diff options
Diffstat (limited to 'ChangeLog.txt')
| -rw-r--r-- | ChangeLog.txt | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 2b094061b..67c8f0fb3 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,43 @@ +Wed Apr 6 20:23:46 UTC 2022 +a/haveged-1.9.17-x86_64-2.txz: Rebuilt. + Install /etc/rc.d/rc.haveged as non-executable. For existing installations + running a recent kernel, it is safe to turn this off. + Back when we added the haveged package we were using the 4.4 kernel, but + since Linux 5.4 this same entropy generating algorithm has been built into + the kernel, so there's no reason to also run it in userspace. We'll keep + the package around (for now, anyway) in case someone might be running an + old kernel. Thanks to Jason A. Donenfeld. +a/sysvinit-scripts-15.0-noarch-10.txz: Rebuilt. + rc.S, rc.6: use the seedrng utility to seed and initialize the kernel + random number generator and generate a new seed. + If seedrng is missing, we'll attempt to do these things with scripting. + Thanks to Jason A. Donenfeld for hints about how to make a modest + improvement in that regard (blame me for any problems with my own changes), + but because you can't force the kernel RNG to initialize with a script + (it needs an ioctl), you won't get the same guarantees that you do when + using the new seedrng utility. +a/util-linux-2.38-x86_64-2.txz: Rebuilt. + Added seedrng utility, used to seed and initialize the kernel random number + generator and to generate new seeds for carrying entropy across reboots. + Thanks to Jason A. Donenfeld. +n/libmnl-1.0.5-x86_64-1.txz: Upgraded. +n/libnfnetlink-1.0.2-x86_64-1.txz: Upgraded. +xap/mozilla-thunderbird-91.8.0-x86_64-1.txz: Upgraded. + This release contains security fixes and improvements. + For more information, see: + https://www.mozilla.org/en-US/thunderbird/91.8.0/releasenotes/ + https://www.mozilla.org/en-US/security/advisories/mfsa2022-15/ + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289 + (* Security fix *) ++--------------------------+ Tue Apr 5 19:16:30 UTC 2022 a/hwdata-0.358-noarch-1.txz: Upgraded. ap/cups-filters-1.28.14-x86_64-1.txz: Upgraded. |