This is an old revision of the document!
Slackwarearm-14.2 ChangeLog (2018-04-28)
Sat Apr 28 08:08:08 UTC 2018
Packages
Upgraded
- patches/packages/linux-4.14.37/kernel-headers-4.14.37-arm-1_slack14.2.txz
- patches/packages/linux-4.14.37/kernel-modules-armv5-4.14.37_armv5-arm-1_slack14.2.txz
- patches/packages/linux-4.14.37/kernel-modules-armv7-4.14.37_armv7-arm-1_slack14.2.txz
- patches/packages/linux-4.14.37/kernel-source-4.14.37-arm-1_slack14.2.txz
- patches/packages/linux-4.14.37/kernel_armv5-4.14.37-arm-1_slack14.2.txz
- patches/packages/linux-4.14.37/kernel_armv7-4.14.37-arm-1_slack14.2.txz
- patches/packages/openvpn-2.4.6-arm-1_slack14.1.txz
This is a security update fixing a potential double-free() in Interactive
Service. This usually only leads to a process crash (DoS by an unprivileged
local account) but since it could possibly lead to memory corruption if
happening while multiple other threads are active at the same time,
CVE-2018-9336 has been assigned to acknowledge this risk.
For more information, see:
https://github.com/OpenVPN/openvpn/commit/1394192b210cb3c6624a7419bcf3ff966742e79b
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9336
(* Security fix *)
Giuseppe Di Terlizzi