From 58eb3d5294fad71e08ea24b683dea0905c86c827 Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Wed, 29 Dec 2021 02:42:32 +0000 Subject: Wed Dec 29 02:42:32 UTC 2021 l/libgsf-1.14.48-x86_64-1.txz: Upgraded. l/netpbm-10.97.00-x86_64-1.txz: Upgraded. n/wpa_supplicant-2.9-x86_64-8.txz: Rebuilt. This update fixes the following security issues: AP mode PMF disconnection protection bypass. UPnP SUBSCRIBE misbehavior in hostapd WPS AP. P2P group information processing vulnerability. P2P provision discovery processing vulnerability. ASN.1: Validate DigestAlgorithmIdentifier parameters. Flush pending control interface message for an interface to be removed. These issues could result in a denial-of-service, privilege escalation, arbitrary code execution, or other unexpected behavior. Thanks to nobodino for pointing out the patches. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0326 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0535 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12695 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16275 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27803 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30004 (* Security fix *) xap/seamonkey-2.53.10.2-x86_64-1.txz: Upgraded. This update contains security fixes and improvements. For more information, see: https://www.seamonkey-project.org/releases/seamonkey2.53.10.2 (* Security fix *) --- ChangeLog.txt | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) (limited to 'ChangeLog.txt') diff --git a/ChangeLog.txt b/ChangeLog.txt index 66219a0c..19ec9a0c 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,31 @@ +Wed Dec 29 02:42:32 UTC 2021 +l/libgsf-1.14.48-x86_64-1.txz: Upgraded. +l/netpbm-10.97.00-x86_64-1.txz: Upgraded. +n/wpa_supplicant-2.9-x86_64-8.txz: Rebuilt. + This update fixes the following security issues: + AP mode PMF disconnection protection bypass. + UPnP SUBSCRIBE misbehavior in hostapd WPS AP. + P2P group information processing vulnerability. + P2P provision discovery processing vulnerability. + ASN.1: Validate DigestAlgorithmIdentifier parameters. + Flush pending control interface message for an interface to be removed. + These issues could result in a denial-of-service, privilege escalation, + arbitrary code execution, or other unexpected behavior. + Thanks to nobodino for pointing out the patches. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0326 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0535 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12695 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16275 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27803 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30004 + (* Security fix *) +xap/seamonkey-2.53.10.2-x86_64-1.txz: Upgraded. + This update contains security fixes and improvements. + For more information, see: + https://www.seamonkey-project.org/releases/seamonkey2.53.10.2 + (* Security fix *) ++--------------------------+ Mon Dec 27 23:06:00 UTC 2021 The --enable-systemd-logind change to xorg-server that caused resume from suspend regressions (and others) has been reverted, and in retrospect it was -- cgit v1.2.3