Author: renodr
Date: Sat Aug 8 21:19:05 2020
New Revision: 1602
Log:
Errata: update PHP errata for new vulnerabilities
Errata: update httpd errata for new vulnerabilities
Modified:
html/trunk/blfs/errata/9.1-systemd/index.html
html/trunk/blfs/errata/9.1/index.html
Modified: html/trunk/blfs/errata/9.1-systemd/index.html
==============================================================================
--- html/trunk/blfs/errata/9.1-systemd/index.html Sat Aug 1 20:16:02
2020 (r1601)
+++ html/trunk/blfs/errata/9.1-systemd/index.html Sat Aug 8 21:19:05
2020 (r1602)
@@ -98,8 +98,8 @@
<li>After release, several security vulnerabilities were discovered in
PHP. These included access violations, heap buffer overflows, and
null pointer dereference vulnerabilities. To fix these, update to
- PHP-7.4.6 or later using the instructions in
- <a href="../../view/systemd/general/php.html">PHP-7.4.6</a>.</li>
+ PHP-7.4.9 or later using the instructions in
+ <a href="../../view/systemd/general/php.html">PHP-7.4.9</a>.</li>
<li>After release, four security vulnerabilities were discovered in
NTP. These include uninitialized memory readings, memory leaks,
forged packet DoS attacks, and unauthenticated time source attacks.
@@ -132,10 +132,10 @@
with an identical private key. To fix these vulnerabilities, update
to GnuTLS-3.6.14 or later using the instructions in
<a
href="../../view/systemd/postlfs/gnutls.html">GnuTLS-3.6.14</a>.</li>
- <li>After release, multiple low-severity security flaws were found in
+ <li>After release, multiple low-to-high severity security flaws were
found in
Apache HTTPD. To fix these vulnerabilities, update to
- httpd-2.4.43 or later using the instructions in
- <a
href="../../view/systemd/server/apache.html">Apache-2.4.43</a>.</li>
+ httpd-2.4.46 or later using the instructions in
+ <a
href="../../view/systemd/server/apache.html">Apache-2.4.46</a>.</li>
<li>After release, two security flaws were discovered in Ruby, one of
them an incomplete fix for a high severity flaw from 2013. To fix
these, update to ruby-2.7.1 or higher ASAP using the instructions in
Modified: html/trunk/blfs/errata/9.1/index.html
==============================================================================
--- html/trunk/blfs/errata/9.1/index.html Sat Aug 1 20:16:02 2020
(r1601)
+++ html/trunk/blfs/errata/9.1/index.html Sat Aug 8 21:19:05 2020
(r1602)
@@ -96,8 +96,8 @@
<li>After release, several security vulnerabilities were discovered in
PHP. These included access violations, heap buffer overflows, and
null pointer dereference vulnerabilities. To fix these, update to
- PHP-7.4.6 or later using the instructions in
- <a href="../../view/svn/general/php.html">PHP-7.4.6</a>.</li>
+ PHP-7.4.9 or later using the instructions in
+ <a href="../../view/svn/general/php.html">PHP-7.4.9</a>.</li>
<li>After release, four security vulnerabilities were discovered in
NTP. These include uninitialized memory readings, memory leaks,
forged packet DoS attacks, and unauthenticated time source attacks.
@@ -130,10 +130,10 @@
with an identical private key. To fix these vulnerabilities, update
to GnuTLS-3.6.14 or later using the instructions in
<a href="../../view/svn/postlfs/gnutls.html">GnuTLS-3.6.14</a>.</li>
- <li>After release, multiple low-severity security flaws were found in
+ <li>After release, multiple low-to-high severity security flaws were
found in
Apache HTTPD. To fix these vulnerabilities, update to
- httpd-2.4.43 or later using the instructions in
- <a href="../../view/svn/server/apache.html">Apache-2.4.43</a>.</li>
+ httpd-2.4.46 or later using the instructions in
+ <a href="../../view/svn/server/apache.html">Apache-2.4.46</a>.</li>
<li>After release, two security flaws were discovered in Ruby, one of
them an incomplete fix for a high severity flaw from 2013. To fix
these, update to ruby-2.7.1 or higher ASAP using the instructions in
--
http://lists.linuxfromscratch.org/listinfo/website
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
