summaryrefslogtreecommitdiffstats
path: root/ChangeLog.txt
diff options
context:
space:
mode:
author Patrick J Volkerding <volkerdi@slackware.com>2022-06-08 19:15:34 +0000
committer Eric Hameleers <alien@slackware.com>2022-06-09 13:30:28 +0200
commit348dffe043c24552437ca1408bc83fb20db9774b (patch)
tree0e3d52595ef4b81132c28a470082acd8bad82f56 /ChangeLog.txt
parentb9f4e8dc0eff328898247502d52d5cb9b08272fa (diff)
downloadcurrent-348dffe043c24552437ca1408bc83fb20db9774b.tar.gz
current-348dffe043c24552437ca1408bc83fb20db9774b.tar.xz
Wed Jun 8 19:15:34 UTC 202220220608191534_15.0
patches/packages/httpd-2.4.54-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and the following security issues: mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism. Information Disclosure in mod_lua with websockets. mod_sed denial of service. Denial of service in mod_lua r:parsebody. Read beyond bounds in ap_strcmp_match(). Read beyond bounds via ap_rwrite(). Read beyond bounds in mod_isapi. mod_proxy_ajp: Possible request smuggling. For more information, see: https://downloads.apache.org/httpd/CHANGES_2.4.54 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31813 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30556 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30522 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29404 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28615 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28614 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28330 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26377 (* Security fix *)
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r--ChangeLog.txt23
1 files changed, 23 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt
index 12d9280ad..6b14d5b49 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,26 @@
+Wed Jun 8 19:15:34 UTC 2022
+patches/packages/httpd-2.4.54-x86_64-1_slack15.0.txz: Upgraded.
+ This update fixes bugs and the following security issues:
+ mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism.
+ Information Disclosure in mod_lua with websockets.
+ mod_sed denial of service.
+ Denial of service in mod_lua r:parsebody.
+ Read beyond bounds in ap_strcmp_match().
+ Read beyond bounds via ap_rwrite().
+ Read beyond bounds in mod_isapi.
+ mod_proxy_ajp: Possible request smuggling.
+ For more information, see:
+ https://downloads.apache.org/httpd/CHANGES_2.4.54
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31813
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30556
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30522
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29404
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28615
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28614
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28330
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26377
+ (* Security fix *)
++--------------------------+
Sat Jun 4 18:43:17 UTC 2022
patches/packages/pidgin-2.14.10-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and several security issues.
generated by cgit v1.2.3 (git 2.26.2) at 2024-05-11 12:24:29 +0000