[slackware-security] bind (SSA:2020-170-01)
New bind packages are available for Slackware 14.0, 14.1, 14.2, and -current to
fix a security issue.
Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/bind-9.11.20-i586-1_slack14.2.txz: Upgraded.
This update fixes a security issue:
It was possible to trigger an INSIST in lib/dns/rbtdb.c:new_reference() with
a particular zone content and query patterns.
For more information, see:
https://kb.isc.org/docs/cve-2020-8619
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8619
(* Security fix *)
+--------------------------+
131 uppdateringar changelog
Samtidigt meddelas det att 5.6.19 är den sista versionen i 5.6 serien
"Note, this is the LAST 5.6.y release to be made, please move to the
5.7.y tree at this time. It is now end-of-life."
Kernel 4.4.227 innehåller 36 uppdateringar, förändringar och/eller nya funktioner sedan 4.4.226.
Mer information om detta, vänligen kolla igenom changelog i länken ovan eller läsa diff log här.
Slackware 14.2 "paket" är uppdaterad 11/6 -20.
Läs mer...Här är detaljerna från Slackware ChangeLog:
+--------------------------+
patches/packages/linux-4.4.227/*: Upgraded.
These updates fix various bugs and security issues, including a mitigation
for SRBDS (Special Register Buffer Data Sampling). SRBDS is an MDS-like
speculative side channel that can leak bits from the random number generator
(RNG) across cores and threads.
Be sure to upgrade your initrd after upgrading the kernel packages.
If you use lilo to boot your machine, be sure lilo.conf points to the correct
kernel and initrd and run lilo as root to update the bootloader.
If you use elilo to boot your machine, you should run eliloconfig to copy the
kernel and initrd to the EFI System Partition.
For more information, see:
Fixed in 4.4.218:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11668
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11608
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11609
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10942
Fixed in 4.4.219:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11494
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11565
Fixed in 4.4.220:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12826
Fixed in 4.4.221:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19319
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12464
Fixed in 4.4.222:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10751
Fixed in 4.4.224:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10711
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1749
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12769
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10690
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13143
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19768
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12770
Fixed in 4.4.225:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9517
Fixed in 4.4.226:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10732
Fixed in 4.4.227:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0543
(* Security fix *)
+--------------------------+
38 uppdateringar
Samtidigt kan meddelas att 5.4.x har förlängts till 6 år (Nov. 2019 och tidigare EOL Dec. 2021, förlängt till Dec. 2025)
Läs mer...Version | Maintainer | Released | Projected EOL |
---|---|---|---|
5.4 | Greg Kroah-Hartman & Sasha Levin | 2019-11-24 | Dec, 2025 |
4.19 | Greg Kroah-Hartman & Sasha Levin | 2018-10-22 | Dec, 2024 |
4.14 | Greg Kroah-Hartman & Sasha Levin | 2017-11-12 | Jan, 2024 |
4.9 | Greg Kroah-Hartman & Sasha Levin | 2016-12-11 | Jan, 2023 |
4.4 | Greg Kroah-Hartman & Sasha Levin | 2016-01-10 | Feb, 2022 |
3.16 | Ben Hutchings | 2014-08-03 | Jun, 2020 |
RSS resultat...
Till minne av Håkan Nilsson
Mitt Slackware
Appendix Programhantering