From 7a6788c35a61096c4399723ab0c088d154733794 Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Tue, 28 Jun 2022 19:16:08 +0000 Subject: Tue Jun 28 19:16:08 UTC 2022 patches/packages/curl-7.84.0-x86_64-1_slack15.0.txz: Upgraded. This update fixes security issues: Set-Cookie denial of service. HTTP compression denial of service. Unpreserved file permissions. FTP-KRB bad message verification. For more information, see: https://curl.se/docs/CVE-2022-32205.html https://curl.se/docs/CVE-2022-32206.html https://curl.se/docs/CVE-2022-32207.html https://curl.se/docs/CVE-2022-32208.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208 (* Security fix *) patches/packages/mozilla-firefox-91.11.0esr-x86_64-1_slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/firefox/91.11.0/releasenotes/ https://www.mozilla.org/security/advisories/mfsa2022-25/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34478 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484 (* Security fix *) --- ChangeLog.txt | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) (limited to 'ChangeLog.txt') diff --git a/ChangeLog.txt b/ChangeLog.txt index 5ed285833..34b963b15 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,36 @@ +Tue Jun 28 19:16:08 UTC 2022 +patches/packages/curl-7.84.0-x86_64-1_slack15.0.txz: Upgraded. + This update fixes security issues: + Set-Cookie denial of service. + HTTP compression denial of service. + Unpreserved file permissions. + FTP-KRB bad message verification. + For more information, see: + https://curl.se/docs/CVE-2022-32205.html + https://curl.se/docs/CVE-2022-32206.html + https://curl.se/docs/CVE-2022-32207.html + https://curl.se/docs/CVE-2022-32208.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32205 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32207 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208 + (* Security fix *) +patches/packages/mozilla-firefox-91.11.0esr-x86_64-1_slack15.0.txz: Upgraded. + This update contains security fixes and improvements. + For more information, see: + https://www.mozilla.org/en-US/firefox/91.11.0/releasenotes/ + https://www.mozilla.org/security/advisories/mfsa2022-25/ + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34478 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484 + (* Security fix *) ++--------------------------+ Thu Jun 23 05:30:51 UTC 2022 patches/packages/ca-certificates-20220622-noarch-1_slack15.0.txz: Upgraded. This update provides the latest CA certificates to check for the -- cgit v1.2.3-65-gdbad