diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2023-03-31 18:01:09 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2023-03-31 21:43:36 +0200 |
| commit | b689ecb8821052a424c41754d4e4ca53fc18ad0e (patch) | |
| tree | 3faf9ce7b99302beb71c793ad39c9b0c1e5392dc /ChangeLog.txt | |
| parent | 32316b07e4f42c70fc8ebd630320ae111e228952 (diff) | |
| download | current-b689ecb8821052a424c41754d4e4ca53fc18ad0e.tar.gz current-b689ecb8821052a424c41754d4e4ca53fc18ad0e.tar.xz | |
Fri Mar 31 18:01:09 UTC 202320230331180109
a/kernel-generic-6.1.22-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.22-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.22-x86_64-1.txz: Upgraded.
a/mkinitrd-1.4.11-x86_64-32.txz: Rebuilt.
Add /lib/firmware directory to _initrd-tree.tar.gz. Thanks to walecha.
d/cmake-3.26.2-x86_64-1.txz: Upgraded.
d/kernel-headers-6.1.22-x86-1.txz: Upgraded.
d/llvm-16.0.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
Thanks to Heinz Wiesinger for the assistance.
Compiled with -DLLVM_BUILD_LLVM_DYLIB=ON -DLLVM_LINK_LLVM_DYLIB=ON
-DCLANG_LINK_CLANG_DYLIB=ON.
I think we'll get 16.0.1 next week if we need to make any adjustments.
d/ruby-3.2.2-x86_64-1.txz: Upgraded.
This update fixes security issues:
ReDoS vulnerability in URI.
ReDoS vulnerability in Time.
For more information, see:
https://www.ruby-lang.org/en/news/2023/03/28/redos-in-uri-cve-2023-28755/
https://www.ruby-lang.org/en/news/2023/03/30/redos-in-time-cve-2023-28756/
https://www.cve.org/CVERecord?id=CVE-2023-28755
https://www.cve.org/CVERecord?id=CVE-2023-28756
(* Security fix *)
k/kernel-source-6.1.22-noarch-1.txz: Upgraded.
kde/kdevelop-22.12.3-x86_64-2.txz: Rebuilt.
Recompiled against llvm-16.0.0.
l/openexr-3.1.7-x86_64-1.txz: Upgraded.
l/qt5-5.15.8_20230325_c1a3e988-x86_64-1.txz: Upgraded.
Compiled against llvm-16.0.0.
l/spirv-llvm-translator-16.0.0-x86_64-1.txz: Upgraded.
Compiled against llvm-16.0.0.
Thanks to Heinz Wiesinger for finding the fix for -DBUILD_SHARED_LIBS=ON.
n/pssh-2.3.5-x86_64-1.txz: Upgraded.
n/samba-4.18.1-x86_64-1.txz: Upgraded.
This update fixes security issues:
An incomplete access check on dnsHostName allows authenticated but otherwise
unprivileged users to delete this attribute from any object in the directory.
The Samba AD DC administration tool, when operating against a remote LDAP
server, will by default send new or reset passwords over a signed-only
connection.
The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential
attribute disclosure via LDAP filters was insufficient and an attacker may
be able to obtain confidential BitLocker recovery keys from a Samba AD DC.
Installations with such secrets in their Samba AD should assume they have
been obtained and need replacing.
For more information, see:
https://www.samba.org/samba/security/CVE-2023-0225.html
https://www.samba.org/samba/security/CVE-2023-0922.html
https://www.samba.org/samba/security/CVE-2023-0614.html
https://www.cve.org/CVERecord?id=CVE-2023-0225
https://www.cve.org/CVERecord?id=CVE-2023-0922
https://www.cve.org/CVERecord?id=CVE-2023-0614
(* Security fix *)
x/mesa-23.0.1-x86_64-2.txz: Rebuilt.
Recompiled against llvm-16.0.0 and spirv-llvm-translator-16.0.0.
xap/seamonkey-2.53.16-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.seamonkey-project.org/releases/seamonkey2.53.16
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/rust-1.68.2-x86_64-2.txz: Rebuilt.
Use the bundled LLVM rather than the system LLVM.
