Slackwarearm-14.1 ChangeLog (2014-12-16)
Tue Dec 16 19:08:50 UTC 2014
Packages
Upgraded
- patches/packages/bind-9.9.6_P1-arm-1_slack14.1.txz
This update fixes a security issue where a failure to place limits on
delegation chaining can allow an attacker to crash BIND or cause memory
exhaustion.
For more information, see:
https://kb.isc.org/article/AA-01216
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8500
(* Security fix *) - patches/packages/openvpn-2.3.6-arm-1_slack14.1.txz
This update fixes a security issue that allows remote authenticated
users to cause a denial of service (server crash) via a small control
channel packet.
For more information, see:
https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-97597e732b
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8104
(* Security fix *) - patches/packages/pidgin-2.10.11-arm-1_slack14.1.txz
This update contains login fixes for MSN and some XMPP servers. - patches/packages/wpa_supplicant-2.3-arm-1_slack14.1.txz
This update fixes a remote command-execution vulnerability caused by a
failure to adequately sanitize user-supplied input.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3686
(* Security fix *)
Rebuilt
- patches/packages/openssh-6.7p1-arm-2_slack14.1.txz
Restored support for tcpwrappers that was dropped by upstream.
Thanks to mancha.