6 updates. Including a (* Security fix *)!

  • 6 updates. Including a (* Security fix *)!

    Slackware Chanagelog/Security wrote:

    Thu Feb 7 22:28:19 UTC 2019
    n/php-7.2.15-i586-1.txz: Upgraded.
    xap/network-manager-applet-1.8.20-i586-1.txz: Upgraded.
    extra/pure-alsa-system/ffmpeg-3.4.5-i586-2_alsa.txz: Rebuilt.
    Recompiled against libvpx-1.8.0.
    Reenabled libsmbclient support.
    extra/pure-alsa-system/gst-plugins-good-1.14.4-i586-2_alsa.txz: Rebuilt.
    Recompiled against libvpx-1.8.0.
    extra/pure-alsa-system/xine-lib-1.2.9-i586-4_alsa.txz: Rebuilt.
    Recompiled against libvpx-1.8.0.
    pasture/php-5.6.40-i586-1.txz: Upgraded.
    Several security bugs have been fixed in this release:
    GD:
    Fixed bug #77269 (efree() on uninitialized Heap data in imagescale leads
    to use-after-free).
    Fixed bug #77270 (imagecolormatch Out Of Bounds Write on Heap).
    Mbstring:
    Fixed bug #77370 (Buffer overflow on mb regex functions - fetch_token).
    Fixed bug #77371 (heap buffer overflow in mb regex functions -
    compile_string_node).
    Fixed bug #77381 (heap buffer overflow in multibyte match_at).
    Fixed bug #77382 (heap buffer overflow due to incorrect length in
    expand_case_fold_string).
    Fixed bug #77385 (buffer overflow in fetch_token).
    Fixed bug #77394 (Buffer overflow in multibyte case folding - unicode).
    Fixed bug #77418 (Heap overflow in utf32be_mbc_to_code).
    Phar:
    Fixed bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext).
    Xmlrpc:
    Fixed bug #77242 (heap out of bounds read in xmlrpc_decode()).
    Fixed bug #77380 (Global out of bounds read in xmlrpc base64 code).
    For more information, see:
    https://php.net/ChangeLog-5.php#5.6.40
    (* Security fix *)
    Source: mirrors.slackware.com/slackwar…src=feeds&time=1549578499