Slackware64-current ChangeLog

ChangeLog for: 2022-11-17 02:49:28

ap/man-db-2.11.1-x86_64-1.txz:  Upgraded.
ap/nano-7.0-x86_64-1.txz:  Upgraded.
ap/sqlite-3.40.0-x86_64-1.txz:  Upgraded.
kde/plasma-framework-5.100.0-x86_64-2.txz:  Rebuilt.
  [PATCH] svgitem: do not upscale svg when using fractional scaling.
l/netpbm-11.00.02-x86_64-1.txz:  Upgraded.
n/bind-9.18.9-x86_64-1.txz:  Upgraded.
n/krb5-1.20.1-x86_64-1.txz:  Upgraded.
  Fixed integer overflows in PAC parsing.
  Fixed null deref in KDC when decoding invalid NDR.
  Fixed memory leak in OTP kdcpreauth module.
  Fixed PKCS11 module path search.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-42898
  (* Security fix *)
n/samba-4.17.3-x86_64-1.txz:  Upgraded.
  Fixed a security issue where Samba's Kerberos libraries and AD DC failed
  to guard against integer overflows when parsing a PAC on a 32-bit system,
  which allowed an attacker with a forged PAC to corrupt the heap.
  For more information, see:
    https://www.samba.org/samba/security/CVE-2022-42898.html
    https://www.cve.org/CVERecord?id=CVE-2022-42898
  (* Security fix *)
x/libXft-2.3.7-x86_64-1.txz:  Upgraded.
x/wayland-protocols-1.29-noarch-1.txz:  Upgraded.
xap/mozilla-firefox-107.0-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/107.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2022-47/
    https://www.cve.org/CVERecord?id=CVE-2022-45403
    https://www.cve.org/CVERecord?id=CVE-2022-45404
    https://www.cve.org/CVERecord?id=CVE-2022-45405
    https://www.cve.org/CVERecord?id=CVE-2022-45406
    https://www.cve.org/CVERecord?id=CVE-2022-45407
    https://www.cve.org/CVERecord?id=CVE-2022-45408
    https://www.cve.org/CVERecord?id=CVE-2022-45409
    https://www.cve.org/CVERecord?id=CVE-2022-45410
    https://www.cve.org/CVERecord?id=CVE-2022-45411
    https://www.cve.org/CVERecord?id=CVE-2022-45412
    https://www.cve.org/CVERecord?id=CVE-2022-45413
    https://www.cve.org/CVERecord?id=CVE-2022-40674
    https://www.cve.org/CVERecord?id=CVE-2022-45415
    https://www.cve.org/CVERecord?id=CVE-2022-45416
    https://www.cve.org/CVERecord?id=CVE-2022-45417
    https://www.cve.org/CVERecord?id=CVE-2022-45418
    https://www.cve.org/CVERecord?id=CVE-2022-45419
    https://www.cve.org/CVERecord?id=CVE-2022-45420
    https://www.cve.org/CVERecord?id=CVE-2022-45421
  (* Security fix *)
xap/mozilla-thunderbird-102.5.0-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/102.5.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/
    https://www.cve.org/CVERecord?id=CVE-2022-45403
    https://www.cve.org/CVERecord?id=CVE-2022-45404
    https://www.cve.org/CVERecord?id=CVE-2022-45405
    https://www.cve.org/CVERecord?id=CVE-2022-45406
    https://www.cve.org/CVERecord?id=CVE-2022-45408
    https://www.cve.org/CVERecord?id=CVE-2022-45409
    https://www.cve.org/CVERecord?id=CVE-2022-45410
    https://www.cve.org/CVERecord?id=CVE-2022-45411
    https://www.cve.org/CVERecord?id=CVE-2022-45412
    https://www.cve.org/CVERecord?id=CVE-2022-45416
    https://www.cve.org/CVERecord?id=CVE-2022-45418
    https://www.cve.org/CVERecord?id=CVE-2022-45420
    https://www.cve.org/CVERecord?id=CVE-2022-45421
  (* Security fix *)
xfce/xfce4-settings-4.16.5-x86_64-1.txz:  Upgraded.
  This update fixes regressions in the previous security fix:
  mime-settings: Properly quote command parameters.
  Revert "Escape characters which do not belong into an URI/URL (Issue #390)."