Slackware64-14.1 ChangeLog (2016-05-11)
Wed May 11 05:20:01 UTC 2016
Packages
Upgraded
- patches/packages/git-2.8.2-x86_64-1_slack14.1.txz
This is a bugfix package update to change color “lime” to “00FF00” in
gitk. Otherwise it might not start if “lime” is not defined.
Thanks to AlvaroG.
Rebuilt
- patches/packages/imagemagick-6.8.6_10-x86_64-2_slack14.1.txz
This update addresses several security issues in ImageMagick, including:
Insufficient shell characters filtering allows code execution (CVE-2016-3714)
Server Side Request Forgery (CVE-2016-3718)
File deletion (CVE-2016-3715)
File moving (CVE-2016-3716)
Local file read (CVE-2016-3717)
To mitigate these issues, the default policy.xml config file has been
modified to disable all of the vulnerable coders.
For more information, see:
https://imagetragick.com
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3714
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3718
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3715
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3716
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3717
(* Security fix *)