Repository 32bit  Forum
Repository 64bit  Wiki
Thu Jan 12 01:15:52 UTC 2017
patches/packages/bind-9.9.9_P5-i486-1_slack14.1.txz: Upgraded.
  This update fixes a denial-of-service vulnerability. An error in handling
  certain queries can cause an assertion failure when a server is using the
  nxdomain-redirect feature to cover a zone for which it is also providing
  authoritative service. A vulnerable server could be intentionally stopped
  by an attacker if it was using a configuration that met the criteria for
  the vulnerability and if the attacker could cause it to accept a query
  that possessed the required attributes.
  Please note: This vulnerability affects the "nxdomain-redirect" feature,
  which is one of two methods of handling NXDOMAIN redirection, and is only
  available in certain versions of BIND. Redirection using zones of type
  "redirect" is not affected by this vulnerability.
  For more information, see:
  https://kb.isc.org/article/AA-01442
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9778
  (* Security fix *)
patches/packages/gnutls-3.3.26-i486-1_slack14.1.txz: Upgraded.
  This update fixes some bugs and security issues.
  For more information, see:
  https://gnutls.org/security.html#GNUTLS-SA-2017-1
  https://gnutls.org/security.html#GNUTLS-SA-2017-2
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5334
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5335
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5336
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5337
  (* Security fix *)
patches/packages/irssi-0.8.21-i486-1_slack14.1.txz: Upgraded.
  Fixed security issues that may result in a denial of service.
  For more information, see:
  https://irssi.org/security/irssi_sa_2017_01.txt
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5193
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5194
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5195
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5196
  (* Security fix *)
patches/packages/python-2.7.13-i486-2_slack14.1.txz: Rebuilt.
  This is a rebuilt package to fix a build-time regression with the
  multiprocessing.synchronize module.
  Thanks to Damien Goutte-Gattat for the bug report.