current - Tracking development of slackware-current

	Commit message (Expand)	Author	Age	Files	Lines
*	Thu Jun 23 05:30:51 UTC 2022...patches/packages/ca-certificates-20220622-noarch-1_slack15.0.txz: Upgraded. This update provides the latest CA certificates to check for the authenticity of SSL connections. patches/packages/openssl-1.1.1p-x86_64-1_slack15.0.txz: Upgraded. In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. For more information, see: https://www.openssl.org/news/secadv/20220621.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068 (* Security fix *) patches/packages/openssl-solibs-1.1.1p-x86_64-1_slack15.0.txz: Upgraded. 20220623053051_15.0	Patrick J Volkerding	2022-06-24	1	-11/+0
*	Wed May 4 21:24:57 UTC 2022...patches/packages/mozilla-thunderbird-91.9.0-x86_64-1_slack15.0.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/91.9.0/releasenotes/ (* Security fix ) patches/packages/openssl-1.1.1o-x86_64-1_slack15.0.txz: Upgraded. Fixed a bug in the c_rehash script which was not properly sanitising shell metacharacters to prevent command injection. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292 ( Security fix ) patches/packages/openssl-solibs-1.1.1o-x86_64-1_slack15.0.txz: Upgraded. patches/packages/seamonkey-2.53.12-x86_64-1_slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more information, see: https://www.seamonkey-project.org/releases/seamonkey2.53.12 ( Security fix *) 20220504212457_15.0	Patrick J Volkerding	2022-05-05	1	-0/+11