Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackware-current ChangeLog (2019-04-18) ====== ====== Thu Apr 18 21:13:58 UTC 2019 ====== ===== Packages ===== ==== Upgraded ==== * [[slackware.current>ap/ksh93-20190416_7d7bba3e-i586-1.txz]] * [[slackware.current>ap/sysstat-12.1.4-i586-1.txz]] * [[slackware.current>l/icu4c-64.2-i586-1.txz]] * [[slackware.current>l/libcdio-2.1.0-i586-1.txz]] \\ Shared library .so-version bump. * [[slackware.current>l/zstd-1.4.0-i586-1.txz]] * [[slackware.current>n/dhcpcd-7.2.0-i586-1.txz]] * [[slackware.current>n/dovecot-2.3.5.2-i586-1.txz]] \\ This update fixes a security issue: \\ Trying to login with 8bit username containing invalid UTF8 input causes \\ auth process to crash if auth policy is enabled. This could be used rather \\ easily to cause a DoS. Similar crash also happens during mail delivery \\ when using invalid UTF8 in From or Subject header when OX push \\ notification driver is used. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10691 \\ (* Security fix *) * [[slackware.current>n/nghttp2-1.38.0-i586-1.txz]] * [[slackware.current>n/openssh-8.0p1-i586-1.txz]] \\ This release contains a mitigation for a weakness in the scp(1) tool \\ and protocol (CVE-2019-6111): when copying files from a remote system \\ to a local directory, scp(1) did not verify that the filenames that \\ the server sent matched those requested by the client. This could \\ allow a hostile server to create or clobber unexpected local files \\ with attacker-controlled content. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111 \\ (* Security fix *) * [[slackware.current>xap/MPlayer-20190418-i586-1.txz]] \\ Compiled against libcdio-2.1.0. * [[slackware.current>extra/pure-alsa-system/MPlayer-20190418-i586-1_alsa.txz]] \\ Compiled against libcdio-2.1.0. ==== Rebuilt ==== * [[slackware.current>l/gvfs-1.40.1-i586-2.txz]] \\ Recompiled against libcdio-2.1.0. * [[slackware.current>l/libcddb-1.3.2-i586-6.txz]] \\ Recompiled against libcdio-2.1.0. * [[slackware.current>l/libcdio-paranoia-10.2+2.0.0-i586-2.txz]] \\ Recompiled against libcdio-2.1.0. * [[slackware.current>xap/audacious-plugins-3.10.1-i586-2.txz]] \\ Recompiled against libcdio-2.1.0. * [[slackware.current>extra/pure-alsa-system/audacious-plugins-3.10.1-i586-2_alsa.txz]] \\ Recompiled against libcdio-2.1.0. {{tag>slackware changelog slackware-current 2019/04}} news/2019/04/18/slackware-current-changelog.txt Last modified: 5 years agoby Giuseppe Di Terlizzi Log In