diff options
| author | Patrick J Volkerding <volkerdi@slackware.com> | 2018-06-13 21:55:19 +0000 |
|---|---|---|
| committer | Eric Hameleers <alien@slackware.com> | 2018-06-14 08:58:07 +0200 |
| commit | 11b00957be9f8661c4248d52bb20cdacdd442615 (patch) | |
| tree | a72da2814f739ae52f52afbf34df4df751131901 /ChangeLog.txt | |
| parent | d8095c1e90c817c5c1bd4cbb892be7218946279b (diff) | |
| download | current-11b00957be9f8661c4248d52bb20cdacdd442615.tar.gz | |
Wed Jun 13 21:55:19 UTC 201820180613215519
a/etc-15.0-x86_64-5.txz: Rebuilt.
Don't hardcode passwd/shadow/group additions in doinst.sh - get them from
the .new files.
a/sysvinit-scripts-2.1-noarch-11.txz: Rebuilt.
rc.S: don't start rc.haveged in this script - move it to rc.M.
rc.M: start rc.haveged after seeding /dev/urandom in rc.S, and after
starting syslogd, klogd, and udev in rc.M.
rc.M: start rc.rndg (we don't ship it or rng-tools) after udev.
H. Peter Anvin says that it's fine to run both haveged and rndg,
and I trust his opinion on that.
Thanks to GazL.
ap/at-3.1.20-x86_64-4.txz: Rebuilt.
Fixed wrong variable in rc.atd. Thanks to upnort.
n/libgcrypt-1.8.3-x86_64-1.txz: Upgraded.
Use blinding for ECDSA signing to mitigate a novel side-channel attack.
For more information, see:
https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0495
(* Security fix *)
Diffstat (limited to 'ChangeLog.txt')
| -rw-r--r-- | ChangeLog.txt | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 4c8cb487..52a7d809 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,24 @@ +Wed Jun 13 21:55:19 UTC 2018 +a/etc-15.0-x86_64-5.txz: Rebuilt. + Don't hardcode passwd/shadow/group additions in doinst.sh - get them from + the .new files. +a/sysvinit-scripts-2.1-noarch-11.txz: Rebuilt. + rc.S: don't start rc.haveged in this script - move it to rc.M. + rc.M: start rc.haveged after seeding /dev/urandom in rc.S, and after + starting syslogd, klogd, and udev in rc.M. + rc.M: start rc.rndg (we don't ship it or rng-tools) after udev. + H. Peter Anvin says that it's fine to run both haveged and rndg, + and I trust his opinion on that. + Thanks to GazL. +ap/at-3.1.20-x86_64-4.txz: Rebuilt. + Fixed wrong variable in rc.atd. Thanks to upnort. +n/libgcrypt-1.8.3-x86_64-1.txz: Upgraded. + Use blinding for ECDSA signing to mitigate a novel side-channel attack. + For more information, see: + https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/ + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0495 + (* Security fix *) ++--------------------------+ Wed Jun 13 05:43:00 UTC 2018 a/dcron-4.5-x86_64-7.txz: Rebuilt. Added init script and defaults file. |