Wed Mar 29 20:56:21 UTC 2023
a/glibc-zoneinfo-2023c-noarch-1.txz: Upgraded.
This package provides the latest timezone updates.
ap/inxi-3.3.26_1-noarch-1.txz: Upgraded.
d/rust-1.67.1-i686-3.txz: Rebuilt.
Use the bundled LLVM rather than the system LLVM.
x/xorg-server-21.1.8-i586-1.txz: Upgraded.
[PATCH] composite: Fix use-after-free of the COW.
Fix use-after-free that can lead to local privileges elevation on systems
where the X server is running privileged and remote code execution for ssh
X forwarding sessions.
For more information, see:
https://lists.x.org/archives/xorg-announce/2023-March/003374.html
https://www.cve.org/CVERecord?id=CVE-2023-1393
(* Security fix *)
x/xorg-server-xephyr-21.1.8-i586-1.txz: Upgraded.
x/xorg-server-xnest-21.1.8-i586-1.txz: Upgraded.
x/xorg-server-xvfb-21.1.8-i586-1.txz: Upgraded.
x/xorg-server-xwayland-23.1.1-i586-1.txz: Upgraded.
[PATCH] composite: Fix use-after-free of the COW.
Fix use-after-free that can lead to local privileges elevation on systems
where the X server is running privileged and remote code execution for ssh
X forwarding sessions.
For more information, see:
https://lists.x.org/archives/xorg-announce/2023-March/003374.html
https://www.cve.org/CVERecord?id=CVE-2023-1393
(* Security fix *)
xap/mozilla-thunderbird-102.9.1-i686-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/102.9.1/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-12/
https://www.cve.org/CVERecord?id=CVE-2023-28427
(* Security fix *)
xfce/garcon-4.18.1-i586-1.txz: Upgraded.
xfce/libxfce4ui-4.18.3-i586-1.txz: Upgraded.
xfce/xfce4-panel-4.18.3-i586-1.txz: Upgraded.
xfce/xfce4-pulseaudio-plugin-0.4.6-i586-1.txz: Upgraded.
xfce/xfce4-session-4.18.2-i586-1.txz: Upgraded.
Distro