diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2019-01-23 04:39:04 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2019-01-23 17:59:47 +0100 |
| commit | f4a16dfaa3822cd84790612cfb5f6794e7397ea1 (patch) | |
| tree | 61a5be5a608a9549f8e0e4f7ae99c0d98ed1bed3 /ChangeLog.txt | |
| parent | 238f2af030367ddd0d0a014e19be72c45483e153 (diff) | |
| download | current-f4a16dfaa3822cd84790612cfb5f6794e7397ea1.tar.gz current-f4a16dfaa3822cd84790612cfb5f6794e7397ea1.tar.xz | |
Wed Jan 23 04:39:04 UTC 201920190123043904
a/kernel-generic-4.19.17-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.17-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.17-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.17-x86-1.txz: Upgraded.
d/scons-3.0.4-x86_64-1.txz: Upgraded.
d/vala-0.42.5-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.17-noarch-1.txz: Upgraded.
n/httpd-2.4.38-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
mod_session: mod_session_cookie does not respect expiry time allowing
sessions to be reused. [Hank Ibell]
mod_http2: fixes a DoS attack vector. By sending slow request bodies
to resources not consuming them, httpd cleanup code occupies a server
thread unnecessarily. This was changed to an immediate stream reset
which discards all stream state and incoming data. [Stefan Eissing]
mod_ssl: Fix infinite loop triggered by a client-initiated
renegotiation in TLSv1.2 (or earlier) with OpenSSL 1.1.1 and
later. PR 63052. [Joe Orton]
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0190
(* Security fix *)
x/libdrm-2.4.97-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Diffstat (limited to 'ChangeLog.txt')
| -rw-r--r-- | ChangeLog.txt | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index aa6736e2f..9e5d5179b 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,32 @@ +Wed Jan 23 04:39:04 UTC 2019 +a/kernel-generic-4.19.17-x86_64-1.txz: Upgraded. +a/kernel-huge-4.19.17-x86_64-1.txz: Upgraded. +a/kernel-modules-4.19.17-x86_64-1.txz: Upgraded. +d/kernel-headers-4.19.17-x86-1.txz: Upgraded. +d/scons-3.0.4-x86_64-1.txz: Upgraded. +d/vala-0.42.5-x86_64-1.txz: Upgraded. +k/kernel-source-4.19.17-noarch-1.txz: Upgraded. +n/httpd-2.4.38-x86_64-1.txz: Upgraded. + This release contains security fixes and improvements. + mod_session: mod_session_cookie does not respect expiry time allowing + sessions to be reused. [Hank Ibell] + mod_http2: fixes a DoS attack vector. By sending slow request bodies + to resources not consuming them, httpd cleanup code occupies a server + thread unnecessarily. This was changed to an immediate stream reset + which discards all stream state and incoming data. [Stefan Eissing] + mod_ssl: Fix infinite loop triggered by a client-initiated + renegotiation in TLSv1.2 (or earlier) with OpenSSL 1.1.1 and + later. PR 63052. [Joe Orton] + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0190 + (* Security fix *) +x/libdrm-2.4.97-x86_64-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. ++--------------------------+ Tue Jan 22 01:38:43 UTC 2019 a/btrfs-progs-4.20-x86_64-1.txz: Upgraded. a/kernel-firmware-20190118_a8b75ca-noarch-1.txz: Upgraded. |