Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackware64-current ChangeLog (2021-10-21) ====== ====== Thu Oct 21 19:36:32 UTC 2021 ====== ===== Packages ===== ==== Upgraded ==== * [[slackware64.current>a/lvm2-2.03.13-x86_64-1.txz]] \\ Reverted to working version. * [[slackware64.current>d/rust-1.56.0-x86_64-1.txz]] * [[slackware64.current>l/pipewire-0.3.39-x86_64-1.txz]] * [[slackware64.current>x/ibus-m17n-1.4.8-x86_64-1.txz]] * [[slackware64.current>x/libinput-1.19.2-x86_64-1.txz]] * [[slackware64.current>xap/freerdp-2.4.1-x86_64-1.txz]] \\ This update fixes two security issues: \\ Improper client input validation for gateway connections allows to overwrite \\ memory. \\ Improper region checks in all clients allow out of bound write to memory. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41159 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41160 \\ (* Security fix *) * [[slackware64.current>xap/gftp-2.7.1b-x86_64-1.txz]] * [[slackware64.current>extra/php8/php8-8.0.12-x86_64-1.txz]] \\ This update fixes bugs and a security issue: \\ FPM: PHP-FPM oob R/W in root process leading to privilege escalation. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21703 \\ (* Security fix *) ==== Rebuilt ==== * [[slackware64.current>n/krb5-1.19.2-x86_64-2.txz]] \\ [PATCH] Fix KDC null deref on TGS inner body null server. \\ This fixes an issue where an authenticated attacker can cause a denial of \\ service in the KDC by sending a FAST TGS request with no server field. \\ Thanks to nobodino. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37750 \\ (* Security fix *) {{tag>slackware changelog slackware64-current 2021-10}} news/2021/10/21/slackware64-current-changelog.txt Last modified: 3 years agoby Giuseppe Di Terlizzi Log In