Thu Nov 17 01:49:28 UTC 202220221117014928_15.0

patches/packages/krb5-1.19.2-x86_64-3_slack15.0.txz: Rebuilt. Fixed integer overflows in PAC parsing. Fixed memory leak in OTP kdcpreauth module. Fixed PKCS11 module path search. For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-42898 (* Security fix *) patches/packages/mozilla-firefox-102.5.0esr-x86_64-1_slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/firefox/102.5.0/releasenotes/ https://www.mozilla.org/security/advisories/mfsa2022-48/ https://www.cve.org/CVERecord?id=CVE-2022-45403 https://www.cve.org/CVERecord?id=CVE-2022-45404 https://www.cve.org/CVERecord?id=CVE-2022-45405 https://www.cve.org/CVERecord?id=CVE-2022-45406 https://www.cve.org/CVERecord?id=CVE-2022-45408 https://www.cve.org/CVERecord?id=CVE-2022-45409 https://www.cve.org/CVERecord?id=CVE-2022-45410 https://www.cve.org/CVERecord?id=CVE-2022-45411 https://www.cve.org/CVERecord?id=CVE-2022-45412 https://www.cve.org/CVERecord?id=CVE-2022-45416 https://www.cve.org/CVERecord?id=CVE-2022-45418 https://www.cve.org/CVERecord?id=CVE-2022-45420 https://www.cve.org/CVERecord?id=CVE-2022-45421 (* Security fix *) patches/packages/mozilla-thunderbird-102.5.0-x86_64-1_slack15.0.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/102.5.0/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/ https://www.cve.org/CVERecord?id=CVE-2022-45403 https://www.cve.org/CVERecord?id=CVE-2022-45404 https://www.cve.org/CVERecord?id=CVE-2022-45405 https://www.cve.org/CVERecord?id=CVE-2022-45406 https://www.cve.org/CVERecord?id=CVE-2022-45408 https://www.cve.org/CVERecord?id=CVE-2022-45409 https://www.cve.org/CVERecord?id=CVE-2022-45410 https://www.cve.org/CVERecord?id=CVE-2022-45411 https://www.cve.org/CVERecord?id=CVE-2022-45412 https://www.cve.org/CVERecord?id=CVE-2022-45416 https://www.cve.org/CVERecord?id=CVE-2022-45418 https://www.cve.org/CVERecord?id=CVE-2022-45420 https://www.cve.org/CVERecord?id=CVE-2022-45421 (* Security fix *) patches/packages/samba-4.15.12-x86_64-1_slack15.0.txz: Upgraded. Fixed a security issue where Samba's Kerberos libraries and AD DC failed to guard against integer overflows when parsing a PAC on a 32-bit system, which allowed an attacker with a forged PAC to corrupt the heap. For more information, see: https://www.samba.org/samba/security/CVE-2022-42898.html https://www.cve.org/CVERecord?id=CVE-2022-42898 (* Security fix *) patches/packages/xfce4-settings-4.16.5-x86_64-1_slack15.0.txz: Upgraded. This update fixes regressions in the previous security fix: mime-settings: Properly quote command parameters. Revert "Escape characters which do not belong into an URI/URL (Issue #390)."
author: Patrick J Volkerding <volkerdi@slackware.com> 2022-11-17 01:49:28 +0000
committer: Eric Hameleers <alien@slackware.com> 2022-11-17 13:30:31 +0100
commit: 45ec128defe50bcf5f3b67d607a7292fa44e78a2 (patch)
tree: 3257123a5c7e39987e3c836e6ff617e90231b637 /ChangeLog.txt
parent: 68513bbb1bc0621018d9cbbe21b6a5c87a7ab2dc (diff)
download: current-45ec128defe50bcf5f3b67d607a7292fa44e78a2.tar.gz
current-45ec128defe50bcf5f3b67d607a7292fa44e78a2.tar.xz
1 files changed, 59 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt
index b8a4145af..fd6dfe4b7 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,62 @@
+Thu Nov 17 01:49:28 UTC 2022
+patches/packages/krb5-1.19.2-x86_64-3_slack15.0.txz:  Rebuilt.
+  Fixed integer overflows in PAC parsing.
+  Fixed memory leak in OTP kdcpreauth module.
+  Fixed PKCS11 module path search.
