Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackware64-14.2 ChangeLog (2021-07-21) ====== ====== Wed Jul 21 18:16:58 UTC 2021 ====== ===== Packages ===== ==== Upgraded ==== * [[slackware64.14.2>patches/packages/curl-7.78.0-x86_64-1_slack14.2.txz]] \\ This update fixes security issues: \\ CURLOPT_SSLCERT mixup with Secure Transport \\ TELNET stack contents disclosure again \\ Bad connection reuse due to flawed path name checks \\ Metalink download sends credentials \\ Wrong content via metalink not discarded \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22926 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22925 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22923 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22922 \\ (* Security fix *) ====== Wed Jul 21 05:30:44 UTC 2021 ====== ===== Packages ===== ==== Upgraded ==== * [[slackware64.14.2>patches/packages/linux-4.4.276/*]] \\ These updates fix various bugs and security issues, including the recently \\ announced local privilege escalation vulnerability in the filesystem layer \\ (CVE-2021-33909). \\ Be sure to upgrade your initrd after upgrading the kernel packages. \\ If you use lilo to boot your machine, be sure lilo.conf points to the correct \\ kernel and initrd and run lilo as root to update the bootloader. \\ If you use elilo to boot your machine, you should run eliloconfig to copy the \\ kernel and initrd to the EFI System Partition. \\ For more information, see: \\ https://www.qualys.com/2021/07/20/cve-2021-33909/sequoia-local-privilege-escalation-linux.txt \\ Fixed in 4.4.262: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19060 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19061 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28660 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20261 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29265 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16232 \\ Fixed in 4.4.263: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28964 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28972 \\ Fixed in 4.4.264: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28688 \\ Fixed in 4.4.265: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3483 \\ Fixed in 4.4.266: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29154 \\ Fixed in 4.4.267: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22555 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25672 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25673 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25670 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25671 \\ Fixed in 4.4.269: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33034 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0605 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31916 \\ Fixed in 4.4.270: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26558 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0129 \\ Fixed in 4.4.271: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24587 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24586 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24588 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26139 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26147 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29650 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32399 \\ Fixed in 4.4.272: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3564 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3573 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3587 \\ Fixed in 4.4.274: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34693 \\ Fixed in 4.4.276: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33909 \\ (* Security fix *) {{tag>slackware changelog slackware64-14.2 2021-07}} news/2021/07/21/slackware64-14.2-changelog.txt Last modified: 3 years agoby Giuseppe Di Terlizzi Log In