Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackwarearm-14.1 ChangeLog (2016-03-11) ====== ====== Fri Mar 11 03:04:05 UTC 2016 ====== ===== Packages ===== ==== Upgraded ==== * [[slackwarearm.14.1>patches/packages/bind-9.9.8_P4-arm-1_slack14.1.txz]] \\ Fixed security issues: \\ Fix resolver assertion failure due to improper DNAME handling when \\ parsing fetch reply messages. (CVE-2016-1286) [RT #41753] \\ Malformed control messages can trigger assertions in named and rndc. \\ (CVE-2016-1285) [RT #41666] \\ For more information, see: \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1286 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285 \\ (* Security fix *) * [[slackwarearm.14.1>patches/packages/mozilla-nss-3.23-arm-1_slack14.1.txz]] \\ Upgraded to nss-3.23 and nspr-4.12. \\ This release contains security fixes and improvements. \\ For more information, see: \\ http://www.mozilla.org/security/known-vulnerabilities/nss.html \\ (* Security fix *) * [[slackwarearm.14.1>patches/packages/openssh-7.2p2-arm-1_slack14.1.txz]] \\ This release fixes a security bug: \\ sshd(8): sanitise X11 authentication credentials to avoid xauth \\ command injection when X11Forwarding is enabled. \\ For more information, see: \\ http://www.openssh.com/txt/x11fwd.adv \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3115 \\ (* Security fix *) {{tag>slackware changelog slackwarearm-14.1 2016-03}} news/2016/03/11/slackwarearm-14.1-changelog.txt Last modified: 12 months agoby Giuseppe Di Terlizzi Log In