From 4191d96e29c579ad2a4253dfdb4df87efd98698b Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Fri, 30 Sep 2022 17:52:21 +0000 Subject: Fri Sep 30 17:52:21 UTC 2022 a/dbus-1.14.2-x86_64-1.txz: Upgraded. ap/powertop-2.15-x86_64-1.txz: Upgraded. ap/sqlite-3.39.4-x86_64-1.txz: Upgraded. ap/vim-9.0.0623-x86_64-1.txz: Upgraded. Fixed use-after-free and stack-based buffer overflow. Thanks to marav for the heads-up. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-3352 https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-3324 (* Security fix *) kde/digikam-7.8.0-x86_64-2.txz: Rebuilt. Recompiled against lensfun-0.3.3. kde/kstars-3.6.1-x86_64-1.txz: Upgraded. kde/plasma-wayland-protocols-1.9.0-x86_64-1.txz: Upgraded. l/lensfun-0.3.3-x86_64-1.txz: Upgraded. Shared library .so-version bump. l/netpbm-11.00.00-x86_64-1.txz: Upgraded. l/nodejs-18.10.0-x86_64-1.txz: Upgraded. l/pipewire-0.3.59-x86_64-1.txz: Upgraded. n/php-7.4.32-x86_64-1.txz: Upgraded. This update fixes bugs and security issues: phar wrapper: DOS when using quine gzip file. Don't mangle HTTP variable names that clash with ones that have a specific semantic meaning. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31628 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31629 (* Security fix *) xap/mozilla-thunderbird-102.3.1-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/102.3.1/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2022-43/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39249 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39250 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39251 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39236 (* Security fix *) xap/seamonkey-2.53.14-x86_64-1.txz: Upgraded. This update contains security fixes and improvements. For more information, see: https://www.seamonkey-project.org/releases/seamonkey2.53.14 (* Security fix *) xap/vim-gvim-9.0.0623-x86_64-1.txz: Upgraded. xap/xsnow-3.5.3-x86_64-1.txz: Upgraded. extra/php80/php80-8.0.24-x86_64-1.txz: Upgraded. This update fixes bugs and security issues: phar wrapper: DOS when using quine gzip file. Don't mangle HTTP variable names that clash with ones that have a specific semantic meaning. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31628 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31629 (* Security fix *) extra/php81/php81-8.1.11-x86_64-1.txz: Upgraded. This update fixes bugs and security issues: phar wrapper: DOS when using quine gzip file. Don't mangle HTTP variable names that clash with ones that have a specific semantic meaning. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31628 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31629 (* Security fix *) --- extra/source/php80/fetch-php.sh | 4 ++-- extra/source/php81/fetch-php.sh | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'extra') diff --git a/extra/source/php80/fetch-php.sh b/extra/source/php80/fetch-php.sh index 7f8271f2c..515013863 100755 --- a/extra/source/php80/fetch-php.sh +++ b/extra/source/php80/fetch-php.sh @@ -1,2 +1,2 @@ -lftpget http://us.php.net/distributions/php-8.0.23.tar.xz.asc -lftpget http://us.php.net/distributions/php-8.0.23.tar.xz +lftpget http://us.php.net/distributions/php-8.0.24.tar.xz.asc +lftpget http://us.php.net/distributions/php-8.0.24.tar.xz diff --git a/extra/source/php81/fetch-php.sh b/extra/source/php81/fetch-php.sh index 2bcfd208a..fa3408cf3 100755 --- a/extra/source/php81/fetch-php.sh +++ b/extra/source/php81/fetch-php.sh @@ -1,2 +1,2 @@ -lftpget http://us.php.net/distributions/php-8.1.10.tar.xz.asc -lftpget http://us.php.net/distributions/php-8.1.10.tar.xz +lftpget http://us.php.net/distributions/php-8.1.11.tar.xz.asc +lftpget http://us.php.net/distributions/php-8.1.11.tar.xz -- cgit v1.2.3