summaryrefslogtreecommitdiff
path: root/ChangeLog.txt
diff options
context:
space:
mode:
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r--ChangeLog.txt40
1 files changed, 40 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt
index 2b094061..67c8f0fb 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,43 @@
+Wed Apr 6 20:23:46 UTC 2022
+a/haveged-1.9.17-x86_64-2.txz: Rebuilt.
+ Install /etc/rc.d/rc.haveged as non-executable. For existing installations
+ running a recent kernel, it is safe to turn this off.
+ Back when we added the haveged package we were using the 4.4 kernel, but
+ since Linux 5.4 this same entropy generating algorithm has been built into
+ the kernel, so there's no reason to also run it in userspace. We'll keep
+ the package around (for now, anyway) in case someone might be running an
+ old kernel. Thanks to Jason A. Donenfeld.
+a/sysvinit-scripts-15.0-noarch-10.txz: Rebuilt.
+ rc.S, rc.6: use the seedrng utility to seed and initialize the kernel
+ random number generator and generate a new seed.
+ If seedrng is missing, we'll attempt to do these things with scripting.
+ Thanks to Jason A. Donenfeld for hints about how to make a modest
+ improvement in that regard (blame me for any problems with my own changes),
+ but because you can't force the kernel RNG to initialize with a script
+ (it needs an ioctl), you won't get the same guarantees that you do when
+ using the new seedrng utility.
+a/util-linux-2.38-x86_64-2.txz: Rebuilt.
+ Added seedrng utility, used to seed and initialize the kernel random number
+ generator and to generate new seeds for carrying entropy across reboots.
+ Thanks to Jason A. Donenfeld.
+n/libmnl-1.0.5-x86_64-1.txz: Upgraded.
+n/libnfnetlink-1.0.2-x86_64-1.txz: Upgraded.
+xap/mozilla-thunderbird-91.8.0-x86_64-1.txz: Upgraded.
+ This release contains security fixes and improvements.
+ For more information, see:
+ https://www.mozilla.org/en-US/thunderbird/91.8.0/releasenotes/
+ https://www.mozilla.org/en-US/security/advisories/mfsa2022-15/
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289
+ (* Security fix *)
++--------------------------+
Tue Apr 5 19:16:30 UTC 2022
a/hwdata-0.358-noarch-1.txz: Upgraded.
ap/cups-filters-1.28.14-x86_64-1.txz: Upgraded.
generated by cgit v1.2.3 (git 2.26.2) at 2024-12-27 09:12:43 +0000