Slackware-14.0 ChangeLog (2015-01-28)
Wed Jan 28 19:23:00 UTC 2015
Packages
Rebuilt
- patches/packages/glibc-2.15-i486-9_slack14.0.txz
This update patches a security issue __nss_hostname_digits_dots() function
of glibc which may be triggered through the gethostbyname*() set of
functions. This flaw could allow local or remote attackers to take control
of a machine running a vulnerable version of glibc. Thanks to Qualys for
discovering this issue (also known as the GHOST vulnerability.)
For more information, see:
https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235
(* Security fix *) - patches/packages/glibc-i18n-2.15-i486-9_slack14.0.txz
- patches/packages/glibc-profile-2.15-i486-9_slack14.0.txz
- patches/packages/glibc-solibs-2.15-i486-9_slack14.0.txz
Upgraded
- patches/packages/glibc-zoneinfo-2014j-noarch-1.txz
Upgraded to tzcode2014j and tzdata2014j.