Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
news:2014:06:06:slackware64-current-changelog [2015/03/10 01:13]
Giuseppe Di Terlizzi creata
news:2014:06:06:slackware64-current-changelog [2015/03/26 10:43] (current)
Giuseppe Di Terlizzi
Line 2: Line 2:
  
 ====== Fri Jun  6 04:27:01 UTC 2014 ====== ====== Fri Jun  6 04:27:01 UTC 2014 ======
- 
- 
 ===== Packages ===== ===== Packages =====
  
 ==== Upgraded ==== ==== Upgraded ====
-  * [[slackware64.current>a/openssl-solibs-1.0.1h-x86_64-1.txz]] (Security fix)+  * [[slackware64.current>a/openssl-solibs-1.0.1h-x86_64-1.txz]] \\   (Security fix *)
   * [[slackware64.current>ap/nano-2.3.4-x86_64-1.txz]]   * [[slackware64.current>ap/nano-2.3.4-x86_64-1.txz]]
-  * [[slackware64.current>l/libtasn1-3.6-x86_64-1.txz]] (Security fix) +  * [[slackware64.current>l/libtasn1-3.6-x86_64-1.txz]] \\   Multiple security issues have been corrected in the libtasn1 library. \\   These errors allow a remote attacker to cause a denial of service, or \\   possibly to execute arbitrary code. \\   For more information, see: \\     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3467 \\     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3468 \\     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3469 \\   (Security fix *
-  * [[slackware64.current>n/gnutls-3.2.15-x86_64-1.txz]] (Security fix)+  * [[slackware64.current>n/gnutls-3.2.15-x86_64-1.txz]] \\   A security issue has been corrected in gnutls.  This vulnerability \\   affects the client side of the gnutls library.  A server that sends \\   a specially crafted ServerHello could corrupt the memory of a requesting \\   client.  This may allow a remote attacker to execute arbitrary code. \\   Additional vulnerabilities in the embedded libtasn1 library have also \\   been patched. \\   For more information, see: \\     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3465 \\     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3466 \\     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3467 \\     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3468 \\     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3469 \\   (Security fix *)
   * [[slackware64.current>n/irssi-0.8.16-x86_64-1.txz]]   * [[slackware64.current>n/irssi-0.8.16-x86_64-1.txz]]
-  * [[slackware64.current>n/openssl-1.0.1h-x86_64-1.txz]] (Security fix) +  * [[slackware64.current>n/openssl-1.0.1h-x86_64-1.txz]] \\   Multiple security issues have been corrected, including a possible \\   man-in-the-middle attack where weak keying material is forced, denial \\   of service, and the execution of arbitrary code. \\   For more information, see: \\     http://www.openssl.org/news/secadv_20140605.txt \\     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298 \\     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195 \\     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198 \\     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 \\     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 \\     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470 \\   (Security fix *
-  * [[slackware64.current>n/sendmail-8.14.9-x86_64-1.txz]] (Security fix)+  * [[slackware64.current>n/sendmail-8.14.9-x86_64-1.txz]] \\   This release fixes one security related bug by properly closing file \\   descriptors (except stdin, stdout, and stderr) before executing programs. \\   This bug could enable local users to interfere with an open SMTP \\   connection if they can execute their own program for mail delivery \\   (e.g., via procmail or the prog mailer). \\   For more information, see: \\     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3956 \\   (* Security fix *)
   * [[slackware64.current>n/sendmail-cf-8.14.9-noarch-1.txz]]   * [[slackware64.current>n/sendmail-cf-8.14.9-noarch-1.txz]]
-===== ChangeLog ===== 
-<code> 
-Fri Jun  6 04:27:01 UTC 2014 
-a/openssl-solibs-1.0.1h-x86_64-1.txz:  Upgraded. 
-  (* Security fix *) 
-ap/nano-2.3.4-x86_64-1.txz:  Upgraded. 
-l/libtasn1-3.6-x86_64-1.txz:  Upgraded. 
-  Multiple security issues have been corrected in the libtasn1 library. 
-  These errors allow a remote attacker to cause a denial of service, or 
-  possibly to execute arbitrary code. 
-  For more information, see: 
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3467 
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3468 
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3469 
-  (* Security fix *) 
-n/gnutls-3.2.15-x86_64-1.txz:  Upgraded. 
-  A security issue has been corrected in gnutls.  This vulnerability 
-  affects the client side of the gnutls library.  A server that sends 
-  a specially crafted ServerHello could corrupt the memory of a requesting 
-  client.  This may allow a remote attacker to execute arbitrary code. 
-  Additional vulnerabilities in the embedded libtasn1 library have also 
-  been patched. 
-  For more information, see: 
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3465 
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3466 
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3467 
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3468 
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3469 
-  (* Security fix *) 
-n/irssi-0.8.16-x86_64-1.txz:  Upgraded. 
-n/openssl-1.0.1h-x86_64-1.txz:  Upgraded. 
-  Multiple security issues have been corrected, including a possible 
-  man-in-the-middle attack where weak keying material is forced, denial 
-  of service, and the execution of arbitrary code. 
-  For more information, see: 
-    http://www.openssl.org/news/secadv_20140605.txt 
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298 
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195 
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198 
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470 
-  (* Security fix *) 
-n/sendmail-8.14.9-x86_64-1.txz:  Upgraded. 
-  This release fixes one security related bug by properly closing file 
-  descriptors (except stdin, stdout, and stderr) before executing programs. 
-  This bug could enable local users to interfere with an open SMTP 
-  connection if they can execute their own program for mail delivery 
-  (e.g., via procmail or the prog mailer). 
-  For more information, see: 
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3956 
-  (* Security fix *) 
-n/sendmail-cf-8.14.9-noarch-1.txz:  Upgraded. 
-</code> 
- 
  
  
-{{tag>news 2014/06 slackware64-current changelog}}+{{tag>slackware changelog slackware64-current 2014/06}}
  
  • news/2014/06/06/slackware64-current-changelog.1425946411.txt.gz
  • Last modified: 8 years ago
  • by Giuseppe Di Terlizzi