security/wiki
8
0
Fork 1
generated from sig_core/wiki-template
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Deployed 950cb77 with MkDocs version: 1.6.0

Browse Source
This commit is contained in:
2024-05-22 14:11:53 +00:00
parent 5949de808a
commit 366e7df8a9
21 changed files with 120 additions and 83 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
404.html
View File

@ -14,7 +14,7 @@
<link rel="icon" href="/assets/images/favicon.png">
<meta name="generator" content="mkdocs-1.5.3, mkdocs-material-9.5.18">
<meta name="generator" content="mkdocs-1.6.0, mkdocs-material-9.5.24">
@ -22,7 +22,7 @@
<link rel="stylesheet" href="/assets/stylesheets/main.66ac8b77.min.css">
<link rel="stylesheet" href="/assets/stylesheets/main.6543a935.min.css">
<link rel="stylesheet" href="/assets/stylesheets/palette.06af60db.min.css">
@ -694,7 +694,7 @@
<script id="__config" type="application/json">{"base": "/", "features": ["navigation.expand", "navigation.indexes", "navigation.instant", "navigation.sections", "navigation.top", "navigation.tracking", "navigation.path", "search.highlight", "search.suggest", "toc.integrate", "content.action.edit"], "search": "/assets/javascripts/workers/search.b8dbb3d2.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}}</script>
<script src="/assets/javascripts/bundle.3220b9d7.min.js"></script>
<script src="/assets/javascripts/bundle.081f42fc.min.js"></script>
</body>

10
assets/javascripts/bundle.3220b9d7.min.js → assets/javascripts/bundle.081f42fc.min.js vendored
View File

File diff suppressed because one or more lines are too long

6
assets/javascripts/bundle.3220b9d7.min.js.map → assets/javascripts/bundle.081f42fc.min.js.map
View File

File diff suppressed because one or more lines are too long

2
assets/stylesheets/main.66ac8b77.min.css → assets/stylesheets/main.6543a935.min.css vendored
View File

File diff suppressed because one or more lines are too long

2
assets/stylesheets/main.66ac8b77.min.css.map → assets/stylesheets/main.6543a935.min.css.map
View File

File diff suppressed because one or more lines are too long

6
index.html
View File

@ -18,7 +18,7 @@
<link rel="icon" href="assets/images/favicon.png">
<meta name="generator" content="mkdocs-1.5.3, mkdocs-material-9.5.18">
<meta name="generator" content="mkdocs-1.6.0, mkdocs-material-9.5.24">
@ -26,7 +26,7 @@
<link rel="stylesheet" href="assets/stylesheets/main.66ac8b77.min.css">
<link rel="stylesheet" href="assets/stylesheets/main.6543a935.min.css">
<link rel="stylesheet" href="assets/stylesheets/palette.06af60db.min.css">
@ -1004,7 +1004,7 @@ More packages/changes are planned, including override packages also for EL8.</p>
<script id="__config" type="application/json">{"base": ".", "features": ["navigation.expand", "navigation.indexes", "navigation.instant", "navigation.sections", "navigation.top", "navigation.tracking", "navigation.path", "search.highlight", "search.suggest", "toc.integrate", "content.action.edit"], "search": "assets/javascripts/workers/search.b8dbb3d2.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}}</script>
<script src="assets/javascripts/bundle.3220b9d7.min.js"></script>
<script src="assets/javascripts/bundle.081f42fc.min.js"></script>
</body>

6
issues/CVE-2023-23583/index.html
View File

@ -20,7 +20,7 @@
<link rel="icon" href="../../assets/images/favicon.png">
<meta name="generator" content="mkdocs-1.5.3, mkdocs-material-9.5.18">
<meta name="generator" content="mkdocs-1.6.0, mkdocs-material-9.5.24">
@ -28,7 +28,7 @@
<link rel="stylesheet" href="../../assets/stylesheets/main.66ac8b77.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/main.6543a935.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/palette.06af60db.min.css">
@ -844,7 +844,7 @@
<script id="__config" type="application/json">{"base": "../..", "features": ["navigation.expand", "navigation.indexes", "navigation.instant", "navigation.sections", "navigation.top", "navigation.tracking", "navigation.path", "search.highlight", "search.suggest", "toc.integrate", "content.action.edit"], "search": "../../assets/javascripts/workers/search.b8dbb3d2.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}}</script>
<script src="../../assets/javascripts/bundle.3220b9d7.min.js"></script>
<script src="../../assets/javascripts/bundle.081f42fc.min.js"></script>
</body>

