ffmpeg
CVE-2022-3964 Code:
A vulnerability classified as problematic has been found in ffmpeg. Patch: https://git.ffmpeg.org/gitweb/ffmpeg...a16c146bdaf984 CVE-2022-3965 Code:
A vulnerability classified as problematic was found in ffmpeg. Patch: https://git.ffmpeg.org/gitweb/ffmpeg...75e13b36ed8edd |
apr
CVE-2021-35940 Code:
An out-of-bounds array read in the apr_time_exp*() functions was fixed in the Apache Portable Runtime 1.6.3 Patch: https://svn.apache.org/viewvc?view=r...vision=1891198 |
Quote:
|
python-pillow
CVE-2022-45198 Code:
Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification). CVE-2022-45199 Code:
Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL. |
CURL
Regression in 7.86.0 https://github.com/curl/curl/issues/9813 https://github.com/curl/curl/issues/9821 Patches: noproxy: fix tail-matching Code:
Also ignore trailing dots in both host name and comparison pattern. noproxy: also match with adjacent comma Code:
If the host name is an IP address and the noproxy string contained that |
Quote:
5.15.63v3 is with processor_idle.c patch, 63v2 without, no other changes kernel compile == 92.8 seconds vs 105, almost 15% gain. 'make clean; /usr/bin/time make -j16 bzImage' recent zenbook pro (laptop), performance governor, mitigations=off Code:
### |
Quote:
https://github.com/python/cpython/co...8f71b46806605c |
GRUB
Quoting https://lists.gnu.org/archive/html/g.../msg00059.html below:
Quote:
Code:
COMMIT="15146788" Please note that for people allowing installation with Secure Boot enabled reading the full message from Daniel Kiper is necessary. PS. The source for the package I have built is available in https://slackware.uk/slint/x86_64/sl...0/source/grub/ and the package in https://slackware.uk/slint/x86_64/slint-15.0/slint/ |
Plasma-framework 5.100
Code:
Some plasma elements are drawn way too big after upgrade to Frameworks 5.100 Patch: Code:
svgitem: do not upscale svg when using fractional scaling |
Pipewire 0.3.60
alsa: force playback start when buffer is full Code:
When we try to play data but the ringbuffer is full, we need to start https://gitlab.freedesktop.org/pipew...68da95bf59b59e audioadapter: perform setup again after a PortConfig Code:
After the ports are reconfigured, we need to perform the setup again so https://gitlab.freedesktop.org/pipew...53f23964178897 |
Quote:
Code:
Nate Graham <nate@kde.org> changed: Code:
This avoids crashing Plasma when a surface gets destroyed too early https://invent.kde.org/plasma/plasma...4c8e238c935dc2 |
xdg-utils
CVE-2022-4055 Code:
When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead |
libarchive
CVE-2022-36227 Code:
In libarchive 3.6.1, the software does not check for an error after calling calloc function Patch: https://github.com/libarchive/libarc...732a10ad8cd024 |
libxml2
CVE-2022-40303 Code:
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML Patch: https://gitlab.gnome.org/GNOME/libxm...198abc266bc2c0 CVE-2022-40304 Code:
An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity Patch: https://gitlab.gnome.org/GNOME/libxm...5804c54ef1d80b https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3 |
make
make-4.4 is affected by a bug see: https://savannah.gnu.org/bugs/?63307 solved in LFS, see https://www.linuxfromscratch.org/lfs...#ch-tools-make Code:
sed -e '/ifdef SIGPIPE/,+2 d' \ Code:
commit 0370a7a40fe9523ea334dcb8a2a60f1418595b49 |
All times are GMT -5. The time now is 10:33 AM. |