| Next revision | Previous revision |
| news:2014:06:24:slackware-14.1-changelog [2015/03/10 12:23] – creata Giuseppe Di Terlizzi | news:2014:06:24:slackware-14.1-changelog [2023/08/15 18:31] (current) – Giuseppe Di Terlizzi |
|---|
| |
| ====== Tue Jun 24 22:35:07 UTC 2014 ====== | ====== Tue Jun 24 22:35:07 UTC 2014 ====== |
| > | |
| |
| ===== Packages ===== | ===== Packages ===== |
| |
| ==== Upgraded ==== | ==== Upgraded ==== |
| * [[slackware.14.1>patches/packages/bind-9.9.5_P1-i486-1_slack14.1.txz]] (Security fix) | * [[slackware.14.1>patches/packages/bind-9.9.5_P1-i486-1_slack14.1.txz]] \\ This fixes security issues and other bugs. Please note that the first \\ CVE only affects Windows, and the second one was claimed to be fixed by \\ an earlier version of BIND. But we'll update anyway just in case. :-) \\ For more information, see: \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6230 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0591 \\ (* Security fix *) |
| * [[slackware.14.1>patches/packages/gnupg-1.4.17-i486-1_slack14.1.txz]] (Security fix) | * [[slackware.14.1>patches/packages/gnupg-1.4.17-i486-1_slack14.1.txz]] \\ This release includes a security fix to stop a denial of service using \\ garbled compressed data packets which can be used to put gpg into an \\ infinite loop. \\ For more information, see: \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4617 \\ (* Security fix *) |
| * [[slackware.14.1>patches/packages/gnupg2-2.0.24-i486-1_slack14.1.txz]] (Security fix) | * [[slackware.14.1>patches/packages/gnupg2-2.0.24-i486-1_slack14.1.txz]] \\ This release includes a security fix to stop a denial of service using \\ garbled compressed data packets which can be used to put gpg into an \\ infinite loop. \\ For more information, see: \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4617 \\ (* Security fix *) |
| * [[slackware.14.1>patches/packages/samba-4.1.9-i486-1_slack14.1.txz]] (Security fix) | * [[slackware.14.1>patches/packages/samba-4.1.9-i486-1_slack14.1.txz]] \\ This update fixes bugs and security issues, including a flaw in Samba's \\ internal DNS server which can be exploited to cause a denial of service, \\ a flaw in SRV_SNAPSHOT_ARRAY that permits attackers to leverage \\ configurations that use shadow_copy* for vfs objects to reveal potentially \\ private server information, a denial of service on the nmbd NetBIOS name \\ services daemon, and a denial of service crash involving overwriting \\ memory on an authenticated connection to the smbd file server. \\ For more information, see: \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0239 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493 \\ (* Security fix *) |
| * [[slackware.14.1>patches/packages/seamonkey-2.26.1-i486-1_slack14.1.txz]] (Security fix) | * [[slackware.14.1>patches/packages/seamonkey-2.26.1-i486-1_slack14.1.txz]] \\ This update contains security fixes and improvements. \\ For more information, see: \\ http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html \\ (* Security fix *) |
| * [[slackware.14.1>patches/packages/seamonkey-solibs-2.26.1-i486-1_slack14.1.txz]] | * [[slackware.14.1>patches/packages/seamonkey-solibs-2.26.1-i486-1_slack14.1.txz]] |
| ===== ChangeLog ===== | |
| <code> | |
| Tue Jun 24 22:35:07 UTC 2014 | |
| patches/packages/bind-9.9.5_P1-i486-1_slack14.1.txz: Upgraded. | |
| This fixes security issues and other bugs. Please note that the first | |
| CVE only affects Windows, and the second one was claimed to be fixed by | |
| an earlier version of BIND. But we'll update anyway just in case. :-) | |
| For more information, see: | |
| http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6230 | |
| http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0591 | |
| (* Security fix *) | |
| patches/packages/gnupg-1.4.17-i486-1_slack14.1.txz: Upgraded. | |
| This release includes a security fix to stop a denial of service using | |
| garbled compressed data packets which can be used to put gpg into an | |
| infinite loop. | |
| For more information, see: | |
| http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4617 | |
| (* Security fix *) | |
| patches/packages/gnupg2-2.0.24-i486-1_slack14.1.txz: Upgraded. | |
| This release includes a security fix to stop a denial of service using | |
| garbled compressed data packets which can be used to put gpg into an | |
| infinite loop. | |
| For more information, see: | |
| http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4617 | |
| (* Security fix *) | |
| patches/packages/samba-4.1.9-i486-1_slack14.1.txz: Upgraded. | |
| This update fixes bugs and security issues, including a flaw in Samba's | |
| internal DNS server which can be exploited to cause a denial of service, | |
| a flaw in SRV_SNAPSHOT_ARRAY that permits attackers to leverage | |
| configurations that use shadow_copy* for vfs objects to reveal potentially | |
| private server information, a denial of service on the nmbd NetBIOS name | |
| services daemon, and a denial of service crash involving overwriting | |
| memory on an authenticated connection to the smbd file server. | |
| For more information, see: | |
| http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178 | |
| http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0239 | |
| http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244 | |
| http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493 | |
| (* Security fix *) | |
| patches/packages/seamonkey-2.26.1-i486-1_slack14.1.txz: Upgraded. | |
| This update contains security fixes and improvements. | |
| For more information, see: | |
| http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html | |
| (* Security fix *) | |
| patches/packages/seamonkey-solibs-2.26.1-i486-1_slack14.1.txz: Upgraded. | |
| </code> | |
| |
| |
| |
| {{tag>slackware changelog slackware-14.1 2014/06}} | {{tag>slackware changelog slackware-14.1 2014-06}} |
| |
Giuseppe Di Terlizzi