Tue Sep 20 22:50:28 UTC 2022
a/kernel-generic-5.19.10-i586-1.txz: Upgraded.
a/kernel-generic-smp-5.19.10_smp-i686-1.txz: Upgraded.
a/kernel-huge-5.19.10-i586-1.txz: Upgraded.
a/kernel-huge-smp-5.19.10_smp-i686-1.txz: Upgraded.
a/kernel-modules-5.19.10-i586-1.txz: Upgraded.
a/kernel-modules-smp-5.19.10_smp-i686-1.txz: Upgraded.
d/kernel-headers-5.19.10_smp-x86-1.txz: Upgraded.
k/kernel-source-5.19.10_smp-noarch-1.txz: Upgraded.
l/expat-2.4.9-i586-1.txz: Upgraded.
This update fixes a security issue:
Heap use-after-free vulnerability in function doContent. Expected impact is
denial of service or potentially arbitrary code execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40674
(* Security fix *)
l/libffi-3.4.3-i586-1.txz: Upgraded.
xap/mozilla-firefox-105.0-i686-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/105.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2022-40/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40959
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40960
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40958
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40961
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40956
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40957
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40962
(* Security fix *)
xap/mozilla-thunderbird-102.3.0-i686-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/102.3.0/releasenotes/
extra/linux-5.19.10-nosmp-sdk/*: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Distro