changelog_14.2
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
changelog_14.2 [2019/08/08 23:40] – connie | changelog_14.2 [2020/01/11 13:09] – [2020-01-11] connie | ||
---|---|---|---|
Line 2: | Line 2: | ||
Slackware upstream ChangeLog entries are courtesy of Patrick Volkerding. | Slackware upstream ChangeLog entries are courtesy of Patrick Volkerding. | ||
+ | |||
+ | ==== 2020-01-11 ==== | ||
+ | |||
+ | **p7zip-16.02**: | ||
+ | ==== 2020-01-09 ==== | ||
+ | |||
+ | **linux-libre-*-4.4.208**: | ||
+ | | ||
+ | +IPV6_SUBTREES y | ||
+ | These updates fix various bugs and security issues. | ||
+ | Be sure to upgrade your initrd after upgrading the kernel packages. | ||
+ | If you use lilo to boot your machine, be sure lilo.conf points to the correct | ||
+ | kernel and initrd and run lilo as root to update the bootloader. | ||
+ | If you use elilo to boot your machine, you should run eliloconfig to copy the | ||
+ | kernel and initrd to the EFI System Partition. | ||
+ | For more information, | ||
+ | |||
+ | Fixed in 4.4.203: | ||
+ | * https:// | ||
+ | * https:// | ||
+ | Fixed in 4.4.204: | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | Fixed in 4.4.206: | ||
+ | * https:// | ||
+ | Fixed in 4.4.207: | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | Fixed in 4.4.208: | ||
+ | * https:// | ||
+ | * https:// | ||
+ | (**Security fix**) | ||
+ | |||
+ | **xfce4-weather-plugin-0.8.11**: | ||
+ | Bugfix release to address the upcoming obsolescence of the | ||
+ | locationforecastLTS API from met.no. Thanks to Robby Workman. | ||
+ | |||
+ | **libwmf-0.2.8.4**: | ||
+ | This is a bugfix release to correct the path for the GDK_PIXBUF_DIR. | ||
+ | Thanks to B. Watson and Robby Workman. | ||
+ | |||
+ | ==== 2019-12-21 ==== | ||
+ | |||
+ | **openssl-1.0.2u**: | ||
+ | This update fixes a low severity security issue: | ||
+ | Fixed an an overflow bug in the x86_64 Montgomery squaring procedure used in | ||
+ | exponentiation with 512-bit moduli. | ||
+ | For more information, | ||
+ | * https:// | ||
+ | * https:// | ||
+ | (**Security fix**) | ||
+ | |||
+ | **openssl-solibs-1.0.2u**: | ||
+ | |||
+ | **tigervnc-1.10.1**: | ||
+ | From tigervnc.org: | ||
+ | that were found by Kaspersky Lab. These issues affect both the client and | ||
+ | server and could theoretically allow a malicious peer to take control | ||
+ | over the software on the other side. No working exploit is known at this | ||
+ | time, and the issues require the peer to first be authenticated. We still | ||
+ | urge users to upgrade when possible." | ||
+ | (**Security fix**) | ||
+ | |||
+ | ==== 2019-12-19 ==== | ||
+ | |||
+ | **bind-9.11.14**: | ||
+ | This is a bugfix release: | ||
+ | Fixed a bug that caused named to leak memory on reconfiguration when | ||
+ | any GeoIP2 database was in use. [GL #1445] | ||
+ | Fixed several possible race conditions discovered by Thread Sanitizer. | ||
+ | |||
+ | **wavpack-5.2.0**: | ||
+ | Fixed denial-of-service and other potential security issues. | ||
+ | For more information, | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | (**Security fix**) | ||
+ | |||
+ | **ca-certificates-20191130**: | ||
+ | This update provides the latest CA certificates to check for the | ||
+ | authenticity of SSL connections. | ||
+ | |||
+ | ==== 2019-11-21 ==== | ||
+ | |||
+ | **bind-9.11.13**: | ||
+ | This update fixes a security issue: | ||
+ | Set a limit on the number of concurrently served pipelined TCP queries. | ||
+ | For more information, | ||
+ | * https:// | ||
+ | (**Security fix**) | ||
+ | |||
+ | ==== 2019-11-17 ==== | ||
+ | |||
+ | **linux-libre-*-4.4.202**: | ||