This version of Rust actually does compile with llvm-16.0.0, but since it
bundles LLVM 15 let's let it use that for now.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Diffstat (limited to 'ChangeLog.txt')
| -rw-r--r-- | ChangeLog.txt | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 794c037f0..594a0220f 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,72 @@ +Fri Mar 31 18:01:09 UTC 2023 +a/kernel-generic-6.1.22-x86_64-1.txz: Upgraded. +a/kernel-huge-6.1.22-x86_64-1.txz: Upgraded. +a/kernel-modules-6.1.22-x86_64-1.txz: Upgraded. +a/mkinitrd-1.4.11-x86_64-32.txz: Rebuilt. + Add /lib/firmware directory to _initrd-tree.tar.gz. Thanks to walecha. +d/cmake-3.26.2-x86_64-1.txz: Upgraded. +d/kernel-headers-6.1.22-x86-1.txz: Upgraded. +d/llvm-16.0.0-x86_64-1.txz: Upgraded. + Shared library .so-version bump. + Thanks to Heinz Wiesinger for the assistance. + Compiled with -DLLVM_BUILD_LLVM_DYLIB=ON -DLLVM_LINK_LLVM_DYLIB=ON + -DCLANG_LINK_CLANG_DYLIB=ON. + I think we'll get 16.0.1 next week if we need to make any adjustments. +d/ruby-3.2.2-x86_64-1.txz: Upgraded. + This update fixes security issues: + ReDoS vulnerability in URI. + ReDoS vulnerability in Time. + For more information, see: + https://www.ruby-lang.org/en/news/2023/03/28/redos-in-uri-cve-2023-28755/ + https://www.ruby-lang.org/en/news/2023/03/30/redos-in-time-cve-2023-28756/ + https://www.cve.org/CVERecord?id=CVE-2023-28755 + https://www.cve.org/CVERecord?id=CVE-2023-28756 + (* Security fix *) +k/kernel-source-6.1.22-noarch-1.txz: Upgraded. +kde/kdevelop-22.12.3-x86_64-2.txz: Rebuilt. + Recompiled against llvm-16.0.0. +l/openexr-3.1.7-x86_64-1.txz: Upgraded. +l/qt5-5.15.8_20230325_c1a3e988-x86_64-1.txz: Upgraded. + Compiled against llvm-16.0.0. +l/spirv-llvm-translator-16.0.0-x86_64-1.txz: Upgraded. + Compiled against llvm-16.0.0. + Thanks to Heinz Wiesinger for finding the fix for -DBUILD_SHARED_LIBS=ON. +n/pssh-2.3.5-x86_64-1.txz: Upgraded. +n/samba-4.18.1-x86_64-1.txz: Upgraded. + This update fixes security issues: + An incomplete access check on dnsHostName allows authenticated but otherwise + unprivileged users to delete this attribute from any object in the directory. + The Samba AD DC administration tool, when operating against a remote LDAP + server, will by default send new or reset passwords over a signed-only + connection. + The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential + attribute disclosure via LDAP filters was insufficient and an attacker may + be able to obtain confidential BitLocker recovery keys from a Samba AD DC. + Installations with such secrets in their Samba AD should assume they have + been obtained and need replacing. + For more information, see: + https://www.samba.org/samba/security/CVE-2023-0225.html + https://www.samba.org/samba/security/CVE-2023-0922.html + https://www.samba.org/samba/security/CVE-2023-0614.html + https://www.cve.org/CVERecord?id=CVE-2023-0225 + https://www.cve.org/CVERecord?id=CVE-2023-0922 + https://www.cve.org/CVERecord?id=CVE-2023-0614 + (* Security fix *) +x/mesa-23.0.1-x86_64-2.txz: Rebuilt. + Recompiled against llvm-16.0.0 and spirv-llvm-translator-16.0.0. +xap/seamonkey-2.53.16-x86_64-1.txz: Upgraded. + This update contains security fixes and improvements. + For more information, see: + https://www.seamonkey-project.org/releases/seamonkey2.53.16 + (* Security fix *) +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +testing/packages/rust-1.68.2-x86_64-2.txz: Rebuilt. + Use the bundled LLVM rather than the system LLVM. + This version of Rust actually does compile with llvm-16.0.0, but since it + bundles LLVM 15 let's let it use that for now. +usb-and-pxe-installers/usbboot.img: Rebuilt. ++--------------------------+ Wed Mar 29 20:56:21 UTC 2023 a/glibc-zoneinfo-2023c-noarch-1.txz: Upgraded. This package provides the latest timezone updates. |