Repository 32bit  Forum
Repository 64bit  Wiki
Fri Jun 6 04:27:01 UTC 2014
a/openssl-solibs-1.0.1h-x86_64-1.txz: Upgraded.
  (* Security fix *)
ap/nano-2.3.4-x86_64-1.txz: Upgraded.
l/libtasn1-3.6-x86_64-1.txz: Upgraded.
  Multiple security issues have been corrected in the libtasn1 library.
  These errors allow a remote attacker to cause a denial of service, or
  possibly to execute arbitrary code.
  For more information, see:
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3467
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3468
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3469
  (* Security fix *)
n/gnutls-3.2.15-x86_64-1.txz: Upgraded.
  A security issue has been corrected in gnutls. This vulnerability
  affects the client side of the gnutls library. A server that sends
  a specially crafted ServerHello could corrupt the memory of a requesting
  client. This may allow a remote attacker to execute arbitrary code.
  Additional vulnerabilities in the embedded libtasn1 library have also
  been patched.
  For more information, see:
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3465
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3466
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3467
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3468
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3469
  (* Security fix *)
n/irssi-0.8.16-x86_64-1.txz: Upgraded.
n/openssl-1.0.1h-x86_64-1.txz: Upgraded.
  Multiple security issues have been corrected, including a possible
  man-in-the-middle attack where weak keying material is forced, denial
  of service, and the execution of arbitrary code.
  For more information, see:
  http://www.openssl.org/news/secadv_20140605.txt
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470
  (* Security fix *)
n/sendmail-8.14.9-x86_64-1.txz: Upgraded.
  This release fixes one security related bug by properly closing file
  descriptors (except stdin, stdout, and stderr) before executing programs.
  This bug could enable local users to interfere with an open SMTP
  connection if they can execute their own program for mail delivery
  (e.g., via procmail or the prog mailer).
  For more information, see:
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3956
  (* Security fix *)
n/sendmail-cf-8.14.9-noarch-1.txz: Upgraded.