| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | Thu Jun 23 05:30:51 UTC 2022...patches/packages/ca-certificates-20220622-noarch-1_slack15.0.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
patches/packages/openssl-1.1.1p-x86_64-1_slack15.0.txz: Upgraded.
In addition to the c_rehash shell command injection identified in
CVE-2022-1292, further circumstances where the c_rehash script does not
properly sanitise shell metacharacters to prevent command injection were
found by code review.
When the CVE-2022-1292 was fixed it was not discovered that there
are other places in the script where the file names of certificates
being hashed were possibly passed to a command executed through the shell.
For more information, see:
https://www.openssl.org/news/secadv/20220621.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068
(* Security fix *)
patches/packages/openssl-solibs-1.1.1p-x86_64-1_slack15.0.txz: Upgraded.
20220623053051_15.0 |   Patrick J Volkerding | 2022-06-24 | 1 | -158/+1138 |
| * | Sun Apr 3 19:57:16 UTC 2022...patches/packages/ca-certificates-20220403-noarch-1_slack15.0.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
20220403195716_15.0 | Patrick J Volkerding | 2022-04-04 | 1 | -311/+411 |
| * | Thu Mar 10 02:30:54 UTC 2022...patches/packages/ca-certificates-20220309-noarch-1_slack15.0.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
20220310023054_15.0 | Patrick J Volkerding | 2022-03-10 | 8 | -0/+23617 |
Patrick J Volkerding