Slackwarearm-14.2 ChangeLog (2014-12-27)
Sat Dec 27 09:33:32 UTC 2014
Packages
Upgraded
- ap/vim-7.4.560-arm-1.txz
- l/libusb-1.0.19-arm-1.txz
- l/libusb-compat-0.1.5-arm-1.txz
- n/ntp-4.2.8-arm-1.txz
In addition to bug fixes and enhancements, this release fixes
several high-severity vulnerabilities discovered by Neel Mehta
and Stephen Roettger of the Google Security Team.
For more information, see:
https://www.kb.cert.org/vuls/id/852879
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9293
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9294
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9295
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9296
(* Security fix *) - n/php-5.4.36-arm-1.txz
This update fixes bugs and security issues.
#68545 (NULL pointer dereference in unserialize.c).
#68594 (Use after free vulnerability in unserialize()). (CVE-2014-8142)
#68283 (fileinfo: out-of-bounds read in elf note headers). (CVE-2014-3710)
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8142
(* Security fix *) - x/libdrm-2.4.58-arm-1.txz
Added build-time configuration flag: –enable-freedreno-experimental-api - x/mesa-10.3.5-arm-1.txz
- x/xf86-video-armsoc-1.1.0-arm-1.txz
- xap/vim-gvim-7.4.560-arm-1.txz
Added
- x/libvdpau-0.9-arm-1.txz
Thanks to Heinz Wiesinger. - x/xf86-video-opentegra-27.12.2014-arm-1.txz
Thanks to David Rao.
Rebuilt
- x/xf86-video-fbdev-0.4.4-arm-4.txz
- x/xf86-video-xgi-1.6.0git_2012_08_06-arm-11.txz
- x/xorg-server-1.15.2-arm-4.txz
This update fixes many security issues discovered by Ilja van Sprundel,
a security researcher with IOActive.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8091
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8092
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8093
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8094
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8095
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8096
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8097
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8098
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8099
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8100
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8101
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8102
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8103
(* Security fix *) - x/xorg-server-xephyr-1.15.2-arm-4.txz
- x/xorg-server-xnest-1.15.2-arm-4.txz
- x/xorg-server-xvfb-1.15.2-arm-4.txz
- xap/MPlayer-1.1_20130819-arm-3.tgz
Recompiled with support for libvdpau.