Slackware-14.0 ChangeLog (2016-05-02)

Mon May 2 19:42:54 UTC 2016

  • patches/packages/mercurial-3.8.1-i486-1_slack14.0.txz
    This update fixes possible arbitrary code execution when converting Git
    repos. Mercurial prior to 3.8 allowed arbitrary code execution when using
    the convert extension on Git repos with hostile names. This could affect
    automated code conversion services that allow arbitrary repository names.
    This is a further side-effect of Git CVE-2015-7545.
    Reported and fixed by Blake Burkhart.
    For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3105
    (* Security fix *)
  • patches/packages/samba-4.2.12-i486-1_slack14.0.txz
    This is a bugfix release.
  • news/2016/05/02/slackware-14.0-changelog.txt
  • Last modified: 5 years ago
  • by Giuseppe Di Terlizzi