LinuxQuestions.org
Page 1 of 6 1 23 Last »
Show 50 post(s) from this thread on one page

LinuxQuestions.org (/questions/)
-   Slackware (https://www.linuxquestions.org/questions/slackware-14/)
-   -   [LATEST CHANGELOG] Slackware-15.0 (https://www.linuxquestions.org/questions/slackware-14/%5Blatest-changelog%5D-slackware-15-0-a-4175720091/)

gegechris99 12-22-2022 11:04 AM
[LATEST CHANGELOG] Slackware-15.0
 
As suggested by marav
https://www.linuxquestions.org/quest...ml#post6399610

A slackware forum thread dedicaced to the latest slackware-15.0 changelog
This will at least give some visibility on the latest updates here on the forum

4 updates (x86_64). Including a (* Security fix *)! : 4 upgraded
Code:
Thu Dec 22 03:40:55 UTC 2022
patches/packages/bind-9.16.36-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
patches/packages/curl-7.87.0-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
patches/packages/mozilla-thunderbird-102.6.1-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains a security fix and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/102.6.1/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2022-54/
    https://www.cve.org/CVERecord?id=CVE-2022-46874
  (* Security fix *)
testing/packages/bind-9.16.36-x86_64-1_slack15.0.txz:  Upgraded.
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

gegechris99 12-22-2022 11:14 AM
I'll strive to timely post here any update of Slackware 15.0 changelog.
I'll use the output of marav script provided at http://marav8.free.fr/report/slack-15.0-x86_64.txt
Should you detect the update before me, don't hesitate to post it.
I won't have any hard feeling about it :)

marav 12-22-2022 01:02 PM
Very good !

Let me know if you want to be notified by mail ;-)

Almost 100 views and no one noticed the error in the changelog :D

dhalliwe 12-22-2022 01:59 PM
On the subject of the changelog, I don't follow the testing directory, but I did notice that bind under testing has reverted to 9.16.36 (matching what was added in patches).

Quote:
testing/packages/bind-9.16.36-x86_64-1_slack15.0.txz
Back in March, version 9.18 slipped into patches by mistake, and PV put it into testing when reverting back to 9.16. Did 9.16 get added to testing by mistake?

Quote:
Mon Mar 21 20:24:16 UTC 2022
patches/packages/bind-9.16.27-x86_64-1_slack15.0.txz: Upgraded.
Sorry folks, I had not meant to bump BIND to the newer branch. I've moved
the other packages into /testing.

gegechris99 12-23-2022 01:44 AM
1 updates (x86_64) : 1 upgraded
Code:
Fri Dec 23 02:37:47 UTC 2022
testing/packages/bind-9.18.10-x86_64-1_slack15.0.txz:  Upgraded.

gegechris99 12-23-2022 01:50 AM
Quote:
Originally Posted by LuckyCyborg (Post 6399657)
I believe that Slackware is a great distribution, more than worth to be spelled its name with capital "S" letter, that's why I ask you to be kind to edit the thread title s/slackware/Slackware
I could not find a way to edit the thread title (Edit doesn't allow that and there is no entry in Thread Tool).
Any pointer on how to change the thread title is welcome.

--EDIT-- forget about it. I found it (in Edit "Advanced")

kjhambrick 12-23-2022 05:11 AM
Thanks for taking on the [LATEST CHANGELOG] Slackware-15.0 Thread gegechris99

-- kjh

gegechris99 01-04-2023 12:37 AM
3 updates (x86_64). Including a (* Security fix *)! : 2 upgraded, 1 rebuilt
Code:
Wed Jan  4 02:18:08 UTC 2023
patches/packages/libtiff-4.4.0-x86_64-1_slack15.0.txz:  Upgraded.
  Patched various security bugs.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-2056
    https://www.cve.org/CVERecord?id=CVE-2022-2057
    https://www.cve.org/CVERecord?id=CVE-2022-2058
    https://www.cve.org/CVERecord?id=CVE-2022-3970
    https://www.cve.org/CVERecord?id=CVE-2022-34526
  (* Security fix *)
patches/packages/rxvt-unicode-9.26-x86_64-3_slack15.0.txz:  Rebuilt.
  When the "background" extension was loaded, an attacker able to control the
  data written to the terminal would be able to execute arbitrary code as the
  terminal's user. Thanks to David Leadbeater and Ben Collver.
  For more information, see:
    https://www.openwall.com/lists/oss-security/2022/12/05/1
    https://www.cve.org/CVERecord?id=CVE-2022-4170
  (* Security fix *)
patches/packages/whois-5.5.15-x86_64-1_slack15.0.txz:  Upgraded.
  Updated the .bd, .nz and .tv TLD servers.
  Added the .llyw.cymru, .gov.scot and .gov.wales SLD servers.
  Updated the .ac.uk and .gov.uk SLD servers.
  Recursion has been enabled for whois.nic.tv.
  Updated the list of new gTLDs with four generic TLDs assigned in October 2013
  which were missing due to a bug.
  Removed 4 new gTLDs which are no longer active.
  Added the Georgian translation, contributed by Temuri Doghonadze.
  Updated the Finnish translation, contributed by Lauri Nurmi.
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

gegechris99 01-04-2023 11:43 PM
2 updates (x86_64). Including a (* Security fix *)! : 2 upgraded
Code:
Thu Jan  5 03:09:24 UTC 2023
patches/packages/vim-9.0.1146-x86_64-1_slack15.0.txz:  Upgraded.
  Fixed security issues:
  Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143.
  Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1144.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-0049
    https://www.cve.org/CVERecord?id=CVE-2023-0051
  (* Security fix *)
patches/packages/vim-gvim-9.0.1146-x86_64-1_slack15.0.txz:  Upgraded.
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

