Author: renodr
Date: Thu Dec 5 13:47:25 2019
New Revision: 1510
Log:
Add errata for xvid security flaws
Update wireshark version
Modified:
html/trunk/blfs/errata/9.0-systemd/index.html
html/trunk/blfs/errata/9.0/index.html
Modified: html/trunk/blfs/errata/9.0-systemd/index.html
==============================================================================
--- html/trunk/blfs/errata/9.0-systemd/index.html Wed Dec 4 19:21:57
2019 (r1509)
+++ html/trunk/blfs/errata/9.0-systemd/index.html Thu Dec 5 13:47:25
2019 (r1510)
@@ -77,7 +77,7 @@
<p>After release, a security vulnerability was discovered in Wireshark
that could lead
to a kernel panic or client crash when analyzing bluetooth packets. To
fix this,
upgrade to the latest version of Wireshark using the instructions in
- <a
href="../../view/systemd/basicnet/wireshark.html">Wireshark-3.0.4</a>.</p>
+ <a
href="../../view/systemd/basicnet/wireshark.html">Wireshark-3.0.7</a>.</p>
<p>After release, a use-after-free vulnerability was discovered in
Evolution-Data-Server that
could lead to a denial of service condition. To fix this, upgrade to the
latest
@@ -146,6 +146,12 @@
To fix these, rebuild unzip using the patch in
<a href="../..//view/systemd/general/unzip.html">unzip-6.0</a>.</p>
+ <p>After release the xvid team released a new version that contained
+ fixes for "various, long-standing and potentially critical security
+ vulnerabilities in the decoder". To resolve this, upgrade to
+ XviD-1.3.6 using the instructions in
+ <a href="../../view/systemd/multimedia/xvid.html">XviD-1.3.6</a>.</p>
+
<h2>Known Security Vulnerabilities</h2>
<p>A few packages are good at reporting that a new
Modified: html/trunk/blfs/errata/9.0/index.html
==============================================================================
--- html/trunk/blfs/errata/9.0/index.html Wed Dec 4 19:21:57 2019
(r1509)
+++ html/trunk/blfs/errata/9.0/index.html Thu Dec 5 13:47:25 2019
(r1510)
@@ -88,7 +88,7 @@
<p>After release, a security vulnerability was discovered in Wireshark
that could lead
to a kernel panic or client crash when analyzing bluetooth packets. To
fix this,
upgrade to the latest version of Wireshark using the instructions in
- <a href="../../view/svn/basicnet/wireshark.html">Wireshark-3.0.4</a>.</p>
+ <a href="../../view/svn/basicnet/wireshark.html">Wireshark-3.0.7</a>.</p>
<p>After release, a use-after-free vulnerability was discovered in
Evolution-Data-Server that
could lead to a denial of service condition. To fix this, upgrade to the
latest
@@ -151,6 +151,12 @@
To fix these, rebuild unzip using the patch in
<a href="../..//view/svn/general/unzip.html">unzip-6.0</a>.</p>
+ <p>After release the xvid team released a new version that contained
+ fixes for "various, long-standing and potentially critical security
+ vulnerabilities in the decoder". To resolve this, upgrade to
+ XviD-1.3.6 using the instructions in
+ <a href="../../view/svn/multimedia/xvid.html">XviD-1.3.6</a>.</p>
+
<!--
<p>A vulnerability with available exploits in all recent versions of
ghostscript has been fixed in the development book by patching gs-9.25.
--
http://lists.linuxfromscratch.org/listinfo/website
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
