diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2021-12-03 20:07:20 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2021-12-04 08:59:57 +0100 |
| commit | c29dcfa2dd2e7467ea3b6b757880348884d8790d (patch) | |
| tree | d3353da7e281a39e6edb2bde414c1bc228be5d6e /ChangeLog.rss | |
| parent | 66ba810196d8ce6f6da7df7931ce31e7303b8cf8 (diff) | |
| download | current-c29dcfa2dd2e7467ea3b6b757880348884d8790d.tar.gz current-c29dcfa2dd2e7467ea3b6b757880348884d8790d.tar.xz | |
Fri Dec 3 20:07:20 UTC 202120211203200720
ap/rpm-4.16.1.3-x86_64-4.txz: Rebuilt.
Patched to handle non-compliant RPMs created by install4j. Thanks to alienBOB.
d/poke-1.4-x86_64-1.txz: Upgraded.
l/enchant-2.3.2-x86_64-1.txz: Upgraded.
l/freetype-2.11.1-x86_64-1.txz: Upgraded.
l/glib2-2.70.2-x86_64-1.txz: Upgraded.
n/lynx-2.9.0dev.10-x86_64-1.txz: Upgraded.
extra/php8/php8-8.1.0-x86_64-1.txz: Removed.
extra/php80/php80-8.0.13-x86_64-1.txz: Added.
extra/php81/php81-8.1.0-x86_64-1.txz: Added.
Diffstat (limited to 'ChangeLog.rss')
| -rw-r--r-- | ChangeLog.rss | 39 |
1 files changed, 37 insertions, 2 deletions
diff --git a/ChangeLog.rss b/ChangeLog.rss index 3649fef12..610aeb1df 100644 --- a/ChangeLog.rss +++ b/ChangeLog.rss @@ -11,10 +11,30 @@ <description>Tracking Slackware development in git.</description> <language>en-us</language> <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id> - <pubDate>Thu, 2 Dec 2021 19:14:20 GMT</pubDate> - <lastBuildDate>Fri, 3 Dec 2021 07:59:49 GMT</lastBuildDate> + <pubDate>Fri, 3 Dec 2021 20:07:20 GMT</pubDate> + <lastBuildDate>Sat, 4 Dec 2021 07:59:47 GMT</lastBuildDate> <generator>maintain_current_git.sh v 1.13</generator> <item> + <title>Fri, 3 Dec 2021 20:07:20 GMT</title> + <pubDate>Fri, 3 Dec 2021 20:07:20 GMT</pubDate> + <link>https://git.slackware.nl/current/tag/?h=20211203200720</link> + <guid isPermaLink="false">20211203200720</guid> + <description> + <![CDATA[<pre> +ap/rpm-4.16.1.3-x86_64-4.txz: Rebuilt. + Patched to handle non-compliant RPMs created by install4j. Thanks to alienBOB. +d/poke-1.4-x86_64-1.txz: Upgraded. +l/enchant-2.3.2-x86_64-1.txz: Upgraded. +l/freetype-2.11.1-x86_64-1.txz: Upgraded. +l/glib2-2.70.2-x86_64-1.txz: Upgraded. +n/lynx-2.9.0dev.10-x86_64-1.txz: Upgraded. +extra/php8/php8-8.1.0-x86_64-1.txz: Removed. +extra/php80/php80-8.0.13-x86_64-1.txz: Added. +extra/php81/php81-8.1.0-x86_64-1.txz: Added. + </pre>]]> + </description> + </item> + <item> <title>Thu, 2 Dec 2021 19:14:20 GMT</title> <pubDate>Thu, 2 Dec 2021 19:14:20 GMT</pubDate> <link>https://git.slackware.nl/current/tag/?h=20211202191420</link> @@ -24,6 +44,21 @@ d/strace-5.15-x86_64-1.txz: Upgraded. l/mozilla-nss-3.73-x86_64-1.txz: Upgraded. Everything linked to NSS/NSPR was rebuild tested here. + This update fixes a critical security issue: + NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are + vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS + signatures. Applications using NSS for handling signatures encoded within + CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted. Applications + using NSS for certificate validation or other TLS, X.509, OCSP or CRL + functionality may be impacted, depending on how they configure NSS. + Note: This vulnerability does NOT impact Mozilla Firefox. However, email + clients and PDF viewers that use NSS for signature verification, such as + Thunderbird, LibreOffice, Evolution and Evince are believed to be impacted. + Thanks to Tavis Ormandy of Google Project Zero. + For more information, see: + https://www.mozilla.org/en-US/security/advisories/mfsa2021-51/ + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43527 + (* Security fix *) l/qt5-5.15.3_20211130_014c375b-x86_64-1.txz: Upgraded. </pre>]]> </description> |