diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2022-01-16 21:33:27 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2022-01-17 08:59:55 +0100 |
commit | 54efc574732f81aa298dd8ea253200222d32f1b2 (patch) | |
tree | 501bb07527ca7cb2cd4534f2766da8bf40000266 /ChangeLog.txt | |
parent | 5ed13142b06050c1f45617acc956aadadcbe4359 (diff) | |
download | current-54efc574732f81aa298dd8ea253200222d32f1b2.tar.gz current-54efc574732f81aa298dd8ea253200222d32f1b2.tar.xz |
Sun Jan 16 21:33:27 UTC 202220220116213327
a/aaa_libraries-15.0-x86_64-14.txz: Rebuilt.
Upgraded: libexpat.so.1.8.3.
a/kernel-generic-5.15.15-x86_64-1.txz: Upgraded.
a/kernel-huge-5.15.15-x86_64-1.txz: Upgraded.
a/kernel-modules-5.15.15-x86_64-1.txz: Upgraded.
ap/cups-filters-1.28.11-x86_64-1.txz: Upgraded.
ap/ksh93-1.0_20220114_e569f23e-x86_64-1.txz: Upgraded.
ap/vim-8.2.4115-x86_64-1.txz: Upgraded.
d/gdb-11.2-x86_64-1.txz: Upgraded.
d/kernel-headers-5.15.15-x86-1.txz: Upgraded.
k/kernel-source-5.15.15-noarch-1.txz: Upgraded.
kde/kwayland-server-5.23.5-x86_64-2.txz: Rebuilt.
Applied upstream patch:
[PATCH] Store surface object in tablet cursor using QPointer.
Thanks to ZhaoLin1457.
l/expat-2.4.3-x86_64-1.txz: Upgraded.
Fix issues with left shifts by >=29 places resulting in:
a) realloc acting as free
b) realloc allocating too few bytes
c) undefined behavior
Fix integer overflow on variable m_groupSize in function doProlog leading
to realloc acting as free. Impact is denial of service or other undefined
behavior.
Prevent integer overflows near memory allocation at multiple places.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827
(* Security fix *)
l/libunwind-1.6.2-x86_64-1.txz: Upgraded.
x/xterm-370-x86_64-3.txz: Rebuilt.
Ship a sample XTerm.linux.console app-defaults file. Thanks to GazL.
xap/vim-gvim-8.2.4115-x86_64-1.txz: Upgraded.
xap/xsnow-3.4.3-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r-- | ChangeLog.txt | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 494bfbc3c..199476c7b 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,47 @@ +Sun Jan 16 21:33:27 UTC 2022 +a/aaa_libraries-15.0-x86_64-14.txz: Rebuilt. + Upgraded: libexpat.so.1.8.3. +a/kernel-generic-5.15.15-x86_64-1.txz: Upgraded. +a/kernel-huge-5.15.15-x86_64-1.txz: Upgraded. +a/kernel-modules-5.15.15-x86_64-1.txz: Upgraded. +ap/cups-filters-1.28.11-x86_64-1.txz: Upgraded. +ap/ksh93-1.0_20220114_e569f23e-x86_64-1.txz: Upgraded. +ap/vim-8.2.4115-x86_64-1.txz: Upgraded. +d/gdb-11.2-x86_64-1.txz: Upgraded. +d/kernel-headers-5.15.15-x86-1.txz: Upgraded. +k/kernel-source-5.15.15-noarch-1.txz: Upgraded. +kde/kwayland-server-5.23.5-x86_64-2.txz: Rebuilt. + Applied upstream patch: + [PATCH] Store surface object in tablet cursor using QPointer. + Thanks to ZhaoLin1457. +l/expat-2.4.3-x86_64-1.txz: Upgraded. + Fix issues with left shifts by >=29 places resulting in: + a) realloc acting as free + b) realloc allocating too few bytes + c) undefined behavior + Fix integer overflow on variable m_groupSize in function doProlog leading + to realloc acting as free. Impact is denial of service or other undefined + behavior. + Prevent integer overflows near memory allocation at multiple places. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827 + (* Security fix *) +l/libunwind-1.6.2-x86_64-1.txz: Upgraded. +x/xterm-370-x86_64-3.txz: Rebuilt. + Ship a sample XTerm.linux.console app-defaults file. Thanks to GazL. +xap/vim-gvim-8.2.4115-x86_64-1.txz: Upgraded. +xap/xsnow-3.4.3-x86_64-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. ++--------------------------+ Sun Jan 16 07:23:29 UTC 2022 a/aaa_base-15.0-x86_64-3.txz: Rebuilt. In initial email to root, use the new /var/lib/pkgtools/ paths to the files |