-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.goreleaser.yml
70 lines (60 loc) · 2.66 KB
/
.goreleaser.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
project_name: Macaroni Funtoo
build:
skip: true
release:
header: |
## Macaroni OS {{ .Tag }}!
A new release of Phoenix branch is out!
A description of the release change will be available in our [blog](https://www.macaronios.org/blog/phoenix-24.04/).
See the above list for all upgrade details.
Many thanks to all [Funtoo](https://www.funtoo.org/) devs that are the sap of all this.
Enjoy!
Any user that wants to support our work for Macaroni could do this through the
Github [Sponsor](https://github.com/sponsors/geaaru) or alternative to
add a :star: to our projects.
### Security
In evidence:
CVE-2021-3472 / ZDI CAN 12549 XChangeFeedbackControl Integer Underflow
CVE-2021-4008 / ZDI-CAN-14192 SProcRenderCompositeGlyphs out-of-bounds access
CVE-2021-4009 / ZDI-CAN-14950 SProcXFixesCreatePointerBarrier out-of-bounds access
CVE-2021-4010 / ZDI-CAN-14951 SProcScreenSaverSuspend out-of-bounds access
CVE-2021-4011 / ZDI-CAN-14952 SwapCreateRegister out-of-bounds access
CVE-2022-46340 / ZDI-CAN-19265 XTestSwapFakeInput stack overflow
CVE-2022-46341 / ZDI-CAN-19381 XIPassiveUngrab out-of-bounds access
CVE-2022-46342 / ZDI-CAN-19400 XvdiSelectVideoNotify use-after-free
CVE-2022-46343 / ZDI-CAN-19404 ScreenSaverSetAttributes use-after-free
CVE-2022-46344 / ZDI-CAN-19405 XIChangeProperty out-of-bounds access
CVE-2022-4283 / ZDI-CAN-19530 XkbGetKbdByName use-after-free
CVE-2023-6816: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer
CVE-2024-0229: Reattaching to different master device may lead to out-of-bounds memory access
CVE-2024-21885: Heap buffer overflow in XISendDeviceHierarchyEvent
CVE-2024-21886: Heap buffer overflow in DisableDevice
CVE-2024-0409: SELinux context corruption
CVE-2024-0408: SELinux unlabeled GLX PBuffer
CVE-2024-27316: Apache HTTP Server - HTTP/2 DoS
CVE-2024-24795: Apache HTTP Server - HTTP Response Splitting in multiple modules
CVE-2023-38709: Apache HTTP Server - HTTP response splitting
CVE-2024-3094: Lighttpd - HTTP/2 CONTINUATION Flood and avoid xz supply chain attack.
CVE-2024-28085: util-linux - fix escape sequence Injection
CVE-2024-24786: kubectl - google.golang.org/protobuf
CVE-2024-24786: containerd - google.golang.org/protobuf
changelog:
sort: asc
groups:
- title: New packages
regexp: ".*new.*"
order: 1
- title: Packages
regexp: ".*Bump.*"
order: 2
- title: Reverts
regexp: '^Revert.*'
order: 3
- title: Others
order: 9999
filters:
exclude:
- '^.github'
- '^github'
- '^portage-converter'
- '^.gorelease'