drumz 01-06-2023 08:26 PM
4 updates (x86_64). Including a (* Security fix *)! : 3 upgraded, 1 rebuilt
Code:
Sat Jan  7 01:50:00 UTC 2023
extra/php80/php80-8.0.27-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes a security issue:
  PDO::quote() may return unquoted string.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-31631
  (* Security fix *)
extra/php81/php81-8.1.14-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and a security issue:
  PDO::quote() may return unquoted string.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-31631
  (* Security fix *)
patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txz:  Upgraded.
  Fixed memory corruption in NSS via DER-encoded DSA and RSA-PSS signatures.
  For more information, see:
    https://www.mozilla.org/en-US/security/advisories/mfsa2021-51/
    https://www.cve.org/CVERecord?id=CVE-2021-43527
  (* Security fix *)
patches/packages/php-7.4.33-x86_64-2_slack15.0.txz:  Rebuilt.
  This update fixes a security issue:
  PDO::quote() may return unquoted string.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-31631
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

drumz 01-10-2023 03:54 PM
1 updates (x86_64) : 1 rebuilt
Code:
Tue Jan 10 21:32:00 UTC 2023
patches/packages/ca-certificates-20221205-noarch-2_slack15.0.txz:  Rebuilt.
  Make sure that if we're installing this package on another partition (such as
  when using installpkg with a --root parameter) that the updates are done on
  that partition. Thanks to fulalas.
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

drumz 01-13-2023 03:07 PM
1 updates (x86_64). Including a (* Security fix *)! : 1 upgraded
Code:
Fri Jan 13 20:29:55 UTC 2023
patches/packages/netatalk-3.1.14-x86_64-1_slack15.0.txz:  Upgraded.
  Netatalk through 3.1.13 has an afp_getappl heap-based buffer overflow
  resulting in code execution via a crafted .appl file.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-45188
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

drumz 01-18-2023 07:51 AM
4 updates (x86_64). Including a (* Security fix *)! : 4 upgraded
Code:
Wed Jan 18 06:11:54 UTC 2023
patches/packages/git-2.35.6-x86_64-1_slack15.0.txz:  Upgraded.
  This release fixes two security issues:
  * CVE-2022-41903:
  git log has the ability to display commits using an arbitrary
  format with its --format specifiers. This functionality is also
  exposed to git archive via the export-subst gitattribute.
  When processing the padding operators (e.g., %<(, %<|(, %>(,
  %>>(, or %><( ), an integer overflow can occur in
  pretty.c::format_and_pad_commit() where a size_t is improperly
  stored as an int, and then added as an offset to a subsequent
  memcpy() call.
  This overflow can be triggered directly by a user running a
  command which invokes the commit formatting machinery (e.g., git
  log --format=...). It may also be triggered indirectly through
  git archive via the export-subst mechanism, which expands format
  specifiers inside of files within the repository during a git
  archive.
  This integer overflow can result in arbitrary heap writes, which
  may result in remote code execution.
  * CVE-2022-23521:
  gitattributes are a mechanism to allow defining attributes for
  paths. These attributes can be defined by adding a `.gitattributes`
  file to the repository, which contains a set of file patterns and
  the attributes that should be set for paths matching this pattern.
  When parsing gitattributes, multiple integer overflows can occur
  when there is a huge number of path patterns, a huge number of
  attributes for a single pattern, or when the declared attribute
  names are huge.
  These overflows can be triggered via a crafted `.gitattributes` file
  that may be part of the commit history. Git silently splits lines
  longer than 2KB when parsing gitattributes from a file, but not when
  parsing them from the index. Consequentially, the failure mode
  depends on whether the file exists in the working tree, the index or
  both.
  This integer overflow can result in arbitrary heap reads and writes,
  which may result in remote code execution.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-41903
    https://www.cve.org/CVERecord?id=CVE-2022-23521
  (* Security fix *)
patches/packages/httpd-2.4.55-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and the following security issues:
  mod_proxy allows a backend to trigger HTTP response splitting.
  mod_proxy_ajp possible request smuggling.
  mod_dav out of bounds read, or write of zero byte.
  For more information, see:
    https://downloads.apache.org/httpd/CHANGES_2.4.55
    https://www.cve.org/CVERecord?id=CVE-2022-37436
    https://www.cve.org/CVERecord?id=CVE-2022-36760
    https://www.cve.org/CVERecord?id=CVE-2006-20001
  (* Security fix *)
patches/packages/libXpm-3.5.15-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes security issues:
  Infinite loop on unclosed comments.
  Runaway loop with width of 0 and enormous height.
  Compression commands depend on $PATH.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-46285
    https://www.cve.org/CVERecord?id=CVE-2022-44617
    https://www.cve.org/CVERecord?id=CVE-2022-4883
  (* Security fix *)
patches/packages/mozilla-firefox-102.7.0esr-x86_64-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/102.7.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2023-02/
    https://www.cve.org/CVERecord?id=CVE-2022-46871
    https://www.cve.org/CVERecord?id=CVE-2023-23598
    https://www.cve.org/CVERecord?id=CVE-2023-23599
    https://www.cve.org/CVERecord?id=CVE-2023-23601
    https://www.cve.org/CVERecord?id=CVE-2023-23602
    https://www.cve.org/CVERecord?id=CVE-2022-46877
    https://www.cve.org/CVERecord?id=CVE-2023-23603
    https://www.cve.org/CVERecord?id=CVE-2023-23605
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

