Author: renodr
Date: Thu Feb 4 17:38:09 2021
New Revision: 1695
Log:
Errata: Update errata for glib 0day
Errata: Add errata for JasPer (and suggest updating as soon as possible)
Modified:
html/trunk/blfs/errata/10.0-systemd/index.html
html/trunk/blfs/errata/10.0/index.html
Modified: html/trunk/blfs/errata/10.0-systemd/index.html
==============================================================================
--- html/trunk/blfs/errata/10.0-systemd/index.html Thu Feb 4 17:22:26
2021 (r1694)
+++ html/trunk/blfs/errata/10.0-systemd/index.html Thu Feb 4 17:38:09
2021 (r1695)
@@ -135,9 +135,11 @@
using the instructions in
<a href="../../view/systemd/general/ruby.html">Ruby-2.7.2</a>.</li>
<li>After release, a security vulnerability was discovered in the way
- that GLib handles URIs. To fix this vulnerability, update to
- GLib-2.66.1 or later using the instructions in
- <a
href="../../view/systemd/general/glib2.html">GLib-2.66.1</a>.</li>
+ that GLib handles URIs. Additionally, a critical zero-day security
+ vulnerability was discovered in the way that GLib handles memory
+ duplication. To fix these vulnerabilities, update to
+ GLib-2.66.6 or later using the instructions in
+ <a
href="../../view/systemd/general/glib2.html">GLib-2.66.6</a>.</li>
<li>After release, a security vulnerability was discovered in NSS.
This was fixed by tighetning CCS handling when the client doesn't
indicate middlebox compatibilty. To fix this vulnerability, update
to
@@ -299,6 +301,11 @@
is used to provide the urllist. See <a
href="http://lists.linuxfromscratch.org/pipermail/blfs-support/2021-January/082465.html";>lists.linuxfromscratch.org</a>
for the recommended way to do this.</li>
+ <li>After release, 25 security vulnerabilities were fixed in JasPer.
+ It can be assumed that some of these vulnerabilities are high or
+ critical severity. To fix these vulnerabilities, update to
+ <a href="../../view/systemd/general/jasper.html">JasPer-2.0.24</a>
+ as soon as possible.</li>
</ul>
<!--#include virtual="/common/footer.html" -->
Modified: html/trunk/blfs/errata/10.0/index.html
==============================================================================
--- html/trunk/blfs/errata/10.0/index.html Thu Feb 4 17:22:26 2021
(r1694)
+++ html/trunk/blfs/errata/10.0/index.html Thu Feb 4 17:38:09 2021
(r1695)
@@ -134,9 +134,11 @@
using the instructions in
<a href="../../view/svn/general/ruby.html">Ruby-2.7.2</a>.</li>
<li>After release, a security vulnerability was discovered in the way
- that GLib handles URIs. To fix this vulnerability, update to
- GLib-2.66.1 or later using the instructions in
- <a href="../../view/svn/general/glib2.html">GLib-2.66.1</a>.</li>
+ that GLib handles URIs. Additionally, a critical zero-day security
+ vulnerability was discovered in the way that GLib handles memory
+ duplication. To fix these vulnerabilities, update to
+ GLib-2.66.6 or later using the instructions in
+ <a href="../../view/svn/general/glib2.html">GLib-2.66.6</a>.</li>
<li>After release, a security vulnerability was discovered in NSS.
This was fixed by tighetning CCS handling when the client doesn't
indicate middlebox compatibilty. To fix this vulnerability, update
to
@@ -292,6 +294,11 @@
is used to provide the urllist. See <a
href="http://lists.linuxfromscratch.org/pipermail/blfs-support/2021-January/082465.html";>lists.linuxfromscratch.org</a>
for the recommended way to do this.</li>
+ <li>After release, 25 security vulnerabilities were fixed in JasPer.
+ It can be assumed that some of these vulnerabilities are high or
+ critical severity. To fix these vulnerabilities, update to
+ <a href="../../view/svn/general/jasper.html">JasPer-2.0.24</a> as
+ soon as possible.</li>
</ul>
<!--#include virtual="/common/footer.html" -->
--
http://lists.linuxfromscratch.org/listinfo/website
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
