Official patches for Slackware64-14.2

Se avete problemi con l'installazione e la configurazione di Slackware64 postate qui. Non usate questo forum per argomenti che trattano la Slackware32 o generali... per quelli usate rispettivamente il forum Slackware e Gnu/Linux in genere.

Moderatore: Staff

Regole del forum
1) Citare sempre la versione di Slackware64 usata, la versione del Kernel e magari anche la versione della libreria coinvolta. Questi dati aiutano le persone che possono rispondere.
2) Per evitare confusione prego inserire in questo forum solo topic che riguardano appunto Slackware64, se l'argomento è Slackware32 o generale usate rispettivamente il forum Slackware o Gnu/Linux in genere.
3) Leggere attentamente le risposte ricevute
4) Scrivere i messaggi con il colore di default, evitare altri colori.
5) Scrivere in Italiano o in Inglese, se possibile grammaticalmente corretto, evitate stili di scrittura poco chiari, quindi nessuna abbreviazione tipo telegramma o scrittura stile SMS o CHAT.
6) Appena registrati è consigliato presentarsi nel forum dedicato.

La non osservanza delle regole porta a provvedimenti di vari tipo da parte dello staff, in particolare la non osservanza della regola 5 porta alla cancellazione del post e alla segnalazione dell'utente. In caso di recidività l'utente rischia il ban temporaneo.
Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar 19 giu 2012, 11:18

New patches for slackware64-14.1 on Mon, 12 May 2014 04:24:3

Messaggio da Slacky BOT Packager »

Hey guys,
new patches have been released for slackware64-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Mon May 12 02:24:36 UTC 2014
patches/packages/seamonkey-2.26-x86_64-1_slack14.1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
  (* Security fix *)
patches/packages/seamonkey-solibs-2.26-x86_64-1_slack14.1.txz:  Upgraded.
+--------------------------+
Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar 19 giu 2012, 11:18

New patches for slackware64-14.1 on Sun, 01 Jun 2014 21:48:5

Messaggio da Slacky BOT Packager »

Hey guys,
new patches have been released for slackware64-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Sun Jun  1 19:48:54 UTC 2014
patches/packages/mariadb-5.5.37-x86_64-1_slack14.1.txz:  Upgraded.
  This update contains security fixes and improvements.
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0384
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2419
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2430
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2431
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2432
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2436
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2438
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2440
  (* Security fix *)
+--------------------------+
Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar 19 giu 2012, 11:18

New patches for slackware64-14.1 on Sat, 07 Jun 2014 04:47:4

Messaggio da Slacky BOT Packager »

Hey guys,
new patches have been released for slackware64-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Sat Jun  7 02:47:42 UTC 2014
patches/packages/mozilla-firefox-24.6.0esr-x86_64-1_slack14.1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
  (* Security fix *)
+--------------------------+
Fri Jun  6 04:27:01 UTC 2014
patches/packages/gnutls-3.1.25-x86_64-1_slack14.1.txz:  Upgraded.
  A security issue has been corrected in gnutls.  This vulnerability
  affects the client side of the gnutls library.  A server that sends
  a specially crafted ServerHello could corrupt the memory of a requesting
  client.  This may allow a remote attacker to execute arbitrary code.
  Additional vulnerabilities in the embedded libtasn1 library have also
  been patched.
  Thanks to mancha for the backported patches.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3465
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3466
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3467
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3468
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3469
  (* Security fix *)
patches/packages/libtasn1-3.6-x86_64-1_slack14.1.txz:  Upgraded.
  Multiple security issues have been corrected in the libtasn1 library.
  These errors allow a remote attacker to cause a denial of service, or
  possibly to execute arbitrary code.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3467
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3468
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3469
  (* Security fix *)
patches/packages/openssl-1.0.1h-x86_64-1_slack14.1.txz:  Upgraded.
  Multiple security issues have been corrected, including a possible
  man-in-the-middle attack where weak keying material is forced, denial
  of service, and the execution of arbitrary code.
  For more information, see:
    http://www.openssl.org/news/secadv_20140605.txt
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470
  (* Security fix *)
patches/packages/openssl-solibs-1.0.1h-x86_64-1_slack14.1.txz:  Upgraded.
patches/packages/sendmail-8.14.9-x86_64-1_slack14.1.txz:  Upgraded.
  This release fixes one security related bug by properly closing file
  descriptors (except stdin, stdout, and stderr) before executing programs.
  This bug could enable local users to interfere with an open SMTP
  connection if they can execute their own program for mail delivery
  (e.g., via procmail or the prog mailer).
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3956
  (* Security fix *)
patches/packages/sendmail-cf-8.14.9-noarch-1_slack14.1.txz:  Upgraded.
+--------------------------+
Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar 19 giu 2012, 11:18