drumz 01-18-2023 09:18 PM
1 updates (x86_64). Including a (* Security fix *)! : 1 upgraded
Code:
Thu Jan 19 00:40:12 UTC 2023
patches/packages/sudo-1.9.12p2-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes a flaw in sudo's -e option (aka sudoedit) that could allow
  a malicious user with sudoedit privileges to edit arbitrary files.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-22809
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

gegechris99 01-21-2023 03:57 AM
2 updates (x86_64). Including a (* Security fix *)! : 2 upgraded
Code:
Fri Jan 20 23:58:24 UTC 2023
patches/packages/mozilla-thunderbird-102.7.0-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/102.7.0/releasenotes/
    https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird102.7
  (* Security fix *)
patches/packages/seamonkey-2.53.15-x86_64-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.seamonkey-project.org/releases/seamonkey2.53.15
  (* Security fix *)

gegechris99 01-25-2023 11:59 PM
4 updates (x86_64). Including a (* Security fix *)! : 4 upgraded
Code:
Thu Jan 26 00:34:41 UTC 2023
patches/packages/bind-9.16.37-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and the following security issues:
  An UPDATE message flood could cause :iscman:`named` to exhaust all
  available memory. This flaw was addressed by adding a new
  :any:`update-quota` option that controls the maximum number of
  outstanding DNS UPDATE messages that :iscman:`named` can hold in a
  queue at any given time (default: 100).
  :iscman:`named` could crash with an assertion failure when an RRSIG
  query was received and :any:`stale-answer-client-timeout` was set to a
  non-zero value. This has been fixed.
  :iscman:`named` running as a resolver with the
  :any:`stale-answer-client-timeout` option set to any value greater
  than ``0`` could crash with an assertion failure, when the
  :any:`recursive-clients` soft quota was reached. This has been fixed.
  For more information, see:
    https://kb.isc.org/docs/cve-2022-3094
    https://kb.isc.org/docs/cve-2022-3736
    https://kb.isc.org/docs/cve-2022-3924
    https://www.cve.org/CVERecord?id=CVE-2022-3094
    https://www.cve.org/CVERecord?id=CVE-2022-3736
    https://www.cve.org/CVERecord?id=CVE-2022-3924
  (* Security fix *)
patches/packages/vim-9.0.1241-x86_64-1_slack15.0.txz:  Upgraded.
  Fixed a security issue:
  Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225.
  Thanks to marav for the heads-up.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-0433
  (* Security fix *)
patches/packages/vim-gvim-9.0.1241-x86_64-1_slack15.0.txz:  Upgraded.
testing/packages/bind-9.18.11-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and the following security issues:
  An UPDATE message flood could cause :iscman:`named` to exhaust all
  available memory. This flaw was addressed by adding a new
  :any:`update-quota` option that controls the maximum number of
  outstanding DNS UPDATE messages that :iscman:`named` can hold in a
  queue at any given time (default: 100).
  :iscman:`named` could crash with an assertion failure when an RRSIG
  query was received and :any:`stale-answer-client-timeout` was set to a
  non-zero value. This has been fixed.
  :iscman:`named` running as a resolver with the
  :any:`stale-answer-client-timeout` option set to any value greater
  than ``0`` could crash with an assertion failure, when the
  :any:`recursive-clients` soft quota was reached. This has been fixed.
  For more information, see:
    https://kb.isc.org/docs/cve-2022-3094
    https://kb.isc.org/docs/cve-2022-3736
    https://kb.isc.org/docs/cve-2022-3924
    https://www.cve.org/CVERecord?id=CVE-2022-3094
    https://www.cve.org/CVERecord?id=CVE-2022-3736
    https://www.cve.org/CVERecord?id=CVE-2022-3924
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

gegechris99 02-01-2023 04:58 PM
3 updates (x86_64). Including a (* Security fix *)! : 3 upgraded
Code:
Wed Feb  1 22:27:31 UTC 2023
patches/packages/apr-1.7.2-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes security issues:
  Integer Overflow or Wraparound vulnerability in apr_encode functions of
  Apache Portable Runtime (APR) allows an attacker to write beyond bounds
  of a buffer. (CVE-2022-24963)
  Restore fix for out-of-bounds array dereference in apr_time_exp*() functions.
  (This issue was addressed as CVE-2017-12613 in APR 1.6.3 and
  later 1.6.x releases, but was missing in 1.7.0.) (CVE-2021-35940)
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-24963
    https://www.cve.org/CVERecord?id=CVE-2021-35940
    https://www.cve.org/CVERecord?id=CVE-2017-12613
  (* Security fix *)
patches/packages/apr-util-1.6.3-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes a security issue:
  Integer Overflow or Wraparound vulnerability in apr_base64 functions
  of Apache Portable Runtime Utility (APR-util) allows an attacker to
  write beyond bounds of a buffer. (CVE-2022-25147)
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-25147
  (* Security fix *)
patches/packages/mozilla-thunderbird-102.7.1-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/102.7.1/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2023-04/
    https://www.cve.org/CVERecord?id=CVE-2023-0430
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

gegechris99 02-03-2023 12:13 AM
1 updates (x86_64). Including a (* Security fix *)! : 1 upgraded
Code:
Thu Feb  2 22:52:48 UTC 2023
patches/packages/openssh-9.2p1-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains fixes for two security problems and a memory safety
  problem. The memory safety problem is not believed to be exploitable, but
  upstream reports most network-reachable memory faults as security bugs.
  This update contains some potentially incompatible changes regarding the
  scp utility. For more information, see:
    https://www.openssh.com/releasenotes.html#9.0
  For more information, see:
    https://www.openssh.com/releasenotes.html#9.2
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

