summaryrefslogtreecommitdiff
path: root/source/a/zerofree
Commit message (Collapse)AuthorAge
* Fri Jan 31 20:46:25 UTC 202020200131204625Patrick J Volkerding2020-02-01
a/util-linux-2.35.1-x86_64-1.txz: Upgraded. a/zerofree-1.1.1-x86_64-1.txz: Added. Also queued up for the next installer build. Thanks to bifferos. ap/sudo-1.8.31-x86_64-1.txz: Upgraded. This update fixes a security issue: In Sudo before 1.8.31, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in some Linux distributions; however, it is not the default for upstream or in Slackware, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18634 (* Security fix *) n/NetworkManager-1.22.6-x86_64-1.txz: Upgraded. n/openldap-client-2.4.49-x86_64-1.txz: Upgraded. xfce/Thunar-1.8.11-x86_64-1.txz: Removed. xfce/thunar-1.8.12-x86_64-1.txz: Added. Changed package name from "Thunar" to "thunar" to follow upstream's naming.