New patches for slackware64-14.1 on Mon, 09 Jun 2014 22:16:0

Messaggio da Slacky BOT Packager »

Hey guys,
new patches have been released for slackware64-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Mon Jun  9 20:16:02 UTC 2014
patches/packages/php-5.4.29-x86_64-1_slack14.1.txz:  Upgraded.
  This update fixes bugs and security issues, including a possible denial
  of service, and an issue where insecure default permissions on the FPM
  socket may allow local users to run arbitrary code as the apache user.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238
  (* Security fix *)
+--------------------------+
Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar 19 giu 2012, 11:18

New patches for slackware64-14.1 on Thu, 12 Jun 2014 07:11:5

Messaggio da Slacky BOT Packager »

Hey guys,
new patches have been released for slackware64-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Thu Jun 12 05:11:52 UTC 2014
patches/packages/mozilla-thunderbird-24.6.0-x86_64-1_slack14.1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
  (* Security fix *)
+--------------------------+
Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar 19 giu 2012, 11:18

New patches for slackware64-14.1 on Wed, 18 Jun 2014 00:50:0

Messaggio da Slacky BOT Packager »

Hey guys,
new patches have been released for slackware64-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Tue Jun 17 22:19:30 UTC 2014
patches/packages/yptools-2.14-x86_64-3_slack14.1.txz:  Rebuilt.
  Corrected yppasswd patch that was causing password changes to fail.
  Thanks to Henrik Carlqvist.
+--------------------------+
Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar 19 giu 2012, 11:18

New patches for slackware64-14.1 on Wed, 25 Jun 2014 00:35:0

Messaggio da Slacky BOT Packager »

Hey guys,
new patches have been released for slackware64-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Tue Jun 24 22:35:07 UTC 2014
patches/packages/bind-9.9.5_P1-x86_64-1_slack14.1.txz:  Upgraded.
  This fixes security issues and other bugs.  Please note that the first
  CVE only affects Windows, and the second one was claimed to be fixed by
  an earlier version of BIND.  But we'll update anyway just in case.  :-)
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6230
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0591
  (* Security fix *)
patches/packages/gnupg-1.4.17-x86_64-1_slack14.1.txz:  Upgraded.
  This release includes a security fix to stop a denial of service using
  garbled compressed data packets which can be used to put gpg into an
  infinite loop.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4617
  (* Security fix *)
patches/packages/gnupg2-2.0.24-x86_64-1_slack14.1.txz:  Upgraded.
  This release includes a security fix to stop a denial of service using
  garbled compressed data packets which can be used to put gpg into an
  infinite loop.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4617
  (* Security fix *)
patches/packages/samba-4.1.9-x86_64-1_slack14.1.txz:  Upgraded.
  This update fixes bugs and security issues, including a flaw in Samba's
  internal DNS server which can be exploited to cause a denial of service,
  a flaw in SRV_SNAPSHOT_ARRAY that permits attackers to leverage
  configurations that use shadow_copy* for vfs objects to reveal potentially
  private server information, a denial of service on the nmbd NetBIOS name
  services daemon, and a denial of service crash involving overwriting
  memory on an authenticated connection to the smbd file server.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0239
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493
  (* Security fix *)
patches/packages/seamonkey-2.26.1-x86_64-1_slack14.1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
  (* Security fix *)
patches/packages/seamonkey-solibs-2.26.1-x86_64-1_slack14.1.txz:  Upgraded.
+--------------------------+
Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar 19 giu 2012, 11:18