6
issues/CVE-2023-4911/index.html
View File

@ -20,7 +20,7 @@
<link rel="icon" href="../../assets/images/favicon.png">
<meta name="generator" content="mkdocs-1.5.3, mkdocs-material-9.5.18">
<meta name="generator" content="mkdocs-1.6.0, mkdocs-material-9.5.24">
@ -28,7 +28,7 @@
<link rel="stylesheet" href="../../assets/stylesheets/main.66ac8b77.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/main.6543a935.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/palette.06af60db.min.css">
@ -843,7 +843,7 @@
<script id="__config" type="application/json">{"base": "../..", "features": ["navigation.expand", "navigation.indexes", "navigation.instant", "navigation.sections", "navigation.top", "navigation.tracking", "navigation.path", "search.highlight", "search.suggest", "toc.integrate", "content.action.edit"], "search": "../../assets/javascripts/workers/search.b8dbb3d2.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}}</script>
<script src="../../assets/javascripts/bundle.3220b9d7.min.js"></script>
<script src="../../assets/javascripts/bundle.081f42fc.min.js"></script>
</body>

14
issues/CVE-2024-1086/index.html
View File

@ -20,7 +20,7 @@
<link rel="icon" href="../../assets/images/favicon.png">
<meta name="generator" content="mkdocs-1.5.3, mkdocs-material-9.5.18">
<meta name="generator" content="mkdocs-1.6.0, mkdocs-material-9.5.24">
@ -28,7 +28,7 @@
<link rel="stylesheet" href="../../assets/stylesheets/main.66ac8b77.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/main.6543a935.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/palette.06af60db.min.css">
@ -762,14 +762,16 @@
<p>Exploitation of the flaw is <a href="https://pwning.tech/nftables/">described in great detail in a blog post by Notselwyn</a>.</p>
<p>Public disclosure date: March 26, 2024 for the above blog post, which made the issue widely known</p>
<h2 id="el9">EL9<a class="headerlink" href="#el9" title="Permanent link">&para;</a></h2>
<p>Affected. We will of course rebuild upstream's fix as soon as it arrives. Meanwhile, please refer to the mitigations below.</p>
<ul>
<li>Fixed in version: <code>kernel-5.14.0-427.16.1.el9_4</code> available May 8, 2024</li>
</ul>
<h2 id="el8">EL8<a class="headerlink" href="#el8" title="Permanent link">&para;</a></h2>
<ul>
<li>Fixed in version: <code>kernel-4.18.0-513.24.1.el8_9</code> available April 5, 2024</li>
<li>Errata: <a href="https://errata.rockylinux.org/RLSA-2024:1607">RLSA-2024:1607</a> issued April 5, 2024</li>
</ul>
<h2 id="mitigation">Mitigation<a class="headerlink" href="#mitigation" title="Permanent link">&para;</a></h2>
<p>Meanwhile, we recommend two mitigations:</p>
<p>We also recommend two mitigations:</p>
<ul>
<li>If you don't use containers, we recommend that you disable user namespaces e.g. by running the below commands as root:</li>
</ul>
@ -812,7 +814,7 @@ and a different exploit of the same vulnerability bypassing LKRG.</p>
<span class="md-icon" title="Last update">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M21 13.1c-.1 0-.3.1-.4.2l-1 1 2.1 2.1 1-1c.2-.2.2-.6 0-.8l-1.3-1.3c-.1-.1-.2-.2-.4-.2m-1.9 1.8-6.1 6V23h2.1l6.1-6.1-2.1-2M12.5 7v5.2l4 2.4-1 1L11 13V7h1.5M11 21.9c-5.1-.5-9-4.8-9-9.9C2 6.5 6.5 2 12 2c5.3 0 9.6 4.1 10 9.3-.3-.1-.6-.2-1-.2s-.7.1-1 .2C19.6 7.2 16.2 4 12 4c-4.4 0-8 3.6-8 8 0 4.1 3.1 7.5 7.1 7.9l-.1.2v1.8Z"/></svg>
</span>
<span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-date">April 18, 2024</span>
<span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-date">May 20, 2024</span>
</span>
@ -872,7 +874,7 @@ and a different exploit of the same vulnerability bypassing LKRG.</p>
<script id="__config" type="application/json">{"base": "../..", "features": ["navigation.expand", "navigation.indexes", "navigation.instant", "navigation.sections", "navigation.top", "navigation.tracking", "navigation.path", "search.highlight", "search.suggest", "toc.integrate", "content.action.edit"], "search": "../../assets/javascripts/workers/search.b8dbb3d2.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}}</script>
<script src="../../assets/javascripts/bundle.3220b9d7.min.js"></script>
<script src="../../assets/javascripts/bundle.081f42fc.min.js"></script>
</body>

