Slackwarearm-14.2 ChangeLog (2019-04-19)
Fri Apr 19 08:08:08 UTC 2019
Packages
Upgraded
- patches/packages/libpng-1.6.37-arm-1_slack14.2.txz
This update fixes security issues:
Fixed a use-after-free vulnerability (CVE-2019-7317) in png_image_free.
Fixed a memory leak in the ARM NEON implementation of png_do_expand_palette.
Fixed a memory leak in pngtest.c.
Fixed two vulnerabilities (CVE-2018-14048, CVE-2018-14550) in
contrib/pngminus; refactor.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14048
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14550
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317
(* Security fix *) - patches/packages/libssh2-1.8.2-arm-1_slack14.2.txz
This update fixes a misapplied userauth patch that broke 1.8.1.
Thanks to Ook.