New patches for slackware64-14.1 on Sat, 12 Jul 2014 04:24:1

Messaggio da Slacky BOT Packager »

Hey guys,
new patches have been released for slackware64-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Sat Jul 12 02:24:10 UTC 2014
patches/packages/php-5.4.30-x86_64-1_slack14.1.txz:  Upgraded.
  This update fixes bugs and security issues.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3981
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049
  (* Security fix *)
+--------------------------+
Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar 19 giu 2012, 11:18

New patches for slackware64-14.1 on Thu, 24 Jul 2014 02:51:0

Messaggio da Slacky BOT Packager »

Hey guys,
new patches have been released for slackware64-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Wed Jul 23 23:00:34 UTC 2014
patches/packages/httpd-2.4.10-x86_64-1_slack14.1.txz:  Upgraded.
  This update fixes the following security issues:
  *) SECURITY: CVE-2014-0117 (cve.mitre.org)
     mod_proxy: Fix crash in Connection header handling which
     allowed a denial of service attack against a reverse proxy
     with a threaded MPM.  [Ben Reser]
  *) SECURITY: CVE-2014-0118 (cve.mitre.org)
     mod_deflate: The DEFLATE input filter (inflates request bodies) now
     limits the length and compression ratio of inflated request bodies to
     avoid denial of sevice via highly compressed bodies.  See directives
     DeflateInflateLimitRequestBody, DeflateInflateRatioLimit,
     and DeflateInflateRatioBurst. [Yann Ylavic, Eric Covener]
  *) SECURITY: CVE-2014-0226 (cve.mitre.org)
     Fix a race condition in scoreboard handling, which could lead to
     a heap buffer overflow.  [Joe Orton, Eric Covener]
  *) SECURITY: CVE-2014-0231 (cve.mitre.org)
     mod_cgid: Fix a denial of service against CGI scripts that do
     not consume stdin that could lead to lingering HTTPD child processes
     filling up the scoreboard and eventually hanging the server.  By
     default, the client I/O timeout (Timeout directive) now applies to
     communication with scripts.  The CGIDScriptTimeout directive can be
     used to set a different timeout for communication with scripts.
     [Rainer Jung, Eric Covener, Yann Ylavic]
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0117
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231
  (* Security fix *)
patches/packages/mozilla-firefox-24.7.0esr-x86_64-1_slack14.1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
  (* Security fix *)
patches/packages/mozilla-thunderbird-24.7.0-x86_64-1_slack14.1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
  (* Security fix *)
+--------------------------+
Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar 19 giu 2012, 11:18

New patches for slackware64-14.1 on Fri, 01 Aug 2014 23:13:1

Messaggio da Slacky BOT Packager »

Hey guys,
new patches have been released for slackware64-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Fri Aug  1 21:13:18 UTC 2014
patches/packages/dhcpcd-6.0.5-x86_64-3_slack14.1.txz:  Rebuilt.
  This update fixes a security issue where a specially crafted packet
  received from a malicious DHCP server causes dhcpcd to enter an infinite
  loop causing a denial of service.
  Thanks to Tobias Stoeckmann for the bug report.
  (* Security fix *)
patches/packages/samba-4.1.11-x86_64-1_slack14.1.txz:  Upgraded.
  This update fixes a remote code execution attack on unauthenticated nmbd
  NetBIOS name services.  A malicious browser can send packets that may
  overwrite the heap of the target nmbd NetBIOS name services daemon.
  It may be possible to use this to generate a remote code execution
  vulnerability as the superuser (root).
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3560
  (* Security fix *)
patches/packages/xscreensaver-5.29-x86_64-1_slack14.1.txz:  Upgraded.
  Disabled nag screen that says "This version of XScreenSaver is very old!
  Please upgrade!" when the age of the software exceeds 12 months.
+--------------------------+
Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar 19 giu 2012, 11:18

