This is an old revision of the document!
Slackwarearm-14.2 ChangeLog (2019-04-07)
Sun Apr 07 08:08:08 UTC 2019
Packages
Upgraded
- patches/packages/httpd-2.4.39-arm-1_slack14.2.txz
This release contains security fixes and improvements.
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker
or prefork, code executing in less-privileged child processes or threads
(including scripts executed by an in-process scripting interpreter) could
execute arbitrary code with the privileges of the parent process by
manipulating the scoreboard.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211
(* Security fix *) - patches/packages/openjpeg-2.3.1-arm-1_slack14.2.txz
Includes many bug fixes (including security fixes).
(* Security fix *) - patches/packages/wget-1.20.3-arm-1_slack14.2.txz
Fixed a buffer overflow vulnerability:
src/iri.c(do_conversion): Reallocate the output buffer to a larger
size if it is already full.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5953
(* Security fix *)