6
issues/CVE-2024-2961/index.html
View File

@ -20,7 +20,7 @@
<link rel="icon" href="../../assets/images/favicon.png">
<meta name="generator" content="mkdocs-1.5.3, mkdocs-material-9.5.18">
<meta name="generator" content="mkdocs-1.6.0, mkdocs-material-9.5.24">
@ -28,7 +28,7 @@
<link rel="stylesheet" href="../../assets/stylesheets/main.66ac8b77.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/main.6543a935.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/palette.06af60db.min.css">
@ -858,7 +858,7 @@ iconvconfig
<script id="__config" type="application/json">{"base": "../..", "features": ["navigation.expand", "navigation.indexes", "navigation.instant", "navigation.sections", "navigation.top", "navigation.tracking", "navigation.path", "search.highlight", "search.suggest", "toc.integrate", "content.action.edit"], "search": "../../assets/javascripts/workers/search.b8dbb3d2.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}}</script>
<script src="../../assets/javascripts/bundle.3220b9d7.min.js"></script>
<script src="../../assets/javascripts/bundle.081f42fc.min.js"></script>
</body>

34
news/index.html
View File

@ -20,7 +20,7 @@
<link rel="icon" href="../assets/images/favicon.png">
<meta name="generator" content="mkdocs-1.5.3, mkdocs-material-9.5.18">
<meta name="generator" content="mkdocs-1.6.0, mkdocs-material-9.5.24">
@ -28,7 +28,7 @@
<link rel="stylesheet" href="../assets/stylesheets/main.66ac8b77.min.css">
<link rel="stylesheet" href="../assets/stylesheets/main.6543a935.min.css">
<link rel="stylesheet" href="../assets/stylesheets/palette.06af60db.min.css">
@ -322,6 +322,24 @@
</label>
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
<li class="md-nav__item">
<a href="#may-20-2024" class="md-nav__link">
<span class="md-ellipsis">
May 20, 2024
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#april-30-2024" class="md-nav__link">
<span class="md-ellipsis">
April 30, 2024
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#april-18-23-2024" class="md-nav__link">
<span class="md-ellipsis">
@ -854,6 +872,14 @@
<h1 id="news">News<a class="headerlink" href="#news" title="Permanent link">&para;</a></h1>
<p>These are what we consider significant SIG/Security news items, not an exhaustive list of package updates and wiki edits.</p>
<h2 id="may-20-2024">May 20, 2024<a class="headerlink" href="#may-20-2024" title="Permanent link">&para;</a></h2>
<p><a href="../packages/glibc/">glibc</a> <code>2.34-100.el9_4.security.0.8</code> contains all of our changes so far rebased on top of 9.4's <code>2.34-100</code>,
which was still missing the iconv and nscd security fixes, so our addition of those is still relevant.</p>
<p><a href="../packages/openssh/">openssh</a> rebased on 9.4's <code>8.7p1-38</code>.</p>
<p>The status page on <a href="../issues/CVE-2024-1086/">CVE-2024-1086</a> has been updated to refer to EL9 fix.</p>
<h2 id="april-30-2024">April 30, 2024<a class="headerlink" href="#april-30-2024" title="Permanent link">&para;</a></h2>