+ | * CRYPTO_CRC32C_INTEL m -> y | ||
+ | * +X86_INTEL_TSX_MODE_AUTO n | ||
+ | * +X86_INTEL_TSX_MODE_OFF y | ||
+ | * +X86_INTEL_TSX_MODE_ON n | ||
+ | These updates fix various bugs and security issues, including mitigation for | ||
+ | the TSX Asynchronous Abort condition on some CPUs. | ||
+ | Be sure to upgrade your initrd after upgrading the kernel packages. | ||
+ | If you use lilo to boot your machine, be sure lilo.conf points to the correct | ||
+ | kernel and initrd and run lilo as root to update the bootloader. | ||
+ | If you use elilo to boot your machine, you should run eliloconfig to copy the | ||
+ | kernel and initrd to the EFI System Partition. | ||
+ | For more information, | ||
+ | |||
+ | Fixed in 4.4.201: | ||
+ | * https:// | ||
+ | * https:// | ||
+ | Fixed in 4.4.202: | ||
+ | * https:// | ||
+ | (**Security fix**) | ||
+ | |||
+ | ==== 2019-11-12 ==== | ||
+ | |||
+ | **kdelibs-4.14.38**: | ||
+ | Remove hardcoded TLSv1 allowing TLSv1.1 and TLSv1.2. Thanks to PJ Beers. | ||
+ | |||
+ | **kdepim-4.14.10**: | ||
+ | Remove hardcoded TLSv1 allowing TLSv1.1 and TLSv1.2. Thanks to PJ Beers. | ||
+ | |||
+ | **kdepimlibs-4.14.10**: | ||
+ | Remove hardcoded TLSv1 allowing TLSv1.1 and TLSv1.2. Thanks to PJ Beers. | ||
+ | |||
+ | **linux-libre-*-4.4.199**: | ||
+ | These updates fix various bugs and security issues. | ||
+ | Be sure to upgrade your initrd after upgrading the kernel packages. | ||
+ | If you use lilo to boot your machine, be sure lilo.conf points to the correct | ||
+ | kernel and initrd and run lilo as root to update the bootloader. | ||
+ | If you use elilo to boot your machine, you should run eliloconfig to copy the | ||
+ | kernel and initrd to the EFI System Partition. | ||
+ | For more information, | ||
+ | |||
+ | Fixed in 4.4.191: | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | Fixed in 4.4.193: | ||
+ | * https:// | ||
+ | Fixed in 4.4.194: | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | Fixed in 4.4.195: | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | Fixed in 4.4.196: | ||
+ | * https:// | ||
+ | Fixed in 4.4.197: | ||
+ | * https:// | ||
+ | * https:// | ||
+ | Fixed in 4.4.198: | ||
+ | * https:// | ||
+ | * https:// | ||
+ | Fixed in 4.4.199: | ||
+ | * https:// | ||
+ | (**Security fix**) | ||
+ | |||
+ | ==== 2019-11-04 ==== | ||
+ | |||
+ | **libtiff-4.1.0**: | ||
+ | libtiff: fix integer overflow in _TIFFCheckMalloc() that could cause a crash. | ||
+ | tif_dir: unset transferfunction field if necessary. | ||
+ | pal2rgb: failed to free memory on a few errors. | ||
+ | For more information, | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | (**Security fix**) | ||
+ | |||
+ | ==== 2019-10-21 ==== | ||
+ | |||
+ | **python-2.7.17**: | ||
+ | This update fixes bugs and security issues: | ||
+ | Update vendorized expat library version to 2.2.8. | ||
+ | Disallow URL paths with embedded whitespace or control characters into the | ||
+ | underlying http client request. Such potentially malicious header injection | ||
+ | URLs now cause an httplib.InvalidURL exception to be raised. | ||
+ | Avoid file reading by disallowing ``local-file:// | ||
+ | URL schemes in : | ||
+ | : | ||
+ | For more information, | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | (**Security fix**) | ||
+ | |||
+ | **ca-certificates-20191018**: | ||
+ | This update provides the latest CA certificates to check for the | ||
+ | authenticity of SSL connections. | ||
+ | |||
+ | **sudo-1.8.28p1**: | ||
+ | This is a bugfix release: | ||
+ | Ensure that / | ||
+ | |||
+ | ==== 2019-10-14 ==== | ||
+ | |||
+ | **sudo-1.8.28**: | ||
+ | Fixed a bug where an sudo user may be able to run a command as root when | ||
