LinuxQuestions.org
Page 3 of 18 12 3 4513 Last »
Show 50 post(s) from this thread on one page

LinuxQuestions.org (/questions/)
-   Slackware (https://www.linuxquestions.org/questions/slackware-14/)
-   -   [LATEST CHANGELOG] Slackware-15.0 (https://www.linuxquestions.org/questions/slackware-14/%5Blatest-changelog%5D-slackware-15-0-a-4175720091/)

marav 02-18-2023 04:06 PM
Quote:
Originally Posted by gegechris99 (Post 6412207)
kernel typo is now fixed:
Code:
Sat Feb 18 02:04:34 UTC 2023
patches/packages/kernel-firmware-20230214_a253a37-noarch-1.txz:  Upgraded.
patches/packages/linux-5.15.94/*:  Upgraded.
...
Thanks for the heads up
post correction can put the mess in my next diff

gegechris99 02-21-2023 01:23 PM
1 updates (x86_64) : 1 upgraded
Code:
Mon Feb 20 19:41:06 UTC 2023
patches/packages/curl-7.88.1-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

gegechris99 03-01-2023 12:43 AM
1 updates (x86_64) : 1 upgraded
Code:
Tue Feb 28 21:33:32 UTC 2023
patches/packages/whois-5.5.16-x86_64-1_slack15.0.txz:  Upgraded.
  Add bash completion support, courtesy of Ville Skytta.
  Updated the .tr TLD server.
  Removed support for -metu NIC handles.
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

gegechris99 03-06-2023 12:11 AM
1 updates (x86_64) : 1 upgraded
Code:
Mon Mar  6 02:21:57 UTC 2023
patches/packages/xscreensaver-6.06-x86_64-1_slack15.0.txz:  Upgraded.
  Here's an upgrade to the latest xscreensaver.
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

gegechris99 03-07-2023 12:18 AM
1 updates (x86_64) : 1 upgraded
Code:
Mon Mar  6 20:18:10 UTC 2023
patches/packages/sudo-1.9.13p3-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

drumz 03-08-2023 03:07 PM
1 updates (x86_64). Including a (* Security fix *)! : 1 upgraded
Code:
Wed Mar  8 20:26:54 UTC 2023
patches/packages/httpd-2.4.56-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes two security issues:
  HTTP Response Smuggling vulnerability via mod_proxy_uwsgi.
  HTTP Request Smuggling attack via mod_rewrite and mod_proxy.
  For more information, see:
    https://downloads.apache.org/httpd/CHANGES_2.4.56
    https://www.cve.org/CVERecord?id=CVE-2023-27522
    https://www.cve.org/CVERecord?id=CVE-2023-25690
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

gegechris99 03-15-2023 01:31 AM
1 updates (x86_64). Including a (* Security fix *)! : 1 upgraded
Code:
Tue Mar 14 20:42:47 UTC 2023
patches/packages/mozilla-firefox-102.9.0esr-x86_64-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/102.9.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2023-10
    https://www.cve.org/CVERecord?id=CVE-2023-25751
    https://www.cve.org/CVERecord?id=CVE-2023-28164
    https://www.cve.org/CVERecord?id=CVE-2023-28162
    https://www.cve.org/CVERecord?id=CVE-2023-25752
    https://www.cve.org/CVERecord?id=CVE-2023-28163
    https://www.cve.org/CVERecord?id=CVE-2023-28176
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

gegechris99 03-17-2023 01:22 AM
4 updates (x86_64). Including a (* Security fix *)! : 4 upgraded
Code:
Thu Mar 16 23:34:56 UTC 2023
patches/packages/bind-9.16.39-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
patches/packages/mozilla-thunderbird-102.9.0-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/102.9.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/
    https://www.cve.org/CVERecord?id=CVE-2023-25751
    https://www.cve.org/CVERecord?id=CVE-2023-28164
    https://www.cve.org/CVERecord?id=CVE-2023-28162
    https://www.cve.org/CVERecord?id=CVE-2023-25752
    https://www.cve.org/CVERecord?id=CVE-2023-28163
    https://www.cve.org/CVERecord?id=CVE-2023-28176
  (* Security fix *)
patches/packages/openssh-9.3p1-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains fixes for a security problem and a memory
  safety problem. The memory safety problem is not believed to be
  exploitable, but we report most network-reachable memory faults as
  security bugs.
  For more information, see:
    https://www.openssh.com/txt/release-9.3
  (* Security fix *)
testing/packages/bind-9.18.13-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

drumz 03-20-2023 03:21 PM
3 updates (x86_64). Including a (* Security fix *)! : 3 upgraded
Code:
Mon Mar 20 18:26:23 UTC 2023
patches/packages/curl-8.0.1-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes security issues:
  SSH connection too eager reuse still.
  HSTS double-free.
  GSS delegation too eager connection re-use.
  FTP too eager connection reuse.
  SFTP path ~ resolving discrepancy.
  TELNET option IAC injection.
  For more information, see:
    https://curl.se/docs/CVE-2023-27538.html
    https://curl.se/docs/CVE-2023-27537.html
    https://curl.se/docs/CVE-2023-27536.html
    https://curl.se/docs/CVE-2023-27535.html
    https://curl.se/docs/CVE-2023-27534.html
    https://curl.se/docs/CVE-2023-27533.html
    https://www.cve.org/CVERecord?id=CVE-2023-27538
    https://www.cve.org/CVERecord?id=CVE-2023-27537
    https://www.cve.org/CVERecord?id=CVE-2023-27536
    https://www.cve.org/CVERecord?id=CVE-2023-27535
    https://www.cve.org/CVERecord?id=CVE-2023-27534
    https://www.cve.org/CVERecord?id=CVE-2023-27533
  (* Security fix *)
patches/packages/vim-9.0.1418-x86_64-1_slack15.0.txz:  Upgraded.
  Fixed security issues:
  NULL pointer dereference issue in utfc_ptr2len.
  Incorrect Calculation of Buffer Size.
  Heap-based Buffer Overflow.
  Thanks to marav for the heads-up.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-1264
    https://www.cve.org/CVERecord?id=CVE-2023-1175
    https://www.cve.org/CVERecord?id=CVE-2023-1170
  (* Security fix *)
patches/packages/vim-gvim-9.0.1418-x86_64-1_slack15.0.txz:  Upgraded.
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

