Slackwarearm-14.2 ChangeLog (2018-04-05)

Thu Apr 05 08:08:08 UTC 2018

  • patches/packages/glibc-2.23-arm-7_slack14.2.txz
    Built against Linux 4.14.32 Kernel headers.
  • patches/packages/glibc-i18n-2.23-arm-7_slack14.2.txz
  • patches/packages/glibc-profile-2.23-arm-7_slack14.2.txz
  • patches/packages/glibc-solibs-2.23-arm-7_slack14.2.txz
  • patches/packages/kernel-firmware-20180330_a3be6d4-noarch-1_slack14.2.txz
  • patches/packages/libidn-1.34-arm-1_slack14.2.txz
    This update fixes security issues:
    Fix integer overflow in combine_hangul()
    Fix integer overflow in punycode decoder
    Fix NULL pointer dereference in g_utf8_normalize()
    Fix NULL pointer dereference in stringprep_ucs4_nfkc_normalize()
    (* Security fix *)
  • patches/packages/linux-4.14.32/kernel-headers-4.14.32-arm-1_slack14.2.txz
  • patches/packages/linux-4.14.32/kernel-modules-armv5-4.14.32_armv5-arm-1_slack14.2.txz
  • patches/packages/linux-4.14.32/kernel-modules-armv7-4.14.32_armv7-arm-1_slack14.2.txz
  • patches/packages/linux-4.14.32/kernel-source-4.14.32-arm-1_slack14.2.txz
  • patches/packages/linux-4.14.32/kernel_armv5-4.14.32-arm-1_slack14.2.txz
  • patches/packages/linux-4.14.32/kernel_armv7-4.14.32-arm-1_slack14.2.txz
    The armv7 Kernel presently has feature parity with its counterpart in -current.
    This means that with some work, you could use this Kernel on the Orange Pi's,
    but you'd have to figure out how to install the OS there initially (as the
    14.2 installer and Kernel packages in the main tree remain on the v4.4 Kernel).
  • patches/packages/nano-2.9.5-arm-1_slack14.2.txz
  • patches/packages/openssl-1.0.2o-arm-1_slack14.2.txz
    This update fixes a security issue:
    Constructed ASN.1 types with a recursive definition could exceed the stack.
    For more information, see:
    https://www.openssl.org/news/secadv/20180327.txt
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0739
    (* Security fix *)
  • patches/packages/openssl-solibs-1.0.2o-arm-1_slack14.2.txz
  • patches/packages/php-5.6.35-arm-1_slack14.2.txz
    This update fixes a security issue where sensitive data belonging to other
    accounts might be accessed by a local user.
    For more information, see:
    http://bugs.php.net/75605
    (* Security fix *)
  • patches/packages/ruby-2.2.10-arm-1_slack14.2.txz
    This release includes some bug fixes and some security fixes:
    HTTP response splitting in WEBrick.
    Unintentional file and directory creation with directory traversal in
    tempfile and tmpdir.
    DoS by large request in WEBrick.
    Buffer under-read in String#unpack.
    Unintentional socket creation by poisoned NUL byte in UNIXServer
    and UNIXSocket.
    Unintentional directory traversal by poisoned NUL byte in Dir.
    Multiple vulnerabilities in RubyGems.
    For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
    (* Security fix *)
    pasture/linux-4.4.119/*: Moved.
    This are the Linux 4.4.119 packages, moved from 'patches'.
  • news/2018/04/05/slackwarearm-14.2-changelog.txt
  • Last modified: 3 years ago
  • by Giuseppe Di Terlizzi