Slackwarearm-current ChangeLog (2018-02-03)
Sat Feb 03 08:08:08 UTC 2018
Packages
Upgraded
- a/bash-4.4.018-arm-1.txz
- ap/cups-filters-1.20.0-arm-1.txz
- ap/mariadb-10.2.12-arm-1.txz
- d/gdb-8.1-arm-1.txz
- l/dbus-glib-0.110-arm-1.txz
- l/harfbuzz-1.7.5-arm-1.txz
- l/libdvdnav-6.0.0-arm-1.txz
- l/libdvdread-6.0.0-arm-1.txz
- l/sip-4.19.7-arm-1.txz
- n/dhcp-4.4.0-arm-1.txz
- n/dovecot-2.3.0-arm-1.txz
- n/postfix-3.2.5-arm-1.txz
- n/rsync-3.1.3-arm-1.txz
This update fixes two security issues:
Fixed a buffer overrun in the protocol's handling of xattr names and
ensure that the received name is null terminated.
Fix an issue with –protect-args where the user could specify the arg in
the protected-arg list and short-circuit some of the arg-sanitizing code.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16548
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5764
(* Security fix *) - x/libevdev-1.5.8-arm-1.txz
Rebuilt
- d/perl-5.26.1-arm-2.txz
Removed dangling c2ph symlinks. Thanks to Tim Thomas.
Updated to DBD-mysql-4.044, DBI-1.640, URI-1.73, and libnet-3.11. - l/libunwind-1.2.1-arm-2.txz
Removed dangling .a symlink. Thanks to Tim Thomas.