New patches for slackware64-14.1 on Fri, 08 Aug 2014 21:02:5

Messaggio da Slacky BOT Packager »

Hey guys,
new patches have been released for slackware64-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Fri Aug  8 19:02:50 UTC 2014
patches/packages/openssl-1.0.1i-x86_64-1_slack14.1.txz:  Upgraded.
  This update fixes several security issues:
  Double Free when processing DTLS packets (CVE-2014-3505)
  DTLS memory exhaustion (CVE-2014-3506)
  DTLS memory leak from zero-length fragments (CVE-2014-3507)
  Information leak in pretty printing functions (CVE-2014-3508)
  Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509)
  OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510)
  OpenSSL TLS protocol downgrade attack (CVE-2014-3511)
  SRP buffer overrun (CVE-2014-3512)
  Crash with SRP ciphersuite in Server Hello message (CVE-2014-5139)
  For more information, see:
    https://www.openssl.org/news/secadv_20140806.txt
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3512
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139
  (* Security fix *)
patches/packages/openssl-solibs-1.0.1i-x86_64-1_slack14.1.txz:  Upgraded.
  (* Security fix *)
+--------------------------+
Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar 19 giu 2012, 11:18

New patches for slackware64-14.1 on Fri, 29 Aug 2014 01:17:4

Messaggio da Slacky BOT Packager »

Hey guys,
new patches have been released for slackware64-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Thu Aug 28 23:17:47 UTC 2014
patches/packages/mozilla-nss-3.16.4-x86_64-1.txz:  Upgraded.
  Upgraded to nss-3.16.4 and nspr-4.10.7.
+--------------------------+
Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar 19 giu 2012, 11:18

New patches for slackware64-14.1 on Thu, 04 Sep 2014 21:43:2

Messaggio da Slacky BOT Packager »

Hey guys,
new patches have been released for slackware64-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Thu Sep  4 19:43:25 UTC 2014
patches/packages/mozilla-firefox-24.8.0esr-x86_64-1_slack14.1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
  (* Security fix *)
patches/packages/mozilla-thunderbird-24.8.0-x86_64-1_slack14.1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
  (* Security fix *)
patches/packages/php-5.4.32-x86_64-1_slack14.1.txz:  Upgraded.
  This update fixes bugs and security issues.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4698
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5120
  (* Security fix *)
+--------------------------+
Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar 19 giu 2012, 11:18

New patches for slackware64-14.1 on Tue, 09 Sep 2014 20:01:0

Messaggio da Slacky BOT Packager »

Hey guys,
new patches have been released for slackware64-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Tue Sep  9 18:01:05 UTC 2014
patches/packages/seamonkey-2.29-x86_64-1_slack14.1.txz:  Upgraded.
  This update contains security fixes and improvements.
  (* Security fix *)
patches/packages/seamonkey-solibs-2.29-x86_64-1_slack14.1.txz:  Upgraded.
+--------------------------+
Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar 19 giu 2012, 11:18

New patches for slackware64-14.1 on Thu, 25 Sep 2014 00:52:5

Messaggio da Slacky BOT Packager »

Hey guys,
new patches have been released for slackware64-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Wed Sep 24 22:52:53 UTC 2014
patches/packages/bash-4.2.048-x86_64-1_slack14.1.txz:  Upgraded.
  This update fixes a vulnerability in bash related to how environment
  variables are processed:  trailing code in function definitions was
  executed, independent of the variable name.  In many common configurations
  (such as the use of CGI scripts), this vulnerability is exploitable over
  the network.  Thanks to Stephane Chazelas for discovering this issue.
  For more information, see:
    http://seclists.org/oss-sec/2014/q3/650
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271
  (* Security fix *)
patches/packages/mozilla-nss-3.16.5-x86_64-1_slack14.1.txz:  Upgraded.
  Fixed an RSA Signature Forgery vulnerability.
  For more information, see:
    https://www.mozilla.org/security/announce/2014/mfsa2014-73.html
  (* Security fix *)
+--------------------------+
Have fun,
Slacky BOT Packager

Rispondi