVE-2022-3542
Fixed in 5.15.77:
https://www.cve.org/CVERecord?id=CVE-2022-3524
Fixed in 5.15.78:
https://www.cve.org/CVERecord?id=CVE-2022-3628
https://www.cve.org/CVERecord?id=CVE-2022-3623
https://www.cve.org/CVERecord?id=CVE-2022-42896
https://www.cve.org/CVERecord?id=CVE-2022-42895
https://www.cve.org/CVERecord?id=CVE-2022-3543
https://www.cve.org/CVERecord?id=CVE-2022-3564
https://www.cve.org/CVERecord?id=CVE-2022-3619
Fixed in 5.15.80:
https://www.cve.org/CVERecord?id=CVE-2022-3521
https://www.cve.org/CVERecord?id=CVE-2022-3169
(* Security fix *)
patches/packages/openssl-1.1.1s-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
patches/packages/openssl-solibs-1.1.1s-x86_64-1_slack15.0.txz: Upgraded.
20221129205603_15.0 | Patrick J Volkerding | 2022-11-30 | 1 | -0/+3 |
* | Thu Mar 17 19:46:28 UTC 2022...patches/packages/bind-9.18.1-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and the following security issues:
An assertion could occur in resume_dslookup() if the fetch had been shut
down earlier.
Lookups involving a DNAME could trigger an INSIST when "synth-from-dnssec"
was enabled.
A synchronous call to closehandle_cb() caused isc__nm_process_sock_buffer()
to be called recursively, which in turn left TCP connections hanging in the
CLOSE_WAIT state blocking indefinitely when out-of-order processing was
disabled.
The rules for acceptance of records into the cache have been tightened to
prevent the possibility of poisoning if forwarders send records outside
the configured bailiwick.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0667
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0635
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0396
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25220
(* Security fix *)
patches/packages/bluez-5.64-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release:
Fix issue with handling A2DP discover procedure.
Fix issue with media endpoint replies and SetConfiguration.
Fix issue with HoG queuing events before report map is read.
Fix issue with HoG and read order of GATT attributes.
Fix issue with HoG and not using UHID_CREATE2 interface.
Fix issue with failed scanning for 5 minutes after reboot.
patches/packages/openssl-1.1.1n-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a high severity security issue:
The BN_mod_sqrt() function, which computes a modular square root, contains
a bug that can cause it to loop forever for non-prime moduli.
For more information, see:
https://www.openssl.org/news/secadv/20220315.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
(* Security fix *)
patches/packages/openssl-solibs-1.1.1n-x86_64-1_slack15.0.txz: Upgraded.
patches/packages/qt5-5.15.3_20220312_33a3f16f-x86_64-1_slack15.0.txz: Upgraded.
Thanks to Heinz Wiesinger for updating the fetch_sources.sh script to make
sure that the QtWebEngine version matches the rest of Qt, which got the
latest git pull compiling again.
If a 32-bit userspace is detected, then:
export QTWEBENGINE_CHROMIUM_FLAGS="--disable-seccomp-filter-sandbox"
This works around crashes occuring with 32-bit QtWebEngine applications.
Thanks to alienBOB.
20220317194628_15.0 | Patrick J Volkerding | 2022-03-18 | 6 | -0/+469 |