diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2022-10-25 18:38:58 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2022-10-26 07:00:17 +0200 |
commit | 387b2bc525d80b10c96f2f6ab17e50635dd0effc (patch) | |
tree | 63c279048be8e22681aff4847a10bae899424a59 /source/l/expat | |
parent | 1214d3810791ea9561cb7816e030604bf67baed5 (diff) | |
download | current-387b2bc525d80b10c96f2f6ab17e50635dd0effc.tar.gz current-387b2bc525d80b10c96f2f6ab17e50635dd0effc.tar.xz |
Tue Oct 25 18:38:58 UTC 202220221025183858
ap/alsa-utils-1.2.8-x86_64-1.txz: Upgraded.
l/alsa-lib-1.2.8-x86_64-1.txz: Upgraded.
l/expat-2.5.0-x86_64-1.txz: Upgraded.
This update fixes a security issue:
Fix heap use-after-free after overeager destruction of a shared DTD in
function XML_ExternalEntityParserCreate in out-of-memory situations.
Expected impact is denial of service or potentially arbitrary code
execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43680
(* Security fix *)
n/samba-4.17.2-x86_64-1.txz: Upgraded.
This update fixes the following security issues:
There is a limited write heap buffer overflow in the GSSAPI unwrap_des()
and unwrap_des3() routines of Heimdal (included in Samba).
A malicious client can use a symlink to escape the exported directory.
For more information, see:
https://www.samba.org/samba/security/CVE-2022-3437.html
https://www.samba.org/samba/security/CVE-2022-3592.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3592
(* Security fix *)
Diffstat (limited to 'source/l/expat')
-rw-r--r-- | source/l/expat/expat.url | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/source/l/expat/expat.url b/source/l/expat/expat.url index 6dead6436..ed04fb252 100644 --- a/source/l/expat/expat.url +++ b/source/l/expat/expat.url @@ -1,2 +1,2 @@ -https://github.com/libexpat/libexpat/releases/download/R_2_4_9/expat-2.4.9.tar.lz -https://github.com/libexpat/libexpat/releases/download/R_2_4_9/expat-2.4.9.tar.lz.asc +https://github.com/libexpat/libexpat/releases/download/R_2_5_0/expat-2.5.0.tar.lz +https://github.com/libexpat/libexpat/releases/download/R_2_5_0/expat-2.5.0.tar.lz.asc |