Slackwarearm-current ChangeLog (2017-03-25)
Sat Mar 25 08:07:08 UTC 2017
The mini root filesystem for -current has been updated:
ftp://ftp.arm.slackware.com/slackwarearm/slackwarearm-devtools/minirootfs/
Packages
Upgraded
- a/glibc-zoneinfo-2017b-arm-1.txz
- a/libgudev-231-arm-1.txz
- d/cmake-3.7.2-arm-1.txz
- d/ruby-2.4.1-arm-1.txz
- n/mcabber-1.0.5-arm-1.txz
This update fixes a security issue:
An incorrect implementation of XEP-0280: Message Carbons in multiple XMPP
clients allows a remote attacker to impersonate any user, including
contacts, in the vulnerable application's display. This allows for various
kinds of social engineering attacks.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5604
(* Security fix *) - n/samba-4.6.1-arm-1.txz
This update fixes a security issue:
All versions of Samba prior to 4.6.1, 4.5.7, 4.4.12 are vulnerable to
a malicious client using a symlink race to allow access to areas of
the server file system not exported under the share definition.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2619
(* Security fix *)