This is an old revision of the document!
Slackware64-14.2 ChangeLog (2019-06-18)
Tue Jun 18 21:46:31 UTC 2019
Packages
Upgraded
- patches/packages/ca-certificates-20190617-noarch-1_slack14.2.txz
This update provides the latest CA certificates to check for the
authenticity of SSL connections. - patches/packages/linux-4.4.182/*
These updates fix various bugs and many security issues, including the
“SACK Panic” remote denial-of-service issue.
Be sure to upgrade your initrd after upgrading the kernel packages.
If you use lilo to boot your machine, be sure lilo.conf points to the correct
kernel and initrd and run lilo as root to update the bootloader.
If you use elilo to boot your machine, you should run eliloconfig to copy the
kernel and initrd to the EFI System Partition.
For more information, see:
Fixed in 4.4.174:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5391
Fixed in 4.4.175:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7222
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7221
Fixed in 4.4.176:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6974
Fixed in 4.4.177:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9213
Fixed in 4.4.178:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3459
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3460
Fixed in 4.4.179:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11486
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11810
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11815
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11190
Fixed in 4.4.180:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20836
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3882
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11884
Fixed in 4.4.181:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11833
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20510
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000026
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9503
Fixed in 4.4.182:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11477
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11478
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11479
(* Security fix *) - patches/packages/mozilla-firefox-60.7.1esr-x86_64-1_slack14.2.txz
This release contains a security fix and improvements. The patched flaw is
considered critical, and could be used to run attacker code and install
software, requiring no user interaction beyond normal browsing.
For more information, see:
https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11707
(* Security fix *)