summaryrefslogtreecommitdiffstats
path: root/source/l/apr/apr.url
diff options
context:
space:
mode:
author Patrick J Volkerding <volkerdi@slackware.com>2023-02-01 22:27:31 +0000
committer Eric Hameleers <alien@slackware.com>2023-02-02 00:40:26 +0100
commita130ab0fdf8914fd1036e10345f118c3838a0472 (patch)
tree98f8804aba77b4f3f1255f638c513104327eab44 /source/l/apr/apr.url
parent45d1307faeb72d3fefce6446c314c4b0d0d3a98a (diff)
downloadcurrent-a130ab0fdf8914fd1036e10345f118c3838a0472.tar.gz
current-a130ab0fdf8914fd1036e10345f118c3838a0472.tar.xz
Wed Feb 1 22:27:31 UTC 202320230201222731
a/kernel-firmware-20230125_5c11a37-noarch-1.txz: Upgraded. a/kernel-generic-6.1.9-x86_64-1.txz: Upgraded. a/kernel-huge-6.1.9-x86_64-1.txz: Upgraded. a/kernel-modules-6.1.9-x86_64-1.txz: Upgraded. d/kernel-headers-6.1.9-x86-1.txz: Upgraded. k/kernel-source-6.1.9-noarch-1.txz: Upgraded. l/apr-1.7.2-x86_64-1.txz: Upgraded. This update fixes security issues: Integer Overflow or Wraparound vulnerability in apr_encode functions of Apache Portable Runtime (APR) allows an attacker to write beyond bounds of a buffer. (CVE-2022-24963) Restore fix for out-of-bounds array dereference in apr_time_exp*() functions. (This issue was addressed as CVE-2017-12613 in APR 1.6.3 and later 1.6.x releases, but was missing in 1.7.0.) (CVE-2021-35940) For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-24963 https://www.cve.org/CVERecord?id=CVE-2021-35940 https://www.cve.org/CVERecord?id=CVE-2017-12613 (* Security fix *) l/apr-util-1.6.3-x86_64-1.txz: Upgraded. This update fixes a security issue: Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer. (CVE-2022-25147) For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-25147 (* Security fix *) l/libhandy-1.8.1-x86_64-1.txz: Upgraded. l/libjpeg-turbo-2.1.5-x86_64-1.txz: Upgraded. xap/mozilla-thunderbird-102.7.1-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/102.7.1/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2023-04/ https://www.cve.org/CVERecord?id=CVE-2023-0430 (* Security fix *) isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
Diffstat (limited to '')
-rw-r--r--source/l/apr/apr.url4
1 files changed, 2 insertions, 2 deletions
diff --git a/source/l/apr/apr.url b/source/l/apr/apr.url
index 6b19f30a1..064ec5fa6 100644
--- a/source/l/apr/apr.url
+++ b/source/l/apr/apr.url
@@ -1,2 +1,2 @@
-http://www.apache.org/dist/apr/apr-1.7.0.tar.bz2
-http://www.apache.org/dist/apr/apr-1.7.0.tar.bz2.asc
+http://www.apache.org/dist/apr/apr-1.7.2.tar.bz2
+http://www.apache.org/dist/apr/apr-1.7.2.tar.bz2.asc