Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackware64-current ChangeLog (2020-04-22) ====== ====== Wed Apr 22 02:19:37 UTC 2020 ====== ===== Packages ===== ==== Upgraded ==== * [[slackware64.current>a/kernel-firmware-20200421_78c0348-noarch-1.txz]] * [[slackware64.current>a/kernel-generic-5.4.34-x86_64-1.txz]] * [[slackware64.current>a/kernel-huge-5.4.34-x86_64-1.txz]] * [[slackware64.current>a/kernel-modules-5.4.34-x86_64-1.txz]] * [[slackware64.current>a/openssl-solibs-1.1.1g-x86_64-1.txz]] * [[slackware64.current>d/git-2.26.2-x86_64-1.txz]] \\ This update fixes a security issue: \\ With a crafted URL that contains a newline or empty host, or lacks \\ a scheme, the credential helper machinery can be fooled into \\ providing credential information that is not appropriate for the \\ protocol in use and host being contacted. \\ Unlike the vulnerability CVE-2020-5260 fixed in v2.17.4, the \\ credentials are not for a host of the attacker's choosing; instead, \\ they are for some unspecified host (based on how the configured \\ credential helper handles an absent "host" parameter). \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11008 \\ (* Security fix *) * [[slackware64.current>d/kernel-headers-5.4.34-x86-1.txz]] * [[slackware64.current>d/vala-0.48.4-x86_64-1.txz]] * [[slackware64.current>k/kernel-source-5.4.34-noarch-1.txz]] \\ INFINIBAND_CXGB3 n -> m \\ INFINIBAND_IPOIB_CM n -> y \\ INFINIBAND_IPOIB_DEBUG_DATA n -> y \\ Thanks to Karl Magnus Kolstø. * [[slackware64.current>l/netpbm-10.90.01-x86_64-1.txz]] * [[slackware64.current>n/openssl-1.1.1g-x86_64-1.txz]] \\ This update fixes a security issue: \\ Fixed segmentation fault in SSL_check_chain() that could be exploited by a \\ malicious peer in a Denial of Service attack. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1967 \\ (* Security fix *) * [[slackware64.current>x/libva-2.7.1-x86_64-1.txz]] * [[slackware64.current>kernels/*]] * [[slackware64.current>testing/packages/PAM/openvpn-2.4.9-x86_64-1_pam.txz]] \\ This update fixes a security issue: \\ Fix illegal client float. Thanks to Lev Stipakov. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11810 \\ (* Security fix *) ==== Rebuilt ==== * [[slackware64.current>l/M2Crypto-0.35.2-x86_64-4.txz]] \\ Don't package typing-3.7.4.1 for python3. * [[slackware64.current>isolinux/initrd.img]] * [[slackware64.current>usb-and-pxe-installers/usbboot.img]] {{tag>slackware changelog slackware64-current 2020/04}} news/2020/04/22/slackware64-current-changelog.txt Last modified: 4 years agoby Giuseppe Di Terlizzi Log In