changelog_14.2
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
| changelog_14.2 [2020/03/27 22:14] – [2020-03-23] connie | changelog_14.2 [2020/04/14 23:39] – [2020-03-31] connie | ||
|---|---|---|---|
| Line 2: | Line 2: | ||
| Slackware upstream ChangeLog entries are courtesy of Patrick Volkerding. | Slackware upstream ChangeLog entries are courtesy of Patrick Volkerding. | ||
| + | |||
| + | ==== 2020-04-14 ==== | ||
| + | |||
| + | **git-2.17.4**: | ||
| + | This update fixes a security issue: | ||
| + | With a crafted URL that contains a newline in it, the credential helper | ||
| + | machinery can be fooled to give credential information for a wrong host. | ||
| + | The attack has been made impossible by forbidding a newline character in | ||
| + | any value passed via the credential protocol. Credit for finding the | ||
| + | vulnerability goes to Felix Wilhelm of Google Project Zero. | ||
| + | For more information, | ||
| + | * https:// | ||
| + | (**Security fix**) | ||
| + | |||
| + | ==== 2020-03-31 ==== | ||
| + | |||
| + | **gnutls-3.6.13**: | ||
| + | This update fixes a security issue: | ||
| + | libgnutls: Fix a DTLS-protocol regression (caused by TLS1.3 support), | ||
| + | since 3.6.3. The DTLS client would not contribute any randomness to the | ||
| + | DTLS negotiation, | ||
| + | [GNUTLS-SA-2020-03-31, | ||
| + | (**Security fix**) | ||
| + | |||
| + | **httpd-2.4.43**: | ||
| + | This release contains security fixes (since 2.4.39) and improvements. | ||
| + | For more information, | ||
| + | * https:// | ||
| + | * https:// | ||
| + | * https:// | ||
| + | * https:// | ||
| + | * https:// | ||
| + | * https:// | ||
| + | (**Security fix**) | ||
| + | |||
| ==== 2020-03-27 ==== | ==== 2020-03-27 ==== | ||
changelog_14.2.txt · Last modified: 2023/12/23 13:40 by connie