Slackware-14.2 ChangeLog (2017-08-15)

Tue Aug 15 22:16:12 UTC 2017

  • patches/packages/xorg-server-1.18.3-i586-3_slack14.2.txz
    This update fixes two security issues:
    A user authenticated to an X Session could crash or execute code in the
    context of the X Server by exploiting a stack overflow in the endianness
    conversion of X Events.
    Uninitialized data in endianness conversion in the XEvent handling of the
    X.Org X Server allowed authenticated malicious users to access potentially
    privileged data from the X server.
    For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10971
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10972
    (* Security fix *)
  • patches/packages/xorg-server-xephyr-1.18.3-i586-3_slack14.2.txz
  • patches/packages/xorg-server-xnest-1.18.3-i586-3_slack14.2.txz
  • patches/packages/xorg-server-xvfb-1.18.3-i586-3_slack14.2.txz
  • news/2017/08/15/slackware-14.2-changelog.txt
  • Last modified: 3 years ago
  • by Giuseppe Di Terlizzi