* | Wed Oct 2 06:46:20 UTC 2019...a/kernel-generic-4.19.76-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.76-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.76-x86_64-1.txz: Upgraded.
ap/sysstat-12.1.7-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.76-x86-1.txz: Upgraded.
d/ruby-2.6.5-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
A code injection vulnerability of Shell#[] and Shell#test.
HTTP response splitting in WEBrick (Additional fix).
A NUL injection vulnerability of File.fnmatch and File.fnmatch?.
Regular Expression Denial of Service vulnerability of WEBrick's Digest
access authentication.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16255
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16254
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15845
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16201
(* Security fix *)
k/kernel-source-4.19.76-noarch-1.txz: Upgraded.
l/harfbuzz-2.6.2-x86_64-1.txz: Upgraded.
l/libpcap-1.9.1-x86_64-1.txz: Upgraded.
n/p11-kit-0.23.18.1-x86_64-1.txz: Upgraded.
n/tcpdump-4.9.3-x86_64-1.txz: Upgraded.
Fix buffer overflow/overread vulnerabilities and command line
argument/local issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16808
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14468
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14469
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14470
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14466
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14461
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14462
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14465
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14881
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14464
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14463
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14467
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10103
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10105
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14880
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16451
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14882
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16227
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16229
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16301
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16230
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16452
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16300
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16228
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15166
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15167
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14879
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20191002064620 | Patrick J Volkerding | 2019-10-02 | 1 | -0/+8262 |