summaryrefslogtreecommitdiff
path: root/source/l/expat/5f100ffa78b74da8020b71d1582a8979193c1359.patch
Commit message (Collapse)AuthorAge
* Sun Jan 30 20:48:46 UTC 202220220130204846Patrick J Volkerding2022-01-31
| | | | | | | | | | | a/aaa_libraries-15.0-x86_64-19.txz: Rebuilt. Upgraded: libexpat.so.1.8.4, libjson-c.so.5.1.0 (thanks to peake). ap/at-3.2.4-x86_64-1.txz: Upgraded. d/git-2.35.1-x86_64-1.txz: Upgraded. l/expat-2.4.4-x86_64-1.txz: Upgraded. This update merges the patches we previously applied to expat-2.4.3. l/imagemagick-7.1.0_22-x86_64-1.txz: Upgraded. l/lcms2-2.13-x86_64-1.txz: Upgraded.
* Tue Jan 25 06:16:36 UTC 202220220125061636Patrick J Volkerding2022-01-25
It may look like we're currently experiencing more stuckness, but this will lead us to Quality. We'll have this release in the can before you know it. a/aaa_glibc-solibs-2.33-x86_64-5.txz: Rebuilt. a/aaa_libraries-15.0-x86_64-16.txz: Rebuilt. Rebuilt to pick up the patched libexpat.so.1.8.3. a/kernel-firmware-20220124_eb8ea1b-noarch-1.txz: Upgraded. a/kernel-generic-5.15.16-x86_64-2.txz: Upgraded. a/kernel-huge-5.15.16-x86_64-2.txz: Upgraded. -9P_FSCACHE n 9P_FS m -> y Thanks to peake. a/kernel-modules-5.15.16-x86_64-2.txz: Upgraded. a/mkinitrd-1.4.11-x86_64-27.txz: Rebuilt. mkinitrd_command_generator.sh: properly detect partitions of a RAID device. Thanks to perrin4869. a/util-linux-2.37.3-x86_64-1.txz: Upgraded. This release fixes two security mount(8) and umount(8) issues: An issue related to parsing the /proc/self/mountinfo file allows an unprivileged user to unmount other user's filesystems that are either world-writable themselves or mounted in a world-writable directory. Improper UID check in libmount allows an unprivileged user to unmount FUSE filesystems of users with similar UID. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996 (* Security fix *) ap/vim-8.2.4212-x86_64-1.txz: Upgraded. d/git-2.35.0-x86_64-1.txz: Upgraded. d/kernel-headers-5.15.16-x86-2.txz: Upgraded. k/kernel-source-5.15.16-noarch-2.txz: Upgraded. l/expat-2.4.3-x86_64-2.txz: Rebuilt. Fix signed integer overflow in function XML_GetBuffer for when XML_CONTEXT_BYTES is defined to >0 (which is both common and default). Impact is denial of service or other undefined behavior. While we're here, also patch a memory leak on output file opening error. Thanks to marav. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852 (* Security fix *) l/fluidsynth-2.2.5-x86_64-1.txz: Upgraded. l/glibc-2.33-x86_64-5.txz: Rebuilt. This update patches two security issues: Unexpected return value from glibc's realpath(). Off-by-one buffer overflow/underflow in glibc's getcwd(). Thanks to Qualys Research Labs for reporting these issues. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3998 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999 (* Security fix *) l/glibc-i18n-2.33-x86_64-5.txz: Rebuilt. l/glibc-profile-2.33-x86_64-5.txz: Rebuilt. l/tdb-1.4.6-x86_64-1.txz: Upgraded. x/xf86-input-libinput-1.2.1-x86_64-1.txz: Upgraded. xap/mozilla-thunderbird-91.5.1-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/thunderbird/91.5.1/releasenotes/ xap/vim-gvim-8.2.4212-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.