diff options
| author | Patrick J Volkerding <volkerdi@slackware.com> | 2020-09-29 18:11:08 +0000 |
|---|---|---|
| committer | Eric Hameleers <alien@slackware.com> | 2020-09-30 08:59:54 +0200 |
| commit | f15476bf3e7de9998ebd2488dc769e2ea6b3d23d (patch) | |
| tree | 47064293cafdc783868968acd944e65f19782e2d /ChangeLog.txt | |
| parent | be20baf8616f19318ba7ccd473613b954f492c1c (diff) | |
| download | current-f15476bf3e7de9998ebd2488dc769e2ea6b3d23d.tar.gz | |
Tue Sep 29 18:11:08 UTC 202020200929181108
n/php-7.4.11-x86_64-1.txz: Upgraded.
This update fixes bugs and two security issues:
Core: PHP parses encoded cookie names so malicious `__Host-` cookies
can be sent.
OpenSSL: Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7070
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7069
(* Security fix *)
x/mesa-20.2.0-x86_64-1.txz: Upgraded.
Diffstat (limited to 'ChangeLog.txt')
| -rw-r--r-- | ChangeLog.txt | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 82f9b9ba..f4d96e84 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,15 @@ +Tue Sep 29 18:11:08 UTC 2020 +n/php-7.4.11-x86_64-1.txz: Upgraded. + This update fixes bugs and two security issues: + Core: PHP parses encoded cookie names so malicious `__Host-` cookies + can be sent. + OpenSSL: Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7070 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7069 + (* Security fix *) +x/mesa-20.2.0-x86_64-1.txz: Upgraded. ++--------------------------+ Mon Sep 28 18:29:52 UTC 2020 a/grep-3.5-x86_64-1.txz: Upgraded. a/kernel-firmware-20200928_b78a66c-noarch-1.txz: Upgraded. |