ChangeLog for: 2018-04-27 04:58:48
a/kernel-generic-4.14.37-x86_64-1.txz: Upgraded.
a/kernel-huge-4.14.37-x86_64-1.txz: Upgraded.
a/kernel-modules-4.14.37-x86_64-1.txz: Upgraded.
d/kernel-headers-4.14.37-x86-1.txz: Upgraded.
k/kernel-source-4.14.37-noarch-1.txz: Upgraded.
n/openvpn-2.4.6-x86_64-1.txz: Upgraded.
This is a security update fixing a potential double-free() in Interactive
Service. This usually only leads to a process crash (DoS by an unprivileged
local account) but since it could possibly lead to memory corruption if
happening while multiple other threads are active at the same time,
CVE-2018-9336 has been assigned to acknowledge this risk.
For more information, see:
https://github.com/OpenVPN/openvpn/commit/1394192b210cb3c6624a7419bcf3ff966742e79b
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9336
(* Security fix *)
n/php-7.2.5-x86_64-1.txz: Upgraded.
This release fixes bugs and security issues.
For more information, see:
https://php.net/ChangeLog-7.php#7.2.5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5712
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.