Repository 32bit  Forum
Repository 64bit  Wiki
Mon Apr 21 20:09:48 UTC 2014
patches/packages/libyaml-0.1.6-x86_64-1_slack14.1.txz: Upgraded.
  This update fixes a heap overflow in URI escape parsing of YAML in Ruby,
  where a specially crafted string could cause a heap overflow leading to
  arbitrary code execution.
  For more information, see:
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2525
  https://www.ruby-lang.org/en/news/2014/03/29/heap-overflow-in-yaml-uri-escape-parsing-cve-2014-2525/
  (* Security fix *)
patches/packages/php-5.4.27-x86_64-1_slack14.1.txz: Upgraded.
  This update fixes a security issue in the in the awk script detector
  which allows context-dependent attackers to cause a denial of service
  (CPU consumption) via a crafted ASCII file that triggers a large amount
  of backtracking.
  For more information, see:
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345
  (* Security fix *)