Slackware64-14.2 ChangeLog (2019-12-21)

Sat Dec 21 01:04:26 UTC 2019

  • patches/packages/openssl-1.0.2u-x86_64-1_slack14.2.txz
    This update fixes a low severity security issue:
    Fixed an an overflow bug in the x86_64 Montgomery squaring procedure used in
    exponentiation with 512-bit moduli.
    For more information, see:
    https://www.openssl.org/news/secadv/20191206.txt
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551
    (* Security fix *)
  • patches/packages/openssl-solibs-1.0.2u-x86_64-1_slack14.2.txz
  • patches/packages/tigervnc-1.10.1-x86_64-1_slack14.2.txz
    From tigervnc.org: “This is a security release to fix a number of issues
    that were found by Kaspersky Lab. These issues affect both the client and
    server and could theoretically allow a malicious peer to take control
    over the software on the other side. No working exploit is known at this
    time, and the issues require the peer to first be authenticated. We still
    urge users to upgrade when possible.”
    (* Security fix *)
  • news/2019/12/21/slackware64-14.2-changelog.txt
  • Last modified: 12 months ago
  • by Giuseppe Di Terlizzi