Slackware64-15.0 ChangeLog (2021-04-29)
Thu Apr 29 18:49:00 UTC 2021
Packages
Upgraded
- a/less-581.2-x86_64-1.txz
- ap/nano-5.7-x86_64-1.txz
- d/cmake-3.20.2-x86_64-1.txz
- n/httpd-2.4.47-x86_64-1.txz
- n/samba-4.14.4-x86_64-1.txz
This is a security release in order to address the following defect:
Negative idmap cache entries can cause incorrect group entries in the
Samba file server process token.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20254
https://www.samba.org/samba/security/CVE-2021-20254.html
(* Security fix *) - extra/php8/php8-8.0.5-x86_64-1.txz
Thu Apr 29 01:37:15 UTC 2021
Packages
Upgraded
- n/bind-9.16.15-x86_64-1.txz
This update fixes bugs and the following security issues:
A specially crafted GSS-TSIG query could cause a buffer overflow in the
ISC implementation of SPNEGO.
named crashed when a DNAME record placed in the ANSWER section during DNAME
chasing turned out to be the final answer to a client query.
Insufficient IXFR checks could result in named serving a zone without an SOA
record at the apex, leading to a RUNTIME_CHECK assertion failure when the
zone was subsequently refreshed. This has been fixed by adding an owner name
check for all SOA records which are included in a zone transfer.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25216
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25215
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25214
(* Security fix *)