Slackware64-current ChangeLog

ChangeLog for: 2018-03-02 00:24:54

a/kernel-generic-4.14.23-x86_64-1.txz:  Upgraded.
a/kernel-huge-4.14.23-x86_64-1.txz:  Upgraded.
a/kernel-modules-4.14.23-x86_64-1.txz:  Upgraded.
a/lilo-24.2-x86_64-7.txz:  Rebuilt.
  liloconfig: prevent extraneous Windows partitions from being added
  to lilo.conf. Thanks to allend.
  liloconfig: display a notice when the script is scanning for partitions
  (which may take some time) so that it doesn't appear to be stalled.
a/xfsprogs-4.15.1-x86_64-1.txz:  Upgraded.
ap/man-db-2.8.2-x86_64-1.txz:  Upgraded.
ap/mpg123-1.25.10-x86_64-1.txz:  Upgraded.
d/help2man-1.47.6-x86_64-1.txz:  Upgraded.
d/kernel-headers-4.14.23-x86-1.txz:  Upgraded.
k/kernel-source-4.14.23-noarch-1.txz:  Upgraded.
l/SDL2-2.0.8-x86_64-1.txz:  Upgraded.
l/libunistring-0.9.9-x86_64-1.txz:  Upgraded.
l/mozilla-nss-3.35-x86_64-1.txz:  Upgraded.
  Upgraded to nss-3.35 and nspr-4.18.
l/sip-4.19.8-x86_64-1.txz:  Upgraded.
l/tevent-0.9.36-x86_64-1.txz:  Upgraded.
n/dhcp-4.4.1-x86_64-1.txz:  Upgraded.
  This update fixes two security issues:
    Corrected an issue where large sized 'X/x' format options were causing
  option handling logic to overwrite memory when expanding them to human
  readable form. Reported by Felix Wilhelm, Google Security Team.
    Option reference count was not correctly decremented in error path
  when parsing buffer for options. Reported by Felix Wilhelm, Google
  Security Team.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5732
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5733
  (* Security fix *)
n/dovecot-2.3.0.1-x86_64-1.txz:  Upgraded.
  This release addresses three security issues in dovecot:
    TLS SNI config lookups may lead to excessive memory usage, causing
  imap-login/pop3-login VSZ limit to be reached and the process restarted.
    Parsing invalid email addresses may cause a crash or leak memory contents
  to attacker. First discovered by Aleksandar Nikolic of Cisco Talos.
  Independently also discovered by "flxflndy" via HackerOne.
    Aborted SASL authentication leaks memory in login process.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15130
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14461
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15132
  (* Security fix *)
n/ntp-4.2.8p11-x86_64-1.txz:  Upgraded.
  This release addresses five security issues in ntpd:
  * LOW/MEDIUM: Sec 3012 / CVE-2016-1549 / VU#961909: Sybil vulnerability:
    ephemeral association attack. While fixed in ntp-4.2.8p7, there are
    significant additional protections for this issue in 4.2.8p11.
    Reported by Matt Van Gundy of Cisco.
  * INFO/MEDIUM: Sec 3412 / CVE-2018-7182 / VU#961909: ctl_getitem(): buffer
    read overrun leads to undefined behavior and information leak.
    Reported by Yihan Lian of Qihoo 360.
  * LOW: Sec 3415 / CVE-2018-7170 / VU#961909: Multiple authenticated
    ephemeral associations. Reported on the questions@ list.
  * LOW: Sec 3453 / CVE-2018-7184 / VU#961909: Interleaved symmetric mode
    cannot recover from bad state. Reported by Miroslav Lichvar of Red Hat.
  * LOW/MEDIUM: Sec 3454 / CVE-2018-7185 / VU#961909: Unauthenticated packet
    can reset authenticated interleaved association.
    Reported by Miroslav Lichvar of Red Hat.
  For more information, see:
    http://support.ntp.org/bin/view/Main/SecurityNotice#February_2018_ntp_4_2_8p11_NTP_S
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1549
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7182
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7170
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7184
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7185
  (* Security fix *)
n/openvpn-2.4.5-x86_64-1.txz:  Upgraded.
  rc.openvpn: handle multiple config files.
  Thanks to Daniel Junior, Thomas Choi, and BrokenCog for helpful hints.
n/p11-kit-0.23.10-x86_64-1.txz:  Upgraded.
x/libinput-1.10.1-x86_64-1.txz:  Upgraded.
x/libxshmfence-1.3-x86_64-1.txz:  Upgraded.
xfce/xfce4-notifyd-0.4.2-x86_64-1.txz:  Upgraded.
xfce/xfce4-settings-4.12.2-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.