diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2019-02-06 00:29:25 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2019-02-06 08:59:42 +0100 |
commit | 05538a2b6dae06b52a4533f94999286b4c89a916 (patch) | |
tree | 3d459fe6cf48cbda01f31597eaf1ccd8a8ca4678 /source/d/slacktrack/slacktrack-project/docs/WARNINGS | |
parent | d2c74e4a2e54d27d10eded3c422abf233dafdab8 (diff) | |
download | current-05538a2b6dae06b52a4533f94999286b4c89a916.tar.gz current-05538a2b6dae06b52a4533f94999286b4c89a916.tar.xz |
Wed Feb 6 00:29:25 UTC 201920190206002925
ap/linuxdoc-tools-0.9.73-x86_64-1.txz: Upgraded.
Upgraded to gtk-doc-1.29.
Upgraded to asciidoc-8.6.10.
Upgraded to perl-XML-SAX-1.00.
Thanks to Stuart Winter.
d/meson-0.49.2-x86_64-1.txz: Upgraded.
d/python-setuptools-40.8.0-x86_64-1.txz: Upgraded.
d/slacktrack-2.19-x86_64-1.txz: Upgraded.
Thanks to Stuart Winter.
l/imagemagick-6.9.10_26-x86_64-1.txz: Upgraded.
n/dovecot-2.3.4.1-x86_64-1.txz: Upgraded.
This update addresses security issues:
CVE-2019-3814: If imap/pop3/managesieve/submission client has trusted
certificate with missing username field (ssl_cert_username_field), under
some configurations Dovecot mistakenly trusts the username provided via
authentication instead of failing.
ssl_cert_username_field setting was ignored with external SMTP AUTH,
because none of the MTAs (Postfix, Exim) currently send the cert_username
field. This may have allowed users with trusted certificate to specify any
username in the authentication. This bug didn't affect Dovecot's
Submission service.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3814
(* Security fix *)
Diffstat (limited to 'source/d/slacktrack/slacktrack-project/docs/WARNINGS')
-rw-r--r-- | source/d/slacktrack/slacktrack-project/docs/WARNINGS | 38 |
1 files changed, 0 insertions, 38 deletions
diff --git a/source/d/slacktrack/slacktrack-project/docs/WARNINGS b/source/d/slacktrack/slacktrack-project/docs/WARNINGS deleted file mode 100644 index 0ba7e31cb..000000000 --- a/source/d/slacktrack/slacktrack-project/docs/WARNINGS +++ /dev/null @@ -1,38 +0,0 @@ -1. Do not Use on production servers - --------------------------------- - - Do NOT run slacktrack on production servers. - - It should only be run on a development box. - - This is because slacktrack version 2.0 and upwards install onto - the filesystem of the server, rather than into a pseudo root. - -2. Slackware versions - ------------------ - - slacktrack has been tested on: - - Slackware 12.0, 12.1, 12.2, 13.0 - - ARMedslack, all versions. - - It may works on previous releases of Slackware, it may not. - -3. slacktrack default working space - -------------------------------- - - By default, slacktrack puts its work space in - /var/tmp/<randomnumber>slacktrack - - It is essential that you have enough disk space on the - partition on which /var/tmp resides - particularly if you use - ${SLACKTRACKSCRATCHDIR} - - If you do not have enough space in /var/tmp then you can - pass --tempdir to slacktrack to change the base temporary directory. - - eg you may do - # slacktrack --tempdir /tmp/slacktrack -Qp "foobar-4.1-sparc-2.tgz" "/bin/sh foobar.build" - - -Stuart Winter <mozes@slackware.com> - |