diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2022-11-09 22:16:30 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2022-11-10 07:00:17 +0100 |
commit | e519d8d2c69426feefc2ee207e3b14940fad2d2a (patch) | |
tree | a2594ad06d1047cc0fea45bc8c48683c3c95c00e /ChangeLog.txt | |
parent | 458c6cc7f8c05cd766aaa02b9468e25a234741d1 (diff) | |
download | current-e519d8d2c69426feefc2ee207e3b14940fad2d2a.tar.gz current-e519d8d2c69426feefc2ee207e3b14940fad2d2a.tar.xz |
Wed Nov 9 22:16:30 UTC 202220221109221630
a/btrfs-progs-6.0.1-x86_64-1.txz: Upgraded.
ap/sysstat-12.7.1-x86_64-1.txz: Upgraded.
On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1,
allocate_structures contains a size_t overflow in sa_common.c. The
allocate_structures function insufficiently checks bounds before arithmetic
multiplication, allowing for an overflow in the size allocated for the
buffer representing system activities.
This issue may lead to Remote Code Execution (RCE).
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-39377
(* Security fix *)
kde/bluedevil-5.26.3.1-x86_64-1.txz: Upgraded.
kde/breeze-5.26.3.1-x86_64-1.txz: Upgraded.
kde/oxygen-sounds-5.26.3.1-x86_64-1.txz: Upgraded.
l/gdk-pixbuf2-2.42.10-x86_64-1.txz: Upgraded.
l/orc-0.4.33-x86_64-1.txz: Upgraded.
n/mobile-broadband-provider-info-20221107-x86_64-1.txz: Upgraded.
xfce/xfce4-settings-4.16.4-x86_64-1.txz: Upgraded.
Fixed an argument injection vulnerability in xfce4-mime-helper.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-45062
(* Security fix *)
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r-- | ChangeLog.txt | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 2003326e9..8fffe8b16 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,27 @@ +Wed Nov 9 22:16:30 UTC 2022 +a/btrfs-progs-6.0.1-x86_64-1.txz: Upgraded. +ap/sysstat-12.7.1-x86_64-1.txz: Upgraded. + On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, + allocate_structures contains a size_t overflow in sa_common.c. The + allocate_structures function insufficiently checks bounds before arithmetic + multiplication, allowing for an overflow in the size allocated for the + buffer representing system activities. + This issue may lead to Remote Code Execution (RCE). + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2022-39377 + (* Security fix *) +kde/bluedevil-5.26.3.1-x86_64-1.txz: Upgraded. +kde/breeze-5.26.3.1-x86_64-1.txz: Upgraded. +kde/oxygen-sounds-5.26.3.1-x86_64-1.txz: Upgraded. +l/gdk-pixbuf2-2.42.10-x86_64-1.txz: Upgraded. +l/orc-0.4.33-x86_64-1.txz: Upgraded. +n/mobile-broadband-provider-info-20221107-x86_64-1.txz: Upgraded. +xfce/xfce4-settings-4.16.4-x86_64-1.txz: Upgraded. + Fixed an argument injection vulnerability in xfce4-mime-helper. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2022-45062 + (* Security fix *) ++--------------------------+ Tue Nov 8 22:21:43 UTC 2022 a/bash-5.2.009-x86_64-1.txz: Upgraded. a/glibc-zoneinfo-2022f-noarch-1.txz: Upgraded. |