Slackware64-current ChangeLog (2014-12-11)
Thu Dec 11 01:18:35 UTC 2014
Packages
Upgraded
- n/bind-9.10.1_P1-x86_64-1.txz
This update fixes a security issue where a failure to place limits on
delegation chaining can allow an attacker to crash BIND or cause memory
exhaustion.
For more information, see:
https://kb.isc.org/article/AA-01216
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8500
(* Security fix *) - n/openvpn-2.3.6-x86_64-1.txz
This update fixes a security issue that allows remote authenticated
users to cause a denial of service (server crash) via a small control
channel packet.
For more information, see:
https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-97597e732b
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8104
(* Security fix *) - n/wpa_supplicant-2.3-x86_64-1.txz
This update fixes a remote command-execution vulnerability caused by a
failure to adequately sanitize user-supplied input.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3686
(* Security fix *) - xap/pidgin-2.10.11-x86_64-1.txz
This update contains login fixes for MSN and some XMPP servers. - xap/seamonkey-2.31-x86_64-1.txz
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
(* Security fix *)
Rebuilt
- n/openssh-6.7p1-x86_64-2.txz
Restored support for tcpwrappers that was dropped by upstream.
Thanks to mancha.