This is an old revision of the document!
Slackware-13.37 ChangeLog (2014-12-11)
Thu Dec 11 01:18:35 UTC 2014
Packages
Upgraded
- patches/packages/bind-9.9.6_P1-i486-1_slack13.37.txz
This update fixes a security issue where a failure to place limits on
delegation chaining can allow an attacker to crash BIND or cause memory
exhaustion.
For more information, see:
https://kb.isc.org/article/AA-01216
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8500
(* Security fix *) - patches/packages/openvpn-2.3.6-i486-1_slack13.37.txz
This update fixes a security issue that allows remote authenticated
users to cause a denial of service (server crash) via a small control
channel packet.
For more information, see:
https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-97597e732b
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8104
(* Security fix *) - patches/packages/pidgin-2.10.11-i486-1_slack13.37.txz
This update contains login fixes for MSN and some XMPP servers.
Rebuilt
- patches/packages/wpa_supplicant-0.7.3-i486-4_slack13.37.txz
This update fixes a remote command-execution vulnerability caused by a
failure to adequately sanitize user-supplied input.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3686
(* Security fix *)