<p>Unreleased <a href="../packages/glibc/">glibc</a> <code>2.34-83.12.el9_3.security.0.6</code> includes nscd CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602 fixes from upstream glibc 2.34 branch.</p>
<p>This update ended up unreleased because we refocused on 9.4.</p>
<h2 id="april-18-23-2024">April 18-23, 2024<a class="headerlink" href="#april-18-23-2024" title="Permanent link">&para;</a></h2>
<p>Our hardened EL9 <a href="../packages/glibc/">glibc</a> updated to include glibc upstream fix for <a href="../issues/CVE-2024-2961/">CVE-2024-2961</a>.
On that CVE status page, we also provide a mitigation for both EL9 and EL8.</p>
@ -917,7 +943,7 @@ A typical facility is a SUID/SGID/setcap program or a configuration setting of a
<span class="md-icon" title="Last update">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M21 13.1c-.1 0-.3.1-.4.2l-1 1 2.1 2.1 1-1c.2-.2.2-.6 0-.8l-1.3-1.3c-.1-.1-.2-.2-.4-.2m-1.9 1.8-6.1 6V23h2.1l6.1-6.1-2.1-2M12.5 7v5.2l4 2.4-1 1L11 13V7h1.5M11 21.9c-5.1-.5-9-4.8-9-9.9C2 6.5 6.5 2 12 2c5.3 0 9.6 4.1 10 9.3-.3-.1-.6-.2-1-.2s-.7.1-1 .2C19.6 7.2 16.2 4 12 4c-4.4 0-8 3.6-8 8 0 4.1 3.1 7.5 7.1 7.9l-.1.2v1.8Z"/></svg>
</span>
<span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-date">April 23, 2024</span>
<span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-date">May 20, 2024</span>
</span>
@ -977,7 +1003,7 @@ A typical facility is a SUID/SGID/setcap program or a configuration setting of a
<script id="__config" type="application/json">{"base": "..", "features": ["navigation.expand", "navigation.indexes", "navigation.instant", "navigation.sections", "navigation.top", "navigation.tracking", "navigation.path", "search.highlight", "search.suggest", "toc.integrate", "content.action.edit"], "search": "../assets/javascripts/workers/search.b8dbb3d2.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}}</script>
<script src="../assets/javascripts/bundle.3220b9d7.min.js"></script>
<script src="../assets/javascripts/bundle.081f42fc.min.js"></script>
</body>

6
packages/control/index.html
View File

@ -20,7 +20,7 @@
<link rel="icon" href="../../assets/images/favicon.png">
<meta name="generator" content="mkdocs-1.5.3, mkdocs-material-9.5.18">
<meta name="generator" content="mkdocs-1.6.0, mkdocs-material-9.5.24">
@ -28,7 +28,7 @@
<link rel="stylesheet" href="../../assets/stylesheets/main.66ac8b77.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/main.6543a935.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/palette.06af60db.min.css">
@ -966,7 +966,7 @@ write restricted (public restricted)
<script id="__config" type="application/json">{"base": "../..", "features": ["navigation.expand", "navigation.indexes", "navigation.instant", "navigation.sections", "navigation.top", "navigation.tracking", "navigation.path", "search.highlight", "search.suggest", "toc.integrate", "content.action.edit"], "search": "../../assets/javascripts/workers/search.b8dbb3d2.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}}</script>
<script src="../../assets/javascripts/bundle.3220b9d7.min.js"></script>
<script src="../../assets/javascripts/bundle.081f42fc.min.js"></script>
</body>

