Slackwarearm-14.2 ChangeLog (2022-04-15)
Fri Apr 15 08:08:08 UTC 2022
Packages
Upgraded
- patches/packages/git-2.30.4-arm-1_slack15.0.txz
This update fixes a security issue where a Git worktree created by another
user might be able to execute arbitrary code.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765
(* Security fix *) - patches/packages/gzip-1.12-arm-1_slack14.2.txz
This update fixes a security issue:
zgrep applied to a crafted file name with two or more newlines can no
longer overwrite an arbitrary, attacker-selected file.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271
(* Security fix *) - patches/packages/xz-5.2.5-arm-1_slack14.2.txz
This update fixes a security issue:
xzgrep applied to a crafted file name with two or more newlines can no
longer overwrite an arbitrary, attacker-selected file.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271
(* Security fix *)