Slackware-15.0 ChangeLog (2022-10-25)
Tue Oct 25 18:38:58 UTC 2022
Packages
Upgraded
- patches/packages/expat-2.5.0-i586-1_slack15.0.txz
This update fixes a security issue:
Fix heap use-after-free after overeager destruction of a shared DTD in
function XML_ExternalEntityParserCreate in out-of-memory situations.
Expected impact is denial of service or potentially arbitrary code
execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43680
(* Security fix *) - patches/packages/samba-4.15.11-i586-1_slack15.0.txz
This update fixes the following security issue:
There is a limited write heap buffer overflow in the GSSAPI unwrap_des()
and unwrap_des3() routines of Heimdal (included in Samba).
For more information, see:
https://www.samba.org/samba/security/CVE-2022-3437.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437
(* Security fix *)