drumz 02-07-2023 03:20 PM
7 updates (x86_64). Including a (* Security fix *)! : 2 upgraded, 5 rebuilt
Code:
Tue Feb  7 20:48:57 UTC 2023
patches/packages/openssl-1.1.1t-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes security issues:
  X.400 address type confusion in X.509 GeneralName.
  Timing Oracle in RSA Decryption.
  Use-after-free following BIO_new_NDEF.
  Double free after calling PEM_read_bio_ex.
  For more information, see:
    https://www.openssl.org/news/secadv/20230207.txt
    https://www.cve.org/CVERecord?id=CVE-2023-0286
    https://www.cve.org/CVERecord?id=CVE-2022-4304
    https://www.cve.org/CVERecord?id=CVE-2023-0215
    https://www.cve.org/CVERecord?id=CVE-2022-4450
  (* Security fix *)
patches/packages/openssl-solibs-1.1.1t-x86_64-1_slack15.0.txz:  Upgraded.
patches/packages/xorg-server-1.20.14-x86_64-7_slack15.0.txz:  Rebuilt.
  [PATCH] Xi: fix potential use-after-free in DeepCopyPointerClasses.
  Also merged another patch to prevent crashes when using a compositor with
  the NVIDIA blob. Thanks to mdinslage, willysr, and Daedra.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-0494
  (* Security fix *)
patches/packages/xorg-server-xephyr-1.20.14-x86_64-7_slack15.0.txz:  Rebuilt.
patches/packages/xorg-server-xnest-1.20.14-x86_64-7_slack15.0.txz:  Rebuilt.
patches/packages/xorg-server-xvfb-1.20.14-x86_64-7_slack15.0.txz:  Rebuilt.
patches/packages/xorg-server-xwayland-21.1.4-x86_64-6_slack15.0.txz:  Rebuilt.
  [PATCH] Xi: fix potential use-after-free in DeepCopyPointerClasses.
  Also merged another patch to prevent crashes when using a compositor with
  the NVIDIA blob. Thanks to mdinslage, willysr, and Daedra.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-0494
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

kjhambrick 02-07-2023 04:22 PM
Thanks for the heads-up drumz.

Installed the Tue Feb 7 20:48:57 UTC 2023 xorg patches from a runlevel 3 session, rebuilt NVidia ( probably unnecessary ) and rebooted.

Everything working fine after starting KDE on my Slackware64 15.0 +MultiLib Laptop.

-- kjh

gegechris99 02-09-2023 01:27 AM
1 updates (x86_64) : 1 upgraded
Code:
Thu Feb  9 00:59:27 UTC 2023
patches/packages/mozilla-thunderbird-102.7.2-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/102.7.2/releasenotes/
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

gegechris99 02-10-2023 03:09 PM
1 updates (x86_64). Including a (* Security fix *)! : 1 upgraded
Code:
Fri Feb 10 20:08:41 UTC 2023
patches/packages/gnutls-3.7.9-x86_64-1_slack15.0.txz:  Upgraded.
  libgnutls: Fix a Bleichenbacher oracle in the TLS RSA key exchange.
  Reported by Hubert Kario (#1050). Fix developed by Alexander Sosedkin.
  [GNUTLS-SA-2020-07-14, CVSS: medium] [CVE-2023-0361]
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-0361
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

gegechris99 02-15-2023 12:00 AM
5 updates (x86_64). Including a (* Security fix *)! : 4 upgraded, 1 rebuilt
Code:
Wed Feb 15 03:05:40 UTC 2023
extra/php80/php80-8.0.28-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes security issues:
  Core: Password_verify() always return true with some hash.
  Core: 1-byte array overrun in common path resolve code.
  SAPI: DOS vulnerability when parsing multipart request body.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-0567
    https://www.cve.org/CVERecord?id=CVE-2023-0568
    https://www.cve.org/CVERecord?id=CVE-2023-0662
  (* Security fix *)
extra/php81/php81-8.1.16-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes security issues:
  Core: Password_verify() always return true with some hash.
  Core: 1-byte array overrun in common path resolve code.
  SAPI: DOS vulnerability when parsing multipart request body.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-0567
    https://www.cve.org/CVERecord?id=CVE-2023-0568
    https://www.cve.org/CVERecord?id=CVE-2023-0662
  (* Security fix *)
patches/packages/hwdata-0.367-noarch-1_slack15.0.txz:  Upgraded.
  Upgraded to get information for newer hardware.
  Requested by kingbeowulf on LQ.
patches/packages/mozilla-firefox-102.8.0esr-x86_64-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/102.8.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/
    https://www.cve.org/CVERecord?id=CVE-2023-25728
    https://www.cve.org/CVERecord?id=CVE-2023-25730
    https://www.cve.org/CVERecord?id=CVE-2023-25743
    https://www.cve.org/CVERecord?id=CVE-2023-0767
    https://www.cve.org/CVERecord?id=CVE-2023-25735
    https://www.cve.org/CVERecord?id=CVE-2023-25737
    https://www.cve.org/CVERecord?id=CVE-2023-25738
    https://www.cve.org/CVERecord?id=CVE-2023-25739
    https://www.cve.org/CVERecord?id=CVE-2023-25729
    https://www.cve.org/CVERecord?id=CVE-2023-25732
    https://www.cve.org/CVERecord?id=CVE-2023-25734
    https://www.cve.org/CVERecord?id=CVE-2023-25742
    https://www.cve.org/CVERecord?id=CVE-2023-25746
  (* Security fix *)
patches/packages/php-7.4.33-x86_64-3_slack15.0.txz:  Rebuilt.
  This update fixes security issues:
  Core: Password_verify() always return true with some hash.
  Core: 1-byte array overrun in common path resolve code.
  SAPI: DOS vulnerability when parsing multipart request body.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-0567
    https://www.cve.org/CVERecord?id=CVE-2023-0568
    https://www.cve.org/CVERecord?id=CVE-2023-0662
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

