Slackware-14.2 ChangeLog (2019-12-21)
Sat Dec 21 01:04:26 UTC 2019
Packages
Upgraded
- patches/packages/openssl-1.0.2u-i586-1_slack14.2.txz
This update fixes a low severity security issue:
Fixed an an overflow bug in the x86_64 Montgomery squaring procedure used in
exponentiation with 512-bit moduli.
For more information, see:
https://www.openssl.org/news/secadv/20191206.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551
(* Security fix *) - patches/packages/openssl-solibs-1.0.2u-i586-1_slack14.2.txz
- patches/packages/tigervnc-1.10.1-i586-1_slack14.2.txz
From tigervnc.org: “This is a security release to fix a number of issues
that were found by Kaspersky Lab. These issues affect both the client and
server and could theoretically allow a malicious peer to take control
over the software on the other side. No working exploit is known at this
time, and the issues require the peer to first be authenticated. We still
urge users to upgrade when possible.”
(* Security fix *)