Slackware-14.0 ChangeLog (2013-08-30)
Fri Aug 30 19:39:38 UTC 2013
Packages
Upgraded
- patches/packages/gnutls-3.0.31-i486-1_slack14.0.txz
[Updated to the correct version to fix fetching the “latest” from gnu.org]
This update prevents a side-channel attack which may allow remote attackers
to conduct distinguishing attacks and plaintext recovery attacks using
statistical analysis of timing data for crafted packets.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1619
(* Security fix *)
Fri Aug 30 06:26:06 UTC 2013
Packages
Upgraded
- patches/packages/gnutls-3.0.26-i486-1_slack14.0.txz
This update prevents a side-channel attack which may allow remote attackers
to conduct distinguishing attacks and plaintext recovery attacks using
statistical analysis of timing data for crafted packets.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1619
(* Security fix *) - patches/packages/php-5.4.19-i486-1_slack14.0.txz
Fixed handling null bytes in subjectAltName (CVE-2013-4248).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4248
(* Security fix *) - patches/packages/samba-3.6.18-i486-1_slack14.0.txz
This is a bugfix release.