(The website still hasn't updated. I manually added the formatting information. Hope I did it correctly.)

marav 03-20-2023 03:50 PM
Quote:
Originally Posted by drumz (Post 6419037)
(The website still hasn't updated. I manually added the formatting information. Hope I did it correctly.)
Thanks for the heads-up
This happens sometimes, I have to identify why, for the moment it's not very clear...
The script seems to make a 2nd pass, with an empty diff
So when this happens, you can find the 1st pass with the -old.txt file in the html tree

here:
http://marav8.free.fr/report/

And yes, the formatting is great :hattip:

drumz 03-24-2023 03:32 PM
2 updates (x86_64). Including a (* Security fix *)! : 1 upgraded, 1 rebuilt
Code:
Fri Mar 24 19:42:46 UTC 2023
patches/packages/glibc-zoneinfo-2023b-noarch-1_slack15.0.txz:  Upgraded.
  This package provides the latest timezone updates.
patches/packages/tar-1.34-x86_64-2_slack15.0.txz:  Rebuilt.
  GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use
  of uninitialized memory for a conditional jump. Exploitation to change the
  flow of control has not been demonstrated. The issue occurs in from_header
  in list.c via a V7 archive in which mtime has approximately 11 whitespace
  characters.
  Thanks to marav for the heads-up.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-48303
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

gegechris99 03-30-2023 01:28 AM
7 updates (x86_64). Including a (* Security fix *)! : 2 upgraded, 5 rebuilt
Code:
Wed Mar 29 20:56:21 UTC 2023
patches/packages/glibc-zoneinfo-2023c-noarch-1_slack15.0.txz:  Upgraded.
  This package provides the latest timezone updates.
patches/packages/mozilla-thunderbird-102.9.1-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/102.9.1/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2023-12/
    https://www.cve.org/CVERecord?id=CVE-2023-28427
  (* Security fix *)
patches/packages/xorg-server-1.20.14-x86_64-8_slack15.0.txz:  Rebuilt.
  [PATCH] composite: Fix use-after-free of the COW.
  Fix use-after-free that can lead to local privileges elevation on systems
  where the X server is running privileged and remote code execution for ssh
  X forwarding sessions.
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2023-March/003374.html
    https://www.cve.org/CVERecord?id=CVE-2023-1393
  (* Security fix *)
patches/packages/xorg-server-xephyr-1.20.14-x86_64-8_slack15.0.txz:  Rebuilt.
patches/packages/xorg-server-xnest-1.20.14-x86_64-8_slack15.0.txz:  Rebuilt.
patches/packages/xorg-server-xvfb-1.20.14-x86_64-8_slack15.0.txz:  Rebuilt.
patches/packages/xorg-server-xwayland-21.1.4-x86_64-7_slack15.0.txz:  Rebuilt.
  [PATCH] composite: Fix use-after-free of the COW.
  Fix use-after-free that can lead to local privileges elevation on systems
  where the X server is running privileged and remote code execution for ssh
  X forwarding sessions.
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2023-March/003374.html
    https://www.cve.org/CVERecord?id=CVE-2023-1393
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

gegechris99 03-31-2023 03:17 PM
2 updates (x86_64). Including a (* Security fix *)! : 2 upgraded
Code:
Fri Mar 31 18:01:09 UTC 2023
patches/packages/ruby-3.0.6-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes security issues:
  ReDoS vulnerability in URI.
  ReDoS vulnerability in Time.
  For more information, see:
    https://www.ruby-lang.org/en/news/2023/03/28/redos-in-uri-cve-2023-28755/
    https://www.ruby-lang.org/en/news/2023/03/30/redos-in-time-cve-2023-28756/
    https://www.cve.org/CVERecord?id=CVE-2023-28755
    https://www.cve.org/CVERecord?id=CVE-2023-28756
  (* Security fix *)
patches/packages/seamonkey-2.53.16-x86_64-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.seamonkey-project.org/releases/seamonkey2.53.16
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

gegechris99 04-02-2023 02:45 PM
1 updates (x86_64). Including a (* Security fix *)! : 1 upgraded
Code:
Sun Apr  2 18:33:01 UTC 2023
patches/packages/irssi-1.4.4-x86_64-1_slack15.0.txz:  Upgraded.
  Do not crash Irssi when one line is printed as the result of another line
  being printed.
  Also solve a memory leak while printing unformatted lines.
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

MDKDIO 04-05-2023 02:48 PM
Wed Apr 5 18:31:03 UTC 2023
patches/packages/zstd-1.5.5-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release. The primary focus is to correct a rare corruption
bug in high compression mode. While the probability might be very small,
corruption issues are nonetheless very serious, so an update to this version
is highly recommended, especially if you employ high compression modes
(levels 16+).


All times are GMT -5. The time now is 02:39 PM.
Page 3 of 18 12 3 4513 Last »
Show 50 post(s) from this thread on one page