Author: renodr
Date: Fri Apr 3 11:03:38 2020
New Revision: 1542
Log:
Errata: Add errata for GnuTLS vulnerability
Errata: Add errata for httpd vulnerabilities
Errata: Add errata for Ruby vulnerabilities
Errata: Add errata for QtWebEngine and Qt5 vulnerabilities
Modified:
html/trunk/blfs/errata/9.1-systemd/index.html
html/trunk/blfs/errata/9.1/index.html
Modified: html/trunk/blfs/errata/9.1-systemd/index.html
==============================================================================
--- html/trunk/blfs/errata/9.1-systemd/index.html Tue Mar 31 19:23:08
2020 (r1541)
+++ html/trunk/blfs/errata/9.1-systemd/index.html Fri Apr 3 11:03:38
2020 (r1542)
@@ -96,6 +96,24 @@
Bubblewrap. To fix this vulnerability, update to Bubblewrap-0.4.1 or
later using the instructions in
<a
href="../../view/systemd/general/bubblewrap.html">Bubblewrap-0.4.1</a>.</li>
+ <li>After release, a serious security flaw was found in the DTLS
+ implementation in GnuTLS. To fix this vulnerability, update to
+ GnuTLS-3.6.13 or later using the instructions in
+ <a
href="../../view/systemd/postlfs/gnutls.html">GnuTLS-3.6.13</a>.</li>
+ <li>After release, multiple low-severity security flaws were found in
+ Apache HTTPD. To fix these vulnerabilities, update to
+ httpd-2.4.43 or later using the instructions in
+ <a
href="../../view/systemd/server/apache.html">Apache-2.4.43</a>.</li>
+ <li>After release, two security flaws were discovered in Ruby, one of
+ them an incomplete fix for a high severity flaw from 2013. To fix
+ these, update to ruby-2.7.1 or higher ASAP using the instructions in
+ <a href="../../view/systemd/general/ruby.html">Ruby-2.7.1</a>.</li>
+ <li>After release, several high and critical severity security flaws
+ were found in Qt5 and QtWebEngine. It's recommended that you upgrade
+ to QtWebEngine-5.14.2 and Qt5-5.14.2 using the instructions in
+ <a href="../../view/systemd/x/qt5.html">Qt-5.14.2</a> and
+ <a
href="../../view/systemd/x/qtwebengine.html">QtWebEngine-5.14.2</a>
+ as soon as possible.</li>
</ul>
Modified: html/trunk/blfs/errata/9.1/index.html
==============================================================================
--- html/trunk/blfs/errata/9.1/index.html Tue Mar 31 19:23:08 2020
(r1541)
+++ html/trunk/blfs/errata/9.1/index.html Fri Apr 3 11:03:38 2020
(r1542)
@@ -93,6 +93,24 @@
Bubblewrap. To fix this vulnerability, update to Bubblewrap-0.4.1 or
later using the instructions in
<a
href="../../view/svn/general/bubblewrap.html">Bubblewrap-0.4.1</a>.</li>
+ <li>After release, a serious security flaw was found in the DTLS
+ implementation in GnuTLS. To fix this vulnerability, update to
+ GnuTLS-3.6.13 or later using the instructions in
+ <a href="../../view/svn/postlfs/gnutls.html">GnuTLS-3.6.13</a>.</li>
+ <li>After release, multiple low-severity security flaws were found in
+ Apache HTTPD. To fix these vulnerabilities, update to
+ httpd-2.4.43 or later using the instructions in
+ <a href="../../view/svn/server/apache.html">Apache-2.4.43</a>.</li>
+ <li>After release, two security flaws were discovered in Ruby, one of
+ them an incomplete fix for a high severity flaw from 2013. To fix
+ these, update to ruby-2.7.1 or higher ASAP using the instructions in
+ <a href="../../view/svn/general/ruby.html">Ruby-2.7.1</a>.</li>
+ <li>After release, several high and critical severity security flaws
+ were found in Qt5 and QtWebEngine. It's recommended that you upgrade
+ to QtWebEngine-5.14.2 and Qt5-5.14.2 using the instructions in
+ <a href="../../view/svn/x/qt5.html">Qt-5.14.2</a> and
+ <a href="../../view/svn/x/qtwebengine.html">QtWebEngine-5.14.2</a>
+ as soon as possible.</li>
</ul>
--
http://lists.linuxfromscratch.org/listinfo/website
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
