Slackware-14.2 ChangeLog (2022-12-20)
Tue Dec 20 20:40:18 UTC 2022
Packages
Upgraded
- patches/packages/libksba-1.6.3-i586-1_slack14.2.txz
Fix another integer overflow in the CRL's signature parser.
(* Security fix *)
Rebuilt
- patches/packages/sdl-1.2.15-i586-6_slack14.2.txz
This update fixes a heap overflow problem in video/SDL_pixels.c in SDL.
By crafting a malicious .BMP file, an attacker can cause the application
using this library to crash, denial of service, or code execution.
Thanks to marav for the heads-up.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2021-33657
(* Security fix *)