diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2024-02-26 20:09:43 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2024-02-26 22:05:23 +0100 |
commit | d3c57a554896ccb272a79fac07e41c89f7d39d0f (patch) | |
tree | a2b4c45166a0561185b73effc5bb38203a1a8410 /ChangeLog.txt | |
parent | 9ab945c854b55cbfac2d7dfb992c10271a31ea8f (diff) | |
download | current-d3c57a554896ccb272a79fac07e41c89f7d39d0f.tar.gz current-d3c57a554896ccb272a79fac07e41c89f7d39d0f.tar.xz |
Mon Feb 26 20:09:43 UTC 202420240226200943
a/mdadm-4.3-x86_64-1.txz: Upgraded.
a/pciutils-3.11.1-x86_64-1.txz: Upgraded.
d/swig-4.2.1-x86_64-1.txz: Upgraded.
l/LibRaw-0.21.2-x86_64-2.txz: Rebuilt.
Include the example programs (which are actually useful). Thanks to giomat.
l/imagemagick-7.1.1_29-x86_64-1.txz: Upgraded.
l/openjpeg-2.5.1-x86_64-1.txz: Upgraded.
Fixed a heap-based buffer overflow in openjpeg in color.c:379:42 in
sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use
this to execute arbitrary code with the permissions of the application
compiled against openjpeg.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2021-3575
(* Security fix *)
l/pango-1.52.0-x86_64-1.txz: Upgraded.
x/sddm-0.21.0-x86_64-1.txz: Upgraded.
xap/x3270-4.3ga5-x86_64-1.txz: Upgraded.
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r-- | ChangeLog.txt | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 7fdc8860c..6ebfc5eea 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,22 @@ +Mon Feb 26 20:09:43 UTC 2024 +a/mdadm-4.3-x86_64-1.txz: Upgraded. +a/pciutils-3.11.1-x86_64-1.txz: Upgraded. +d/swig-4.2.1-x86_64-1.txz: Upgraded. +l/LibRaw-0.21.2-x86_64-2.txz: Rebuilt. + Include the example programs (which are actually useful). Thanks to giomat. +l/imagemagick-7.1.1_29-x86_64-1.txz: Upgraded. +l/openjpeg-2.5.1-x86_64-1.txz: Upgraded. + Fixed a heap-based buffer overflow in openjpeg in color.c:379:42 in + sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use + this to execute arbitrary code with the permissions of the application + compiled against openjpeg. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2021-3575 + (* Security fix *) +l/pango-1.52.0-x86_64-1.txz: Upgraded. +x/sddm-0.21.0-x86_64-1.txz: Upgraded. +xap/x3270-4.3ga5-x86_64-1.txz: Upgraded. ++--------------------------+ Sun Feb 25 19:16:52 UTC 2024 a/etc-15.1-x86_64-7.txz: Rebuilt. Don't leave {group,gshadow,passwd,shadow}.new laying around. |