diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2019-04-02 20:30:22 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2019-04-03 08:59:45 +0200 |
commit | caa5f28b83340fe23012ab27244a288449b26b26 (patch) | |
tree | 70102860b8f3df20347f25125b7ea065340cd1d5 /ChangeLog.txt | |
parent | df86158dc598141c63689a86c2f247053e616719 (diff) | |
download | current-caa5f28b83340fe23012ab27244a288449b26b26.tar.gz |
Tue Apr 2 20:30:22 UTC 201920190402203022
a/hwdata-0.322-noarch-1.txz: Upgraded.
a/kernel-firmware-20190402_67b7579-noarch-1.txz: Upgraded.
a/shadow-4.6-x86_64-2.txz: Rebuilt.
adduser: reprompt on invalid user input. Thanks to ttk.
ap/ghostscript-9.26-x86_64-2.txz: Rebuilt.
Fixes security issues:
A specially crafted PostScript file could have access to the file system
outside of the constrains imposed by -dSAFER.
Transient procedures can allow access to system operators, leading to
remote code execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3835
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3838
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6116
(* Security fix *)
d/vala-0.44.2-x86_64-1.txz: Upgraded.
l/glib-networking-2.60.1-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_36-x86_64-1.txz: Upgraded.
l/python-pillow-6.0.0-x86_64-1.txz: Upgraded.
n/wget-1.20.2-x86_64-1.txz: Upgraded.
Fixed an unspecified buffer overflow vulnerability.
(* Security fix *)
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r-- | ChangeLog.txt | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 1e8b9474..339bd397 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,27 @@ +Tue Apr 2 20:30:22 UTC 2019 +a/hwdata-0.322-noarch-1.txz: Upgraded. +a/kernel-firmware-20190402_67b7579-noarch-1.txz: Upgraded. +a/shadow-4.6-x86_64-2.txz: Rebuilt. + adduser: reprompt on invalid user input. Thanks to ttk. +ap/ghostscript-9.26-x86_64-2.txz: Rebuilt. + Fixes security issues: + A specially crafted PostScript file could have access to the file system + outside of the constrains imposed by -dSAFER. + Transient procedures can allow access to system operators, leading to + remote code execution. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3835 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3838 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6116 + (* Security fix *) +d/vala-0.44.2-x86_64-1.txz: Upgraded. +l/glib-networking-2.60.1-x86_64-1.txz: Upgraded. +l/imagemagick-6.9.10_36-x86_64-1.txz: Upgraded. +l/python-pillow-6.0.0-x86_64-1.txz: Upgraded. +n/wget-1.20.2-x86_64-1.txz: Upgraded. + Fixed an unspecified buffer overflow vulnerability. + (* Security fix *) ++--------------------------+ Sun Mar 31 18:51:16 UTC 2019 a/quota-4.05-x86_64-1.txz: Upgraded. d/cmake-3.14.1-x86_64-1.txz: Upgraded. |