drumz 02-15-2023 02:27 PM
2 updates (x86_64). Including a (* Security fix *)! : 2 upgraded
Code:
Wed Feb 15 19:48:10 UTC 2023
patches/packages/curl-7.88.0-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes security issues:
  HTTP multi-header compression denial of service.
  HSTS amnesia with --parallel.
  HSTS ignored on multiple requests.
  For more information, see:
    https://curl.se/docs/CVE-2023-23916.html
    https://curl.se/docs/CVE-2023-23915.html
    https://curl.se/docs/CVE-2023-23914.html
    https://www.cve.org/CVERecord?id=CVE-2023-23916
    https://www.cve.org/CVERecord?id=CVE-2023-23915
    https://www.cve.org/CVERecord?id=CVE-2023-23914
  (* Security fix *)
patches/packages/git-2.35.7-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes security issues:
  Using a specially-crafted repository, Git can be tricked into using
  its local clone optimization even when using a non-local transport.
  Though Git will abort local clones whose source $GIT_DIR/objects
  directory contains symbolic links (c.f., CVE-2022-39253), the objects
  directory itself may still be a symbolic link.
  These two may be combined to include arbitrary files based on known
  paths on the victim's filesystem within the malicious repository's
  working copy, allowing for data exfiltration in a similar manner as
  CVE-2022-39253.
  By feeding a crafted input to "git apply", a path outside the
  working tree can be overwritten as the user who is running "git
  apply".
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-22490
    https://www.cve.org/CVERecord?id=CVE-2023-23946
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

gegechris99 02-17-2023 12:20 AM
1 updates (x86_64). Including a (* Security fix *)! : 1 upgraded
Code:
Thu Feb 16 22:07:06 UTC 2023
patches/packages/mozilla-thunderbird-102.8.0-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/102.8.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/
    https://www.cve.org/CVERecord?id=CVE-2023-0616
    https://www.cve.org/CVERecord?id=CVE-2023-25728
    https://www.cve.org/CVERecord?id=CVE-2023-25730
    https://www.cve.org/CVERecord?id=CVE-2023-0767
    https://www.cve.org/CVERecord?id=CVE-2023-25735
    https://www.cve.org/CVERecord?id=CVE-2023-25737
    https://www.cve.org/CVERecord?id=CVE-2023-25738
    https://www.cve.org/CVERecord?id=CVE-2023-25739
    https://www.cve.org/CVERecord?id=CVE-2023-25729
    https://www.cve.org/CVERecord?id=CVE-2023-25732
    https://www.cve.org/CVERecord?id=CVE-2023-25734
    https://www.cve.org/CVERecord?id=CVE-2023-25742
    https://www.cve.org/CVERecord?id=CVE-2023-25746
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

gegechris99 02-18-2023 01:47 AM
2 updates (x86_64). Including a (* Security fix *)! : 2 upgraded
Code:
Sat Feb 18 02:04:34 UTC 2023
patches/packages/kernel-firmware-20230214_a253a37-noarch-1.txz:  Upgraded.
patches/packages/linux-5.15.80/*:  Upgraded.
  These updates fix various bugs and security issues.
  Be sure to upgrade your initrd after upgrading the kernel packages.
  If you use lilo to boot your machine, be sure lilo.conf points to the correct
  kernel and initrd and run lilo as root to update the bootloader.
  If you use elilo to boot your machine, you should run eliloconfig to copy the
  kernel and initrd to the EFI System Partition.
  For more information, see:
    Fixed in 5.15.81:
    https://www.cve.org/CVERecord?id=CVE-2022-47519
    https://www.cve.org/CVERecord?id=CVE-2022-47518
    https://www.cve.org/CVERecord?id=CVE-2022-47520
    https://www.cve.org/CVERecord?id=CVE-2022-47521
    https://www.cve.org/CVERecord?id=CVE-2022-3344
    Fixed in 5.15.82:
    https://www.cve.org/CVERecord?id=CVE-2022-45869
    https://www.cve.org/CVERecord?id=CVE-2022-4378
    Fixed in 5.15.83:
    https://www.cve.org/CVERecord?id=CVE-2022-3643
    Fixed in 5.15.84:
    https://www.cve.org/CVERecord?id=CVE-2022-3545
    Fixed in 5.15.85:
    https://www.cve.org/CVERecord?id=CVE-2022-45934
    Fixed in 5.15.86:
    https://www.cve.org/CVERecord?id=CVE-2022-3534
    https://www.cve.org/CVERecord?id=CVE-2022-3424
    Fixed in 5.15.87:
    https://www.cve.org/CVERecord?id=CVE-2022-41218
    https://www.cve.org/CVERecord?id=CVE-2023-23455
    https://www.cve.org/CVERecord?id=CVE-2023-23454
    https://www.cve.org/CVERecord?id=CVE-2023-0045
    https://www.cve.org/CVERecord?id=CVE-2023-0210
    https://www.cve.org/CVERecord?id=CVE-2022-36280
    Fixed in 5.15.88:
    https://www.cve.org/CVERecord?id=CVE-2023-0266
    https://www.cve.org/CVERecord?id=CVE-2022-47929
    Fixed in 5.15.89:
    https://www.cve.org/CVERecord?id=CVE-2023-0179
    https://www.cve.org/CVERecord?id=CVE-2023-0394
    Fixed in 5.15.90:
    https://www.cve.org/CVERecord?id=CVE-2022-4382
    https://www.cve.org/CVERecord?id=CVE-2022-4842
    Fixed in 5.15.91:
    https://www.cve.org/CVERecord?id=CVE-2022-4129
    https://www.cve.org/CVERecord?id=CVE-2023-23559
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

