Slackwarearm-14.2 ChangeLog (2014-09-25)

Thu Sep 25 17:24:56 UTC 2014

  • a/bash-4.3.025-arm-1.txz
    This update fixes a vulnerability in bash related to how environment
    variables are processed: trailing code in function definitions was
    executed, independent of the variable name. In many common configurations
    (such as the use of CGI scripts), this vulnerability is exploitable over
    the network. Thanks to Stephane Chazelas for discovering this issue.
    For more information, see:
    http://seclists.org/oss-sec/2014/q3/650
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271
    (* Security fix *)
  • a/btrfs-progs-20140909-arm-1.txz
  • a/kernel-firmware-20140912git-noarch-1.txz
  • l/mozilla-nss-3.16.5-arm-1.txz
    Fixed an RSA Signature Forgery vulnerability.
    For more information, see:
    https://www.mozilla.org/security/announce/2014/mfsa2014-73.html
    (* Security fix *)
  • n/net-snmp-5.7.2.1-arm-1.txz
    Patched to properly report Btrfs mounts in hrFS/hrStorage tables.
    Thanks to Jakub Jankowski.
  • xap/rdesktop-1.8.2-arm-1.txz
  • news/2014/09/25/slackwarearm-14.2-changelog.txt
  • Last modified: 5 months ago
  • by Giuseppe Di Terlizzi