This shows you the differences between two versions of the page.
| Next revision | Previous revision |
| news:2017:06:27:slackwarearm-14.2-changelog [2017/07/01 15:22] – created Giuseppe Di Terlizzi | news:2017:06:27:slackwarearm-14.2-changelog [2023/10/23 08:28] (current) – Giuseppe Di Terlizzi |
|---|
| |
| ==== Upgraded ==== | ==== Upgraded ==== |
| * [[slackwarearm.14.2>patches/packages/linux-4.4.74/*]] \\ This kernel fixes two "Stack Clash" vulnerabilities reported by Qualys. \\ The first issue may allow attackers to execute arbitrary code with elevated \\ privileges. Failed attack attempts will likely result in denial-of-service \\ conditions. The second issue can be exploited to bypass certain security \\ restrictions and perform unauthorized actions. \\ Be sure to upgrade your initrd after upgrading the kernel packages. \\ If you use lilo to boot your machine, be sure lilo.conf points to the correct \\ kernel and initrd and run lilo as root to update the bootloader. \\ If you use elilo to boot your machine, you should run eliloconfig to copy the \\ kernel and initrd to the EFI System Partition. \\ For more information, see: \\ https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000364 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000365 \\ (* Security fix *) | * [[slackwarearm.14.2>patches/packages/linux-4.4.74/*]] \\ This kernel fixes two "Stack Clash" vulnerabilities reported by Qualys. \\ The first issue may allow attackers to execute arbitrary code with elevated \\ privileges. Failed attack attempts will likely result in denial-of-service \\ conditions. The second issue can be exploited to bypass certain security \\ restrictions and perform unauthorized actions. \\ For more information, see: \\ https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000364 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000365 \\ (* Security fix *) |
| |
| |
| {{tag>slackware changelog slackwarearm-14.2 2017/06}} | {{tag>slackware changelog slackwarearm-14.2 2017-06}} |
| |
Giuseppe Di Terlizzi