Note: there is a typo in the kernel version
It's version 5.15.94

henca 02-18-2023 06:56 AM
Quote:
2 updates (x86_64). Including a (* Security fix *)! : 2 upgraded
Code:
Sat Feb 18 02:04:34 UTC 2023
patches/packages/kernel-firmware-20230214_a253a37-noarch-1.txz:  Upgraded.
patches/packages/linux-5.15.80/*:  Upgraded.
There is a small typo in the upstream changelog, back in november the kernel was updated to 5.15.80 and it was probably a copy-past-error as it now instead was updated to 5.15.94.

regards Henrik

hitest 02-18-2023 09:25 AM
Quote:
Originally Posted by henca (Post 6412110)
There is a small typo in the upstream changelog, back in november the kernel was updated to 5.15.80 and it was probably a copy-past-error as it now instead was updated to 5.15.94.

regards Henrik
Code:
Sat Feb 18 02:04:34 UTC 2023
patches/packages/kernel-firmware-20230214_a253a37-noarch-1.txz:  Upgraded.
patches/packages/linux-5.15.80/*:  Upgraded.
  These updates fix various bugs and security issues.
  Be sure to upgrade your initrd after upgrading the kernel packages.
  If you use lilo to boot your machine, be sure lilo.conf points to the correct
  kernel and initrd and run lilo as root to update the bootloader.
  If you use elilo to boot your machine, you should run eliloconfig to copy the
  kernel and initrd to the EFI System Partition.

Daedra 02-18-2023 10:00 AM
Looks like they backported the modern AMD CPU fix to the 5.15.x kernels. AMD users should see a nice performance increase with 5.15.94 that Pat just released.

https://www.phoronix.com/news/Linux-AMD-Old-Chipset-WA
https://www.spinics.net/lists/stable/msg626574.html

gegechris99 02-18-2023 04:00 PM
kernel typo is now fixed:
Code:
Sat Feb 18 02:04:34 UTC 2023
patches/packages/kernel-firmware-20230214_a253a37-noarch-1.txz:  Upgraded.
patches/packages/linux-5.15.94/*:  Upgraded.
...

marav 02-18-2023 04:06 PM
Quote:
Originally Posted by gegechris99 (Post 6412207)
kernel typo is now fixed:
Code:
Sat Feb 18 02:04:34 UTC 2023
patches/packages/kernel-firmware-20230214_a253a37-noarch-1.txz:  Upgraded.
patches/packages/linux-5.15.94/*:  Upgraded.
...
Thanks for the heads up
post correction can put the mess in my next diff

gegechris99 02-21-2023 01:23 PM
1 updates (x86_64) : 1 upgraded
Code:
Mon Feb 20 19:41:06 UTC 2023
patches/packages/curl-7.88.1-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

gegechris99 03-01-2023 12:43 AM
1 updates (x86_64) : 1 upgraded
Code:
Tue Feb 28 21:33:32 UTC 2023
patches/packages/whois-5.5.16-x86_64-1_slack15.0.txz:  Upgraded.
  Add bash completion support, courtesy of Ville Skytta.
  Updated the .tr TLD server.
  Removed support for -metu NIC handles.
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

gegechris99 03-06-2023 12:11 AM
1 updates (x86_64) : 1 upgraded
Code:
Mon Mar  6 02:21:57 UTC 2023
patches/packages/xscreensaver-6.06-x86_64-1_slack15.0.txz:  Upgraded.
  Here's an upgrade to the latest xscreensaver.
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

gegechris99 03-07-2023 12:18 AM
1 updates (x86_64) : 1 upgraded
Code:
Mon Mar  6 20:18:10 UTC 2023
patches/packages/sudo-1.9.13p3-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

drumz 03-08-2023 03:07 PM
1 updates (x86_64). Including a (* Security fix *)! : 1 upgraded
Code:
Wed Mar  8 20:26:54 UTC 2023
patches/packages/httpd-2.4.56-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes two security issues:
  HTTP Response Smuggling vulnerability via mod_proxy_uwsgi.
  HTTP Request Smuggling attack via mod_rewrite and mod_proxy.
  For more information, see:
    https://downloads.apache.org/httpd/CHANGES_2.4.56
    https://www.cve.org/CVERecord?id=CVE-2023-27522
    https://www.cve.org/CVERecord?id=CVE-2023-25690
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

gegechris99 03-15-2023 01:31 AM
1 updates (x86_64). Including a (* Security fix *)! : 1 upgraded
Code:
Tue Mar 14 20:42:47 UTC 2023
patches/packages/mozilla-firefox-102.9.0esr-x86_64-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/102.9.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2023-10
    https://www.cve.org/CVERecord?id=CVE-2023-25751
    https://www.cve.org/CVERecord?id=CVE-2023-28164
    https://www.cve.org/CVERecord?id=CVE-2023-28162
    https://www.cve.org/CVERecord?id=CVE-2023-25752
    https://www.cve.org/CVERecord?id=CVE-2023-28163
    https://www.cve.org/CVERecord?id=CVE-2023-28176
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

