summaryrefslogtreecommitdiff
path: root/ChangeLog.txt
diff options
context:
space:
mode:
authorPatrick J Volkerding <volkerdi@slackware.com>2022-09-20 22:50:28 +0000
committerEric Hameleers <alien@slackware.com>2022-09-21 07:00:16 +0200
commitbae5a7d8587d3c1c7fd0ca466a80bb744833c012 (patch)
tree56df345f19d265415a60ae05c2457258f8896e9c /ChangeLog.txt
parent7de9181e0d4848ae4bb93be7cf8f21660a4e8752 (diff)
downloadcurrent-bae5a7d8587d3c1c7fd0ca466a80bb744833c012.tar.gz
Tue Sep 20 22:50:28 UTC 202220220920225028
a/kernel-generic-5.19.10-x86_64-1.txz: Upgraded. a/kernel-huge-5.19.10-x86_64-1.txz: Upgraded. a/kernel-modules-5.19.10-x86_64-1.txz: Upgraded. d/kernel-headers-5.19.10-x86-1.txz: Upgraded. k/kernel-source-5.19.10-noarch-1.txz: Upgraded. l/expat-2.4.9-x86_64-1.txz: Upgraded. This update fixes a security issue: Heap use-after-free vulnerability in function doContent. Expected impact is denial of service or potentially arbitrary code execution. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40674 (* Security fix *) l/libffi-3.4.3-x86_64-1.txz: Upgraded. xap/mozilla-firefox-105.0-x86_64-1.txz: Upgraded. This update contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/firefox/105.0/releasenotes/ https://www.mozilla.org/security/advisories/mfsa2022-40/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40959 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40960 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40958 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40961 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40956 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40957 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40962 (* Security fix *) xap/mozilla-thunderbird-102.3.0-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/thunderbird/102.3.0/releasenotes/ isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r--ChangeLog.txt35
1 files changed, 35 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt
index 376a9c02..5254b941 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,38 @@
+Tue Sep 20 22:50:28 UTC 2022
+a/kernel-generic-5.19.10-x86_64-1.txz: Upgraded.
+a/kernel-huge-5.19.10-x86_64-1.txz: Upgraded.
+a/kernel-modules-5.19.10-x86_64-1.txz: Upgraded.
+d/kernel-headers-5.19.10-x86-1.txz: Upgraded.
+k/kernel-source-5.19.10-noarch-1.txz: Upgraded.
+l/expat-2.4.9-x86_64-1.txz: Upgraded.
+ This update fixes a security issue:
+ Heap use-after-free vulnerability in function doContent. Expected impact is
+ denial of service or potentially arbitrary code execution.
+ For more information, see:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40674
+ (* Security fix *)
+l/libffi-3.4.3-x86_64-1.txz: Upgraded.
+xap/mozilla-firefox-105.0-x86_64-1.txz: Upgraded.
+ This update contains security fixes and improvements.
+ For more information, see:
+ https://www.mozilla.org/en-US/firefox/105.0/releasenotes/
+ https://www.mozilla.org/security/advisories/mfsa2022-40/
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40959
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40960
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40958
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40961
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40956
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40957
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40962
+ (* Security fix *)
+xap/mozilla-thunderbird-102.3.0-x86_64-1.txz: Upgraded.
+ This is a bugfix release.
+ For more information, see:
+ https://www.mozilla.org/en-US/thunderbird/102.3.0/releasenotes/
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
++--------------------------+
Sun Sep 18 19:02:14 UTC 2022
ap/slackpkg-15.0.10-noarch-2.txz: Rebuilt.
fix: egrep and fgrep commands have been deprecated since 2007