Tue Feb 1 04:37:04 UTC 202220220201043704

The sepulchral voice intones, "The cave is now closed." kde/falkon-3.2.0-x86_64-1.txz: Upgraded. kde/ktexteditor-5.90.0-x86_64-2.txz: Rebuilt. [PATCH] only start programs in user's path. [PATCH] only execute diff in path. Thanks to gmgf. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23853 (* Security fix *) l/libcanberra-0.30-x86_64-9.txz: Rebuilt. Fix a bug crashing some applications in Wayland desktops. Thanks to 01micko. n/samba-4.15.5-x86_64-1.txz: Upgraded. This is a security release in order to address the following defects: UNIX extensions in SMB1 disclose whether the outside target of a symlink exists. Out-of-Bound Read/Write on Samba vfs_fruit module. This vulnerability allows remote attackers to execute arbitrary code as root on affected Samba installations that use the VFS module vfs_fruit. Re-adding an SPN skips subsequent SPN conflict checks. An attacker who has the ability to write to an account can exploit this to perform a denial-of-service attack by adding an SPN that matches an existing service. Additionally, an attacker who can intercept traffic can impersonate existing services, resulting in a loss of confidentiality and integrity. For more information, see: https://www.samba.org/samba/security/CVE-2021-44141.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44141 https://www.samba.org/samba/security/CVE-2021-44142.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44142 https://www.samba.org/samba/security/CVE-2022-0336.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0336 (* Security fix *) x/xterm-370-x86_64-7.txz: Rebuilt. Rebuilt with --disable-sixel-graphics to fix a buffer overflow. Thanks to gmgf. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24130 (* Security fix *) testing/source/linux-5.16.4-configs/*: Added. Sample config files to build 5.16.4 Linux kernels.
author: Patrick J Volkerding <volkerdi@slackware.com> 2022-02-01 04:37:04 +0000
committer: Eric Hameleers <alien@slackware.com> 2022-02-01 08:59:52 +0100
commit: bd42aca52dc7532946a93fb3354a8454c4adfe94 (patch)
tree: 2314fe66b3c943fab158a4a4d9d55f1d012cee39 /ChangeLog.txt
parent: 84f05e024aee5a7b537c367e56755b48d34f629b (diff)
download: current-bd42aca52dc7532946a93fb3354a8454c4adfe94.tar.gz
1 files changed, 42 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt
index b696cf00..334fea06 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,45 @@
+Tue Feb  1 04:37:04 UTC 2022
+The sepulchral voice intones, "The cave is now closed."
+kde/falkon-3.2.0-x86_64-1.txz:  Upgraded.
+kde/ktexteditor-5.90.0-x86_64-2.txz:  Rebuilt.
+  [PATCH] only start programs in user's path.
+  [PATCH] only execute diff in path.
+  Thanks to gmgf.
+  For more information, see:
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23853
+  (* Security fix *)
+l/libcanberra-0.30-x86_64-9.txz:  Rebuilt.
+  Fix a bug crashing some applications in Wayland desktops.
+  Thanks to 01micko.
+n/samba-4.15.5-x86_64-1.txz:  Upgraded.
+  This is a security release in order to address the following defects:
+  UNIX extensions in SMB1 disclose whether the outside target of a symlink
+  exists.
+  Out-of-Bound Read/Write on Samba vfs_fruit module. This vulnerability
+  allows remote attackers to execute arbitrary code as root on affected Samba
+  installations that use the VFS module vfs_fruit.
+  Re-adding an SPN skips subsequent SPN conflict checks. An attacker who has
+  the ability to write to an account can exploit this to perform a
+  denial-of-service attack by adding an SPN that matches an existing service.
+  Additionally, an attacker who can intercept traffic can impersonate existing
+  services, resulting in a loss of confidentiality and integrity.
+  For more information, see:
+    https://www.samba.org/samba/security/CVE-2021-44141.html
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44141
+    https://www.samba.org/samba/security/CVE-2021-44142.html
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44142
+    https://www.samba.org/samba/security/CVE-2022-0336.html
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0336
+  (* Security fix *)
+x/xterm-370-x86_64-7.txz:  Rebuilt.
+  Rebuilt with --disable-sixel-graphics to fix a buffer overflow.
+  Thanks to gmgf.
+  For more information, see:
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24130
+  (* Security fix *)
+testing/source/linux-5.16.4-configs/*:  Added.
+  Sample config files to build 5.16.4 Linux kernels.
++--------------------------+
 Sun Jan 30 20:48:46 UTC 2022
 a/aaa_libraries-15.0-x86_64-19.txz:  Rebuilt.
   Upgraded:  libexpat.so.1.8.4, libjson-c.so.5.1.0 (thanks to peake).
author	Patrick J Volkerding <volkerdi@slackware.com>	2022-02-01 04:37:04 +0000
committer	Eric Hameleers <alien@slackware.com>	2022-02-01 08:59:52 +0100
commit	bd42aca52dc7532946a93fb3354a8454c4adfe94 (patch)
tree	2314fe66b3c943fab158a4a4d9d55f1d012cee39 /ChangeLog.txt
parent	84f05e024aee5a7b537c367e56755b48d34f629b (diff)
download	current-bd42aca52dc7532946a93fb3354a8454c4adfe94.tar.gz