Differences

This shows you the differences between two versions of the page.

--- changelog_14.2 [2020/03/23 20:50] – [2020-03-04] connie
+++ changelog_14.2 [2020/03/31 17:58] – [2020-03-27] connie
@@ Line 2: / Line 2: @@
 Slackware upstream ChangeLog entries are courtesy of Patrick Volkerding.
+==== 2020-03-31 ====
+**gnutls-3.6.13**:  Upgraded.
+This update fixes a security issue:
+libgnutls: Fix a DTLS-protocol regression (caused by TLS1.3 support),
+since 3.6.3. The DTLS client would not contribute any randomness to the
+DTLS negotiation, breaking the security guarantees of the DTLS protocol.
+[GNUTLS-SA-2020-03-31, CVSS: high]
+(**Security fix**)
+**httpd-2.4.43**:  Upgraded.
+This release contains security fixes (since 2.4.39) and improvements.
+For more information, see:
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10097
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081
+(**Security fix**)
+==== 2020-03-27 ====
+**linux-libre-*-4.4.217**:  Upgraded.
+These updates fix various bugs and security issues.
+Be sure to upgrade your initrd after upgrading the kernel packages.
+If you use lilo to boot your machine, be sure lilo.conf points to the correct
+kernel and initrd and run lilo as root to update the bootloader.
+If you use elilo to boot your machine, you should run eliloconfig to copy the
+kernel and initrd to the EFI System Partition.
+For more information, see:
+Fixed in 4.4.209:
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19965
+Fixed in 4.4.210:
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19068
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14615
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14895
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19056
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19066
+Fixed in 4.4.211:
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15217
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21008
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15220
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15221
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5108
+Fixed in 4.4.212:
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14896
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14897
+Fixed in 4.4.215:
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9383
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2732
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16233
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0009
+Fixed in 4.4.216:
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11487
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8647
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8649
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16234
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8648
+Fixed in 4.4.217:
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14901
+(**Security fix**)
 ==== 2020-03-23 ====