Repository 32bit  Forum
Repository 64bit  Wiki
Mon Oct 31 23:38:24 UTC 2016
patches/packages/inputproto-2.3.2-noarch-1_slack14.1.txz: Upgraded.
  This update is a prerequisite for other security updates.
patches/packages/libX11-1.6.4-i486-1_slack14.1.txz: Upgraded.
  Insufficient validation of data from the X server can cause out of boundary
  memory read in XGetImage() or write in XListFonts().
  Affected versions libX11 <= 1.6.3.
  For more information, see:
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7942
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7943
  (* Security fix *)
patches/packages/libXext-1.3.3-i486-1_slack14.1.txz: Upgraded.
patches/packages/libXfixes-5.0.3-i486-1_slack14.1.txz: Upgraded.
  Insufficient validation of data from the X server can cause an integer
  overflow on 32 bit architectures.
  Affected versions : libXfixes <= 5.0.2.
  For more information, see:
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7944
  (* Security fix *)
patches/packages/libXi-1.7.8-i486-1_slack14.1.txz: Upgraded.
  Insufficient validation of data from the X server can cause out of boundary
  memory access or endless loops (Denial of Service).
  Affected versions libXi <= 1.7.6.
  For more information, see:
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7945
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7946
  (* Security fix *)
patches/packages/libXrandr-1.5.1-i486-1_slack14.1.txz: Upgraded.
  Insufficient validation of data from the X server can cause out of boundary
  memory writes.
  Affected versions: libXrandr <= 1.5.0.
  For more information, see:
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7947
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7948
  (* Security fix *)
patches/packages/libXrender-0.9.10-i486-1_slack14.1.txz: Upgraded.
  Insufficient validation of data from the X server can cause out of boundary
  memory writes.
  Affected version: libXrender <= 0.9.9.
  For more information, see:
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7949
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7950
  (* Security fix *)
patches/packages/libXtst-1.2.3-i486-1_slack14.1.txz: Upgraded.
  Insufficient validation of data from the X server can cause out of boundary
  memory access or endless loops (Denial of Service).
  Affected version libXtst <= 1.2.2.
  For more information, see:
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7951
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7952
  (* Security fix *)
patches/packages/libXv-1.0.11-i486-1_slack14.1.txz: Upgraded.
  Insufficient validation of data from the X server can cause out of boundary
  memory and memory corruption.
  Affected version libXv <= 1.0.10.
  For more information, see:
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5407
  (* Security fix *)
patches/packages/libXvMC-1.0.10-i486-1_slack14.1.txz: Upgraded.
  Insufficient validation of data from the X server can cause a one byte buffer
  read underrun.
  Affected version: libXvMC <= 1.0.9.
  For more information, see:
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7953
  (* Security fix *)
patches/packages/libxcb-1.11.1-i486-1_slack14.1.txz: Upgraded.
  This update is a prerequisite for other security updates.
patches/packages/linux-3.10.104/*: Upgraded.
  This kernel fixes a security issue known as "Dirty COW". A race condition
  was found in the way the Linux kernel's memory subsystem handled the
  copy-on-write (COW) breakage of private read-only memory mappings. An
  unprivileged local user could use this flaw to gain write access to
  otherwise read-only memory mappings and thus increase their privileges on
  the system.
  Be sure to upgrade your initrd after upgrading the kernel packages.
  If you use lilo to boot your machine, be sure lilo.conf points to the correct
  kernel and initrd and run lilo as root to update the bootloader.
  If you use elilo to boot your machine, you should run eliloconfig to copy the
  kernel and initrd to the EFI System Partition.
  For more information, see:
  https://dirtycow.ninja/
  https://www.kb.cert.org/vuls/id/243144
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5195
  (* Security fix *)
patches/packages/mariadb-5.5.53-i486-1_slack14.1.txz: Upgraded.
  This update fixes several security issues.
  For more information, see:
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5616
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5624
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5626
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3492
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5629
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8283
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7440
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5584
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6663
  (* Security fix *)
patches/packages/php-5.6.27-i486-1_slack14.1.txz: Upgraded.
  This release fixes bugs and security issues.
  For more information, see:
  https://php.net/ChangeLog-5.php#5.6.27
  (* Security fix *)
patches/packages/randrproto-1.5.0-noarch-1_slack14.1.txz: Upgraded.
  This update is a prerequisite for other security updates.
patches/packages/xcb-proto-1.11-i486-1_slack14.1.txz: Upgraded.
  This update is a prerequisite for other security updates.
patches/packages/xextproto-7.3.0-i486-1_slack14.1.txz: Upgraded.
  This update is a prerequisite for other security updates.
patches/packages/xproto-7.0.29-noarch-1_slack14.1.txz: Upgraded.
  This update is a prerequisite for other security updates.
patches/packages/xscreensaver-5.36-i486-1_slack14.1.txz: Upgraded.
  Here's an upgrade to the latest xscreensaver.