This is an old revision of the document!
Slackware-14.0 ChangeLog (2018-05-17)
Thu May 17 04:13:16 UTC 2018
Packages
Upgraded
- patches/packages/curl-7.60.0-i486-1_slack14.0.txz
This release contains security fixes:
FTP: shutdown response buffer overflow
RTSP: bad headers buffer over-read
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000300
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000301
(* Security fix *) - patches/packages/php-5.6.36-i486-1_slack14.0.txz
This fixes many bugs, including some security issues:
Heap Buffer Overflow (READ: 1786) in exif_iif_add_value
stream filter convert.iconv leads to infinite loop on invalid sequence
Malicious LDAP-Server Response causes crash
fix for CVE-2018-5712 may not be complete
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10549
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10546
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10548
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10547
(* Security fix *)