From 1c35025416b4295915f499a01d0cee8899971321 Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Thu, 12 Sep 2019 03:58:53 +0000 Subject: Thu Sep 12 03:58:53 UTC 2019 a/glibc-zoneinfo-2019c-noarch-1.txz: Upgraded. This package provides the latest timezone updates. a/openssl-solibs-1.1.1d-x86_64-1.txz: Upgraded. a/openssl10-solibs-1.0.2t-x86_64-1.txz: Upgraded. ap/mariadb-10.4.8-x86_64-1.txz: Upgraded. l/netpbm-10.87.02-x86_64-1.txz: Upgraded. n/curl-7.66.0-x86_64-1.txz: Upgraded. This update fixes security issues: FTP-KRB double-free TFTP small blocksize heap buffer overflow For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482 (* Security fix *) n/openssl-1.1.1d-x86_64-1.txz: Upgraded. This update fixes low severity security issues: Fixed a fork protection issue Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey Compute ECC cofactors if not provided during EC_GROUP construction For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1549 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1563 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1547 (* Security fix *) n/openssl10-1.0.2t-x86_64-1.txz: Upgraded. This update fixes low severity security issues: Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey Compute ECC cofactors if not provided during EC_GROUP construction For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1563 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1547 (* Security fix *) n/p11-kit-0.23.17-x86_64-1.txz: Upgraded. xap/mozilla-thunderbird-68.1.0-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/68.1.0/releasenotes/ https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html (* Security fix *) extra/google-chrome/google-chrome.SlackBuild: Upgraded. Patched the packaging script to account for the internal change of control.tar.gz to control.tar.xz. Thanks to _RDS_ and Tim Thomas who both provided the same patch. --- ChangeLog.txt | 45 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) (limited to 'ChangeLog.txt') diff --git a/ChangeLog.txt b/ChangeLog.txt index 9d383afd3..3a1e4ab80 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,48 @@ +Thu Sep 12 03:58:53 UTC 2019 +a/glibc-zoneinfo-2019c-noarch-1.txz: Upgraded. + This package provides the latest timezone updates. +a/openssl-solibs-1.1.1d-x86_64-1.txz: Upgraded. +a/openssl10-solibs-1.0.2t-x86_64-1.txz: Upgraded. +ap/mariadb-10.4.8-x86_64-1.txz: Upgraded. +l/netpbm-10.87.02-x86_64-1.txz: Upgraded. +n/curl-7.66.0-x86_64-1.txz: Upgraded. + This update fixes security issues: + FTP-KRB double-free + TFTP small blocksize heap buffer overflow + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482 + (* Security fix *) +n/openssl-1.1.1d-x86_64-1.txz: Upgraded. + This update fixes low severity security issues: + Fixed a fork protection issue + Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey + Compute ECC cofactors if not provided during EC_GROUP construction + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1549 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1563 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1547 + (* Security fix *) +n/openssl10-1.0.2t-x86_64-1.txz: Upgraded. + This update fixes low severity security issues: + Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey + Compute ECC cofactors if not provided during EC_GROUP construction + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1563 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1547 + (* Security fix *) +n/p11-kit-0.23.17-x86_64-1.txz: Upgraded. +xap/mozilla-thunderbird-68.1.0-x86_64-1.txz: Upgraded. + This release contains security fixes and improvements. + For more information, see: + https://www.mozilla.org/en-US/thunderbird/68.1.0/releasenotes/ + https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html + (* Security fix *) +extra/google-chrome/google-chrome.SlackBuild: Upgraded. + Patched the packaging script to account for the internal change + of control.tar.gz to control.tar.xz. + Thanks to _RDS_ and Tim Thomas who both provided the same patch. ++--------------------------+ Tue Sep 10 21:28:36 UTC 2019 a/glibc-solibs-2.30-x86_64-1.txz: Upgraded. a/kernel-firmware-20190909_6c6918a-noarch-1.txz: Upgraded. -- cgit v1.2.3