Thu Dec 8 22:48:34 UTC 2022 - current - Tracking development of slackware-current

diff options

author	Patrick J Volkerding <volkerdi@slackware.com>	2022-12-08 22:48:34 +0000
committer	Eric Hameleers <alien@slackware.com>	2022-12-09 13:30:05 +0100
commit	d17567f359b292f76be7d60ae588ef567df4d95e (patch)
tree	cf7804f448830067536877816b39f6bb65fb8614 /README.TXT
parent	7add5d2865572a0a23891756e58701a6c97c5965 (diff)
download	current-20221208224834_15.0.tar.gz current-20221208224834_15.0.tar.xz

Thu Dec 8 22:48:34 UTC 202220221208224834_15.0

patches/packages/emacs-27.2-x86_64-2_slack15.0.txz: Rebuilt. GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags *" command (suggested in the ctags documentation) in a situation where the current working directory has contents that depend on untrusted input. For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-45939 (* Security fix *) patches/packages/vim-9.0.1034-x86_64-1_slack15.0.txz: Upgraded. This update fixes various security issues such as a heap-based buffer overflow and use after free. For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-4141 https://www.cve.org/CVERecord?id=CVE-2022-3591 https://www.cve.org/CVERecord?id=CVE-2022-3520 https://www.cve.org/CVERecord?id=CVE-2022-3491 https://www.cve.org/CVERecord?id=CVE-2022-4292 https://www.cve.org/CVERecord?id=CVE-2022-4293 (* Security fix *) patches/packages/vim-gvim-9.0.1034-x86_64-1_slack15.0.txz: Upgraded.

Diffstat (limited to 'README.TXT')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: