Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackware64-14.0 ChangeLog (2016-04-15) ====== ====== Fri Apr 15 20:37:37 UTC 2016 ====== ===== Packages ===== ==== Upgraded ==== * [[slackware64.14.0>patches/packages/samba-4.2.11-x86_64-1_slack14.0.txz]] \\ This update fixes the security issues known as "badlock" (or "sadlock"), \\ which may allow man-in-the-middle or denial-of-service attacks: \\ CVE-2015-5370 (Multiple errors in DCE-RPC code) \\ CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP) \\ CVE-2016-2111 (NETLOGON Spoofing Vulnerability) \\ CVE-2016-2112 (LDAP client and server don't enforce integrity) \\ CVE-2016-2113 (Missing TLS certificate validation) \\ CVE-2016-2114 ("server signing = mandatory" not enforced) \\ CVE-2016-2115 (SMB IPC traffic is not integrity protected) \\ CVE-2016-2118 (SAMR and LSA man in the middle attacks possible) \\ For more information, see: \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118 \\ (* Security fix *) {{tag>slackware changelog slackware64-14.0 2016-04}} news/2016/04/15/slackware64-14.0-changelog.txt Last modified: 5 months agoby Giuseppe Di Terlizzi Log In