User Tools

Site Tools


changelog_14.2

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
Next revisionBoth sides next revision
changelog_14.2 [2019/07/15 00:16] conniechangelog_14.2 [2019/10/02 15:47] connie
Line 2: Line 2:
  
 Slackware upstream ChangeLog entries are courtesy of Patrick Volkerding. Slackware upstream ChangeLog entries are courtesy of Patrick Volkerding.
 +
 +==== 2019-10-02 ====
 +
 +**libpcap-1.9.1**:  Upgraded.
 +This update is required for the new version of tcpdump.
 +
 +**tcpdump-4.9.3**:  Upgraded.
 +Fix buffer overflow/overread vulnerabilities and command line
 +argument/local issues.
 +For more information, see:
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16808
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14468
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14469
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14470
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14466
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14461
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14462
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14465
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14881
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14464
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14463
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14467
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10103
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10105
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14880
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16451
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14882
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16227
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16229
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16301
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16230
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16452
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16300
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16228
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15166
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15167
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14879
 +(**Security fix**)
 +
 +==== 2019-09-16 ====
 +
 +**expat-2.2.8**:  Upgraded.
 +Fix heap overflow triggered by XML_GetCurrentLineNumber (or
 +XML_GetCurrentColumnNumber), and deny internal entities closing the doctype.
 +For more information, see:
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
 +(**Security fix**)
 +
 +==== 2019-09-12 ====
 +
 +**curl-7.66.0**:  Upgraded.
 +This update fixes security issues:
 +FTP-KRB double-free
 +TFTP small blocksize heap buffer overflow
 +For more information, see:
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482
 +(**Security fix**)
 +
 +**glibc-zoneinfo-2019c**:  Upgraded.
 +This package provides the latest timezone updates.
 +
 +**openssl-1.0.2t**:  Upgraded.
 +This update fixes low severity security issues:
 +Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey
 +Compute ECC cofactors if not provided during EC_GROUP construction
 +For more information, see:
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1563
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1547
 +(**Security fix**)
 +
 +**openssl-solibs-1.0.2t**:  Upgraded.
 +
 +**emacs-26.3**:  Upgraded.
 +This is a bugfix release.
 +
 +==== 2019-08-27 ====
 +
 +**linux-libre-*-4.4.190**:  Upgraded.
 +These updates fix various bugs and a minor local denial-of-service security
 +issue. They also change this option:
 +  * FANOTIFY_ACCESS_PERMISSIONS n -> y
 +This is needed by on-access virus scanning software.
 +Be sure to upgrade your initrd after upgrading the kernel packages.
 +If you use lilo to boot your machine, be sure lilo.conf points to the correct
 +kernel and initrd and run lilo as root to update the bootloader.
 +If you use elilo to boot your machine, you should run eliloconfig to copy the
 +kernel and initrd to the EFI System Partition.
 +For more information, see: Fixed in 4.4.190:
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20961
 +(**Security fix**)
 +
 +**ca-certificates-20190826**:  Upgraded.
 +This update provides the latest CA certificates to check for the
 +authenticity of SSL connections.
 +
 +**bind-9.11.9**:  Upgraded.
 +This update fixes various bugs and also updates the named.root file in
 +the caching-example configuration to the latest version.
 +
 +==== 2019-08-14 ====
 +
 +**linux-libre-*-4.4.189**:  Upgraded.
 +These updates fix various bugs and many security issues, and include the
 +Spectre v1 SWAPGS mitigations.
 +Be sure to upgrade your initrd after upgrading the kernel packages.
 +If you use lilo to boot your machine, be sure lilo.conf points to the correct
 +kernel and initrd and run lilo as root to update the bootloader.
 +If you use elilo to boot your machine, you should run eliloconfig to copy the
 +kernel and initrd to the EFI System Partition. For more information, see:
 +
 +Fixed in 4.4.187:
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13631
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18509
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14283
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10207
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14284
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13648
 +Fixed in 4.4.189:
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20856
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1125
 +(**Security fix**)
 +
 +==== 2019-08-08 ====
 +
 +**kdelibs-4.14.38**:  Upgraded.
 +kconfig: malicious .desktop files (and others) would execute code.
 +For more information, see:
 +  * https://mail.kde.org/pipermail/kde-announce/2019-August/000047.html
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14744
 +(**Security fix**)
 +
 +==== 2019-07-25 ====
 +
 +**R-3.6.1**: Upgraded (FXP)
 +
 +==== 2019-07-22 ====
 +
 +**linux-libre-*-4.4.186**:  Upgraded.
 +These updates fix various bugs and many minor security issues.
 +Be sure to upgrade your initrd after upgrading the kernel packages.
 +If you use lilo to boot your machine, be sure lilo.conf points to the correct
 +kernel and initrd and run lilo as root to update the bootloader.
 +If you use elilo to boot your machine, you should run eliloconfig to copy the
 +kernel and initrd to the EFI System Partition.
 +For more information, see:
 +  * Fixed in 4.4.183:
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11599
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3892
 +  * Fixed in 4.4.185:
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13272
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16597
 +  * Fixed in 4.4.186:
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10126
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3846
 +(**Security fix**)
 +
 +**curl-7.65.3**:  Upgraded.
 +This is a bugfix release:
 +Fix a regression that caused the progress meter not to appear.
 +For more information, see:
 +  * https://curl.haxx.se/changes.html
 +
 +**emacs-26.2**:  Upgraded.
 +This is a bugfix release.
 +Patched package.el to obey buffer-file-coding-system (bug #35739), fixing
 +bad signature from GNU ELPA for archive-contents.
 +Thanks to Stefan Monnier and Eric Lindblad.
  
 ==== 2019-07-14 ==== ==== 2019-07-14 ====
changelog_14.2.txt · Last modified: 2023/12/23 13:40 by connie