Slackware-current ChangeLog (2022-06-08)
Wed Jun 8 19:15:34 UTC 2022
Packages
Upgraded
- l/opencv-4.6.0-i586-1.txz
Shared library .so-version bump. - n/httpd-2.4.54-i586-1.txz
This update fixes bugs and the following security issues:
mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism.
Information Disclosure in mod_lua with websockets.
mod_sed denial of service.
Denial of service in mod_lua r:parsebody.
Read beyond bounds in ap_strcmp_match().
Read beyond bounds via ap_rwrite().
Read beyond bounds in mod_isapi.
mod_proxy_ajp: Possible request smuggling.
For more information, see:
https://downloads.apache.org/httpd/CHANGES_2.4.54
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31813
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30556
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30522
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29404
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28615
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28614
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28330
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26377
(* Security fix *)
Rebuilt
- kde/digikam-7.6.0-i586-2.txz
Recompiled against opencv-4.6.0. - l/gst-plugins-bad-free-1.20.2-i586-2.txz
Recompiled against opencv-4.6.0.