Slackwarearm-14.2 ChangeLog (2018-07-21)
Sat Jul 21 08:08:08 UTC 2018
Packages
Upgraded
- patches/packages/httpd-2.4.34-arm-1_slack14.2.txz
This update fixes two denial of service issues:
mod_md: DoS via Coredumps on specially crafted requests
mod_http2: DoS for HTTP/2 connections by specially crafted requests
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8011
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1333
(* Security fix *) - patches/packages/php-5.6.37-arm-1_slack14.2.txz
Several security bugs have been fixed in this release, including:
Int Overflow lead to Heap OverFlow in exif_thumbnail_extract of exif.c
heap-buffer-overflow (READ of size 48) while reading exif data
(* Security fix *)