Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackwarearm-14.2 ChangeLog (2018-12-06) ====== ====== Thu Dec 06 08:08:08 UTC 2018 ====== ===== Packages ===== ==== Upgraded ==== * [[slackwarearm.14.2>patches/packages/gnutls-3.6.5-arm-1_slack14.2.txz]] \\ This update fixes a security issue: \\ Bleichenbacher-like side channel leakage in PKCS#1 1.5 verification and \\ padding oracle verification. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16868 \\ (* Security fix *) * [[slackwarearm.14.2>patches/packages/nettle-3.4.1-arm-1_slack14.2.txz]] \\ This update fixes a security issue: \\ A Bleichenbacher type side-channel based padding oracle attack was found \\ in the way nettle handles endian conversion of RSA decrypted PKCS#1 v1.5 \\ data. An attacker who is able to run a process on the same physical core \\ as the victim process, could use this flaw to extract plaintext or in some \\ cases downgrade any TLS connections to a vulnerable server. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16869 \\ (* Security fix *) {{tag>slackware changelog slackwarearm-14.2 2018-12}} news/2018/12/06/slackwarearm-14.2-changelog.txt Last modified: 12 months agoby Giuseppe Di Terlizzi Log In