summaryrefslogtreecommitdiffstats
path: root/ChangeLog.txt
diff options
context:
space:
mode:
author Patrick J Volkerding <volkerdi@slackware.com>2021-05-25 18:01:05 +0000
committer Eric Hameleers <alien@slackware.com>2021-05-26 08:59:53 +0200
commitb913726b939032d0a3aa7656f27bb4e022f36104 (patch)
tree3b54fc8d6ea49850046c96285b7ae42fc4a6c26d /ChangeLog.txt
parentb9175b1b398693aa45f4b0a28c0606f50987c879 (diff)
downloadcurrent-b913726b939032d0a3aa7656f27bb4e022f36104.tar.gz
current-b913726b939032d0a3aa7656f27bb4e022f36104.tar.xz
Tue May 25 18:01:05 UTC 202120210525180105
a/xfsprogs-5.12.0-x86_64-1.txz: Upgraded. l/libcap-2.50-x86_64-1.txz: Upgraded. l/libqalculate-3.19.0-x86_64-1.txz: Upgraded. n/gnutls-3.6.16-x86_64-1.txz: Upgraded. Fixed potential miscalculation of ECDSA/EdDSA code backported from Nettle. In GnuTLS, as long as it is built and linked against the fixed version of Nettle, this only affects GOST curves. [CVE-2021-20305] Fixed potential use-after-free in sending "key_share" and "pre_shared_key" extensions. When sending those extensions, the client may dereference a pointer no longer valid after realloc. This happens only when the client sends a large Client Hello message, e.g., when HRR is sent in a resumed session previously negotiated large FFDHE parameters, because the initial allocation of the buffer is large enough without having to call realloc (#1151). [GNUTLS-SA-2021-03-10, CVSS: low] For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305 (* Security fix *) n/libnftnl-1.2.0-x86_64-1.txz: Upgraded. n/links-2.23-x86_64-1.txz: Upgraded.
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r--ChangeLog.txt21
1 files changed, 21 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt
index 32de8fadd..5d9d6cf03 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,24 @@
+Tue May 25 18:01:05 UTC 2021
+a/xfsprogs-5.12.0-x86_64-1.txz: Upgraded.
+l/libcap-2.50-x86_64-1.txz: Upgraded.
+l/libqalculate-3.19.0-x86_64-1.txz: Upgraded.
+n/gnutls-3.6.16-x86_64-1.txz: Upgraded.
+ Fixed potential miscalculation of ECDSA/EdDSA code backported from Nettle.
+ In GnuTLS, as long as it is built and linked against the fixed version of
+ Nettle, this only affects GOST curves. [CVE-2021-20305]
+ Fixed potential use-after-free in sending "key_share" and "pre_shared_key"
+ extensions. When sending those extensions, the client may dereference a
+ pointer no longer valid after realloc. This happens only when the client
+ sends a large Client Hello message, e.g., when HRR is sent in a resumed
+ session previously negotiated large FFDHE parameters, because the initial
+ allocation of the buffer is large enough without having to call realloc
+ (#1151). [GNUTLS-SA-2021-03-10, CVSS: low]
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305
+ (* Security fix *)
+n/libnftnl-1.2.0-x86_64-1.txz: Upgraded.
+n/links-2.23-x86_64-1.txz: Upgraded.
++--------------------------+
Sun May 23 19:31:03 UTC 2021
a/mcelog-176-x86_64-2.txz: Rebuilt.
Fixed size syntax in logrotate config file. Thanks to ecd102.