|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a/aaa_glibc-solibs-2.36-x86_64-3.txz: Rebuilt.
a/kernel-generic-5.19.6-x86_64-1.txz: Upgraded.
a/kernel-huge-5.19.6-x86_64-1.txz: Upgraded.
a/kernel-modules-5.19.6-x86_64-1.txz: Upgraded.
d/git-2.37.3-x86_64-1.txz: Upgraded.
d/kernel-headers-5.19.6-x86-1.txz: Upgraded.
d/ninja-1.11.1-x86_64-1.txz: Upgraded.
k/kernel-source-5.19.6-noarch-1.txz: Upgraded.
kde/krename-5.0.2-x86_64-1.txz: Upgraded.
l/glibc-2.36-x86_64-3.txz: Rebuilt.
Applied all post-release patches from the 2.36 branch.
This fixes a security issue introduced in glibc-2.36: When the syslog
function is passed a crafted input string larger than 1024 bytes, it
reads uninitialized memory from the heap and prints it to the target log
file, potentially revealing a portion of the contents of the heap.
Thanks to marav.
The patches also help with several packages failing to build from source.
Thanks to nobodino.
l/glibc-i18n-2.36-x86_64-3.txz: Rebuilt.
l/glibc-profile-2.36-x86_64-3.txz: Rebuilt.
l/libssh-0.10.1-x86_64-1.txz: Upgraded.
n/curl-7.85.0-x86_64-1.txz: Upgraded.
This update fixes a security issue:
control code in cookie denial of service.
For more information, see:
https://curl.se/docs/CVE-2022-35252.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35252
(* Security fix *)
x/fcitx5-gtk-5.0.18-x86_64-1.txz: Upgraded.
x/fcitx5-qt-5.0.15-x86_64-1.txz: Upgraded.
x/ico-1.0.6-x86_64-1.txz: Upgraded.
x/libdrm-2.4.113-x86_64-1.txz: Upgraded.
x/libfontenc-1.1.6-x86_64-1.txz: Upgraded.
x/oclock-1.0.5-x86_64-1.txz: Upgraded.
x/showfont-1.0.6-x86_64-1.txz: Upgraded.
x/xmh-1.0.4-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|