|
Kernel 4.19.73 fixes the following CVEs:
https://cdn.kernel.org/pub/linux/ker...4.19.73.tar.xz https://cdn.kernel.org/pub/linux/ker...ngeLog-4.19.73 Quote:
|
Quote:
|
Kernel 4.19.74 fixes CVE-2019-15504:
https://cdn.kernel.org/pub/linux/ker...ngeLog-4.19.74 Quote:
|
Xpdf-4.01.01 has an out-of-bounds write in the vertProfile part of the TextPage::findGaps function in TextOutputDev.cc
CVE-2019-16927 should now be fixed in Xpdf 4.02 Description: https://forum.xpdfreader.com/viewtopic.php?f=3&t=41885 Should be fixed: https://forum.xpdfreader.com/viewtopic.php?f=3&t=41889 hope it helps |
Quote:
|
A potentially serious vulnerability (buffer overflow) in the kernel rtlwifi driver when using Wifi-Direct, affecting all kernels starting with 3.10.1, may crash or fully compromise vulnerable machines.
CVE-2019-17666 https://cve.mitre.org/cgi-bin/cvenam...CVE-2019-17666 A patch has been already made available and hope it'll get soon implemented & backported: https://lkml.org/lkml/2019/10/16/1226 |
Assuming Slackware 15 isn't released by Christmas, are there any plans to upgrade to OpenSSL 1.1.1 in Slackware 14.2? OpenSSL 1.0.2 won't receive any security updates after December 31st, meaning that the latest stable version of Slackware will be using an unsupported (and potentially vulnerable) version of one of its most security-critical components. I've considered building my own openssl(-solibs) and openssl10(-solibs) packages for 14.2 based on the sources in -current and rebuilding the packages listed in the May 10th, 2018 update to -current, but testing everything and keeping it in line with the official 14.2 patches would be a significant commitment.
|
Quote:
|
there's a new kernel 4.4.200 mainly arm fixes, but does fix a cifs deadlock and other issues introduced in the back-porting of fixes which went into 4.4.199. https://cdn.kernel.org/pub/linux/ker...ngeLog-4.4.200
|
New Intel CPU vulnerability discovered, a variant of the known ZombieLoad/MDS. It's mitigated already, it requires both new (patched) kernel and latest Intel microcode. See this post for more details:
https://www.linuxquestions.org/quest...ml#post6057033 Intel's security advisory: https://www.intel.com/content/www/us...-sa-00270.html TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. CVEID: CVE-2019-11135 |
I was missing such posts!
Thanks @abga. |
Quote:
Intel has actually released details and fixes for an entire list of vulnerabilities (Intel AMT , ME included) and a nice erratum called "Conditional Code Erratum", fixed by the latest microcode, affecting: Amber Lake, Cascade Lake, Coffee Lake, Comet Lake, Kaby Lake, Skylake and Whiskey Lake. Intel's list of vulnerabilities: https://www.intel.com/content/www/us...-sa-00241.html Blog entry: https://blogs.intel.com/technology/2...rm-update-ipu/ Mitigations for Jump Conditional Code Erratum - White Paper (apparently fixed by latest microcode): https://www.intel.com/content/dam/su...de-erratum.pdf |
Quote:
|
Hello,
Quote:
"slackpkg upgrade-all" is mandatory on slackware-current. On stable, it is better to just stick to "slackpkg upgrade patches". -- SeB |
Quote:
https://www.win-raid.com/f39-Intel-M...nt-Engine.html https://www.win-raid.com/t596f39-Int...tem-Tools.html This is how I managed to update my Intel ME version because my friends at ASUS had not yet decided to send me a new BIOS version. Now I am analyzing the risk of updating to the latest Intel ME version available in the link above. Thanks @abga seems to have it! |
| All times are GMT -5. The time now is 10:37 PM. |