Slackwarearm-14.2 ChangeLog (2020-10-22)
Thu Oct 22 08:08:08 UTC 2020
Packages
Upgraded
- patches/packages/ca-certificates-20201016-noarch-1_slack14.2.txz
This update provides the latest CA certificates to check for the
authenticity of SSL connections. - patches/packages/linux-4.4.240/*
These updates fix various bugs and security issues, including the recently
discovered “Bleeding Tooth” vulnerability in the Bluetooth subsystem
(CVE-2020-12351, CVE-2020-12352, and CVE-2020-24490).
For more information, see:
Fixed in 4.4.228:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20810
Fixed in 4.4.229:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12771
Fixed in 4.4.230:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15393
Fixed in 4.4.232:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10323
Fixed in 4.4.233:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26088
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19054
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25212
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9445
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13094
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8043
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16166
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14331
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19448
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19074
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19073
Fixed in 4.4.234:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14314
Fixed in 4.4.236:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25285
Fixed in 4.4.237:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25284
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14390
Fixed in 4.4.238:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25643
Fixed in 4.4.239:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25211
Fixed in 4.4.240:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12351
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12352
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24490
(* Security fix *) - patches/packages/glibc-zoneinfo-2020c-noarch-1_slack14.2.txz
This package provides the latest timezone updates. - patches/packages/kernel-firmware-20201005_58d41d0-noarch-1_slack14.2.txz
Rebuilt
- patches/packages/freetype-2.6.3-arm-4_slack14.2.txz
Fix heap buffer overflow in embedded PNG bitmap handling.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15999
(* Security fix *)