Slackwarearm-14.2 ChangeLog (2016-09-14)
Wed Sep 14 19:20:21 UTC 2016
Packages
Upgraded
- patches/packages/mariadb-10.0.27-arm-1_slack14.2.txz
This update fixes a critical vulnerability which can allow local and
remote attackers to inject malicious settings into MySQL configuration
files (my.cnf). A successful exploitation could allow attackers to
execute arbitrary code with root privileges which would then allow them
to fully compromise the server.
This issue was discovered and reported by Dawid Golunski.
For more information, see:
http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html
https://jira.mariadb.org/browse/MDEV-10465
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6662
(* Security fix *)
Rebuilt
- patches/packages/sdl-1.2.15-arm-2_slack14.2.txz
Fixed a regression that broke MOD support. Thanks to B Watson.