Repository 32bit  Forum
Repository 64bit  Wiki
Fri Nov 3 03:31:56 UTC 2017
patches/packages/mariadb-10.0.33-i586-1_slack14.2.txz: Upgraded.
  This update fixes bugs and security issues.
  For more information, see:
  https://jira.mariadb.org/browse/MDEV-13819
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10268
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10378
  (* Security fix *)
patches/packages/openssl-1.0.2m-i586-1_slack14.2.txz: Upgraded.
  This update fixes a security issue:
  There is a carry propagating bug in the x64 Montgomery squaring procedure.
  No EC algorithms are affected. Analysis suggests that attacks against RSA
  and DSA as a result of this defect would be very difficult to perform and
  are not believed likely. Attacks against DH are considered just feasible
  (although very difficult) because most of the work necessary to deduce
  information about a private key may be performed offline. The amount of
  resources required for such an attack would be very significant and likely
  only accessible to a limited number of attackers. An attacker would
  additionally need online access to an unpatched system using the target
  private key in a scenario with persistent DH parameters and a private
  key that is shared between multiple clients.
  This only affects processors that support the BMI1, BMI2 and ADX extensions
  like Intel Broadwell (5th generation) and later or AMD Ryzen.
  For more information, see:
  https://www.openssl.org/news/secadv/20171102.txt
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3736
  (* Security fix *)
patches/packages/openssl-solibs-1.0.2m-i586-1_slack14.2.txz: Upgraded.