+  For more information, see:
+    https://www.cve.org/CVERecord?id=CVE-2022-42898
+  (* Security fix *)
+patches/packages/mozilla-firefox-102.5.0esr-x86_64-1_slack15.0.txz:  Upgraded.
+  This update contains security fixes and improvements.
+  For more information, see:
+    https://www.mozilla.org/en-US/firefox/102.5.0/releasenotes/
+    https://www.mozilla.org/security/advisories/mfsa2022-48/
+    https://www.cve.org/CVERecord?id=CVE-2022-45403
+    https://www.cve.org/CVERecord?id=CVE-2022-45404
+    https://www.cve.org/CVERecord?id=CVE-2022-45405
+    https://www.cve.org/CVERecord?id=CVE-2022-45406
+    https://www.cve.org/CVERecord?id=CVE-2022-45408
+    https://www.cve.org/CVERecord?id=CVE-2022-45409
+    https://www.cve.org/CVERecord?id=CVE-2022-45410
+    https://www.cve.org/CVERecord?id=CVE-2022-45411
+    https://www.cve.org/CVERecord?id=CVE-2022-45412
+    https://www.cve.org/CVERecord?id=CVE-2022-45416
+    https://www.cve.org/CVERecord?id=CVE-2022-45418
+    https://www.cve.org/CVERecord?id=CVE-2022-45420
+    https://www.cve.org/CVERecord?id=CVE-2022-45421
+  (* Security fix *)
+patches/packages/mozilla-thunderbird-102.5.0-x86_64-1_slack15.0.txz:  Upgraded.
+  This release contains security fixes and improvements.
+  For more information, see:
+    https://www.mozilla.org/en-US/thunderbird/102.5.0/releasenotes/
+    https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/
+    https://www.cve.org/CVERecord?id=CVE-2022-45403
+    https://www.cve.org/CVERecord?id=CVE-2022-45404
+    https://www.cve.org/CVERecord?id=CVE-2022-45405
+    https://www.cve.org/CVERecord?id=CVE-2022-45406
+    https://www.cve.org/CVERecord?id=CVE-2022-45408
+    https://www.cve.org/CVERecord?id=CVE-2022-45409
+    https://www.cve.org/CVERecord?id=CVE-2022-45410
+    https://www.cve.org/CVERecord?id=CVE-2022-45411
+    https://www.cve.org/CVERecord?id=CVE-2022-45412
+    https://www.cve.org/CVERecord?id=CVE-2022-45416
+    https://www.cve.org/CVERecord?id=CVE-2022-45418
+    https://www.cve.org/CVERecord?id=CVE-2022-45420
+    https://www.cve.org/CVERecord?id=CVE-2022-45421
+  (* Security fix *)
+patches/packages/samba-4.15.12-x86_64-1_slack15.0.txz:  Upgraded.
+  Fixed a security issue where Samba's Kerberos libraries and AD DC failed
+  to guard against integer overflows when parsing a PAC on a 32-bit system,
+  which allowed an attacker with a forged PAC to corrupt the heap.
+  For more information, see:
+    https://www.samba.org/samba/security/CVE-2022-42898.html
+    https://www.cve.org/CVERecord?id=CVE-2022-42898
+  (* Security fix *)
+patches/packages/xfce4-settings-4.16.5-x86_64-1_slack15.0.txz:  Upgraded.
+  This update fixes regressions in the previous security fix:
+  mime-settings: Properly quote command parameters.
+  Revert "Escape characters which do not belong into an URI/URL (Issue #390)."
++--------------------------+
 Thu Nov 10 19:47:59 UTC 2022
 patches/packages/php-7.4.33-x86_64-1_slack15.0.txz:  Upgraded.
   This update fixes bugs and security issues:
author	Patrick J Volkerding <volkerdi@slackware.com>	2022-11-17 01:49:28 +0000
committer	Eric Hameleers <alien@slackware.com>	2022-11-17 13:30:31 +0100
commit	45ec128defe50bcf5f3b67d607a7292fa44e78a2 (patch)
tree	3257123a5c7e39987e3c836e6ff617e90231b637 /ChangeLog.txt
parent	68513bbb1bc0621018d9cbbe21b6a5c87a7ab2dc (diff)
download	current-45ec128defe50bcf5f3b67d607a7292fa44e78a2.tar.gz current-45ec128defe50bcf5f3b67d607a7292fa44e78a2.tar.xz