gegechris99 03-17-2023 01:22 AM
4 updates (x86_64). Including a (* Security fix *)! : 4 upgraded
Code:
Thu Mar 16 23:34:56 UTC 2023
patches/packages/bind-9.16.39-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
patches/packages/mozilla-thunderbird-102.9.0-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/102.9.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/
    https://www.cve.org/CVERecord?id=CVE-2023-25751
    https://www.cve.org/CVERecord?id=CVE-2023-28164
    https://www.cve.org/CVERecord?id=CVE-2023-28162
    https://www.cve.org/CVERecord?id=CVE-2023-25752
    https://www.cve.org/CVERecord?id=CVE-2023-28163
    https://www.cve.org/CVERecord?id=CVE-2023-28176
  (* Security fix *)
patches/packages/openssh-9.3p1-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains fixes for a security problem and a memory
  safety problem. The memory safety problem is not believed to be
  exploitable, but we report most network-reachable memory faults as
  security bugs.
  For more information, see:
    https://www.openssh.com/txt/release-9.3
  (* Security fix *)
testing/packages/bind-9.18.13-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

drumz 03-20-2023 03:21 PM
3 updates (x86_64). Including a (* Security fix *)! : 3 upgraded
Code:
Mon Mar 20 18:26:23 UTC 2023
patches/packages/curl-8.0.1-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes security issues:
  SSH connection too eager reuse still.
  HSTS double-free.
  GSS delegation too eager connection re-use.
  FTP too eager connection reuse.
  SFTP path ~ resolving discrepancy.
  TELNET option IAC injection.
  For more information, see:
    https://curl.se/docs/CVE-2023-27538.html
    https://curl.se/docs/CVE-2023-27537.html
    https://curl.se/docs/CVE-2023-27536.html
    https://curl.se/docs/CVE-2023-27535.html
    https://curl.se/docs/CVE-2023-27534.html
    https://curl.se/docs/CVE-2023-27533.html
    https://www.cve.org/CVERecord?id=CVE-2023-27538
    https://www.cve.org/CVERecord?id=CVE-2023-27537
    https://www.cve.org/CVERecord?id=CVE-2023-27536
    https://www.cve.org/CVERecord?id=CVE-2023-27535
    https://www.cve.org/CVERecord?id=CVE-2023-27534
    https://www.cve.org/CVERecord?id=CVE-2023-27533
  (* Security fix *)
patches/packages/vim-9.0.1418-x86_64-1_slack15.0.txz:  Upgraded.
  Fixed security issues:
  NULL pointer dereference issue in utfc_ptr2len.
  Incorrect Calculation of Buffer Size.
  Heap-based Buffer Overflow.
  Thanks to marav for the heads-up.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-1264
    https://www.cve.org/CVERecord?id=CVE-2023-1175
    https://www.cve.org/CVERecord?id=CVE-2023-1170
  (* Security fix *)
patches/packages/vim-gvim-9.0.1418-x86_64-1_slack15.0.txz:  Upgraded.
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

(The website still hasn't updated. I manually added the formatting information. Hope I did it correctly.)

marav 03-20-2023 03:50 PM
Quote:
Originally Posted by drumz (Post 6419037)
(The website still hasn't updated. I manually added the formatting information. Hope I did it correctly.)
Thanks for the heads-up
This happens sometimes, I have to identify why, for the moment it's not very clear...
The script seems to make a 2nd pass, with an empty diff
So when this happens, you can find the 1st pass with the -old.txt file in the html tree

here:
http://marav8.free.fr/report/

And yes, the formatting is great :hattip:

drumz 03-24-2023 03:32 PM
2 updates (x86_64). Including a (* Security fix *)! : 1 upgraded, 1 rebuilt
Code:
Fri Mar 24 19:42:46 UTC 2023
patches/packages/glibc-zoneinfo-2023b-noarch-1_slack15.0.txz:  Upgraded.
  This package provides the latest timezone updates.
patches/packages/tar-1.34-x86_64-2_slack15.0.txz:  Rebuilt.
  GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use
  of uninitialized memory for a conditional jump. Exploitation to change the
  flow of control has not been demonstrated. The issue occurs in from_header
  in list.c via a V7 archive in which mtime has approximately 11 whitespace
  characters.
  Thanks to marav for the heads-up.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-48303
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

gegechris99 03-30-2023 01:28 AM
7 updates (x86_64). Including a (* Security fix *)! : 2 upgraded, 5 rebuilt
Code:
Wed Mar 29 20:56:21 UTC 2023
patches/packages/glibc-zoneinfo-2023c-noarch-1_slack15.0.txz:  Upgraded.
  This package provides the latest timezone updates.
patches/packages/mozilla-thunderbird-102.9.1-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/102.9.1/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2023-12/
    https://www.cve.org/CVERecord?id=CVE-2023-28427
  (* Security fix *)
patches/packages/xorg-server-1.20.14-x86_64-8_slack15.0.txz:  Rebuilt.
  [PATCH] composite: Fix use-after-free of the COW.
  Fix use-after-free that can lead to local privileges elevation on systems
  where the X server is running privileged and remote code execution for ssh
  X forwarding sessions.
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2023-March/003374.html
    https://www.cve.org/CVERecord?id=CVE-2023-1393
  (* Security fix *)
patches/packages/xorg-server-xephyr-1.20.14-x86_64-8_slack15.0.txz:  Rebuilt.
patches/packages/xorg-server-xnest-1.20.14-x86_64-8_slack15.0.txz:  Rebuilt.
patches/packages/xorg-server-xvfb-1.20.14-x86_64-8_slack15.0.txz:  Rebuilt.
patches/packages/xorg-server-xwayland-21.1.4-x86_64-7_slack15.0.txz:  Rebuilt.
  [PATCH] composite: Fix use-after-free of the COW.
  Fix use-after-free that can lead to local privileges elevation on systems
  where the X server is running privileged and remote code execution for ssh
  X forwarding sessions.
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2023-March/003374.html
    https://www.cve.org/CVERecord?id=CVE-2023-1393
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

