Sun Oct 20 19:39:21 UTC 201920191020193921

d/python-2.7.17-x86_64-1.txz: Upgraded. This update fixes bugs and security issues: Update vendorized expat library version to 2.2.8. Disallow URL paths with embedded whitespace or control characters into the underlying http client request. Such potentially malicious header injection URLs now cause an httplib.InvalidURL exception to be raised. Avoid file reading by disallowing ``local-file://`` and ``local_file://`` URL schemes in :func:`urllib.urlopen`, :meth:`urllib.URLopener.open` and :meth:`urllib.URLopener.retrieve`. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9740 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9948 (* Security fix *) n/proftpd-1.3.6b-x86_64-1.txz: Upgraded.
author: Patrick J Volkerding <volkerdi@slackware.com> 2019-10-20 19:39:21 +0000
committer: Eric Hameleers <alien@slackware.com> 2019-10-21 08:59:48 +0200
commit: 71ceb94a1412ec19af5c69ad44880ad5cd8fd643 (patch)
tree: af9ec480fd862c2fe72b66f57ad1e19a239a85cc /ChangeLog.rss
parent: dd05912ef1074e257322f16fb01938f2463175c7 (diff)
download: current-71ceb94a1412ec19af5c69ad44880ad5cd8fd643.tar.gz
1 files changed, 27 insertions, 2 deletions
diff --git a/ChangeLog.rss b/ChangeLog.rss
index 632c9fd9..ebf74a34 100644
--- a/ChangeLog.rss
+++ b/ChangeLog.rss
@@ -11,10 +11,35 @@
       <description>Tracking Slackware development in git.</description>
       <language>en-us</language>
       <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id>
-      <pubDate>Sat, 19 Oct 2019 19:04:57 GMT</pubDate>
-      <lastBuildDate>Sun, 20 Oct 2019 06:59:44 GMT</lastBuildDate>
+      <pubDate>Sun, 20 Oct 2019 19:39:21 GMT</pubDate>
+      <lastBuildDate>Mon, 21 Oct 2019 06:59:43 GMT</lastBuildDate>
       <generator>maintain_current_git.sh v 1.11</generator>
       <item>
+         <title>Sun, 20 Oct 2019 19:39:21 GMT</title>
+         <pubDate>Sun, 20 Oct 2019 19:39:21 GMT</pubDate>
+         <link>https://git.slackware.nl/current/tag/?h=20191020193921</link>
+         <guid isPermaLink="false">20191020193921</guid>
+         <description>
+           <![CDATA[<pre>
+d/python-2.7.17-x86_64-1.txz:  Upgraded.
+  This update fixes bugs and security issues:
+  Update vendorized expat library version to 2.2.8.
+  Disallow URL paths with embedded whitespace or control characters into the
+  underlying http client request. Such potentially malicious header injection
+  URLs now cause an httplib.InvalidURL exception to be raised.
+  Avoid file reading by disallowing ``local-file://`` and ``local_file://``
+  URL schemes in :func:`urllib.urlopen`, :meth:`urllib.URLopener.open` and
+  :meth:`urllib.URLopener.retrieve`.
+  For more information, see:
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9740
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9948
+  (* Security fix *)
+n/proftpd-1.3.6b-x86_64-1.txz:  Upgraded.
+           </pre>]]>
+         </description>
+      </item>
+      <item>
          <title>Sat, 19 Oct 2019 19:04:57 GMT</title>
          <pubDate>Sat, 19 Oct 2019 19:04:57 GMT</pubDate>
          <link>https://git.slackware.nl/current/tag/?h=20191019190457</link>
author	Patrick J Volkerding <volkerdi@slackware.com>	2019-10-20 19:39:21 +0000
committer	Eric Hameleers <alien@slackware.com>	2019-10-21 08:59:48 +0200
commit	71ceb94a1412ec19af5c69ad44880ad5cd8fd643 (patch)
tree	af9ec480fd862c2fe72b66f57ad1e19a239a85cc /ChangeLog.rss
parent	dd05912ef1074e257322f16fb01938f2463175c7 (diff)
download	current-71ceb94a1412ec19af5c69ad44880ad5cd8fd643.tar.gz