Slackware-14.2 ChangeLog (2017-08-09)
Wed Aug 9 20:23:16 UTC 2017
Packages
Upgraded
- patches/packages/curl-7.55.0-i586-1_slack14.2.txz
This update fixes three security issues:
URL globbing out of bounds read
TFTP sends more than buffer size
FILE buffer read out of bounds
For more information, see:
https://curl.haxx.se/docs/adv_20170809A.html
https://curl.haxx.se/docs/adv_20170809B.html
https://curl.haxx.se/docs/adv_20170809C.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000099
(* Security fix *) - patches/packages/mozilla-firefox-52.3.0esr-i586-1_slack14.2.txz
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
(* Security fix *)
Rebuilt
- patches/packages/glibc-2.23-i586-4_slack14.2.txz
Fixed a regression with the recent glibc patch packages:
Don't clobber the libm.so linker script with a symlink.
Thanks to guanx. - patches/packages/glibc-i18n-2.23-i586-4_slack14.2.txz
- patches/packages/glibc-profile-2.23-i586-4_slack14.2.txz
- patches/packages/glibc-solibs-2.23-i586-4_slack14.2.txz