Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackwarearm-14.2 ChangeLog (2020-02-08) ====== ====== Sat Feb 08 08:08:08 UTC 2020 ====== ===== Packages ===== ==== Upgraded ==== * [[slackwarearm.14.2>patches/packages/nano-4.8-arm-1_slack14.2.txz]] * [[slackwarearm.14.2>patches/packages/sudo-1.8.31-arm-1_slack14.1.txz]] \\ This update fixes a security issue: \\ In Sudo before 1.8.31, if pwfeedback is enabled in /etc/sudoers, users can \\ trigger a stack-based buffer overflow in the privileged sudo process. \\ (pwfeedback is a default setting in some Linux distributions; however, it \\ is not the default for upstream or in Slackware, and would exist only if \\ enabled by an administrator.) The attacker needs to deliver a long string \\ to the stdin of getln() in tgetpass.c. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18634 \\ (* Security fix *) {{tag>slackware changelog slackwarearm-14.2 2020-02}} news/2020/02/08/slackwarearm-14.2-changelog.txt Last modified: 12 months agoby Giuseppe Di Terlizzi Log In