diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2021-09-17 04:17:57 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2021-09-17 17:59:52 +0200 |
commit | 216e5284961bf8c173702c05ba4329cfaca9015f (patch) | |
tree | 3c56f60ee4f8b5e724c91dec4c1aa9ab4a931af3 /ChangeLog.txt | |
parent | d4dd1e8c22c4ac031b6dd8997701d97385f7feac (diff) | |
download | current-216e5284961bf8c173702c05ba4329cfaca9015f.tar.gz |
Fri Sep 17 04:17:57 UTC 202120210917041757
a/cryptsetup-2.4.1-x86_64-1.txz: Upgraded.
a/sysvinit-scripts-15.0-noarch-5.txz: Rebuilt.
Stop D-Bus after NFS partitions are unmounted to avoid a hang.
Thanks to vulcan59 and bassmadrigal.
ap/sudo-1.9.8p1-x86_64-1.txz: Upgraded.
l/fftw-3.3.10-x86_64-1.txz: Upgraded.
l/libxkbcommon-1.3.1-x86_64-1.txz: Upgraded.
l/pipewire-0.3.36-x86_64-1.txz: Upgraded.
n/dhcpcd-9.4.0-x86_64-2.txz: Rebuilt.
Applied upstream patch:
DHCP6: Only send FQDN for SOLICIT, REQUEST, RENEW, or REBIND messages.
Thanks to marav.
n/httpd-2.4.49-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
mod_proxy: Server Side Request Forgery (SSRF) vulnerabilty [Yann Ylavic]
core: ap_escape_quotes buffer overflow
mod_proxy_uwsgi: Out of bound read vulnerability [Yann Ylavic]
core: null pointer dereference on malformed request
mod_http2: Request splitting vulnerability with mod_proxy [Stefan Eissing]
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40438
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39275
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36160
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34798
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33193
(* Security fix *)
x/ibus-libpinyin-1.12.1-x86_64-1.txz: Upgraded.
x/libpinyin-2.6.1-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-91.1.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.1.1/releasenotes/
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r-- | ChangeLog.txt | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 93517e0e..95015eea 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,37 @@ +Fri Sep 17 04:17:57 UTC 2021 +a/cryptsetup-2.4.1-x86_64-1.txz: Upgraded. +a/sysvinit-scripts-15.0-noarch-5.txz: Rebuilt. + Stop D-Bus after NFS partitions are unmounted to avoid a hang. + Thanks to vulcan59 and bassmadrigal. +ap/sudo-1.9.8p1-x86_64-1.txz: Upgraded. +l/fftw-3.3.10-x86_64-1.txz: Upgraded. +l/libxkbcommon-1.3.1-x86_64-1.txz: Upgraded. +l/pipewire-0.3.36-x86_64-1.txz: Upgraded. +n/dhcpcd-9.4.0-x86_64-2.txz: Rebuilt. + Applied upstream patch: + DHCP6: Only send FQDN for SOLICIT, REQUEST, RENEW, or REBIND messages. + Thanks to marav. +n/httpd-2.4.49-x86_64-1.txz: Upgraded. + This release contains security fixes and improvements. + mod_proxy: Server Side Request Forgery (SSRF) vulnerabilty [Yann Ylavic] + core: ap_escape_quotes buffer overflow + mod_proxy_uwsgi: Out of bound read vulnerability [Yann Ylavic] + core: null pointer dereference on malformed request + mod_http2: Request splitting vulnerability with mod_proxy [Stefan Eissing] + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40438 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39275 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36160 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34798 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33193 + (* Security fix *) +x/ibus-libpinyin-1.12.1-x86_64-1.txz: Upgraded. +x/libpinyin-2.6.1-x86_64-1.txz: Upgraded. +xap/mozilla-thunderbird-91.1.1-x86_64-1.txz: Upgraded. + This is a bugfix release. + For more information, see: + https://www.mozilla.org/en-US/thunderbird/91.1.1/releasenotes/ ++--------------------------+ Thu Sep 16 18:33:01 UTC 2021 a/kernel-generic-5.14.5-x86_64-1.txz: Upgraded. a/kernel-huge-5.14.5-x86_64-1.txz: Upgraded. |