Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackware64-14.2 ChangeLog (2020-08-21) ====== ====== Fri Aug 21 20:23:38 UTC 2020 ====== ===== Packages ===== ==== Upgraded ==== * [[slackware64.14.2>patches/packages/bind-9.11.22-x86_64-1_slack14.2.txz]] \\ This update fixes three security issues: \\ "update-policy" rules of type "subdomain" were incorrectly treated as \\ "zonesub" rules, which allowed keys used in "subdomain" rules to update \\ names outside of the specified subdomains. The problem was fixed by making \\ sure "subdomain" rules are again processed as described in the ARM. \\ When BIND 9 was compiled with native PKCS#11 support, it was possible to \\ trigger an assertion failure in code determining the number of bits in the \\ PKCS#11 RSA public key with a specially crafted packet. \\ It was possible to trigger an assertion failure when verifying the response \\ to a TSIG-signed request. \\ For more information, see: \\ https://kb.isc.org/docs/cve-2020-8624 \\ https://kb.isc.org/docs/cve-2020-8623 \\ https://kb.isc.org/docs/cve-2020-8622 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8624 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8623 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8622 \\ (* Security fix *) {{tag>slackware changelog slackware64-14.2 2020-08}} news/2020/08/21/slackware64-14.2-changelog.txt Last modified: 12 months agoby Giuseppe Di Terlizzi Log In