30
packages/glibc/index.html
View File

@ -20,7 +20,7 @@
<link rel="icon" href="../../assets/images/favicon.png">
<meta name="generator" content="mkdocs-1.5.3, mkdocs-material-9.5.18">
<meta name="generator" content="mkdocs-1.6.0, mkdocs-material-9.5.24">
@ -28,7 +28,7 @@
<link rel="stylesheet" href="../../assets/stylesheets/main.66ac8b77.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/main.6543a935.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/palette.06af60db.min.css">
@ -759,8 +759,8 @@
<h1 id="override-package-glibc">Override package: glibc<a class="headerlink" href="#override-package-glibc" title="Permanent link">&para;</a></h1>
<h2 id="el9">EL9<a class="headerlink" href="#el9" title="Permanent link">&para;</a></h2>
<ul>
<li>Version <code>2.34-83.12.el9_3.security.0.5</code></li>
<li>Based on <code>2.34-83.el9.12</code></li>
<li>Version <code>2.34-100.el9_4.security.0.8</code></li>
<li>Based on <code>2.34-100.el9</code></li>
</ul>
<h3 id="changes-summary">Changes summary<a class="headerlink" href="#changes-summary" title="Permanent link">&para;</a></h3>
<ul>
@ -773,11 +773,22 @@
<li>When <code>qsort(3)</code> is wrongly used with a nontransitive comparison function, nevertheless be robust and avoid <a href="https://www.openwall.com/lists/oss-security/2024/01/30/7">memory corruption</a> (Qualys, Rocky Linux)</li>
</ul>
<h4 id="known-effective-vulnerability-mitigations-and-fixes">Known-effective vulnerability mitigations and fixes<a class="headerlink" href="#known-effective-vulnerability-mitigations-and-fixes" title="Permanent link">&para;</a></h4>
<p><code>2.34-83.12.el9_3.security.0.6</code> includes nscd CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602 fixes from upstream glibc 2.34 branch.</p>
<p><code>2.34-83.12.el9_3.security.0.5</code> includes <code>iconv(3)</code> ISO-2022-CN-EXT <a href="../../issues/CVE-2024-2961/">CVE-2024-2961</a> fix from upstream glibc 2.34 branch.</p>
<p><code>2.34-60.el9_2.security.0.2</code> included mitigations sufficient to avoid security exposure of <a href="../../issues/CVE-2023-4911/">CVE-2023-4911</a> and a backport of upstream glibc fix of <a href="https://www.openwall.com/lists/oss-security/2023/09/25/1">CVE-2023-4527</a> that was not yet in upstream EL. In the update to <code>2.34-60.7.el9_2.security.0.3</code> and beyond, we retained the mitigations while rebasing on upstream EL's package with upstream fixes for these vulnerabilities (and more).</p>
<p>In general, inclusion of additional security fixes will be "reverted" if and when those get included in upstream EL packages that we rebase our changes on.</p>
<h3 id="change-log">Change log<a class="headerlink" href="#change-log" title="Permanent link">&para;</a></h3>
<div class="highlight"><pre><span></span><code>* Thu Apr 18 2024 Solar Designer &lt;solar@openwall.com&gt; - 2.34-83.12.el9.security.0.5
<div class="highlight"><pre><span></span><code>* Mon May 20 2024 Solar Designer &lt;solar@openwall.com&gt; - 2.34-100.el9.security.0.8
- Rebase on 2.34-100
* Tue May 07 2024 Solar Designer &lt;solar@openwall.com&gt; - 2.34-83.12.el9.security.0.7
- Upstream glibc 2.34 fix &quot;nscd: Use time_t for return type of addgetnetgrentX&quot;
* Tue Apr 30 2024 Solar Designer &lt;solar@openwall.com&gt; - 2.34-83.12.el9.security.0.6
- Add nscd CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602 fixes
from upstream glibc 2.34 branch
* Thu Apr 18 2024 Solar Designer &lt;solar@openwall.com&gt; - 2.34-83.12.el9.security.0.5
- Rebase on 2.34-83.12
- Add iconv() ISO-2022-CN-EXT CVE-2024-2961 fix from upstream glibc 2.34 branch
@ -797,11 +808,6 @@
[... upstream changes ...]
* Fri Oct 6 2023 Solar Designer &lt;solar@openwall.com&gt; - 2.34-60.7.el9.security.0.3
- Rebase on 2.34-60.7, drop &quot;our&quot; CVE-2023-4527 patch in favor of RH&#39;s
[... upstream changes ...]
* Mon Oct 2 2023 Solar Designer &lt;solar@openwall.com&gt; - 2.34-60.el9.security.0.2
- Add glibc-owl-alt-sanitize-env.patch stitched from several ALT Linux commits
as none of their revisions matched this package&#39;s set of backports as-is
@ -842,7 +848,7 @@
<span class="md-icon" title="Last update">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M21 13.1c-.1 0-.3.1-.4.2l-1 1 2.1 2.1 1-1c.2-.2.2-.6 0-.8l-1.3-1.3c-.1-.1-.2-.2-.4-.2m-1.9 1.8-6.1 6V23h2.1l6.1-6.1-2.1-2M12.5 7v5.2l4 2.4-1 1L11 13V7h1.5M11 21.9c-5.1-.5-9-4.8-9-9.9C2 6.5 6.5 2 12 2c5.3 0 9.6 4.1 10 9.3-.3-.1-.6-.2-1-.2s-.7.1-1 .2C19.6 7.2 16.2 4 12 4c-4.4 0-8 3.6-8 8 0 4.1 3.1 7.5 7.1 7.9l-.1.2v1.8Z"/></svg>
</span>
<span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-date">April 18, 2024</span>
<span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-date">May 20, 2024</span>
</span>
@ -902,7 +908,7 @@
<script id="__config" type="application/json">{"base": "../..", "features": ["navigation.expand", "navigation.indexes", "navigation.instant", "navigation.sections", "navigation.top", "navigation.tracking", "navigation.path", "search.highlight", "search.suggest", "toc.integrate", "content.action.edit"], "search": "../../assets/javascripts/workers/search.b8dbb3d2.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}}</script>
<script src="../../assets/javascripts/bundle.3220b9d7.min.js"></script>
<script src="../../assets/javascripts/bundle.081f42fc.min.js"></script>
</body>

