changelog_14.2
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
changelog_14.2 [2019/02/07 14:46] – connie | changelog_14.2 [2019/02/12 23:41] – connie | ||
---|---|---|---|
Line 2: | Line 2: | ||
Slackware upstream ChangeLog entries are courtesy of Patrick Volkerding. | Slackware upstream ChangeLog entries are courtesy of Patrick Volkerding. | ||
+ | |||
+ | ==== 2019-02-12 ==== | ||
+ | |||
+ | **lxc-2.0.9_d3a03247**: | ||
+ | This update fixes a security issue where a malicious privileged container | ||
+ | could overwrite the host binary and thus gain root-level code execution on | ||
+ | the host. As the LXC project considers privileged containers to be unsafe | ||
+ | no CVE has been assigned for this issue for LXC. To prevent this attack, | ||
+ | LXC has been patched to create a temporary copy of the calling binary | ||
+ | itself when it starts or attaches to containers. To do this LXC creates an | ||
+ | anonymous, in-memory file using the memfd_create() system call and copies | ||
+ | itself into the temporary in-memory file, which is then sealed to prevent | ||
+ | further modifications. LXC then executes this sealed, in-memory file | ||
+ | instead of the original on-disk binary. | ||
+ | For more information, | ||
+ | * https:// | ||
+ | (**Security fix**) | ||
+ | |||
+ | ==== 2019-02-12 ==== | ||
+ | |||
+ | **xonotic-0.8.2**: | ||
+ | addictive arena gameplay. Xonotic is a direct successor of the Nexuiz, which was a fork of DarkPlaces, which was a fork of Quake engine. | ||
+ | |||
+ | ==== 2019-02-07 ==== | ||
+ | |||
+ | **php-5.6.40**: | ||
+ | Several security bugs have been fixed in this release: | ||
+ | |||
+ | GD: | ||
+ | * Fixed bug #77269 (efree() on uninitialized Heap data in imagescale leads to use-after-free). | ||
+ | * Fixed bug #77270 (imagecolormatch Out Of Bounds Write on Heap). | ||
+ | Mbstring: | ||
+ | * Fixed bug #77370 (Buffer overflow on mb regex functions - fetch_token). | ||
+ | * Fixed bug #77371 (heap buffer overflow in mb regex functions - compile_string_node). | ||
+ | * Fixed bug #77381 (heap buffer overflow in multibyte match_at). | ||
+ | * Fixed bug #77382 (heap buffer overflow due to incorrect length in expand_case_fold_string). | ||
+ | * Fixed bug #77385 (buffer overflow in fetch_token). | ||
+ | * Fixed bug #77394 (Buffer overflow in multibyte case folding - unicode). | ||
+ | * Fixed bug #77418 (Heap overflow in utf32be_mbc_to_code). | ||
+ | Phar: | ||
+ | * Fixed bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext). | ||
+ | Xmlrpc: | ||
+ | * Fixed bug #77242 (heap out of bounds read in xmlrpc_decode()). | ||
+ | * Fixed bug #77380 (Global out of bounds read in xmlrpc base64 code). | ||
+ | For more information, | ||
+ | * https:// | ||
+ | (**Security fix**) | ||
==== 2019-02-07 ==== | ==== 2019-02-07 ==== |
changelog_14.2.txt · Last modified: 2023/12/23 13:40 by connie