Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackware-current ChangeLog (2017-06-29) ====== ====== Thu Jun 29 20:55:09 UTC 2017 ====== ===== Packages ===== ==== Upgraded ==== * [[slackware.current>a/mkinitrd-1.4.10-i586-1.txz]] \\ Added support for -P option and MICROCODE_ARCH in mkinitrd.conf to specify \\ a microcode archive to be prepended to the initrd for early CPU microcode \\ patching by the kernel. Thanks to SeB. * [[slackware.current>ap/nano-2.8.5-i586-1.txz]] * [[slackware.current>ap/screen-4.6.0-i586-1.txz]] * [[slackware.current>d/llvm-4.0.1-i586-1.txz]] * [[slackware.current>l/pcre-8.40-i586-1.txz]] * [[slackware.current>l/readline-7.0.003-i586-1.txz]] * [[slackware.current>n/bind-9.11.1_P2-i586-1.txz]] \\ This update fixes a high severity security issue: \\ An error in TSIG handling could permit unauthorized zone transfers \\ or zone updates. \\ For more information, see: \\ https://kb.isc.org/article/AA-01503/0 \\ https://kb.isc.org/article/AA-01504/0 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3142 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3143 \\ (* Security fix *) * [[slackware.current>n/httpd-2.4.26-i586-1.txz]] \\ This update fixes security issues which may lead to an authentication bypass \\ or a denial of service: \\ important: ap_get_basic_auth_pw() Authentication Bypass CVE-2017-3167 \\ important: mod_ssl Null Pointer Dereference CVE-2017-3169 \\ important: mod_http2 Null Pointer Dereference CVE-2017-7659 \\ important: ap_find_token() Buffer Overread CVE-2017-7668 \\ important: mod_mime Buffer Overread CVE-2017-7679 \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7659 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679 \\ (* Security fix *) * [[slackware.current>n/libgcrypt-1.7.8-i586-1.txz]] \\ Mitigate a local flush+reload side-channel attack on RSA secret keys \\ dubbed "Sliding right into disaster". \\ For more information, see: \\ https://eprint.iacr.org/2017/627 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7526 \\ (* Security fix *) * [[slackware.current>xfce/xfdesktop-4.12.4-i586-1.txz]] {{tag>slackware changelog slackware-current 2017/06}} news/2017/06/29/slackware-current-changelog.txt Last modified: 7 years agoby Giuseppe Di Terlizzi Log In