diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2019-12-19 23:02:54 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2019-12-20 08:59:50 +0100 |
commit | ff3b814028dc082b519c9337103727ace8641cad (patch) | |
tree | af1e61ea037b72f0eaeeadcf48238cdaaebce64a /ChangeLog.txt | |
parent | 4d0d6dac995cb4d7fc582aeae703e81a5cb54efa (diff) | |
download | current-ff3b814028dc082b519c9337103727ace8641cad.tar.gz |
Thu Dec 19 23:02:54 UTC 201920191219230254
d/cmake-3.16.2-x86_64-1.txz: Upgraded.
d/rust-1.40.0-x86_64-1.txz: Upgraded.
Package debloating patches are no longer needed.
No build regressions noted with Firefox, Seamonkey, or Thunderbird.
l/glib2-2.62.4-x86_64-1.txz: Upgraded.
l/imagemagick-7.0.9_9-x86_64-1.txz: Upgraded.
l/wavpack-5.2.0-x86_64-1.txz: Upgraded.
Fixed denial-of-service and other potential security issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19840
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19841
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10536
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10537
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10538
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10539
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10540
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7254
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7253
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6767
(* Security fix *)
n/bind-9.14.9-x86_64-1.txz: Upgraded.
This is a bugfix release:
Fixed a bug that caused named to leak memory on reconfiguration when
any GeoIP2 database was in use. [GL #1445]
Fixed several possible race conditions discovered by Thread Sanitizer.
n/mutt-1.13.2-x86_64-1.txz: Upgraded.
n/php-7.4.1-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
Bcmath: Buffer underflow in bc_shift_addsub.
Core: link() silently truncates after a null byte on Windows.
Core: DirectoryIterator class silently truncates after a null byte.
Core: mail() may release string with refcount==1 twice.
EXIF: Use-after-free in exif parsing under memory sanitizer.
EXIF: Heap-buffer-overflow READ in exif.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11046
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11044
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11045
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11049
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11050
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11047
(* Security fix *)
x/intel-vaapi-driver-2.4.0-x86_64-1.txz: Upgraded.
x/vulkan-sdk-1.1.126.0-x86_64-2.txz: Rebuilt.
Install SPIRV headers in two places to fix building shaderc.
Thanks to orbea.
xfce/exo-0.12.11-x86_64-1.txz: Upgraded.
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r-- | ChangeLog.txt | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 9041fee2..efd678cb 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,52 @@ +Thu Dec 19 23:02:54 UTC 2019 +d/cmake-3.16.2-x86_64-1.txz: Upgraded. +d/rust-1.40.0-x86_64-1.txz: Upgraded. + Package debloating patches are no longer needed. + No build regressions noted with Firefox, Seamonkey, or Thunderbird. +l/glib2-2.62.4-x86_64-1.txz: Upgraded. +l/imagemagick-7.0.9_9-x86_64-1.txz: Upgraded. +l/wavpack-5.2.0-x86_64-1.txz: Upgraded. + Fixed denial-of-service and other potential security issues. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19840 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19841 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10536 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10537 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10538 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10539 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10540 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7254 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7253 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6767 + (* Security fix *) +n/bind-9.14.9-x86_64-1.txz: Upgraded. + This is a bugfix release: + Fixed a bug that caused named to leak memory on reconfiguration when + any GeoIP2 database was in use. [GL #1445] + Fixed several possible race conditions discovered by Thread Sanitizer. +n/mutt-1.13.2-x86_64-1.txz: Upgraded. +n/php-7.4.1-x86_64-1.txz: Upgraded. + This update fixes bugs and security issues: + Bcmath: Buffer underflow in bc_shift_addsub. + Core: link() silently truncates after a null byte on Windows. + Core: DirectoryIterator class silently truncates after a null byte. + Core: mail() may release string with refcount==1 twice. + EXIF: Use-after-free in exif parsing under memory sanitizer. + EXIF: Heap-buffer-overflow READ in exif. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11046 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11044 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11045 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11049 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11050 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11047 + (* Security fix *) +x/intel-vaapi-driver-2.4.0-x86_64-1.txz: Upgraded. +x/vulkan-sdk-1.1.126.0-x86_64-2.txz: Rebuilt. + Install SPIRV headers in two places to fix building shaderc. + Thanks to orbea. +xfce/exo-0.12.11-x86_64-1.txz: Upgraded. ++--------------------------+ Wed Dec 18 20:32:12 UTC 2019 a/kernel-firmware-20191218_c4586ff-noarch-1.txz: Upgraded. a/kernel-generic-5.4.5-x86_64-1.txz: Upgraded. |