diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2023-11-07 19:57:12 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2023-11-07 21:28:19 +0100 |
| commit | 69753b9a1da83d78dab7943e3fcdb428ee74a254 (patch) | |
| tree | 9c58cf752080a6715fe80639e22491bbb8be31d2 /ChangeLog.txt | |
| parent | 16aecb6aa38eaab548b9aece32c6aa72f59e80b2 (diff) | |
| download | current-69753b9a1da83d78dab7943e3fcdb428ee74a254.tar.gz current-69753b9a1da83d78dab7943e3fcdb428ee74a254.tar.xz | |
Tue Nov 7 19:57:12 UTC 202320231107195712
ap/sudo-1.9.15-x86_64-1.txz: Upgraded.
The sudoers plugin has been modified to make it more resilient to ROWHAMMER
attacks on authentication and policy matching.
The sudoers plugin now constructs the user time stamp file path name using
the user-ID instead of the user name. This avoids a potential problem with
user names that contain a path separator ('/') being interpreted as part of
the path name.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-42465
https://www.cve.org/CVERecord?id=CVE-2023-42456
(* Security fix *)
ap/vim-9.0.2092-x86_64-1.txz: Upgraded.
l/libuv-1.47.0-x86_64-1.txz: Upgraded.
l/xapian-core-1.4.24-x86_64-1.txz: Upgraded.
n/bind-9.18.19-x86_64-2.txz: Rebuilt.
Don't go automatically chowning files in /var/named, since some users may
have special requirements. But in case anyone finds that behavior useful,
you may set NAMED_CHOWN=YES in /etc/default/named to turn it back on.
Unless anyone has a good objection to it, this change is considered pending
for the next BIND upgrades in -stable.
Thanks to Mig21.
xap/vim-gvim-9.0.2092-x86_64-1.txz: Upgraded.
Diffstat (limited to 'ChangeLog.txt')
| -rw-r--r-- | ChangeLog.txt | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 882655b0f..b2b085f49 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,27 @@ +Tue Nov 7 19:57:12 UTC 2023 +ap/sudo-1.9.15-x86_64-1.txz: Upgraded. + The sudoers plugin has been modified to make it more resilient to ROWHAMMER + attacks on authentication and policy matching. + The sudoers plugin now constructs the user time stamp file path name using + the user-ID instead of the user name. This avoids a potential problem with + user names that contain a path separator ('/') being interpreted as part of + the path name. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2023-42465 + https://www.cve.org/CVERecord?id=CVE-2023-42456 + (* Security fix *) +ap/vim-9.0.2092-x86_64-1.txz: Upgraded. +l/libuv-1.47.0-x86_64-1.txz: Upgraded. +l/xapian-core-1.4.24-x86_64-1.txz: Upgraded. +n/bind-9.18.19-x86_64-2.txz: Rebuilt. + Don't go automatically chowning files in /var/named, since some users may + have special requirements. But in case anyone finds that behavior useful, + you may set NAMED_CHOWN=YES in /etc/default/named to turn it back on. + Unless anyone has a good objection to it, this change is considered pending + for the next BIND upgrades in -stable. + Thanks to Mig21. +xap/vim-gvim-9.0.2092-x86_64-1.txz: Upgraded. ++--------------------------+ Mon Nov 6 20:15:40 UTC 2023 a/btrfs-progs-6.6.1-x86_64-1.txz: Upgraded. d/mercurial-6.5.3-x86_64-1.txz: Upgraded. |