Slackware-14.2 ChangeLog (2018-02-01)
Thu Feb 1 18:24:15 UTC 2018
Packages
Upgraded
- patches/packages/mariadb-10.0.34-i586-1_slack14.2.txz
This update fixes bugs and security issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2562
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2622
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2640
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2665
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2668
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2612
(* Security fix *) - patches/packages/rsync-3.1.3-i586-1_slack14.2.txz
This update fixes two security issues:
Fixed a buffer overrun in the protocol's handling of xattr names and
ensure that the received name is null terminated.
Fix an issue with –protect-args where the user could specify the arg in
the protected-arg list and short-circuit some of the arg-sanitizing code.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16548
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5764
(* Security fix *)