summaryrefslogtreecommitdiffstats
path: root/ChangeLog.rss
diff options
context:
space:
mode:
author Patrick J Volkerding <volkerdi@slackware.com>2024-04-04 20:49:23 +0000
committer Eric Hameleers <alien@slackware.com>2024-04-04 23:55:21 +0200
commite0375de323e06c97669ffcca2033f414e460c413 (patch)
tree0f113c9618f635095a779e2b8f69c22b16aeb4ab /ChangeLog.rss
parentddf1c99d252a85272748efb5e6a9bf49c08207c0 (diff)
downloadcurrent-e0375de323e06c97669ffcca2033f414e460c413.tar.gz
current-e0375de323e06c97669ffcca2033f414e460c413.tar.xz
Thu Apr 4 20:49:23 UTC 202420240404204923
a/hwdata-0.381-noarch-1.txz: Upgraded. a/kernel-generic-6.6.25-x86_64-1.txz: Upgraded. a/kernel-huge-6.6.25-x86_64-1.txz: Upgraded. a/kernel-modules-6.6.25-x86_64-1.txz: Upgraded. d/cmake-3.29.1-x86_64-1.txz: Upgraded. d/kernel-headers-6.6.25-x86-1.txz: Upgraded. d/llvm-18.1.3-x86_64-1.txz: Upgraded. k/kernel-source-6.6.25-noarch-1.txz: Upgraded. kde/kstars-3.7.0-x86_64-1.txz: Upgraded. l/enchant-2.6.9-x86_64-1.txz: Upgraded. l/libclc-18.1.3-x86_64-1.txz: Upgraded. l/sof-firmware-2024.03-noarch-1.txz: Upgraded. n/gnutls-3.8.5-x86_64-1.txz: Upgraded. n/httpd-2.4.59-x86_64-1.txz: Upgraded. This update fixes security issues: HTTP/2 DoS by memory exhaustion on endless continuation frames. HTTP Response Splitting in multiple modules. HTTP response splitting. For more information, see: https://downloads.apache.org/httpd/CHANGES_2.4.59 https://www.cve.org/CVERecord?id=CVE-2024-27316 https://www.cve.org/CVERecord?id=CVE-2024-24795 https://www.cve.org/CVERecord?id=CVE-2023-38709 (* Security fix *) n/nghttp2-1.61.0-x86_64-1.txz: Upgraded. This update fixes security issues: nghttp2 library keeps reading the unbounded number of HTTP/2 CONTINUATION frames even after a stream is reset to keep HPACK context in sync. This causes excessive CPU usage to decode HPACK stream. nghttp2 v1.61.0 mitigates this vulnerability by limiting the number of CONTINUATION frames it can accept after a HEADERS frame. For more information, see: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-x6x3-gv8h-m57q https://www.kb.cert.org/vuls/id/421644 https://www.cve.org/CVERecord?id=CVE-2024-28182 (* Security fix *) x/xdg-desktop-portal-1.18.3-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
Diffstat (limited to 'ChangeLog.rss')
-rw-r--r--ChangeLog.rss54
1 files changed, 52 insertions, 2 deletions
diff --git a/ChangeLog.rss b/ChangeLog.rss
index 2ef5e878a..0f96f156c 100644
--- a/ChangeLog.rss
+++ b/ChangeLog.rss
@@ -11,10 +11,60 @@
<description>Tracking Slackware development in git.</description>
<language>en-us</language>
<id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id>
- <pubDate>Wed, 3 Apr 2024 22:22:06 GMT</pubDate>
- <lastBuildDate>Wed, 3 Apr 2024 23:04:51 GMT</lastBuildDate>
+ <pubDate>Thu, 4 Apr 2024 20:49:23 GMT</pubDate>
+ <lastBuildDate>Thu, 4 Apr 2024 21:55:02 GMT</lastBuildDate>
<generator>maintain_current_git.sh v 1.17</generator>
<item>
+ <title>Thu, 4 Apr 2024 20:49:23 GMT</title>
+ <pubDate>Thu, 4 Apr 2024 20:49:23 GMT</pubDate>
+ <link>https://git.slackware.nl/current/tag/?h=20240404204923</link>
+ <guid isPermaLink="false">20240404204923</guid>
+ <description>
+ <![CDATA[<pre>
+a/hwdata-0.381-noarch-1.txz: Upgraded.
+a/kernel-generic-6.6.25-x86_64-1.txz: Upgraded.
+a/kernel-huge-6.6.25-x86_64-1.txz: Upgraded.
+a/kernel-modules-6.6.25-x86_64-1.txz: Upgraded.
+d/cmake-3.29.1-x86_64-1.txz: Upgraded.
+d/kernel-headers-6.6.25-x86-1.txz: Upgraded.
+d/llvm-18.1.3-x86_64-1.txz: Upgraded.
+k/kernel-source-6.6.25-noarch-1.txz: Upgraded.
+kde/kstars-3.7.0-x86_64-1.txz: Upgraded.
+l/enchant-2.6.9-x86_64-1.txz: Upgraded.
+l/libclc-18.1.3-x86_64-1.txz: Upgraded.
+l/sof-firmware-2024.03-noarch-1.txz: Upgraded.
+n/gnutls-3.8.5-x86_64-1.txz: Upgraded.
+n/httpd-2.4.59-x86_64-1.txz: Upgraded.
+ This update fixes security issues:
+ HTTP/2 DoS by memory exhaustion on endless continuation frames.
+ HTTP Response Splitting in multiple modules.
+ HTTP response splitting.
+ For more information, see:
+ https://downloads.apache.org/httpd/CHANGES_2.4.59
+ https://www.cve.org/CVERecord?id=CVE-2024-27316
+ https://www.cve.org/CVERecord?id=CVE-2024-24795
+ https://www.cve.org/CVERecord?id=CVE-2023-38709
+ (* Security fix *)
+n/nghttp2-1.61.0-x86_64-1.txz: Upgraded.
+ This update fixes security issues:
+ nghttp2 library keeps reading the unbounded number of HTTP/2 CONTINUATION
+ frames even after a stream is reset to keep HPACK context in sync. This
+ causes excessive CPU usage to decode HPACK stream. nghttp2 v1.61.0 mitigates
+ this vulnerability by limiting the number of CONTINUATION frames it can
+ accept after a HEADERS frame.
+ For more information, see:
+ https://github.com/nghttp2/nghttp2/security/advisories/GHSA-x6x3-gv8h-m57q
+ https://www.kb.cert.org/vuls/id/421644
+ https://www.cve.org/CVERecord?id=CVE-2024-28182
+ (* Security fix *)
+x/xdg-desktop-portal-1.18.3-x86_64-1.txz: Upgraded.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
+ </pre>]]>
+ </description>
+ </item>
+ <item>
<title>Wed, 3 Apr 2024 22:22:06 GMT</title>
<pubDate>Wed, 3 Apr 2024 22:22:06 GMT</pubDate>
<link>https://git.slackware.nl/current/tag/?h=20240403222206</link>