Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackware-13.0 ChangeLog (2014-08-08) ====== ====== Fri Aug 8 19:02:50 UTC 2014 ====== ===== Packages ===== ==== Upgraded ==== * [[slackware.13.0>patches/packages/openssl-0.9.8zb-i486-1_slack13.0.txz]] \\ This update fixes several security issues: \\ Double Free when processing DTLS packets (CVE-2014-3505) \\ DTLS memory exhaustion (CVE-2014-3506) \\ DTLS memory leak from zero-length fragments (CVE-2014-3507) \\ Information leak in pretty printing functions (CVE-2014-3508) \\ Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509) \\ OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510) \\ OpenSSL TLS protocol downgrade attack (CVE-2014-3511) \\ SRP buffer overrun (CVE-2014-3512) \\ Crash with SRP ciphersuite in Server Hello message (CVE-2014-5139) \\ For more information, see: \\ https://www.openssl.org/news/secadv_20140806.txt \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3512 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139 \\ (* Security fix *) * [[slackware.13.0>patches/packages/openssl-solibs-0.9.8zb-i486-1_slack13.0.txz]] \\ (* Security fix *) {{tag>slackware changelog slackware-13.0 2014-08}} news/2014/08/08/slackware-13.0-changelog.txt Last modified: 13 months agoby Giuseppe Di Terlizzi Log In