Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackware64-14.1 ChangeLog (2015-07-17) ====== ====== Fri Jul 17 19:38:52 UTC 2015 ====== ===== Packages ===== ==== Upgraded ==== * [[slackware64.14.1>patches/packages/httpd-2.4.16-x86_64-1_slack14.1.txz]] \\ This update fixes the following security issues: \\ * CVE-2015-0253: Fix a crash with ErrorDocument 400 pointing to a local \\ URL-path with the INCLUDES filter active, introduced in 2.4.11. \\ * CVE-2015-0228: mod_lua: A maliciously crafted websockets PING after a \\ script calls r:wsupgrade() can cause a child process crash. \\ * CVE-2015-3183: core: Fix chunk header parsing defect. Remove \\ apr_brigade_flatten(), buffering and duplicated code from the HTTP_IN \\ filter, parse chunks in a single pass with zero copy. Limit accepted \\ chunk-size to 2^63-1 and be strict about chunk-ext authorized characters. \\ * CVE-2015-3185: Replacement of ap_some_auth_required (unusable in Apache \\ httpd 2.4) with new ap_some_authn_required and ap_force_authn hook. \\ For more information, see: \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0228 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0253 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185 \\ (* Security fix *) * [[slackware64.14.1>patches/packages/php-5.4.43-x86_64-1_slack14.1.txz]] \\ This update fixes some bugs and security issues. \\ For more information, see: \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2325 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2326 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3152 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3414 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3415 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3416 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4642 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4643 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4644 \\ (* Security fix *) {{tag>slackware changelog slackware64-14.1 2015-07}} news/2015/07/17/slackware64-14.1-changelog.txt Last modified: 6 months agoby Giuseppe Di Terlizzi Log In