Slackware64-current ChangeLog (2020-09-29)
Tue Sep 29 18:11:08 UTC 2020
Packages
Upgraded
- n/php-7.4.11-x86_64-1.txz
This update fixes bugs and two security issues:
Core: PHP parses encoded cookie names so malicious `__Host-` cookies
can be sent.
OpenSSL: Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7070
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7069
(* Security fix *)