Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackwarearm-14.2 ChangeLog (2019-10-21) ====== ====== Mon Oct 21 08:08:08 UTC 2019 ====== ===== Packages ===== ==== Upgraded ==== * [[slackwarearm.14.2>patches/packages/ca-certificates-20191018-noarch-1_slack14.2.txz]] \\ This update provides the latest CA certificates to check for the \\ authenticity of SSL connections. * [[slackwarearm.14.2>patches/packages/linux-4.4.197/*]] * [[slackwarearm.14.2>patches/packages/nano-4.5-arm-1_slack14.2.txz]] * [[slackwarearm.14.2>patches/packages/python-2.7.17-arm-1_slack14.2.txz]] \\ This update fixes bugs and security issues: \\ Update vendorized expat library version to 2.2.8. \\ Disallow URL paths with embedded whitespace or control characters into the \\ underlying http client request. Such potentially malicious header injection \\ URLs now cause an httplib.InvalidURL exception to be raised. \\ Avoid file reading by disallowing ``local-file://`` and ``local_file://`` \\ URL schemes in :func:`urllib.urlopen`, :meth:`urllib.URLopener.open` and \\ :meth:`urllib.URLopener.retrieve`. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9740 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9948 \\ (* Security fix *) ==== Rebuilt ==== * [[slackwarearm.14.2>patches/packages/sudo-1.8.28p1-arm-2_slack14.1.txz]] \\ This is a bugfix release: \\ Ensure that /etc/environment exists to prevent complaints from "sudo -i". {{tag>slackware changelog slackwarearm-14.2 2019-10}} news/2019/10/21/slackwarearm-14.2-changelog.txt Last modified: 13 months agoby Giuseppe Di Terlizzi Log In