Repository 32bit  Forum
Repository 64bit  Wiki
Mon Sep 18 19:15:03 UTC 2017
patches/packages/httpd-2.4.27-x86_64-2_slack14.2.txz: Rebuilt.
  This update patches a security issue ("Optionsbleed") with the OPTIONS http
  method which may leak arbitrary pieces of memory to a potential attacker.
  Thanks to Hanno Bo:ck.
  For more information, see:
  http://seclists.org/oss-sec/2017/q3/477
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798
  (* Security fix *)
patches/packages/libgcrypt-1.7.9-x86_64-1_slack14.2.txz: Upgraded.
  Mitigate a local side-channel attack on Curve25519 dubbed "May
  the Fourth be With You".
  For more information, see:
  https://eprint.iacr.org/2017/806
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0379
  (* Security fix *)
patches/packages/ruby-2.2.8-x86_64-1_slack14.2.txz: Upgraded.
  This release includes several security fixes.
  For more information, see:
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0898
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0899
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0900
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0901
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0902
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10784
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14033
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14064
  (* Security fix *)