diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2024-02-28 18:36:48 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2024-02-28 20:34:19 +0100 |
| commit | 72065739ec0c24fdf21bba7d653b1ba05179b8d4 (patch) | |
| tree | bd67bac7792bd1b42554a0b454a48e49f6907a63 /RELEASE_NOTES | |
| parent | d3c57a554896ccb272a79fac07e41c89f7d39d0f (diff) | |
| download | current-72065739ec0c24fdf21bba7d653b1ba05179b8d4.tar.gz current-72065739ec0c24fdf21bba7d653b1ba05179b8d4.tar.xz | |
Wed Feb 28 18:36:48 UTC 202420240228183648
d/parallel-20240222-noarch-1.txz: Upgraded.
kde/krita-5.2.2-x86_64-4.txz: Rebuilt.
Recompiled against libunibreak-6.0.
l/accountsservice-23.13.9-x86_64-1.txz: Upgraded.
Thanks to reddog83.
l/libass-0.17.1-x86_64-2.txz: Rebuilt.
Recompiled against libunibreak-6.0.
l/libunibreak-6.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/orc-0.4.38-x86_64-1.txz: Upgraded.
l/python-requests-2.31.0-x86_64-1.txz: Upgraded.
l/python-urllib3-2.2.1-x86_64-1.txz: Upgraded.
l/qt6-6.6.2_20240210_15b7e743-x86_64-1.txz: Added.
n/wpa_supplicant-2.10-x86_64-3.txz: Rebuilt.
Patched the implementation of PEAP in wpa_supplicant to prevent an
authentication bypass. For a successful attack, wpa_supplicant must be
configured to not verify the network's TLS certificate during Phase 1
authentication, and an eap_peap_decrypt vulnerability can then be abused
to skip Phase 2 authentication. The attack vector is sending an EAP-TLV
Success packet instead of starting Phase 2. This allows an adversary to
impersonate Enterprise Wi-Fi networks.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-52160
(* Security fix *)
xap/gparted-1.6.0-x86_64-1.txz: Upgraded.
Diffstat (limited to 'RELEASE_NOTES')
0 files changed, 0 insertions, 0 deletions