+ | the Runas specification explicitly disallows root access as long as the | ||
+ | ALL keyword is listed first. | ||
+ | For more information, | ||
+ | * https:// | ||
+ | (**Security fix**) | ||
+ | |||
+ | ==== 2019-10-02 ==== | ||
+ | |||
+ | **libpcap-1.9.1**: | ||
+ | This update is required for the new version of tcpdump. | ||
+ | |||
+ | **tcpdump-4.9.3**: | ||
+ | Fix buffer overflow/ | ||
+ | argument/ | ||
+ | For more information, | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | (**Security fix**) | ||
+ | |||
+ | ==== 2019-09-16 ==== | ||
+ | |||
+ | **expat-2.2.8**: | ||
+ | Fix heap overflow triggered by XML_GetCurrentLineNumber (or | ||
+ | XML_GetCurrentColumnNumber), | ||
+ | For more information, | ||
+ | * https:// | ||
+ | (**Security fix**) | ||
+ | |||
+ | ==== 2019-09-12 ==== | ||
+ | |||
+ | **curl-7.66.0**: | ||
+ | This update fixes security issues: | ||
+ | FTP-KRB double-free | ||
+ | TFTP small blocksize heap buffer overflow | ||
+ | For more information, | ||
+ | * https:// | ||
+ | * https:// | ||
+ | (**Security fix**) | ||
+ | |||
+ | **glibc-zoneinfo-2019c**: | ||
+ | This package provides the latest timezone updates. | ||
+ | |||
+ | **openssl-1.0.2t**: | ||
+ | This update fixes low severity security issues: | ||
+ | Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey | ||
+ | Compute ECC cofactors if not provided during EC_GROUP construction | ||
+ | For more information, | ||
+ | * https:// | ||
+ | * https:// | ||
+ | (**Security fix**) | ||
+ | |||
+ | **openssl-solibs-1.0.2t**: | ||
+ | |||
+ | **emacs-26.3**: | ||
+ | This is a bugfix release. | ||
+ | |||
+ | ==== 2019-08-27 ==== | ||
+ | |||
+ | **linux-libre-*-4.4.190**: | ||
+ | These updates fix various bugs and a minor local denial-of-service security | ||
+ | issue. They also change this option: | ||
+ | * FANOTIFY_ACCESS_PERMISSIONS n -> y | ||
+ | This is needed by on-access virus scanning software. | ||
+ | Be sure to upgrade your initrd after upgrading the kernel packages. | ||
+ | If you use lilo to boot your machine, be sure lilo.conf points to the correct | ||
+ | kernel and initrd and run lilo as root to update the bootloader. | ||
+ | If you use elilo to boot your machine, you should run eliloconfig to copy the | ||
+ | kernel and initrd to the EFI System Partition. | ||
+ | For more information, | ||
+ | * https:// | ||
+ | (**Security fix**) | ||
+ | |||
+ | **ca-certificates-20190826**: | ||
+ | This update provides the latest CA certificates to check for the | ||
+ | authenticity of SSL connections. | ||
+ | |||
+ | **bind-9.11.9**: | ||
+ | This update fixes various bugs and also updates the named.root file in | ||
+ | the caching-example configuration to the latest version. | ||
+ | |||
+ | ==== 2019-08-14 ==== | ||
+ | |||
+ | **linux-libre-*-4.4.189**: | ||
+ | These updates fix various bugs and many security issues, and include the | ||
+ | Spectre v1 SWAPGS mitigations. | ||
+ | Be sure to upgrade your initrd after upgrading the kernel packages. | ||
+ | If you use lilo to boot your machine, be sure lilo.conf points to the correct | ||
+ | kernel and initrd and run lilo as root to update the bootloader. | ||
+ | If you use elilo to boot your machine, you should run eliloconfig to copy the | ||
+ | kernel and initrd to the EFI System Partition. For more information, | ||
+ | |||
+ | Fixed in 4.4.187: | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | Fixed in 4.4.189: | ||
+ | * https:// | ||
+ | * https:// | ||
+ | (**Security fix**) | ||
==== 2019-08-08 ==== | ==== 2019-08-08 ==== |
changelog_14.2.txt · Last modified: 2023/12/23 13:40 by connie