Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackwarearm-14.2 ChangeLog (2020-06-04) ====== ====== Thu Jun 04 08:08:08 UTC 2020 ====== ===== Packages ===== ==== Upgraded ==== * [[slackwarearm.14.2>patches/packages/gnutls-3.6.14-arm-1_slack14.2.txz]] \\ Fixed insecure session ticket key construction, since 3.6.4. The TLS server \\ would not bind the session ticket encryption key with a value supplied by \\ the application until the initial key rotation, allowing attacker to bypass \\ authentication in TLS 1.3 and recover previous conversations in TLS 1.2. \\ [GNUTLS-SA-2020-06-03, CVSS: high] \\ (* Security fix *) {{tag>slackware changelog slackwarearm-14.2 2020-06}} news/2020/06/04/slackwarearm-14.2-changelog.txt Last modified: 13 months agoby Giuseppe Di Terlizzi Log In