Differences

This shows you the differences between two versions of the page.

--- changelog_14.2 [2020/06/18 22:37] – [2020-06-14] connie
+++ changelog_14.2 [2020/06/24 18:19] – [2020-06-23] connie
@@ Line 2: / Line 2: @@
 Slackware upstream ChangeLog entries are courtesy of Patrick Volkerding.
+==== 2020-06-24 ====
+**curl-7.71.0**:  Upgraded.
+This update fixes security issues:
+curl overwrite local file with -J [111]
+Partial password leak over DNS on HTTP redirect [48]
+For more information, see:
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169
+(**Security fix**)
+**libjpeg-turbo-2.0.5**:  Upgraded.
+This update fixes bugs and a security issue:
+Fixed an issue in the PPM reader that caused a buffer overrun in cjpeg,
+TJBench, or the `tjLoadImage()` function if one of the values in a binary
+PPM/PGM input file exceeded the maximum value defined in the file's header
+and that maximum value was less than 255.
+For more information, see:
+  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13790
+(**Security fix**)
+==== 2020-06-23 ====
+**ntp-4.2.8p15**:  Upgraded.
+This release fixes one vulnerability: Associations that use CMAC
+authentication between ntpd from versions 4.2.8p11/4.3.97 and
+.2.8p14/4.3.100 will leak a small amount of memory for each packet.
+Eventually, ntpd will run out of memory and abort.
+(**Security fix**)
+**sudo-1.8.31p2**:  Upgraded.
+This is a bugfix release. For more information, see:
+  * https://www.sudo.ws/legacy.html#1.8.31p2
 ==== 2020-06-18 ====