diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2021-12-03 20:07:20 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2021-12-04 08:59:57 +0100 |
| commit | c29dcfa2dd2e7467ea3b6b757880348884d8790d (patch) | |
| tree | d3353da7e281a39e6edb2bde414c1bc228be5d6e /ChangeLog.txt | |
| parent | 66ba810196d8ce6f6da7df7931ce31e7303b8cf8 (diff) | |
| download | current-c29dcfa2dd2e7467ea3b6b757880348884d8790d.tar.gz current-c29dcfa2dd2e7467ea3b6b757880348884d8790d.tar.xz | |
Fri Dec 3 20:07:20 UTC 202120211203200720
ap/rpm-4.16.1.3-x86_64-4.txz: Rebuilt.
Patched to handle non-compliant RPMs created by install4j. Thanks to alienBOB.
d/poke-1.4-x86_64-1.txz: Upgraded.
l/enchant-2.3.2-x86_64-1.txz: Upgraded.
l/freetype-2.11.1-x86_64-1.txz: Upgraded.
l/glib2-2.70.2-x86_64-1.txz: Upgraded.
n/lynx-2.9.0dev.10-x86_64-1.txz: Upgraded.
extra/php8/php8-8.1.0-x86_64-1.txz: Removed.
extra/php80/php80-8.0.13-x86_64-1.txz: Added.
extra/php81/php81-8.1.0-x86_64-1.txz: Added.
Diffstat (limited to 'ChangeLog.txt')
| -rw-r--r-- | ChangeLog.txt | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index e4da27e68..fee49f098 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,7 +1,34 @@ +Fri Dec 3 20:07:20 UTC 2021 +ap/rpm-4.16.1.3-x86_64-4.txz: Rebuilt. + Patched to handle non-compliant RPMs created by install4j. Thanks to alienBOB. +d/poke-1.4-x86_64-1.txz: Upgraded. +l/enchant-2.3.2-x86_64-1.txz: Upgraded. +l/freetype-2.11.1-x86_64-1.txz: Upgraded. +l/glib2-2.70.2-x86_64-1.txz: Upgraded. +n/lynx-2.9.0dev.10-x86_64-1.txz: Upgraded. +extra/php8/php8-8.1.0-x86_64-1.txz: Removed. +extra/php80/php80-8.0.13-x86_64-1.txz: Added. +extra/php81/php81-8.1.0-x86_64-1.txz: Added. ++--------------------------+ Thu Dec 2 19:14:20 UTC 2021 d/strace-5.15-x86_64-1.txz: Upgraded. l/mozilla-nss-3.73-x86_64-1.txz: Upgraded. Everything linked to NSS/NSPR was rebuild tested here. + This update fixes a critical security issue: + NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are + vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS + signatures. Applications using NSS for handling signatures encoded within + CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted. Applications + using NSS for certificate validation or other TLS, X.509, OCSP or CRL + functionality may be impacted, depending on how they configure NSS. + Note: This vulnerability does NOT impact Mozilla Firefox. However, email + clients and PDF viewers that use NSS for signature verification, such as + Thunderbird, LibreOffice, Evolution and Evince are believed to be impacted. + Thanks to Tavis Ormandy of Google Project Zero. + For more information, see: + https://www.mozilla.org/en-US/security/advisories/mfsa2021-51/ + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43527 + (* Security fix *) l/qt5-5.15.3_20211130_014c375b-x86_64-1.txz: Upgraded. +--------------------------+ Wed Dec 1 19:44:13 UTC 2021 |