changelog_14.2
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revision | Next revisionBoth sides next revision | ||
| changelog_14.2 [2020/01/11 13:09] – [2020-01-11] connie | changelog_14.2 [2020/01/31 19:22] – [2020-01-11] connie | ||
|---|---|---|---|
| Line 2: | Line 2: | ||
| Slackware upstream ChangeLog entries are courtesy of Patrick Volkerding. | Slackware upstream ChangeLog entries are courtesy of Patrick Volkerding. | ||
| + | |||
| + | ==== 2020-01-31 ==== | ||
| + | |||
| + | **sudo-1.8.31**: | ||
| + | This update fixes a security issue: | ||
| + | In Sudo before 1.8.31, if pwfeedback is enabled in / | ||
| + | trigger a stack-based buffer overflow in the privileged sudo process. | ||
| + | (pwfeedback is a default setting in some Linux distributions; | ||
| + | is not the default for upstream or in Slackware, and would exist only if | ||
| + | enabled by an administrator.) The attacker needs to deliver a long string | ||
| + | to the stdin of getln() in tgetpass.c. | ||
| + | For more information, | ||
| + | * https:// | ||
| + | (**Security fix**) | ||
| + | |||
| + | **bind-9.11.15**: | ||
| + | This is a bugfix release: | ||
| + | With some libmaxminddb versions, named could erroneously match an IP address | ||
| + | not belonging to any subnet defined in a given GeoIP2 database to one of the | ||
| + | existing entries in that database. [GL #1552] | ||
| + | Fix line spacing in `rndc secroots`. Thanks to Tony Finch. [GL #2478] | ||
| ==== 2020-01-11 ==== | ==== 2020-01-11 ==== | ||
changelog_14.2.txt · Last modified: 2023/12/23 13:40 by connie