From bf29f9a870281df42f1c50664c2cabd208d753d0 Mon Sep 17 00:00:00 2001
From: Patrick J Volkerding <volkerdi@slackware.com>
Date: Wed, 22 Apr 2020 02:19:37 +0000
Subject: Wed Apr 22 02:19:37 UTC 2020
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

a/kernel-firmware-20200421_78c0348-noarch-1.txz:  Upgraded.
a/kernel-generic-5.4.34-x86_64-1.txz:  Upgraded.
a/kernel-huge-5.4.34-x86_64-1.txz:  Upgraded.
a/kernel-modules-5.4.34-x86_64-1.txz:  Upgraded.
a/openssl-solibs-1.1.1g-x86_64-1.txz:  Upgraded.
d/git-2.26.2-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  With a crafted URL that contains a newline or empty host, or lacks
  a scheme, the credential helper machinery can be fooled into
  providing credential information that is not appropriate for the
  protocol in use and host being contacted.
  Unlike the vulnerability CVE-2020-5260 fixed in v2.17.4, the
  credentials are not for a host of the attacker's choosing; instead,
  they are for some unspecified host (based on how the configured
  credential helper handles an absent "host" parameter).
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11008
  (* Security fix *)
d/kernel-headers-5.4.34-x86-1.txz:  Upgraded.
d/vala-0.48.4-x86_64-1.txz:  Upgraded.
k/kernel-source-5.4.34-noarch-1.txz:  Upgraded.
  INFINIBAND_CXGB3 n -> m
  INFINIBAND_IPOIB_CM n -> y
  INFINIBAND_IPOIB_DEBUG_DATA n -> y
  Thanks to Karl Magnus Kolstø.
l/M2Crypto-0.35.2-x86_64-4.txz:  Rebuilt.
  Don't package typing-3.7.4.1 for python3.
l/netpbm-10.90.01-x86_64-1.txz:  Upgraded.
n/openssl-1.1.1g-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  Fixed segmentation fault in SSL_check_chain() that could be exploited by a
  malicious peer in a Denial of Service attack.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1967
  (* Security fix *)
x/libva-2.7.1-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
testing/packages/PAM/openvpn-2.4.9-x86_64-1_pam.txz:  Upgraded.
  This update fixes a security issue:
  Fix illegal client float. Thanks to Lev Stipakov.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11810
  (* Security fix *)
usb-and-pxe-installers/usbboot.img:  Rebuilt.
---
 kernels/VERSIONS.TXT | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'kernels')

diff --git a/kernels/VERSIONS.TXT b/kernels/VERSIONS.TXT
index 278b33df8..954baad92 100644
--- a/kernels/VERSIONS.TXT
+++ b/kernels/VERSIONS.TXT
@@ -1,3 +1,3 @@
 
-These kernels are version 5.4.33.
+These kernels are version 5.4.34.
 
-- 
cgit v1.2.3