Slackware64-14.2 ChangeLog (2017-06-26)

Mon Jun 26 20:36:18 UTC 2017

  • patches/packages/linux-4.4.74/*
    This kernel fixes two “Stack Clash” vulnerabilities reported by Qualys.
    The first issue may allow attackers to execute arbitrary code with elevated
    privileges. Failed attack attempts will likely result in denial-of-service
    conditions. The second issue can be exploited to bypass certain security
    restrictions and perform unauthorized actions.
    Be sure to upgrade your initrd after upgrading the kernel packages.
    If you use lilo to boot your machine, be sure lilo.conf points to the correct
    kernel and initrd and run lilo as root to update the bootloader.
    If you use elilo to boot your machine, you should run eliloconfig to copy the
    kernel and initrd to the EFI System Partition.
    For more information, see:
    https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000364
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000365
    (* Security fix *)
  • patches/packages/mozilla-thunderbird-52.2.1-x86_64-1_slack14.2.txz
    This is a bugfix release.
  • news/2017/06/26/slackware64-14.2-changelog.txt
  • Last modified: 3 years ago
  • by Giuseppe Di Terlizzi