Differences

This shows you the differences between two versions of the page.

--- changelog_14.2 [2019/04/07 00:30] – connie
+++ changelog_14.2 [2019/05/16 12:23] – connie
@@ Line 2: / Line 2: @@
 Slackware upstream ChangeLog entries are courtesy of Patrick Volkerding.
+==== 2019-05-16 ====
+**rdesktop-1.8.5**:  Upgraded.
+This update fixes security issues:
+Add bounds checking to protocol handling in order to fix many
+security problems when communicating with a malicious server.
+(**Security fix**)
+==== 2019-04-26 ====
+**bind-9.11.6_P1**:  Upgraded.
+This update fixes a security issue:
+The TCP client quota set using the tcp-clients option could be exceeded
+in some cases. This could lead to exhaustion of file descriptors.
+For more information, see:
+  * https://kb.isc.org/docs/cve-2018-5743
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5743
+(**Security fix**)
+**curl-7.64.1**:  Upgraded.
+This update fixes a regression in curl-7.64.0 which could lead to
+% CPU usage. Thanks to arcctgx.
+==== 2019-04-17 ====
+**libpng-1.6.37**:  Upgraded.
+This update fixes security issues:
+  * Fixed a use-after-free vulnerability (CVE-2019-7317) in png_image_free.
+  * Fixed a memory leak in the ARM NEON implementation of png_do_expand_palette.
+  * Fixed a memory leak in pngtest.c.
+  * Fixed two vulnerabilities (CVE-2018-14048, CVE-2018-14550) in contrib/pngminus; refactor.
+For more information, see:
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14048
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14550
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317
+(**Security fix**)
+**libssh2-1.8.2**:  Upgraded.
+This update fixes a misapplied userauth patch that broke 1.8.1.
+Thanks to Ook.
+**glibc-zoneinfo-2019a**:  Upgraded.
+This package provides the latest timezone updates.
 ==== 2019-04-06 ====