Slackware-14.1 ChangeLog (2014-08-01)
Fri Aug 1 21:13:18 UTC 2014
Packages
Rebuilt
- patches/packages/dhcpcd-6.0.5-i486-3_slack14.1.txz
This update fixes a security issue where a specially crafted packet
received from a malicious DHCP server causes dhcpcd to enter an infinite
loop causing a denial of service.
Thanks to Tobias Stoeckmann for the bug report.
(* Security fix *)
Upgraded
- patches/packages/samba-4.1.11-i486-1_slack14.1.txz
This update fixes a remote code execution attack on unauthenticated nmbd
NetBIOS name services. A malicious browser can send packets that may
overwrite the heap of the target nmbd NetBIOS name services daemon.
It may be possible to use this to generate a remote code execution
vulnerability as the superuser (root).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3560
(* Security fix *) - patches/packages/xscreensaver-5.29-i486-1_slack14.1.txz
Disabled nag screen that says “This version of XScreenSaver is very old!
Please upgrade!” when the age of the software exceeds 12 months.