Slackwarearm-current ChangeLog (2016-12-14)
Wed Dec 14 05:06:07 UTC 2016
Packages
Upgraded
- a/coreutils-8.26-arm-1.txz
- a/grep-2.27-arm-1.txz
- a/kernel-firmware-20161211git-noarch-1.txz
- a/kernel-modules-armv7-4.8.14_armv7-arm-1.txz
- a/kernel_armv7-4.8.14-arm-1.txz
This kernel fixes a security issue with a race condition in
net/packet/af_packet.c that can be exploited to gain kernel code execution
from unprivileged processes.
Thanks to Philip Pettersson for discovering the bug and providing a patch.
For more information, see:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=84ac7260236a49c79eede91617700174c2c19b0c
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8655
(* Security fix *) - ap/nano-2.7.2-arm-1.txz
- k/kernel-source-4.8.14-arm-1.txz
- l/loudmouth-1.5.3-arm-1.txz
- n/mcabber-1.0.4-arm-1.txz
This update fixes a security issue which can lead to a malicious actor
MITMing a conversation, or adding themselves as an entity on a third
parties roster (thereby granting themselves the associated priviledges
such as observing when the user is online).
For more information, see:
https://gultsch.de/gajim_roster_push_and_message_interception.html
(* Security fix *) - n/php-5.6.29-arm-1.txz
This release fixes bugs and security issues.
For more information, see:
https://php.net/ChangeLog-5.php#5.6.29
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9933
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9934
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9935
(* Security fix *) - kernels/*
Rebuilt
- isolinux/*