Slackware64-14.0 ChangeLog (2016-12-12)
Mon Dec 12 21:25:50 UTC 2016
Packages
Upgraded
- patches/packages/loudmouth-1.5.3-x86_64-1_slack14.0.txz
This update is needed for the mcabber security update. - patches/packages/mcabber-1.0.4-x86_64-1_slack14.0.txz
This update fixes a security issue which can lead to a malicious actor
MITMing a conversation, or adding themselves as an entity on a third
parties roster (thereby granting themselves the associated priviledges
such as observing when the user is online).
For more information, see:
https://gultsch.de/gajim_roster_push_and_message_interception.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9928
(* Security fix *) - patches/packages/php-5.6.29-x86_64-1_slack14.0.txz
This release fixes bugs and security issues.
For more information, see:
https://php.net/ChangeLog-5.php#5.6.29
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9933
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9934
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9935
(* Security fix *)