Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackwarearm-14.2 ChangeLog (2019-02-09) ====== ====== Sat Feb 09 08:08:08 UTC 2019 ====== ===== Packages ===== ==== Upgraded ==== * [[slackwarearm.14.2>patches/packages/curl-7.64.0-arm-1_slack14.2.txz]] \\ This release fixes the following security issues: \\ NTLM type-2 out-of-bounds buffer read. \\ NTLMv2 type-3 header stack buffer overflow. \\ SMTP end-of-response out-of-bounds read. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823 \\ (* Security fix *) * [[slackwarearm.14.2>patches/packages/linux-4.4.173/kernel-headers-4.4.173-arm-1_slack14.2.txz]] * [[slackwarearm.14.2>patches/packages/linux-4.4.173/kernel-modules-armv5-4.4.173_armv5-arm-1_slack14.2.txz]] * [[slackwarearm.14.2>patches/packages/linux-4.4.173/kernel-modules-armv7-4.4.173_armv7-arm-1_slack14.2.txz]] * [[slackwarearm.14.2>patches/packages/linux-4.4.173/kernel-source-4.4.173-arm-1_slack14.2.txz]] * [[slackwarearm.14.2>patches/packages/linux-4.4.173/kernel_armv5-4.4.173-arm-1_slack14.2.txz]] * [[slackwarearm.14.2>patches/packages/linux-4.4.173/kernel_armv7-4.4.173-arm-1_slack14.2.txz]] * [[slackwarearm.14.2>patches/packages/php-5.6.40-arm-1_slack14.2.txz]] \\ Several security bugs have been fixed in this release: \\ GD: \\ Fixed bug #77269 (efree() on uninitialized Heap data in imagescale leads \\ to use-after-free). \\ Fixed bug #77270 (imagecolormatch Out Of Bounds Write on Heap). \\ Mbstring: \\ Fixed bug #77370 (Buffer overflow on mb regex functions - fetch_token). \\ Fixed bug #77371 (heap buffer overflow in mb regex functions - \\ compile_string_node). \\ Fixed bug #77381 (heap buffer overflow in multibyte match_at). \\ Fixed bug #77382 (heap buffer overflow due to incorrect length in \\ expand_case_fold_string). \\ Fixed bug #77385 (buffer overflow in fetch_token). \\ Fixed bug #77394 (Buffer overflow in multibyte case folding - unicode). \\ Fixed bug #77418 (Heap overflow in utf32be_mbc_to_code). \\ Phar: \\ Fixed bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext). \\ Xmlrpc: \\ Fixed bug #77242 (heap out of bounds read in xmlrpc_decode()). \\ Fixed bug #77380 (Global out of bounds read in xmlrpc base64 code). \\ For more information, see: \\ https://php.net/ChangeLog-5.php#5.6.40 \\ (* Security fix *) {{tag>slackware changelog slackwarearm-14.2 2019-02}} news/2019/02/09/slackwarearm-14.2-changelog.txt Last modified: 13 months agoby Giuseppe Di Terlizzi Log In