6
packages/hardened_malloc/index.html
View File

@ -20,7 +20,7 @@
<link rel="icon" href="../../assets/images/favicon.png">
<meta name="generator" content="mkdocs-1.5.3, mkdocs-material-9.5.18">
<meta name="generator" content="mkdocs-1.6.0, mkdocs-material-9.5.24">
@ -28,7 +28,7 @@
<link rel="stylesheet" href="../../assets/stylesheets/main.66ac8b77.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/main.6543a935.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/palette.06af60db.min.css">
@ -912,7 +912,7 @@
<script id="__config" type="application/json">{"base": "../..", "features": ["navigation.expand", "navigation.indexes", "navigation.instant", "navigation.sections", "navigation.top", "navigation.tracking", "navigation.path", "search.highlight", "search.suggest", "toc.integrate", "content.action.edit"], "search": "../../assets/javascripts/workers/search.b8dbb3d2.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}}</script>
<script src="../../assets/javascripts/bundle.3220b9d7.min.js"></script>
<script src="../../assets/javascripts/bundle.081f42fc.min.js"></script>
</body>

6
packages/lkrg/index.html
View File

@ -20,7 +20,7 @@
<link rel="icon" href="../../assets/images/favicon.png">
<meta name="generator" content="mkdocs-1.5.3, mkdocs-material-9.5.18">
<meta name="generator" content="mkdocs-1.6.0, mkdocs-material-9.5.24">
@ -28,7 +28,7 @@
<link rel="stylesheet" href="../../assets/stylesheets/main.66ac8b77.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/main.6543a935.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/palette.06af60db.min.css">
@ -913,7 +913,7 @@ kernel version.
<script id="__config" type="application/json">{"base": "../..", "features": ["navigation.expand", "navigation.indexes", "navigation.instant", "navigation.sections", "navigation.top", "navigation.tracking", "navigation.path", "search.highlight", "search.suggest", "toc.integrate", "content.action.edit"], "search": "../../assets/javascripts/workers/search.b8dbb3d2.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}}</script>
<script src="../../assets/javascripts/bundle.3220b9d7.min.js"></script>
<script src="../../assets/javascripts/bundle.081f42fc.min.js"></script>
</body>