gegechris99 03-31-2023 03:17 PM
2 updates (x86_64). Including a (* Security fix *)! : 2 upgraded
Code:
Fri Mar 31 18:01:09 UTC 2023
patches/packages/ruby-3.0.6-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes security issues:
  ReDoS vulnerability in URI.
  ReDoS vulnerability in Time.
  For more information, see:
    https://www.ruby-lang.org/en/news/2023/03/28/redos-in-uri-cve-2023-28755/
    https://www.ruby-lang.org/en/news/2023/03/30/redos-in-time-cve-2023-28756/
    https://www.cve.org/CVERecord?id=CVE-2023-28755
    https://www.cve.org/CVERecord?id=CVE-2023-28756
  (* Security fix *)
patches/packages/seamonkey-2.53.16-x86_64-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.seamonkey-project.org/releases/seamonkey2.53.16
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

gegechris99 04-02-2023 02:45 PM
1 updates (x86_64). Including a (* Security fix *)! : 1 upgraded
Code:
Sun Apr  2 18:33:01 UTC 2023
patches/packages/irssi-1.4.4-x86_64-1_slack15.0.txz:  Upgraded.
  Do not crash Irssi when one line is printed as the result of another line
  being printed.
  Also solve a memory leak while printing unformatted lines.
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

MDKDIO 04-05-2023 02:48 PM
Wed Apr 5 18:31:03 UTC 2023
patches/packages/zstd-1.5.5-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release. The primary focus is to correct a rare corruption
bug in high compression mode. While the probability might be very small,
corruption issues are nonetheless very serious, so an update to this version
is highly recommended, especially if you employ high compression modes
(levels 16+).

gegechris99 04-08-2023 12:58 AM
1 updates (x86_64) : 1 upgraded
Code:
Fri Apr  7 18:53:33 UTC 2023
patches/packages/httpd-2.4.57-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://downloads.apache.org/httpd/CHANGES_2.4.57
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

gegechris99 04-11-2023 02:48 PM
1 updates (x86_64). Including a (* Security fix *)! : 1 upgraded
Code:
Tue Apr 11 18:49:02 UTC 2023
patches/packages/mozilla-firefox-102.10.0esr-x86_64-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/102.10.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2023-14
    https://www.mozilla.org/en-US/security/advisories/mfsa2023-14/#MFSA-TMP-2023-0001
    https://www.cve.org/CVERecord?id=CVE-2023-29531
    https://www.cve.org/CVERecord?id=CVE-2023-29532
    https://www.cve.org/CVERecord?id=CVE-2023-29533
    https://www.cve.org/CVERecord?id=CVE-2023-29535
    https://www.cve.org/CVERecord?id=CVE-2023-29536
    https://www.cve.org/CVERecord?id=CVE-2023-29539
    https://www.cve.org/CVERecord?id=CVE-2023-29541
    https://www.cve.org/CVERecord?id=CVE-2023-29545
    https://www.cve.org/CVERecord?id=CVE-2023-1945
    https://www.cve.org/CVERecord?id=CVE-2023-29548
    https://www.cve.org/CVERecord?id=CVE-2023-29550
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

gegechris99 04-13-2023 12:16 AM
1 updates (x86_64). Including a (* Security fix *)! : 1 upgraded
Code:
Thu Apr 13 01:10:27 UTC 2023
patches/packages/mozilla-thunderbird-102.10.0-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/102.10.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2023-15/
    https://www.mozilla.org/en-US/security/advisories/mfsa2023-15/#MFSA-TMP-2023-0001
    https://www.cve.org/CVERecord?id=CVE-2023-29531
    https://www.cve.org/CVERecord?id=CVE-2023-29532
    https://www.cve.org/CVERecord?id=CVE-2023-29533
    https://www.cve.org/CVERecord?id=CVE-2023-29535
    https://www.cve.org/CVERecord?id=CVE-2023-29536
    https://www.cve.org/CVERecord?id=CVE-2023-0547
    https://www.cve.org/CVERecord?id=CVE-2023-29479
    https://www.cve.org/CVERecord?id=CVE-2023-29539
    https://www.cve.org/CVERecord?id=CVE-2023-29541
    https://www.cve.org/CVERecord?id=CVE-2023-29542
    https://www.cve.org/CVERecord?id=CVE-2023-29545
    https://www.cve.org/CVERecord?id=CVE-2023-1945
    https://www.cve.org/CVERecord?id=CVE-2023-29548
    https://www.cve.org/CVERecord?id=CVE-2023-29550
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

gegechris99 04-14-2023 01:15 AM
1 updates (x86_64) : 1 upgraded
Code:
Thu Apr 13 22:25:18 UTC 2023
extra/php81/php81-8.1.17-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.php.net/ChangeLog-8.php#8.1.17
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

gegechris99 04-19-2023 02:53 PM
2 updates (x86_64) : 2 upgraded
Code:
Wed Apr 19 19:17:14 UTC 2023
patches/packages/bind-9.16.40-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
testing/packages/bind-9.18.14-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt


All times are GMT -5. The time now is 02:40 PM.
Page 1 of 6 1 23 Last »
Show 50 post(s) from this thread on one page