Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackwarearm-14.1 ChangeLog (2014-09-25) ====== ====== Thu Sep 25 21:50:49 UTC 2014 ====== ===== Packages ===== ==== Rebuilt ==== * [[slackwarearm.14.1>patches/packages/bash-4.2.048-arm-2_slack14.1.txz]] \\ Patched an additional trailing string processing vulnerability discovered \\ by Tavis Ormandy. \\ For more information, see: \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169 \\ (* Security fix *) ====== Thu Sep 25 17:26:04 UTC 2014 ====== ===== Packages ===== ==== Upgraded ==== * [[slackwarearm.14.1>patches/packages/bash-4.2.048-arm-1_slack14.1.txz]] \\ This update fixes a vulnerability in bash related to how environment \\ variables are processed: trailing code in function definitions was \\ executed, independent of the variable name. In many common configurations \\ (such as the use of CGI scripts), this vulnerability is exploitable over \\ the network. Thanks to Stephane Chazelas for discovering this issue. \\ For more information, see: \\ http://seclists.org/oss-sec/2014/q3/650 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271 \\ (* Security fix *) * [[slackwarearm.14.1>patches/packages/mozilla-nss-3.16.5-arm-1_slack14.1.txz]] \\ Fixed an RSA Signature Forgery vulnerability. \\ For more information, see: \\ https://www.mozilla.org/security/announce/2014/mfsa2014-73.html \\ (* Security fix *) {{tag>slackware changelog slackwarearm-14.1 2014-09}} news/2014/09/25/slackwarearm-14.1-changelog.txt Last modified: 12 months agoby Giuseppe Di Terlizzi Log In