6
packages/microcode_ctl/index.html
View File

@ -20,7 +20,7 @@
<link rel="icon" href="../../assets/images/favicon.png">
<meta name="generator" content="mkdocs-1.5.3, mkdocs-material-9.5.18">
<meta name="generator" content="mkdocs-1.6.0, mkdocs-material-9.5.24">
@ -28,7 +28,7 @@
<link rel="stylesheet" href="../../assets/stylesheets/main.66ac8b77.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/main.6543a935.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/palette.06af60db.min.css">
@ -854,7 +854,7 @@
<script id="__config" type="application/json">{"base": "../..", "features": ["navigation.expand", "navigation.indexes", "navigation.instant", "navigation.sections", "navigation.top", "navigation.tracking", "navigation.path", "search.highlight", "search.suggest", "toc.integrate", "content.action.edit"], "search": "../../assets/javascripts/workers/search.b8dbb3d2.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}}</script>
<script src="../../assets/javascripts/bundle.3220b9d7.min.js"></script>
<script src="../../assets/javascripts/bundle.081f42fc.min.js"></script>
</body>

17
packages/openssh/index.html
View File

@ -20,7 +20,7 @@
<link rel="icon" href="../../assets/images/favicon.png">
<meta name="generator" content="mkdocs-1.5.3, mkdocs-material-9.5.18">
<meta name="generator" content="mkdocs-1.6.0, mkdocs-material-9.5.24">
@ -28,7 +28,7 @@
<link rel="stylesheet" href="../../assets/stylesheets/main.66ac8b77.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/main.6543a935.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/palette.06af60db.min.css">
@ -744,8 +744,8 @@
<h1 id="override-package-openssh">Override package: openssh<a class="headerlink" href="#override-package-openssh" title="Permanent link">&para;</a></h1>
<h2 id="el9">EL9<a class="headerlink" href="#el9" title="Permanent link">&para;</a></h2>
<ul>
<li>Version <code>8.7p1-34.3.el9_3.security.0.3</code></li>
<li>Based on <code>8.7p1-34.el9_3.3</code></li>
<li>Version <code>8.7p1-38.el9_4.security.0.4</code></li>
<li>Based on <code>8.7p1-38.el9</code></li>
</ul>
<h3 id="changes-summary">Changes summary<a class="headerlink" href="#changes-summary" title="Permanent link">&para;</a></h3>
<ul>
@ -753,7 +753,10 @@
<li>Build without Kerberos support (further shortens <code>ldd sshd</code> from 20 to 13 lines)</li>
</ul>
<h3 id="change-log">Change log<a class="headerlink" href="#change-log" title="Permanent link">&para;</a></h3>
<div class="highlight"><pre><span></span><code>* Sat Mar 16 2024 Solar Designer &lt;solar@openwall.com&gt; 8.7p1-34.3.el9_3.security.0.3
<div class="highlight"><pre><span></span><code>* Mon May 20 2024 Solar Designer &lt;solar@openwall.com&gt; 8.7p1-38.el9_4.security.0.4
- Rebase on 8.7p1-38
* Sat Mar 16 2024 Solar Designer &lt;solar@openwall.com&gt; 8.7p1-34.3.el9_3.security.0.3
- Comment out GSSAPI* lines in /etc/ssh/ssh*_config.d/50-redhat.conf and patch
the code to silently ignore GSSAPIKexAlgorithms when unsupported (like it is
in our new without-Kerberos build)
@ -794,7 +797,7 @@
<span class="md-icon" title="Last update">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M21 13.1c-.1 0-.3.1-.4.2l-1 1 2.1 2.1 1-1c.2-.2.2-.6 0-.8l-1.3-1.3c-.1-.1-.2-.2-.4-.2m-1.9 1.8-6.1 6V23h2.1l6.1-6.1-2.1-2M12.5 7v5.2l4 2.4-1 1L11 13V7h1.5M11 21.9c-5.1-.5-9-4.8-9-9.9C2 6.5 6.5 2 12 2c5.3 0 9.6 4.1 10 9.3-.3-.1-.6-.2-1-.2s-.7.1-1 .2C19.6 7.2 16.2 4 12 4c-4.4 0-8 3.6-8 8 0 4.1 3.1 7.5 7.1 7.9l-.1.2v1.8Z"/></svg>
</span>
<span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-date">March 16, 2024</span>
<span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-date">May 20, 2024</span>
</span>
@ -854,7 +857,7 @@
<script id="__config" type="application/json">{"base": "../..", "features": ["navigation.expand", "navigation.indexes", "navigation.instant", "navigation.sections", "navigation.top", "navigation.tracking", "navigation.path", "search.highlight", "search.suggest", "toc.integrate", "content.action.edit"], "search": "../../assets/javascripts/workers/search.b8dbb3d2.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}}</script>
<script src="../../assets/javascripts/bundle.3220b9d7.min.js"></script>
<script src="../../assets/javascripts/bundle.081f42fc.min.js"></script>
</body>

