ChangeLog for: 2017-09-18 20:15:03
a/eudev-3.2.4-x86_64-1.txz: Upgraded.
a/libgudev-232-x86_64-1.txz: Upgraded.
a/usb_modeswitch-2.5.1-x86_64-1.txz: Upgraded.
ap/man-pages-4.13-noarch-1.txz: Upgraded.
d/cmake-3.9.2-x86_64-1.txz: Upgraded.
d/ruby-2.4.2-x86_64-1.txz: Upgraded.
This release includes several security fixes.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0898
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0899
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0900
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0901
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0902
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10784
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14033
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14064
(* Security fix *)
l/akonadi-1.13.0-x86_64-6.txz: Rebuilt.
Fixed using akonadi with an external database. Thanks to Heinz Wiesinger.
l/freetype-2.8.1-x86_64-1.txz: Upgraded.
n/httpd-2.4.27-x86_64-3.txz: Rebuilt.
This update patches a security issue ("Optionsbleed") with the OPTIONS http
method which may leak arbitrary pieces of memory to a potential attacker.
Thanks to Hanno Bo:ck.
For more information, see:
http://seclists.org/oss-sec/2017/q3/477
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798
(* Security fix *)
x/fontconfig-2.12.5-x86_64-1.txz: Upgraded.
x/mesa-17.2.1-x86_64-1.txz: Upgraded.
x/xf86-input-libinput-0.26.0-x86_64-1.txz: Upgraded.