diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2022-06-08 19:15:34 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2022-06-09 07:00:13 +0200 |
| commit | f2dca0d8e5bb1a775ec7d38701ed85451913b31f (patch) | |
| tree | c9f0e10709bbc664ee98c4c90780d9ff3dcb718d /ChangeLog.txt | |
| parent | 0c63f7504daccbf4cc384855d9728d40e8c64eae (diff) | |
| download | current-f2dca0d8e5bb1a775ec7d38701ed85451913b31f.tar.gz current-f2dca0d8e5bb1a775ec7d38701ed85451913b31f.tar.xz | |
Wed Jun 8 19:15:34 UTC 202220220608191534
ap/sudo-1.9.11p1-x86_64-1.txz: Upgraded.
kde/digikam-7.6.0-x86_64-2.txz: Rebuilt.
Recompiled against opencv-4.6.0.
l/gst-plugins-bad-free-1.20.2-x86_64-2.txz: Rebuilt.
Recompiled against opencv-4.6.0.
l/opencv-4.6.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/NetworkManager-1.36.6-x86_64-1.txz: Upgraded.
n/epic5-2.1.11-x86_64-1.txz: Upgraded.
n/httpd-2.4.54-x86_64-1.txz: Upgraded.
This update fixes bugs and the following security issues:
mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism.
Information Disclosure in mod_lua with websockets.
mod_sed denial of service.
Denial of service in mod_lua r:parsebody.
Read beyond bounds in ap_strcmp_match().
Read beyond bounds via ap_rwrite().
Read beyond bounds in mod_isapi.
mod_proxy_ajp: Possible request smuggling.
For more information, see:
https://downloads.apache.org/httpd/CHANGES_2.4.54
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31813
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30556
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30522
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29404
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28615
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28614
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28330
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26377
(* Security fix *)
n/libnftnl-1.2.2-x86_64-1.txz: Upgraded.
n/nftables-1.0.4-x86_64-1.txz: Upgraded.
Diffstat (limited to 'ChangeLog.txt')
| -rw-r--r-- | ChangeLog.txt | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index c78195ccb..c888b9fe3 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,37 @@ +Wed Jun 8 19:15:34 UTC 2022 +ap/sudo-1.9.11p1-x86_64-1.txz: Upgraded. +kde/digikam-7.6.0-x86_64-2.txz: Rebuilt. + Recompiled against opencv-4.6.0. +l/gst-plugins-bad-free-1.20.2-x86_64-2.txz: Rebuilt. + Recompiled against opencv-4.6.0. +l/opencv-4.6.0-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +n/NetworkManager-1.36.6-x86_64-1.txz: Upgraded. +n/epic5-2.1.11-x86_64-1.txz: Upgraded. +n/httpd-2.4.54-x86_64-1.txz: Upgraded. + This update fixes bugs and the following security issues: + mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism. + Information Disclosure in mod_lua with websockets. + mod_sed denial of service. + Denial of service in mod_lua r:parsebody. + Read beyond bounds in ap_strcmp_match(). + Read beyond bounds via ap_rwrite(). + Read beyond bounds in mod_isapi. + mod_proxy_ajp: Possible request smuggling. + For more information, see: + https://downloads.apache.org/httpd/CHANGES_2.4.54 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31813 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30556 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30522 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29404 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28615 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28614 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28330 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26377 + (* Security fix *) +n/libnftnl-1.2.2-x86_64-1.txz: Upgraded. +n/nftables-1.0.4-x86_64-1.txz: Upgraded. ++--------------------------+ Mon Jun 6 20:57:15 UTC 2022 a/btrfs-progs-5.18.1-x86_64-1.txz: Upgraded. a/kernel-generic-5.17.13-x86_64-1.txz: Upgraded. |