diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2021-05-25 18:01:05 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2021-05-26 08:59:53 +0200 |
| commit | b913726b939032d0a3aa7656f27bb4e022f36104 (patch) | |
| tree | 3b54fc8d6ea49850046c96285b7ae42fc4a6c26d /ChangeLog.rss | |
| parent | b9175b1b398693aa45f4b0a28c0606f50987c879 (diff) | |
| download | current-b913726b939032d0a3aa7656f27bb4e022f36104.tar.gz current-b913726b939032d0a3aa7656f27bb4e022f36104.tar.xz | |
Tue May 25 18:01:05 UTC 202120210525180105
a/xfsprogs-5.12.0-x86_64-1.txz: Upgraded.
l/libcap-2.50-x86_64-1.txz: Upgraded.
l/libqalculate-3.19.0-x86_64-1.txz: Upgraded.
n/gnutls-3.6.16-x86_64-1.txz: Upgraded.
Fixed potential miscalculation of ECDSA/EdDSA code backported from Nettle.
In GnuTLS, as long as it is built and linked against the fixed version of
Nettle, this only affects GOST curves. [CVE-2021-20305]
Fixed potential use-after-free in sending "key_share" and "pre_shared_key"
extensions. When sending those extensions, the client may dereference a
pointer no longer valid after realloc. This happens only when the client
sends a large Client Hello message, e.g., when HRR is sent in a resumed
session previously negotiated large FFDHE parameters, because the initial
allocation of the buffer is large enough without having to call realloc
(#1151). [GNUTLS-SA-2021-03-10, CVSS: low]
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305
(* Security fix *)
n/libnftnl-1.2.0-x86_64-1.txz: Upgraded.
n/links-2.23-x86_64-1.txz: Upgraded.
Diffstat (limited to 'ChangeLog.rss')
| -rw-r--r-- | ChangeLog.rss | 33 |
1 files changed, 31 insertions, 2 deletions
diff --git a/ChangeLog.rss b/ChangeLog.rss index eea8f2b43..726ceddb8 100644 --- a/ChangeLog.rss +++ b/ChangeLog.rss @@ -11,10 +11,39 @@ <description>Tracking Slackware development in git.</description> <language>en-us</language> <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id> - <pubDate>Sun, 23 May 2021 19:31:03 GMT</pubDate> - <lastBuildDate>Mon, 24 May 2021 06:59:46 GMT</lastBuildDate> + <pubDate>Tue, 25 May 2021 18:01:05 GMT</pubDate> + <lastBuildDate>Wed, 26 May 2021 06:59:44 GMT</lastBuildDate> <generator>maintain_current_git.sh v 1.12</generator> <item> + <title>Tue, 25 May 2021 18:01:05 GMT</title> + <pubDate>Tue, 25 May 2021 18:01:05 GMT</pubDate> + <link>https://git.slackware.nl/current/tag/?h=20210525180105</link> + <guid isPermaLink="false">20210525180105</guid> + <description> + <![CDATA[<pre> +a/xfsprogs-5.12.0-x86_64-1.txz: Upgraded. +l/libcap-2.50-x86_64-1.txz: Upgraded. +l/libqalculate-3.19.0-x86_64-1.txz: Upgraded. +n/gnutls-3.6.16-x86_64-1.txz: Upgraded. + Fixed potential miscalculation of ECDSA/EdDSA code backported from Nettle. + In GnuTLS, as long as it is built and linked against the fixed version of + Nettle, this only affects GOST curves. [CVE-2021-20305] + Fixed potential use-after-free in sending "key_share" and "pre_shared_key" + extensions. When sending those extensions, the client may dereference a + pointer no longer valid after realloc. This happens only when the client + sends a large Client Hello message, e.g., when HRR is sent in a resumed + session previously negotiated large FFDHE parameters, because the initial + allocation of the buffer is large enough without having to call realloc + (#1151). [GNUTLS-SA-2021-03-10, CVSS: low] + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305 + (* Security fix *) +n/libnftnl-1.2.0-x86_64-1.txz: Upgraded. +n/links-2.23-x86_64-1.txz: Upgraded. + </pre>]]> + </description> + </item> + <item> <title>Sun, 23 May 2021 19:31:03 GMT</title> <pubDate>Sun, 23 May 2021 19:31:03 GMT</pubDate> <link>https://git.slackware.nl/current/tag/?h=20210523193103</link> |