Slackware64-current ChangeLog

ChangeLog for: 2024-01-16 21:49:28

a/attr-2.5.2-x86_64-1.txz:  Upgraded.
a/shadow-4.14.3-x86_64-1.txz:  Upgraded.
a/zoo-2.10_28-x86_64-1.txz:  Upgraded.
  Merge final patches from Debian to fix various bugs. Thanks to jayjwa.
ap/sqlite-3.45.0-x86_64-1.txz:  Upgraded.
l/iso-codes-4.16.0-noarch-1.txz:  Upgraded.
n/gnutls-3.8.3-x86_64-1.txz:  Upgraded.
  This update fixes two medium severity security issues:
  Fix more timing side-channel inside RSA-PSK key exchange.
  Fix assertion failure when verifying a certificate chain with a cycle of
  cross signatures.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-0553
    https://www.cve.org/CVERecord?id=CVE-2024-0567
  (* Security fix *)
x/xorg-server-21.1.11-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer.
  Reattaching to different master device may lead to out-of-bounds memory access.
  Heap buffer overflow in XISendDeviceHierarchyEvent.
  Heap buffer overflow in DisableDevice.
  SELinux context corruption.
  SELinux unlabeled GLX PBuffer.
  For more information, see:
    https://lists.x.org/archives/xorg/2024-January/061525.html
    https://www.cve.org/CVERecord?id=CVE-2023-6816
    https://www.cve.org/CVERecord?id=CVE-2024-0229
    https://www.cve.org/CVERecord?id=CVE-2024-21885
    https://www.cve.org/CVERecord?id=CVE-2024-21886
    https://www.cve.org/CVERecord?id=CVE-2024-0408
    https://www.cve.org/CVERecord?id=CVE-2024-0409
  (* Security fix *)
x/xorg-server-xephyr-21.1.11-x86_64-1.txz:  Upgraded.
x/xorg-server-xnest-21.1.11-x86_64-1.txz:  Upgraded.
x/xorg-server-xvfb-21.1.11-x86_64-1.txz:  Upgraded.
x/xorg-server-xwayland-23.2.4-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer.
  Reattaching to different master device may lead to out-of-bounds memory access.
  Heap buffer overflow in XISendDeviceHierarchyEvent.
  Heap buffer overflow in DisableDevice.
  SELinux context corruption.
  SELinux unlabeled GLX PBuffer.
  For more information, see:
    https://lists.x.org/archives/xorg/2024-January/061525.html
    https://www.cve.org/CVERecord?id=CVE-2023-6816
    https://www.cve.org/CVERecord?id=CVE-2024-0229
    https://www.cve.org/CVERecord?id=CVE-2024-21885
    https://www.cve.org/CVERecord?id=CVE-2024-21886
    https://www.cve.org/CVERecord?id=CVE-2024-0408
    https://www.cve.org/CVERecord?id=CVE-2024-0409
  (* Security fix *)
xfce/xfce4-whiskermenu-plugin-2.8.3-x86_64-1.txz:  Upgraded.