Slackware-14.1 ChangeLog (2013-06-27)
Thu Jun 27 23:56:34 UTC 2013
Packages
Upgraded
- d/ruby-1.9.3_p448-i486-1.txz
This update patches a vulnerability in Ruby's SSL client that could allow
man-in-the-middle attackers to spoof SSL servers via a valid certificate
issued by a trusted certification authority.
For more information, see:
http://www.ruby-lang.org/en/news/2013/06/27/hostname-check-bypassing-vulnerability-in-openssl-client-cve-2013-4073/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4073
(* Security fix *)
Rebuilt
- a/procps-3.2.8-i486-4.txz
Include header files. Thanks to mancha. - ap/pm-utils-1.4.1-i486-4.txz
In the 49bluetooth-generic hook, don't take action unless the kernel supports
rfkill, the rfkill binary is present, and rc.bluetooth is executable.
Thanks to Grifulkin and Darth Vader for the bug report.