Repository 32bit  Forum
Repository 64bit  Wiki
Wed Dec 28 21:05:19 UTC 2016
ap/nano-2.7.3-x86_64-1.txz: Upgraded.
d/python-2.7.13-x86_64-1.txz: Upgraded.
  This release fixes security issues:
  Issue #27850: Remove 3DES from ssl module's default cipher list to counter
  measure sweet32 attack (CVE-2016-2183).
  Issue #27568: Prevent HTTPoxy attack (CVE-2016-1000110). Ignore the
  HTTP_PROXY variable when REQUEST_METHOD environment is set, which indicates
  that the script is in CGI mode.
  For more information, see:
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2183
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000110
  (* Security fix *)
n/samba-4.5.3-x86_64-1.txz: Upgraded.
  This release fixes security issues:
  CVE-2016-2123 (Samba NDR Parsing ndr_pull_dnsp_name Heap-based Buffer
  Overflow Remote Code Execution Vulnerability).
  CVE-2016-2125 (Unconditional privilege delegation to Kerberos servers
  in trusted realms).
  CVE-2016-2126 (Flaws in Kerberos PAC validation can trigger privilege
  elevation).
  For more information, see:
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2123
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2125
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2126
  (* Security fix *)