6
packages/passwdqc/index.html
View File

@ -18,7 +18,7 @@
<link rel="icon" href="../../assets/images/favicon.png">
<meta name="generator" content="mkdocs-1.5.3, mkdocs-material-9.5.18">
<meta name="generator" content="mkdocs-1.6.0, mkdocs-material-9.5.24">
@ -26,7 +26,7 @@
<link rel="stylesheet" href="../../assets/stylesheets/main.66ac8b77.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/main.6543a935.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/palette.06af60db.min.css">
@ -907,7 +907,7 @@
<script id="__config" type="application/json">{"base": "../..", "features": ["navigation.expand", "navigation.indexes", "navigation.instant", "navigation.sections", "navigation.top", "navigation.tracking", "navigation.path", "search.highlight", "search.suggest", "toc.integrate", "content.action.edit"], "search": "../../assets/javascripts/workers/search.b8dbb3d2.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}}</script>
<script src="../../assets/javascripts/bundle.3220b9d7.min.js"></script>
<script src="../../assets/javascripts/bundle.081f42fc.min.js"></script>
</body>

2
search/search_index.json
View File

File diff suppressed because one or more lines are too long

26
sitemap.xml
View File

@ -2,67 +2,67 @@
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
<url>
<loc>https://sig-security.rocky.page/</loc>
<lastmod>2024-04-23</lastmod>
<lastmod>2024-05-22</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://sig-security.rocky.page/news/</loc>
<lastmod>2024-04-23</lastmod>
<lastmod>2024-05-22</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://sig-security.rocky.page/issues/CVE-2023-23583/</loc>
<lastmod>2024-04-23</lastmod>
<lastmod>2024-05-22</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://sig-security.rocky.page/issues/CVE-2023-4911/</loc>
<lastmod>2024-04-23</lastmod>
<lastmod>2024-05-22</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://sig-security.rocky.page/issues/CVE-2024-1086/</loc>
<lastmod>2024-04-23</lastmod>
<lastmod>2024-05-22</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://sig-security.rocky.page/issues/CVE-2024-2961/</loc>
<lastmod>2024-04-23</lastmod>
<lastmod>2024-05-22</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://sig-security.rocky.page/packages/control/</loc>
<lastmod>2024-04-23</lastmod>
<lastmod>2024-05-22</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://sig-security.rocky.page/packages/glibc/</loc>
<lastmod>2024-04-23</lastmod>
<lastmod>2024-05-22</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://sig-security.rocky.page/packages/hardened_malloc/</loc>
<lastmod>2024-04-23</lastmod>
<lastmod>2024-05-22</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://sig-security.rocky.page/packages/lkrg/</loc>
<lastmod>2024-04-23</lastmod>
<lastmod>2024-05-22</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://sig-security.rocky.page/packages/microcode_ctl/</loc>
<lastmod>2024-04-23</lastmod>
<lastmod>2024-05-22</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://sig-security.rocky.page/packages/openssh/</loc>
<lastmod>2024-04-23</lastmod>
<lastmod>2024-05-22</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://sig-security.rocky.page/packages/passwdqc/</loc>
<lastmod>2024-04-23</lastmod>
<lastmod>2024-05-22</lastmod>
<changefreq>daily</changefreq>
</url>
</urlset>

BIN
sitemap.xml.gz
View File

Binary file not shown.