diff options
Diffstat (limited to 'ChangeLog.rss')
| -rw-r--r-- | ChangeLog.rss | 39 |
1 files changed, 37 insertions, 2 deletions
diff --git a/ChangeLog.rss b/ChangeLog.rss index 3649fef1..610aeb1d 100644 --- a/ChangeLog.rss +++ b/ChangeLog.rss @@ -11,10 +11,30 @@ <description>Tracking Slackware development in git.</description> <language>en-us</language> <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id> - <pubDate>Thu, 2 Dec 2021 19:14:20 GMT</pubDate> - <lastBuildDate>Fri, 3 Dec 2021 07:59:49 GMT</lastBuildDate> + <pubDate>Fri, 3 Dec 2021 20:07:20 GMT</pubDate> + <lastBuildDate>Sat, 4 Dec 2021 07:59:47 GMT</lastBuildDate> <generator>maintain_current_git.sh v 1.13</generator> <item> + <title>Fri, 3 Dec 2021 20:07:20 GMT</title> + <pubDate>Fri, 3 Dec 2021 20:07:20 GMT</pubDate> + <link>https://git.slackware.nl/current/tag/?h=20211203200720</link> + <guid isPermaLink="false">20211203200720</guid> + <description> + <![CDATA[<pre> +ap/rpm-4.16.1.3-x86_64-4.txz: Rebuilt. + Patched to handle non-compliant RPMs created by install4j. Thanks to alienBOB. +d/poke-1.4-x86_64-1.txz: Upgraded. +l/enchant-2.3.2-x86_64-1.txz: Upgraded. +l/freetype-2.11.1-x86_64-1.txz: Upgraded. +l/glib2-2.70.2-x86_64-1.txz: Upgraded. +n/lynx-2.9.0dev.10-x86_64-1.txz: Upgraded. +extra/php8/php8-8.1.0-x86_64-1.txz: Removed. +extra/php80/php80-8.0.13-x86_64-1.txz: Added. +extra/php81/php81-8.1.0-x86_64-1.txz: Added. + </pre>]]> + </description> + </item> + <item> <title>Thu, 2 Dec 2021 19:14:20 GMT</title> <pubDate>Thu, 2 Dec 2021 19:14:20 GMT</pubDate> <link>https://git.slackware.nl/current/tag/?h=20211202191420</link> @@ -24,6 +44,21 @@ d/strace-5.15-x86_64-1.txz: Upgraded. l/mozilla-nss-3.73-x86_64-1.txz: Upgraded. Everything linked to NSS/NSPR was rebuild tested here. + This update fixes a critical security issue: + NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are + vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS + signatures. Applications using NSS for handling signatures encoded within + CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted. Applications + using NSS for certificate validation or other TLS, X.509, OCSP or CRL + functionality may be impacted, depending on how they configure NSS. + Note: This vulnerability does NOT impact Mozilla Firefox. However, email + clients and PDF viewers that use NSS for signature verification, such as + Thunderbird, LibreOffice, Evolution and Evince are believed to be impacted. + Thanks to Tavis Ormandy of Google Project Zero. + For more information, see: + https://www.mozilla.org/en-US/security/advisories/mfsa2021-51/ + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43527 + (* Security fix *) l/qt5-5.15.3_20211130_014c375b-x86_64-1.txz: Upgraded. </pre>]]> </description> |