diff options
Diffstat (limited to 'ChangeLog.rss')
-rw-r--r-- | ChangeLog.rss | 62 |
1 files changed, 60 insertions, 2 deletions
diff --git a/ChangeLog.rss b/ChangeLog.rss index 1687963d..29a6e5bb 100644 --- a/ChangeLog.rss +++ b/ChangeLog.rss @@ -11,10 +11,68 @@ <description>Tracking Slackware development in git.</description> <language>en-us</language> <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id> - <pubDate>Mon, 18 May 2020 23:30:26 GMT</pubDate> - <lastBuildDate>Tue, 19 May 2020 06:59:47 GMT</lastBuildDate> + <pubDate>Tue, 19 May 2020 19:47:49 GMT</pubDate> + <lastBuildDate>Wed, 20 May 2020 06:59:58 GMT</lastBuildDate> <generator>maintain_current_git.sh v 1.11</generator> <item> + <title>Tue, 19 May 2020 19:47:49 GMT</title> + <pubDate>Tue, 19 May 2020 19:47:49 GMT</pubDate> + <link>https://git.slackware.nl/current/tag/?h=20200519194749</link> + <guid isPermaLink="false">20200519194749</guid> + <description> + <![CDATA[<pre> +a/shadow-4.8.1-x86_64-8.txz: Rebuilt. + It seems that /etc/suauth is not supported when PAM is in use, even if + configure.ac is hacked to enable it. I've removed the man pages for it, + and would suggest using sudo as a replacement. +l/libexif-0.6.22-x86_64-1.txz: Upgraded. + This update fixes bugs and security issues: + CVE-2018-20030: Fix for recursion DoS + CVE-2020-13114: Time consumption DoS when parsing canon array markers + CVE-2020-13113: Potential use of uninitialized memory + CVE-2020-13112: Various buffer overread fixes due to integer overflows + in maker notes + CVE-2020-0093: read overflow + CVE-2019-9278: replaced integer overflow checks the compiler could + optimize away by safer constructs + CVE-2020-12767: fixed division by zero + CVE-2016-6328: fixed integer overflow when parsing maker notes + CVE-2017-7544: fixed buffer overread + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20030 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13114 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13113 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13112 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0093 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9278 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12767 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6328 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7544 + (* Security fix *) +l/oniguruma-6.9.5_rev1-x86_64-2.txz: Rebuilt. + Rebuilt with --enable-posix-api. Thanks to MisterL. +l/python-packaging-20.4-x86_64-1.txz: Upgraded. +n/bind-9.16.3-x86_64-1.txz: Upgraded. + This update fixes a security issue: + A malicious actor who intentionally exploits the lack of effective + limitation on the number of fetches performed when processing referrals + can, through the use of specially crafted referrals, cause a recursing + server to issue a very large number of fetches in an attempt to process + the referral. This has at least two potential effects: The performance of + the recursing server can potentially be degraded by the additional work + required to perform these fetches, and the attacker can exploit this + behavior to use the recursing server as a reflector in a reflection attack + with a high amplification factor. + For more information, see: + https://kb.isc.org/docs/cve-2020-8616 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8616 + (* Security fix *) +x/fontconfig-2.13.92-x86_64-1.txz: Upgraded. +x/xf86-input-libinput-0.30.0-x86_64-1.txz: Upgraded. + </pre>]]> + </description> + </item> + <item> <title>Mon, 18 May 2020 23:30:26 GMT</title> <pubDate>Mon, 18 May 2020 23:30:26 GMT</pubDate> <link>https://git.slackware.nl/current/tag/?h=20200518233026</link> |