Slackware-current ChangeLog (2020-03-23)
Mon Mar 23 20:03:39 UTC 2020
Packages
Upgraded
- l/gd-2.3.0-i586-1.txz
This update fixes bugs and security issues:
Potential double-free in gdImage*Ptr().
gdImageColorMatch() out of bounds write on heap.
Uninitialized read in gdImageCreateFromXbm().
Double-free in gdImageBmp.
Potential NULL pointer dereference in gdImageClone().
Potential infinite loop in gdImageCreateFromGifCtx().
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6978
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6977
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11038
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000222
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14553
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5711
(* Security fix *)
Rebuilt
- n/curl-7.69.1-i586-2.txz
Use –with-ca-path=/etc/ssl/certs instead of
–with-ca-bundle=/usr/share/curl/ca-bundle.crt. Thanks to shastah. - xap/audacious-4.0-i586-2.txz
Rebuilt with autotools to fix French language support. Thanks to gmgf. - xap/audacious-plugins-4.0-i586-2.txz
Rebuilt with autotools.