Slackwarearm-14.2 ChangeLog (2018-12-23)
Sun Dec 23 08:08:08 UTC 2018
Packages
Upgraded
- patches/packages/netatalk-3.1.12-arm-1_slack14.2.txz
Netatalk before 3.1.12 is vulnerable to an out of bounds write in
dsi_opensess.c. This is due to lack of bounds checking on attacker
controlled data. A remote unauthenticated attacker can leverage
this vulnerability to achieve arbitrary code execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1160
(* Security fix *)