diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2022-03-21 20:24:16 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2022-03-22 13:30:01 +0100 |
| commit | 29c65b68049ac95d5305ce653716eae6c82b4b9a (patch) | |
| tree | 0eca8745d98d836bc1e5fea0ed9aabf615b44a4b /ChangeLog.txt | |
| parent | 8e056e940631ac874d6b9560e9dc1d458c7a0e51 (diff) | |
| download | current-29c65b68049ac95d5305ce653716eae6c82b4b9a.tar.gz current-29c65b68049ac95d5305ce653716eae6c82b4b9a.tar.xz | |
Mon Mar 21 20:24:16 UTC 202220220321202416_15.0
patches/packages/bind-9.16.27-x86_64-1_slack15.0.txz: Upgraded.
Sorry folks, I had not meant to bump BIND to the newer branch. I've moved
the other packages into /testing. Thanks to Nobby6 for pointing this out.
This update fixes bugs and the following security issues:
A synchronous call to closehandle_cb() caused isc__nm_process_sock_buffer()
to be called recursively, which in turn left TCP connections hanging in the
CLOSE_WAIT state blocking indefinitely when out-of-order processing was
disabled.
The rules for acceptance of records into the cache have been tightened to
prevent the possibility of poisoning if forwarders send records outside
the configured bailiwick.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0396
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25220
(* Security fix *)
testing/packages/bind-9.18.1-x86_64-1_slack15.0.txz: Moved.
Diffstat (limited to 'ChangeLog.txt')
| -rw-r--r-- | ChangeLog.txt | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 2007db8c7..a6b7f7a8b 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,26 @@ +Mon Mar 21 20:24:16 UTC 2022 +patches/packages/bind-9.16.27-x86_64-1_slack15.0.txz: Upgraded. + Sorry folks, I had not meant to bump BIND to the newer branch. I've moved + the other packages into /testing. Thanks to Nobby6 for pointing this out. + This update fixes bugs and the following security issues: + A synchronous call to closehandle_cb() caused isc__nm_process_sock_buffer() + to be called recursively, which in turn left TCP connections hanging in the + CLOSE_WAIT state blocking indefinitely when out-of-order processing was + disabled. + The rules for acceptance of records into the cache have been tightened to + prevent the possibility of poisoning if forwarders send records outside + the configured bailiwick. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0396 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25220 + (* Security fix *) +testing/packages/bind-9.18.1-x86_64-1_slack15.0.txz: Moved. ++--------------------------+ +Mon Mar 21 07:31:06 UTC 2022 +patches/packages/qt5-5.15.3_20220318_e507d3e5-x86_64-1_slack15.0.txz: Upgraded. + Pulled from git again to fix missing liblocationlabsplugin.so. + Fixed syntax error in qt5.csh. Thanks to rkomar. ++--------------------------+ Sat Mar 19 20:28:16 UTC 2022 patches/packages/glibc-zoneinfo-2022a-noarch-1_slack15.0.txz: Upgraded. This package provides the latest timezone updates. |