summaryrefslogtreecommitdiffstats
path: root/ChangeLog.txt
diff options
context:
space:
mode:
author Patrick J Volkerding <volkerdi@slackware.com>2021-12-03 20:07:20 +0000
committer Eric Hameleers <alien@slackware.com>2021-12-04 08:59:57 +0100
commitc29dcfa2dd2e7467ea3b6b757880348884d8790d (patch)
treed3353da7e281a39e6edb2bde414c1bc228be5d6e /ChangeLog.txt
parent66ba810196d8ce6f6da7df7931ce31e7303b8cf8 (diff)
downloadcurrent-c29dcfa2dd2e7467ea3b6b757880348884d8790d.tar.gz
current-c29dcfa2dd2e7467ea3b6b757880348884d8790d.tar.xz
Fri Dec 3 20:07:20 UTC 202120211203200720
ap/rpm-4.16.1.3-x86_64-4.txz: Rebuilt. Patched to handle non-compliant RPMs created by install4j. Thanks to alienBOB. d/poke-1.4-x86_64-1.txz: Upgraded. l/enchant-2.3.2-x86_64-1.txz: Upgraded. l/freetype-2.11.1-x86_64-1.txz: Upgraded. l/glib2-2.70.2-x86_64-1.txz: Upgraded. n/lynx-2.9.0dev.10-x86_64-1.txz: Upgraded. extra/php8/php8-8.1.0-x86_64-1.txz: Removed. extra/php80/php80-8.0.13-x86_64-1.txz: Added. extra/php81/php81-8.1.0-x86_64-1.txz: Added.
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r--ChangeLog.txt27
1 files changed, 27 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt
index e4da27e68..fee49f098 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,7 +1,34 @@
+Fri Dec 3 20:07:20 UTC 2021
+ap/rpm-4.16.1.3-x86_64-4.txz: Rebuilt.
+ Patched to handle non-compliant RPMs created by install4j. Thanks to alienBOB.
+d/poke-1.4-x86_64-1.txz: Upgraded.
+l/enchant-2.3.2-x86_64-1.txz: Upgraded.
+l/freetype-2.11.1-x86_64-1.txz: Upgraded.
+l/glib2-2.70.2-x86_64-1.txz: Upgraded.
+n/lynx-2.9.0dev.10-x86_64-1.txz: Upgraded.
+extra/php8/php8-8.1.0-x86_64-1.txz: Removed.
+extra/php80/php80-8.0.13-x86_64-1.txz: Added.
+extra/php81/php81-8.1.0-x86_64-1.txz: Added.
++--------------------------+
Thu Dec 2 19:14:20 UTC 2021
d/strace-5.15-x86_64-1.txz: Upgraded.
l/mozilla-nss-3.73-x86_64-1.txz: Upgraded.
Everything linked to NSS/NSPR was rebuild tested here.
+ This update fixes a critical security issue:
+ NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are
+ vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS
+ signatures. Applications using NSS for handling signatures encoded within
+ CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted. Applications
+ using NSS for certificate validation or other TLS, X.509, OCSP or CRL
+ functionality may be impacted, depending on how they configure NSS.
+ Note: This vulnerability does NOT impact Mozilla Firefox. However, email
+ clients and PDF viewers that use NSS for signature verification, such as
+ Thunderbird, LibreOffice, Evolution and Evince are believed to be impacted.
+ Thanks to Tavis Ormandy of Google Project Zero.
+ For more information, see:
+ https://www.mozilla.org/en-US/security/advisories/mfsa2021-51/
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43527
+ (* Security fix *)
l/qt5-5.15.3_20211130_014c375b-x86_64-1.txz: Upgraded.
+--------------------------+
Wed Dec 1 19:44:13 UTC 2021