This is an old revision of the document!
Slackwarearm-14.2 ChangeLog (2018-04-05)
Thu Apr 05 08:08:08 UTC 2018
Packages
Rebuilt
- patches/packages/glibc-2.23-arm-7_slack14.2.txz
Built against Linux 4.14.32 Kernel headers. - patches/packages/glibc-i18n-2.23-arm-7_slack14.2.txz
- patches/packages/glibc-profile-2.23-arm-7_slack14.2.txz
- patches/packages/glibc-solibs-2.23-arm-7_slack14.2.txz
Upgraded
- patches/packages/kernel-firmware-20180330_a3be6d4-noarch-1_slack14.2.txz
- patches/packages/libidn-1.34-arm-1_slack14.2.txz
This update fixes security issues:
Fix integer overflow in combine_hangul()
Fix integer overflow in punycode decoder
Fix NULL pointer dereference in g_utf8_normalize()
Fix NULL pointer dereference in stringprep_ucs4_nfkc_normalize()
(* Security fix *) - patches/packages/linux-4.14.32/kernel-headers-4.14.32-arm-1_slack14.2.txz
- patches/packages/linux-4.14.32/kernel-modules-armv5-4.14.32_armv5-arm-1_slack14.2.txz
- patches/packages/linux-4.14.32/kernel-modules-armv7-4.14.32_armv7-arm-1_slack14.2.txz
- patches/packages/linux-4.14.32/kernel-source-4.14.32-arm-1_slack14.2.txz
- patches/packages/linux-4.14.32/kernel_armv5-4.14.32-arm-1_slack14.2.txz
- patches/packages/linux-4.14.32/kernel_armv7-4.14.32-arm-1_slack14.2.txz
The armv7 Kernel presently has feature parity with its counterpart in -current.
This means that with some work, you could use this Kernel on the Orange Pi's,
but you'd have to figure out how to install the OS there initially (as the
14.2 installer and Kernel packages in the main tree remain on the v4.4 Kernel). - patches/packages/nano-2.9.5-arm-1_slack14.2.txz
- patches/packages/openssl-1.0.2o-arm-1_slack14.2.txz
This update fixes a security issue:
Constructed ASN.1 types with a recursive definition could exceed the stack.
For more information, see:
https://www.openssl.org/news/secadv/20180327.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0739
(* Security fix *) - patches/packages/openssl-solibs-1.0.2o-arm-1_slack14.2.txz
- patches/packages/php-5.6.35-arm-1_slack14.2.txz
This update fixes a security issue where sensitive data belonging to other
accounts might be accessed by a local user.
For more information, see:
http://bugs.php.net/75605
(* Security fix *) - patches/packages/ruby-2.2.10-arm-1_slack14.2.txz
This release includes some bug fixes and some security fixes:
HTTP response splitting in WEBrick.
Unintentional file and directory creation with directory traversal in
tempfile and tmpdir.
DoS by large request in WEBrick.
Buffer under-read in String#unpack.
Unintentional socket creation by poisoned NUL byte in UNIXServer
and UNIXSocket.
Unintentional directory traversal by poisoned NUL byte in Dir.
Multiple vulnerabilities in RubyGems.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
(* Security fix *)
pasture/linux-4.4.119/*: Moved.
This are the Linux 4.4.119 packages, moved from 'patches'.