Slackwarearm-14.1 ChangeLog (2014-01-29)
Wed Jan 29 19:07:47 UTC 2014
Packages
Upgraded
- patches/packages/bind-9.9.4_P2-arm-1_slack14.1.tgz
This update fixes a defect in the handling of NSEC3-signed zones that can
cause BIND to be crashed by a specific set of queries.
NOTE: According to the second link below, Slackware is probably not
vulnerable since we aren't using glibc-2.18 yet. Might as well fix it
anyway, though.
For more information, see:
https://kb.isc.org/article/AA-01078
https://kb.isc.org/article/AA-01085
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0591
(* Security fix *) - patches/packages/mozilla-nss-3.15.4-arm-1_slack14.1.tgz
Upgraded to nss-3.15.4 and nspr-4.10.3.
Fixes a possible man-in-the-middle issue.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1740
(* Security fix *)