Slackware-14.0 ChangeLog (2018-12-22)
Sat Dec 22 04:38:27 UTC 2018
Packages
Upgraded
- patches/packages/netatalk-3.1.12-i486-1_slack14.0.txz
Netatalk before 3.1.12 is vulnerable to an out of bounds write in
dsi_opensess.c. This is due to lack of bounds checking on attacker
controlled data. A remote unauthenticated attacker can leverage
this vulnerability to achieve arbitrary code execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1160
(* Security fix *)