Repository 32bit  Forum
Repository 64bit  Wiki
Fri Sep 8 17:56:01 UTC 2017
patches/packages/bash-4.3.048-x86_64-1_slack14.2.txz: Upgraded.
  This update fixes two security issues found in bash before 4.4:
  The expansion of 'h' in the prompt string allows remote authenticated users
  to execute arbitrary code via shell metacharacters placed in 'hostname' of a
  machine. The theoretical attack vector is a hostile DHCP server providing a
  crafted hostname, but this is unlikely to occur in a normal Slackware
  configuration as we ignore the hostname provided by DHCP.
  Specially crafted SHELLOPTS+PS4 environment variables used against bogus
  setuid binaries using system()/popen() allowed local attackers to execute
  arbitrary code as root.
  For more information, see:
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0634
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7543
  (* Security fix *)
patches/packages/mariadb-10.0.32-x86_64-1_slack14.2.txz: Upgraded.
  This update fixes bugs and security issues.
  For more information, see:
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3636
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3641
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3653
  (* Security fix *)
patches/packages/mozilla-nss-3.31.1-x86_64-1_slack14.2.txz: Upgraded.
  Upgraded to nss-3.31.1 and nspr-4.16.
  This is a bugfix release.
patches/packages/tcpdump-4.9.2-x86_64-1_slack14.2.txz: Upgraded.
  This update fixes bugs and many security issues (see the included
  CHANGES file).
  For more information, see:
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11541
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11541
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11542
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11542
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11543
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11543
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12893
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12894
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12895
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12896
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12897
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12898
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12899
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12900
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12901
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12902
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12985
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12986
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12987
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12988
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12989
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12990
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12991
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12992
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12994
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12995
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12996
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12997
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12998
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12999
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13000
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13001
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13002
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13003
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13004
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13005
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13006
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13007
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13008
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13009
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13010
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13011
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13012
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13013
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13014
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13015
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13016
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13017
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13018
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13019
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13020
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13021
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13022
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13023
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13024
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13025
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13026
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13027
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13028
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13029
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13030
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13031
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13032
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13033
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13034
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13035
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13036
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13037
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13038
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13039
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13040
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13041
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13042
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13043
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13044
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13045
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13046
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13047
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13048
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13049
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13050
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13051
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13052
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13053
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13054
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13055
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13687
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13688
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13689
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13690
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13725
  (* Security fix *)