Repository 32bit  Forum
Repository 64bit  Wiki
Fri Oct 6 06:32:32 UTC 2017
patches/packages/curl-7.56.0-x86_64-1_slack14.2.txz: Upgraded.
  This update fixes a security issue:
  libcurl may read outside of a heap allocated buffer when doing FTP.
  For more information, see:
  https://curl.haxx.se/docs/adv_20171004.html
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254
  (* Security fix *)
patches/packages/openjpeg-2.3.0-x86_64-1_slack14.2.txz: Upgraded.
  This update fixes security issues which may lead to a denial of service
  or possibly remote code execution.
  For more information, see:
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9572
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9573
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9580
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9581
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12982
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14039
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14040
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14041
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14151
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14152
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14164
  (* Security fix *)
patches/packages/xorg-server-1.18.3-x86_64-4_slack14.2.txz: Rebuilt.
  This update fixes two security issues:
  Xext/shm: Validate shmseg resource id, otherwise it can belong to a
  non-existing client and abort X server with FatalError "client not
  in use", or overwrite existing segment of another existing client.
  Generating strings for XKB data used a single shared static buffer,
  which offered several opportunities for errors. Use a ring of
  resizable buffers instead, to avoid problems when strings end up
  longer than anticipated.
  For more information, see:
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13721
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13723
  (* Security fix *)
patches/packages/xorg-server-xephyr-1.18.3-x86_64-4_slack14.2.txz: Rebuilt.
patches/packages/xorg-server-xnest-1.18.3-x86_64-4_slack14.2.txz: Rebuilt.
patches/packages/xorg-server-xvfb-1.18.3-x86_64-4_slack14.2.txz: Rebuilt.