From fc35afb36c8162cb44fa7d9b72b8e3bed0cfe491 Mon Sep 17 00:00:00 2001
From: Patrick J Volkerding <volkerdi@slackware.com>
Date: Tue, 28 Apr 2020 20:18:40 +0000
Subject: Tue Apr 28 20:18:40 UTC 2020

ap/cups-2.3.3-x86_64-1.txz:  Upgraded.
  This update fixes two security issues:
  The ppdOpen function did not handle invalid UI constraint.
  ppdcSource::get_resolution function did not handle invalid resolution strings.
  The ippReadIO function may under-read an extension.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3898
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8842
  (* Security fix *)
l/imagemagick-7.0.10_10-x86_64-1.txz:  Upgraded.
n/samba-4.12.2-x86_64-1.txz:  Upgraded.
  This update fixes two security issues:
  A client combining the 'ASQ' and 'Paged Results' LDAP controls can cause a
  use-after-free in Samba's AD DC LDAP server.
  A deeply nested filter in an un-authenticated LDAP search can exhaust the
  LDAP server's stack memory causing a SIGSEGV.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10700
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10704
  (* Security fix *)
testing/packages/PAM/cups-2.3.3-x86_64-1_pam.txz:  Upgraded.
  This update fixes two security issues:
  The ppdOpen function did not handle invalid UI constraint.
  ppdcSource::get_resolution function did not handle invalid resolution strings.
  The ippReadIO function may under-read an extension.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3898
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8842
  (* Security fix *)
testing/packages/PAM/samba-4.12.2-x86_64-1_pam.txz:  Upgraded.
  This update fixes two security issues:
  A client combining the 'ASQ' and 'Paged Results' LDAP controls can cause a
  use-after-free in Samba's AD DC LDAP server.
  A deeply nested filter in an un-authenticated LDAP search can exhaust the
  LDAP server's stack memory causing a SIGSEGV.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10700
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10704
  (* Security fix *)
---
 source/n/samba/samba.url | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'source/n')

diff --git a/source/n/samba/samba.url b/source/n/samba/samba.url
index 7172b2b07..0170a851d 100644
--- a/source/n/samba/samba.url
+++ b/source/n/samba/samba.url
@@ -1,2 +1,2 @@
-https://download.samba.org/pub/samba/stable/samba-4.12.1.tar.gz
-https://download.samba.org/pub/samba/stable/samba-4.12.1.tar.asc
+https://download.samba.org/pub/samba/stable/samba-4.12.2.tar.gz
+https://download.samba.org/pub/samba/stable/samba-4.12.2.tar.asc
-- 
cgit v1.2.3-65-gdbad