This is an old revision of the document!
Slackware64-14.2 ChangeLog (2018-05-23)
Wed May 23 04:42:29 UTC 2018
Packages
Upgraded
- patches/packages/linux-4.4.132/*
This kernel upgrade is being provided primarily to fix a regression in the
getsockopt() function, but it also contains fixes for two denial-of-service
security issues.
Be sure to upgrade your initrd after upgrading the kernel packages.
If you use lilo to boot your machine, be sure lilo.conf points to the correct
kernel and initrd and run lilo as root to update the bootloader.
If you use elilo to boot your machine, you should run eliloconfig to copy the
kernel and initrd to the EFI System Partition.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000004
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1092
(* Security fix *) - patches/packages/mozilla-thunderbird-52.8.0-x86_64-1_slack14.2.txz
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/52.8.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/
(* Security fix *) - patches/packages/procps-ng-3.3.15-x86_64-1_slack14.2.txz
Shared library .so-version bump.
This update fixes bugs and security issues:
library: Fix integer overflow and LPE in file2strvec
library: Use size_t for alloc functions
pgrep: Fix stack-based buffer overflow
ps: Fix buffer overflow in output buffer, causing DOS
top: Don't use cwd for location of config
For more information, see:
https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1124
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1126
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1125
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1123
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1122
(* Security fix *)